public async Task <ValidateResult> ValidateGetUserInfoCallbackRequest(ClientSystemLoginEndpoint endpoint, GetUserInfoCallbackRequest request) { ValidateResult result = new ValidateResult() { Result = true }; string strRedirectKV = JsonSerializerHelper.Serializer(request.RedirectUrlKV); string strSystemKV = JsonSerializerHelper.Serializer(request.SystemTokenKV); string strExpireTime = JsonSerializerHelper.Serializer(request.ExpireTime); //var strSignature = _securityService.SignByKey($"{endpoint.Name}{request.SystemToken}{strRedirectKV}{strSystemKV}{strExpireTime}", endpoint.SignatureKey); var strSignature = ""; if (strSignature != request.Signature) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.ClientSystemLoginEndpointSignatureError, "客户端系统登陆终结点{0}在解析请求数据时请求数据的签名错误,请检查客户端的签名与服务端对应的签名是否一致"), endpoint.Name); return(result); } if (request.ExpireTime < DateTime.UtcNow) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.ClientSystemLoginEndpointRequestExpire, "客户端系统登陆终结点{0}接收的请求已过期,过期时间为{1}"), endpoint.Name, request.ExpireTime.ToString()); return(result); } return(await Task.FromResult(result)); }
public async Task <ValidateResult> ValidateSMessageData(ClientSMessageTypeListenerEndpoint endpoint, SMessagePostData data) { ValidateResult result = new ValidateResult() { Result = true }; var strContent = $"{data.ID.ToString()}{data.Type}{data.Data}{data.ExpireTime.ToString("yyyy-MM-dd hh:mm:ss")}"; var strSignature = _securityService.SignByKey(strContent, endpoint.SignatureKey); if (strSignature != data.Signature) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.ClientSMessageTypeListenerEndpointSignatureError, "客户端消息类型监听终结点{0}在解析消息数据时消息数据的签名错误,请检查客户端的签名与服务端对应的签名是否一致"), endpoint.Name); return(result); } if (data.ExpireTime < DateTime.UtcNow) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.ClientSMessageTypeListenerEndpointMessageExpire, "客户端消息类型监听终结点{0}接收的消息已过期,过期时间为{1}"), endpoint.Name, data.ExpireTime.ToString()); return(result); } return(await Task.FromResult(result)); }
public async Task <string> GetCurrentLabel(OptionSetValueItem item) { //通过使用StringLanguageTranslate来获取基于当前上下文语言的标签 //多语言键为选项集名称+"."+选项集项的值 var result = StringLanguageTranslate.Translate($"{ item.OptionSetValue.Name}.{item.Value.ToString()}", item.DefaultLabel); return(await Task.FromResult(result)); }
public JWTValidateResult ValidateJWT(string key, string strJWT) { JWTValidateResult result = new JWTValidateResult() { ValidateResult = new ValidateResult() { Result = true }, Playload = new Dictionary <string, string>() }; //验证签名 var arrayJWT = strJWT.Split('.'); if (arrayJWT.Length != 3) { result.ValidateResult.Result = false; result.ValidateResult.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.JWTFormatError, "JWT字符串{0}的格式不正确"), strJWT); return(result); } var strSignature = SignByKey($"{arrayJWT[0]}.{arrayJWT[1]}", key); if (strSignature != arrayJWT[2]) { result.ValidateResult.Result = false; result.ValidateResult.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.JWTSignError, "JWT字符串{0}的签名验证失败"), strJWT); return(result); } //获取playload部分信息 var jsonObj = JsonSerializerHelper.Deserialize <JObject>(arrayJWT[1].Base64UrlDecode()); foreach (var item in jsonObj) { result.Playload.Add(item.Key, item.Value.Value <string>()); } //检查是否过期 var exp = jsonObj["exp"]; if (exp != null) { if (exp.Value <DateTime>() <= DateTime.UtcNow) { result.ValidateResult.Result = false; result.ValidateResult.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.JWTExpire, "JWT字符串{0}已经过期,过期时间为{1}"), strJWT, exp.Value <DateTime>().ToString()); return(result); } } return(result); }
public async Task <ValidateResult> Validate(XElement securityElement, Dictionary <string, object> parameters) { var result = new ValidateResult() { Result = false, Description = StringLanguageTranslate.Translate(TextCodes.ConditionFalse, "条件直接被设置为Fasle") }; return(await Task.FromResult(result)); }
protected override async Task OnRealAuthorizationAsync(AuthorizationFilterContext context) { ILogger logger = null; using (var diContainer = DIContainerContainer.CreateContainer()) { var loggerFactory = diContainer.Get <ILoggerFactory>(); logger = loggerFactory.CreateLogger(ErrorCatalogName); } await HttpErrorHelper.ExecuteByAuthorizationFilterContextAsync(context, logger, async() => { //如果_directGeneratorName不为空,则直接使用该生成器名称 if (!string.IsNullOrEmpty(_directGeneratorName)) { var authorizeResult = await _appUserAuthorize.Do(null, _directGeneratorName); //存储到http上下文中 context.HttpContext.Items["AuthorizeResult"] = authorizeResult; } //判断是否已经通过验证 if (context.HttpContext.User != null && context.HttpContext.User.Identity != null && context.HttpContext.User.Identity.IsAuthenticated && context.HttpContext.User.Claims != null) { var authorizeResult = await _appUserAuthorize.Do(context.HttpContext.User.Claims, _userGeneratorName); //存储到Http上下文中 context.HttpContext.Items["AuthorizeResult"] = authorizeResult; //authorizeResult.Execute(); } else { if (_allowAnonymous) { //未通过验证,但允许匿名,则调用匿名上下文生成 var authorizeResult = await _appUserAuthorize.Do(null, _anonymousGeneratorName); //存储到http上下文中 context.HttpContext.Items["AuthorizeResult"] = authorizeResult; //authorizeResult.Execute(); } else { //返回错误响应 ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.AuthorizeFail, Message = string.Format(StringLanguageTranslate.Translate(TextCodes.AuthorizeFail, "用户授权失败,没有找到对应的身份信息")) }; context.Result = new JsonContentResult <ErrorMessage>(StatusCodes.Status401Unauthorized, errorMessage); } } }); }
/// <summary> /// 基于授权过滤器上下文异步处理 /// 捕获action中的异常, /// 如果异常为UtilityException,则Http上下文的Response响应类型为由异常转换后的ErrorMessage的Json信息 /// 如果不为UtilityException,则Http上下文的Response响应类型为Code=-1,Message为内部错误的ErrorMessage的Json信息 /// </summary> /// <param name="httpContext"></param> /// <param name="action"></param> /// <returns></returns> public static async Task ExecuteByAuthorizationFilterContextAsync(AuthorizationFilterContext context, ILogger logger, Func <Task> action) { try { await action(); } catch (UtilityException ex) { if (!UtilityExceptionTypeStatusCodeMappings.Mappings.TryGetValue(ex.Type, out int statusCode)) { statusCode = 500; } object errorMessage = new ErrorMessage() { Code = ex.Code, Message = await ex.GetCurrentLcidMessage() }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(ex); } context.Result = new JsonContentResult(statusCode, errorType, errorMessage); } catch (Exception ex) { string message; message = string.Format(StringLanguageTranslate.Translate(TextCodes.InnerError, "系统内部错误,请查看系统日志")); object errorMessage = new ErrorMessage() { Code = -1, Message = message }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(ex); } context.Result = new JsonContentResult(StatusCodes.Status500InternalServerError, errorType, errorMessage); //加入日志 logger.Log <string>(LogLevel.Error, new EventId(), $"AuthorizationFilter in action {context.ActionDescriptor.DisplayName} error,message:{ex.Message},stacktrace:{ex.StackTrace}", null, (obj, e) => { return(string.Empty); }); } }
/// <summary> /// 基于Http上下文异步处理 /// 捕获action中的异常, /// 如果异常为UtilityException,则Http上下文的Response响应类型为由异常转换后的ErrorMessage的Json信息 /// 如果不为UtilityException,则Http上下文的Response响应类型为Code=-1,Message为内部错误的ErrorMessage的Json信息 /// </summary> /// <param name="httpContext"></param> /// <param name="action"></param> /// <returns></returns> public static async Task ExecuteByHttpContextAsync(HttpContext httpContext, ILogger logger, Func <Task> action) { try { await action(); } catch (UtilityException ex) { if (!UtilityExceptionTypeStatusCodeMappings.Mappings.TryGetValue(ex.Type, out int statusCode)) { statusCode = 500; } object errorMessage = new ErrorMessage() { Code = ex.Code, Message = await ex.GetCurrentLcidMessage() }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(ex); } await httpContext.Response.WriteJson(statusCode, errorType, errorMessage); } catch (Exception ex) { object errorMessage = new ErrorMessage() { Code = -1, Message = string.Format(StringLanguageTranslate.Translate(TextCodes.InnerError, "系统内部错误,请查看系统日志")) }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(ex); } await httpContext.Response.WriteJson(StatusCodes.Status500InternalServerError, errorType, errorMessage); //加入日志 logger.Log <string>(LogLevel.Error, new EventId(), $"http request {httpContext.Request.Path} error,message:{ex.Message},stacktrace:{ex.StackTrace}", null, (obj, e) => { return(string.Empty); }); } }
protected override async Task OnRealAuthorizationAsync(AuthorizationFilterContext context) { ILogger logger = null; using (var diContainer = DIContainerContainer.CreateContainer()) { var loggerFactory = diContainer.Get <ILoggerFactory>(); logger = loggerFactory.CreateLogger(ErrorCatalogName); } await HttpErrorHelper.ExecuteByAuthorizationFilterContextAsync(context, logger, async() => { //检查在http头中是否已经存在Authorization if (!context.HttpContext.Request.Headers.TryGetValue("WhitelistAuthorization", out StringValues authorizationValue)) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.NotFoundAuthorizationInHttpHeader, Message = StringLanguageTranslate.Translate(TextCodes.NotFoundWhitelistAuthorizationInHttpHeader, "在http头中没有找到WhitelistAuthorization") }; context.Result = new JsonContentResult <ErrorMessage>(StatusCodes.Status401Unauthorized, errorMessage); } //检查在http头中是否已经存在SystemName if (!context.HttpContext.Request.Headers.TryGetValue("SystemName", out StringValues systemNameValue)) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.NotFoundSystemNameInHttpHeader, Message = StringLanguageTranslate.Translate(TextCodes.NotFoundSystemNameInHttpHeader, "在http头中没有找到SystemName") }; context.Result = new JsonContentResult <ErrorMessage>(StatusCodes.Status401Unauthorized, errorMessage); } //获取ActionName的全路径名称 var actinName = context.ActionDescriptor.DisplayName.Split(' ')[0]; //获取访问的IP var ip = context.HttpContext.Connection.RemoteIpAddress.ToString(); //执行验证 var validateResult = await _appValidateRequestForWhitelist.Do(actinName, systemNameValue[0], authorizationValue[0], ip); if (!validateResult.Result) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.WhitelistValidateFail, Message = string.Format(StringLanguageTranslate.Translate(TextCodes.WhitelistValidateFail, "系统操作{0}针对调用方系统{1}的白名单验证未通过,原因:{2}"), actinName, systemNameValue[0], validateResult.Description) }; context.Result = new JsonContentResult <ErrorMessage>(StatusCodes.Status401Unauthorized, errorMessage); } });
public async Task <EntityAttributeValueValidateServiceResult> Validate(string entityType, string entityKey, string attributeName, object attributeValue, string valueType, string checkValue) { string correctText = string.Format(StringLanguageTranslate.Translate(TextCodes.EntityAttributeValueValidateOperatorNullErrorText, "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值不为Null"), entityType, entityKey, attributeName); string errorText = string.Format(StringLanguageTranslate.Translate(TextCodes.EntityAttributeValueValidateOperatorNullCorrectText, "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值为Null"), entityType, entityKey, attributeName); //如果属性值为null,返回true if (attributeValue == null) { return(await Task.FromResult(new EntityAttributeValueValidateServiceResult(correctText, errorText, true))); } else { return(await Task.FromResult(new EntityAttributeValueValidateServiceResult(correctText, errorText, false))); } }
public async Task <ValidateResult> ValidateUser(WorkflowStep step, string userKey) { ValidateResult result = new ValidateResult() { Result = true }; //如果该步骤已经是完成状态,则直接返回false if (step.Complete) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.WorkflowStepHasCompleted, "ID为{0},资源ID为{1},动作名称{2},状态为{3},用户类型为{4},用户关键字为{5}的工作流步骤已经是完成状态"), step.ID, step.ResourceID, step.ActionName, step.Status, step.UserType, step.UserKey); return(result); } //需要检查步骤下面是否已经存在相同用户的动作 var userAction = await _workflowStepUserActionStore.QueryByStepAndUser(step.Resource.Type, step.Resource.Key, step.ID, userKey); if (userAction != null) { //如果存在,表示该用户已经做过动作,返回false result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.WorkflowStepUserHasAction, "ID为{0},资源ID为{1},动作名称{2},状态为{3},用户类型为{4},用户关键字为{5}的工作流步骤中用户信息为{6}的用户已经处理过"), step.ID, step.ResourceID, step.ActionName, step.Status, step.UserType, step.UserKey, userKey); return(result); } //需要调用服务检查 if (!_validateUserKeyServiceFactories.TryGetValue(step.UserType, out IFactory <IValidateUserKeyService> serviceFactory)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundWorkflowValidateUserKeyServiceFactoryByType, DefaultFormatting = "在工作流步骤的实现中,找不到类型为{0}的Factory<IValidateUserKeyService>", ReplaceParameters = new List <object>() { step.UserType } }; throw new UtilityException((int)Errors.NotFoundWorkflowValidateUserKeyServiceFactoryByType, fragment); } var service = serviceFactory.Create(); result = await service.Execute(step.UserKey, userKey); return(result); }
public async Task <ValidateResult> Access(RequestTracker tracker) { ValidateResult result = new ValidateResult() { Result = true }; if (!tracker.Extensions.TryGetValue(_name, out object objNumber)) { lock (tracker.Extensions) { if (!tracker.Extensions.TryGetValue(_name, out objNumber)) { objNumber = new Number(); tracker.Extensions.Add(_name, objNumber); } } } Number number = (Number)objNumber; if (number.Value + 1 > tracker.MaxNumber) { result.Result = false; result.Description = StringLanguageTranslate.Translate(TextCodes.TokenBucketOverflow.ToString(), string.Format("令牌桶超出最大阈值{0}", tracker.MaxNumber)); } else { lock (number) { if (number.Value + 1 > tracker.MaxNumber) { result.Result = false; result.Description = StringLanguageTranslate.Translate(TextCodes.TokenBucketOverflow.ToString(), string.Format("令牌桶超出最大阈值{0}", tracker.MaxNumber)); } else { SetExecute(tracker.ID); number.Value++; } } } return(await Task.FromResult(result)); }
public async Task <ValidateResult> Do(string systemOperationName, string systemName, string strToken, string ip) { ValidateResult result; var systemOperation = await _systemOperationRepository.QueryByName(systemOperationName, 1); //如果找不到对应名称的系统操作,返回错误 if (systemOperation == null) { result = new ValidateResult() { Result = false, Description = string.Format(StringLanguageTranslate.Translate(TextCodes.NotFoundWhitelistSystemOperationWithNameStatus, "找不到名称为{0}、状态为{2}的白名单系统操作"), systemOperationName, OptionSetMetadataValueHelper.GetLable(_optionSetValueMetadataRepository, $"{ typeof(SystemOperation).FullName }.Status", 1)) }; return(await Task.FromResult(result)); } result = await systemOperation.Validate(systemName, strToken, ip); return(result); }
public async Task <string> Execute(TemplateContext context, string[] parameters) { string result = ""; if (parameters.Length != 2) { var fragment = new TextFragment() { Code = TextCodes.LabelParameterCountError, DefaultFormatting = "标签{0}要求的参数个数为{1},而实际参数个数为{2}", ReplaceParameters = new List <object>() { "languagetextsegment", "2", parameters.Length.ToString() } }; throw new UtilityException((int)Errors.LabelParameterCountError, fragment); } string code = parameters[0]; string strDefault = parameters[1]; result = StringLanguageTranslate.Translate(code, strDefault); return(await Task.FromResult(result)); }
/// <summary> /// 执行消息 /// </summary> /// <param name="message"></param> /// <returns>0:成功,1:未到执行时间,2:失败,3:移除到死队列</returns> public async Task <StatusResult> Execute(SMessage message) { StatusResult result = new StatusResult() { Status = 0 }; //获取消息执行类型 var executeType = await _smessageExecuteTypeRepositoryCacheProxy.QueryByName(message.Type); if (executeType == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundSMessageTypeByName, DefaultFormatting = "找不到名称为{0}的消息类型", ReplaceParameters = new List <object>() { message.Type } }; throw new UtilityException((int)Errors.NotFoundSMessageTypeByName, fragment); } var queue = GetQueue(message); if (queue == null) { //如果扩展属性中的队列为空,则需要通过Key来获取队列 queue = await _sQueueChooseService.Choose(message.Key); } //检查预计执行时间是否>=当前时间 //如果是,则直接返回结果 var nowUTC = DateTime.UtcNow; if (message.ExpectationExecuteTime >= nowUTC) { result.Status = 1; return(await Task.FromResult(result)); } //检查是否存在比期望执行时间早的相同key的消息 //如果消息本身不是死消息,找到的消息是死消息,则直接将该消息转移到死消息队列中 //返回结果3 var beforeMessage = await GetBeforeExpectTimeMessage(message); if (beforeMessage != null) { result.Status = 1; if (!message.IsDead && beforeMessage.IsDead) { var deadQueue = await _sQueueChooseService.ChooseDead(message.Key); await using (var transactionScope = new DBTransactionScope(TransactionScopeOption.Required, new TransactionOptions() { IsolationLevel = IsolationLevel.ReadCommitted, Timeout = new TimeSpan(0, 30, 30) })) { await _smessageStore.Delete(queue, message.ID); await _smessageStore.AddToDead(deadQueue, message); result.Status = 3; //执行扩展 var context = _smessageOperationContextFactory.Create(message, new Dictionary <string, object>()); await MessageQueueExtensionDescription.OnSMessageAddToDeadExecuted(context); transactionScope.Complete(); } } return(await Task.FromResult(result)); } //增加消息历史 var messageHistory = await _smessageHistoryStore.QueryById(message.ID); if (messageHistory == null) { messageHistory = new SMessageHistory() { ID = message.ID, CreateTime = DateTime.UtcNow, ModifyTime = DateTime.UtcNow, Type = message.Type, Key = message.Key, Data = message.Data, OriginalMessageID = message.OriginalMessageID, DelayMessageID = message.DelayMessageID }; await messageHistory.Add(); } Dictionary <Guid, ISMessageTypeListenerPostContext> postContextList = new Dictionary <Guid, ISMessageTypeListenerPostContext>(); ISMessageTypeListenerPostContext postContext = null; //如果已经关联了监听,则直接执行监听的行为 if (message.TypeListenerID.HasValue) { var listener = await executeType.GetListener(message.TypeListenerID.Value); if (listener == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundSMessageTypeListenerFromTypeByID, DefaultFormatting = "名称为{0}的消息类型下,找不到监听ID为{1}的监听", ReplaceParameters = new List <object>() { message.Type, message.TypeListenerID.Value.ToString() } }; throw new UtilityException((int)Errors.NotFoundSMessageTypeListenerFromTypeByID, fragment); } Exception error = null; try { //判断该监听是否已经完成 var listenerDetail = await _smessageHistoryListenerDetailStore.QueryByName(message.ID, listener.Name); if (listenerDetail == null) { var execueResult = await listener.PostToListener(message); if (!execueResult.Result) { throw new Exception(execueResult.Description); } postContext = _smessageTypeListenerPostContextFactory.Create(listener, message, null, new Dictionary <string, object>()); listenerDetail = new SMessageHistoryListenerDetail() { SMessageHistoryID = messageHistory.ID, ListenerMode = listener.Mode, ListenerFactoryType = listener.ListenerFactoryType, ListenerName = listener.Name, ListenerRealWebUrl = string.Empty, ListenerWebUrl = listener.ListenerWebUrl, }; await messageHistory.AddListenerDetail(listenerDetail); } } catch (Exception ex) { error = ex; while (ex.InnerException != null) { ex = ex.InnerException; } postContext = _smessageTypeListenerPostContextFactory.Create(listener, message, ex, new Dictionary <string, object>()); } if (postContext != null) { await MessageQueueExtensionDescription.OnSMessageTypeListenerExecuted(postContext); } if (error != null) { string strError = $"{error.Message},{error.StackTrace}"; result.Status = 2; result.Description = StringLanguageTranslate.Translate(TextCodes.SMessageExecuteError, string.Format("消息执行出错,消息key:{0},消息type:{1},消息内容:{2},错误内容:{3}", message.Key, message.Type, message.Data, strError)); //如果消息不是死消息,并且重试次数超过3次,则移除到死消息队列中 //否则增加重试次数 if (!message.IsDead && message.RetryNumber + 1 >= 3) { message.ExceptionMessage = result.Description; var deadQueue = await _sQueueChooseService.ChooseDead(message.Key); await using (var transactionScope = new DBTransactionScope(TransactionScopeOption.Required, new TransactionOptions() { IsolationLevel = IsolationLevel.ReadCommitted, Timeout = new TimeSpan(0, 30, 30) })) { await _smessageStore.Delete(queue, message.ID); await _smessageStore.AddToDead(deadQueue, message); result.Status = 3; //执行扩展 var context = _smessageOperationContextFactory.Create(message, new Dictionary <string, object>()); await MessageQueueExtensionDescription.OnSMessageAddToDeadExecuted(context); transactionScope.Complete(); } } else { await using (var transactionScope = new DBTransactionScope(TransactionScopeOption.Required, new TransactionOptions() { IsolationLevel = IsolationLevel.ReadCommitted, Timeout = new TimeSpan(0, 30, 30) })) { /*if (strError.Length > 3000) * { * strError = strError.Remove(3000, strError.Length - 3000); * }*/ await _smessageStore.AddRetry(queue, message.ID, strError); await _smessageStore.UpdateLastExecuteTime(queue, message.ID); transactionScope.Complete(); } } return(await Task.FromResult(result)); } else { await messageHistory.Complete(); } } else { //为每个监听者并行执行监听处理 List <Task> tasks = new List <Task>(); List <Exception> taskExceptions = new List <Exception>(); ParallelHelper parallel = new ParallelHelper(10); await executeType.GetAllListener(async (listener) => { parallel.Run(tasks, async(exception) => { while (exception.InnerException != null) { exception = exception.InnerException; } taskExceptions.Add(exception); postContext = _smessageTypeListenerPostContextFactory.Create(listener, message, exception, new Dictionary <string, object>()); postContextList[listener.ID] = postContext; await Task.FromResult(0); }, async() => { //判断该监听是否已经完成 var listenerDetail = await _smessageHistoryListenerDetailStore.QueryByName(message.ID, listener.Name); if (listenerDetail == null) { //检查监听是否有所属队列,如果有,则为该监听创建新的消息,如果没有,则执行消息 if (!string.IsNullOrEmpty(listener.QueueGroupName)) { //生成key var newKey = await _listenerMessageKeyGenerateService.Generate(message.Key, listener); //获取新消息所属队列 var newMessageQueue = await _sQueueChooseService.Choose(newKey); var newMessageDeadQueue = await _sQueueChooseService.ChooseDead(newKey); //检查是否已经存在消息 var existNewMessage = _smessageStore.QueryByOriginalID(newMessageQueue, message.ID, listener.ID); if (existNewMessage == null) { existNewMessage = _smessageStore.QueryByOriginalID(newMessageDeadQueue, message.ID, listener.ID); } if (existNewMessage == null) { SMessage newMessage = new SMessage() { Data = message.Data, Key = newKey, IsDead = message.IsDead, ExpectationExecuteTime = message.ExpectationExecuteTime, Type = message.Type, TypeListenerID = listener.ID, OriginalMessageID = message.ID, RetryNumber = 0 }; await newMessage.Add(); } } else { var execueResult = await listener.PostToListener(message); if (!execueResult.Result) { throw new Exception(execueResult.Description); } } postContext = _smessageTypeListenerPostContextFactory.Create(listener, message, null, new Dictionary <string, object>()); postContextList[listener.ID] = postContext; listenerDetail = new SMessageHistoryListenerDetail() { SMessageHistoryID = messageHistory.ID, ListenerMode = listener.Mode, ListenerFactoryType = listener.ListenerFactoryType, ListenerName = listener.Name, ListenerRealWebUrl = string.Empty, ListenerWebUrl = listener.ListenerWebUrl, }; await messageHistory.AddListenerDetail(listenerDetail); } } ); await Task.FromResult(0); }); //等待所有监听者执行完成 foreach (var taskItem in tasks) { await taskItem; } //调用扩展介入类的OnSMessageTypeListenerExecuted方法 foreach (var item in postContextList) { await MessageQueueExtensionDescription.OnSMessageTypeListenerExecuted(item.Value); } if (taskExceptions.Count > 0) { var strError = new StringBuilder(); foreach (var exceptionItem in taskExceptions) { strError.Append("Message:"); strError.Append(await exceptionItem.GetCurrentLcidMessage()); strError.Append("\n"); strError.Append("StackTrace"); strError.Append(exceptionItem.StackTrace); strError.Append("\n\n"); } message.ExceptionMessage = strError.ToString(); result.Status = 2; result.Description = StringLanguageTranslate.Translate(TextCodes.SMessageExecuteError, string.Format("消息执行出错,消息key:{0},消息type:{1},消息内容:{2},错误内容:{3}", message.Key, message.Type, message.Data, strError)); //如果消息不是死消息,并且重试次数超过3次,则移除到死消息队列中 //否则增加重试次数 if (!message.IsDead && message.RetryNumber + 1 >= 3) { message.ExceptionMessage = result.Description; var deadQueue = await _sQueueChooseService.ChooseDead(message.Key); await using (var transactionScope = new DBTransactionScope(TransactionScopeOption.Required, new TransactionOptions() { IsolationLevel = IsolationLevel.ReadCommitted, Timeout = new TimeSpan(0, 30, 30) })) { await _smessageStore.Delete(queue, message.ID); await _smessageStore.AddToDead(deadQueue, message); result.Status = 3; //执行扩展 var context = _smessageOperationContextFactory.Create(message, new Dictionary <string, object>()); await MessageQueueExtensionDescription.OnSMessageAddToDeadExecuted(context); transactionScope.Complete(); } } else { await using (var transactionScope = new DBTransactionScope(TransactionScopeOption.Required, new TransactionOptions() { IsolationLevel = IsolationLevel.ReadCommitted, Timeout = new TimeSpan(0, 30, 30) })) { /*if (strError.Length > 3000) * { * strError = strError.Remove(3000, strError.Length - 3000); * }*/ await _smessageStore.AddRetry(queue, message.ID, strError.ToString()); await _smessageStore.UpdateLastExecuteTime(queue, message.ID); transactionScope.Complete(); } } } else { await messageHistory.Complete(); } } return(await Task.FromResult(result)); }
public async Task Invoke(HttpContext context) { //context.Features.Get<IEndpointFeature> try { await _nextMiddleware.Invoke(context); } catch (Exception ex) { if (ex is UtilityException && ((UtilityException)ex).Level > 0) { var utilityException = (UtilityException)ex; object errorMessage = new ErrorMessage() { Code = utilityException.Code, Message = await utilityException.GetCurrentLcidMessage() }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(utilityException); } if (!UtilityExceptionTypeStatusCodeMappings.Mappings.TryGetValue(utilityException.Type, out int statusCode)) { statusCode = 500; } await context.Response.WriteJson(statusCode, errorType, errorMessage); } else { string message; if (_isDebug) { message = ex.ToStackTraceString(); } else { message = string.Format(StringLanguageTranslate.Translate(TextCodes.InnerError, "系统内部错误,请查看系统日志")); } object errorMessage = new ErrorMessage() { Code = -1, Message = message }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(ex); } await context.Response.WriteJson(StatusCodes.Status500InternalServerError, errorType, errorMessage); } //从Http上下文中获取上下文生成结果 if (context.Items.TryGetValue("AuthorizeResult", out object objResult)) { try { ((IAppUserAuthorizeResult)objResult).Execute(); } catch { } } //从Http上下文中获取国际化上下文初始化对象 if (context.Items.TryGetValue("InternationalizationContextInit", out object objInit)) { try { ((IInternationalizationContextInit)objInit).Execute(); } catch { } } //将异常存储在上下文的Item中 context.Items.Add("ExecuteException", ex); //加到日志中 var logObj = await _appExceptionHttpContextLogConvert.Convert(context); LoggerHelper.LogError(_categoryName, logObj); //var logger = _loggerFactory.CreateLogger(_categoryName); //logger.LogError($"Unhandle Error,\nmessage:{ex.Message},\nstacktrace:{ex.StackTrace}"); } }
public async Task <EntityAttributeValueValidateServiceResult> Validate(string entityType, string entityKey, string attributeName, object attributeValue, string valueType, string checkValue) { string correctText = string.Format(StringLanguageTranslate.Translate(TextCodes.EntityAttributeValueValidateOperatorEqualCorrectText, "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值等于{3}"), entityType, entityKey, attributeName, checkValue); string errorText = string.Format(StringLanguageTranslate.Translate(TextCodes.EntityAttributeValueValidateOperatorEqualErrorText, "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值不等于{3}"), entityType, entityKey, attributeName, checkValue); //如果属性值为null,直接返回false if (attributeValue == null) { return(new EntityAttributeValueValidateServiceResult(correctText, errorText, false)); } EntityAttributeValueValidateServiceResult result = null; TextFragment fragment; switch (valueType) { case EntityAttributeValueTypes.String: if (!(attributeValue is string)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if ((string)attributeValue == checkValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; case EntityAttributeValueTypes.Bool: if (!(attributeValue is bool)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if (!Boolean.TryParse(checkValue, out bool boolCheckValue)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeCheckValueTypeNotMatch, DefaultFormatting = "要和实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值相比较的配置值与配置的valuetype不匹配,valuetype设置的类型为{3},配置值为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, checkValue } }; throw new UtilityException((int)Errors.EntityAttributeCheckValueTypeNotMatch, fragment); } if ((bool)attributeValue == boolCheckValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; case EntityAttributeValueTypes.Int: if (!(attributeValue is int)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if (!int.TryParse(checkValue, out int intCheckValue)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeCheckValueTypeNotMatch, DefaultFormatting = "要和实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值相比较的配置值与配置的valuetype不匹配,valuetype设置的类型为{3},配置值为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, checkValue } }; throw new UtilityException((int)Errors.EntityAttributeCheckValueTypeNotMatch, fragment); } if ((int)attributeValue == intCheckValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; case EntityAttributeValueTypes.Long: if (!(attributeValue is long)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if (!long.TryParse(checkValue, out long longCheckValue)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeCheckValueTypeNotMatch, DefaultFormatting = "要和实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值相比较的配置值与配置的valuetype不匹配,valuetype设置的类型为{3},配置值为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, checkValue } }; throw new UtilityException((int)Errors.EntityAttributeCheckValueTypeNotMatch, fragment); } if ((long)attributeValue == longCheckValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; case EntityAttributeValueTypes.Decimal: if (!(attributeValue is decimal)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if (!decimal.TryParse(checkValue, out decimal decimalCheckValue)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeCheckValueTypeNotMatch, DefaultFormatting = "要和实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值相比较的配置值与配置的valuetype不匹配,valuetype设置的类型为{3},配置值为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, checkValue } }; throw new UtilityException((int)Errors.EntityAttributeCheckValueTypeNotMatch, fragment); } if ((decimal)attributeValue == decimalCheckValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; case EntityAttributeValueTypes.DateTime: if (!(attributeValue is DateTime)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeValueTypeNotMatch, DefaultFormatting = "实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值类型与配置的valuetype不匹配,valuetype设置的类型为{3},实际的值类型为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, attributeValue.GetType().FullName } }; throw new UtilityException((int)Errors.EntityAttributeValueTypeNotMatch, fragment); } if (!DateTime.TryParse(checkValue, out DateTime dateTimeCheckValue)) { fragment = new TextFragment() { Code = TextCodes.EntityAttributeCheckValueTypeNotMatch, DefaultFormatting = "要和实体类型为{0}、实体关键字为{1}的实体记录的属性{2}的值相比较的配置值与配置的valuetype不匹配,valuetype设置的类型为{3},配置值为{4}", ReplaceParameters = new List <object>() { entityType, entityKey, attributeName, valueType, checkValue } }; throw new UtilityException((int)Errors.EntityAttributeCheckValueTypeNotMatch, fragment); } if ((DateTime)attributeValue == dateTimeCheckValue) { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, true); } else { result = new EntityAttributeValueValidateServiceResult(correctText, errorText, false); } break; default: fragment = new TextFragment() { Code = TextCodes.NotFoundEntityAttributeValueType, DefaultFormatting = "值类型{0}未定义,必须在MSLibrary.EntityAttributeValueTypes中定义", ReplaceParameters = new List <object>() { valueType } }; throw new UtilityException((int)Errors.NotFoundEntityAttributeValueType, fragment); } return(await Task.FromResult(result)); }
public async Task Invoke(HttpContext context) { ILogger logger = null; using (var diContainer = DIContainerContainer.CreateContainer()) { var loggerFactory = diContainer.Get <ILoggerFactory>(); logger = loggerFactory.CreateLogger(_errorCatalogName); } await HttpErrorHelper.ExecuteByHttpContextAsync(context, logger, async() => { bool complete = false; //检查在http头中是否已经存在WhitelistAuthorization if (!context.Request.Headers.TryGetValue("WhitelistAuthorization", out StringValues authorizationValue)) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.NotFoundAuthorizationInHttpHeader, Message = StringLanguageTranslate.Translate(TextCodes.NotFoundWhitelistAuthorizationInHttpHeader, "在http头中没有找到WhitelistAuthorization") }; await context.Response.WriteJson(StatusCodes.Status401Unauthorized, errorMessage); complete = true; } //检查在http头中是否已经存在SystemName if (!context.Request.Headers.TryGetValue("SystemName", out StringValues systemNameValue)) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.NotFoundSystemNameInHttpHeader, Message = StringLanguageTranslate.Translate(TextCodes.NotFoundSystemNameInHttpHeader, "在http头中没有找到SystemName") }; await context.Response.WriteJson(StatusCodes.Status401Unauthorized, errorMessage); complete = true; } //获取请求路径名称 var actinName = context.Request.Path; //获取访问的IP var ip = context.Connection.RemoteIpAddress.ToString(); //执行验证 var validateResult = await _appValidateRequestForWhitelist.Do(actinName, systemNameValue[0], authorizationValue[0], ip); if (!validateResult.Result) { ErrorMessage errorMessage = new ErrorMessage() { Code = (int)Errors.WhitelistValidateFail, Message = string.Format(StringLanguageTranslate.Translate(TextCodes.WhitelistValidateFail, "系统操作{0}针对调用方系统{1}的白名单验证未通过,原因:{2}"), actinName, systemNameValue[0], validateResult.Description) }; await context.Response.WriteJson(StatusCodes.Status401Unauthorized, errorMessage); complete = true; } //如果检测通过,则继续执行下面的管道 if (!complete) { await _nextMiddleware(context); } });
/// <summary> /// 检测请求是否合法 /// 如果signature等于对应白名单中的密钥,则直接返回true, /// 否则signature的格式必须为JWT格式,其中playload的格式为 /// { /// "iat":颁发时间, /// "exp":过期时间, /// "systemname":系统名称 /// } /// 签名密钥为对应白名单中的密钥 /// 将判断是否过期、签名中的systemname是否与传入的systemname一致 /// 如果检测IP已打开,则还需要检查IP是否在可信IP中 /// </summary> /// <param name="operation"></param> /// <param name="systemName"></param> /// <param name="signature"></param> /// <param name="ip"></param> /// <returns></returns> public async Task <ValidateResult> Validate(SystemOperation operation, string systemName, string signature, string ip) { ValidateResult result = new ValidateResult() { Result = true }; //获取关联的白名单 var whitelist = await GetWhitelist(operation, systemName, 1); if (whitelist == null) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.NotFoundWhitelistInSystemOperationWithNameStatus, "在系统操作{0}中找不到系统名称为{1}、状态为{2}的白名单"), operation.Name, systemName, OptionSetMetadataValueHelper.GetLable(_optionSetValueMetadataRepository, $"{typeof(Whitelist).FullName}.Status", 1)); return(result); } //判断签名是否等于密钥 if (signature == whitelist.SystemSecret) { return(result); } //判断JWT是否正确 var jwtValidateResult = _securityService.ValidateJWT(whitelist.SystemSecret, signature); if (!jwtValidateResult.ValidateResult.Result) { return(jwtValidateResult.ValidateResult); } //检查系统名称是否正确 if (!jwtValidateResult.Playload.TryGetValue("systemname", out string strSystemName)) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.NotFoundKeyNameInSystemOperation, "在系统操作{0}的验证方法中,JWT的Playload中找不到键为{1}的键值对"), operation.Name, "systemname"); return(result); } if (string.IsNullOrEmpty(strSystemName) || strSystemName != systemName) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.SystemNameNotEqualInSystemOperationValidation, "在系统操作{0}的验证方法中,签名中的系统名称为{1},传入的系统名称为{2},两者不相等"), operation.Name, strSystemName, systemName); return(result); } //如果启用了IP检测,则还需要检测IP if (whitelist.EnableIPValidation) { if (!whitelist.TrustIPs.Contains(ip)) { result.Result = false; result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.IPFailInSystemOperationValidation, "在系统操作{0}的验证方法中,白名单系统名称为{1}的合法IP为{2},访问IP为{3},两者不匹配"), operation.Name, systemName, whitelist.TrustIPs, ip); return(result); } } return(result); }
public override async Task OnExceptionAsync(ExceptionContext context) { if (context.Exception != null) { if (context.HttpContext.Items.TryGetValue("AuthorizeResult", out object objResult)) { try { ((IAppUserAuthorizeResult)objResult).Execute(); } catch { } } //从Http上下文中获取国际化上下文初始化对象 if (context.HttpContext.Items.TryGetValue("InternationalizationContextInit", out object objInit)) { try { ((IInternationalizationContextInit)objInit).Execute(); } catch { } } if (context.Exception is UtilityException && ((UtilityException)context.Exception).Level > 0) { var utilityException = (UtilityException)context.Exception; object errorMessage = new ErrorMessage() { Code = utilityException.Code, Message = await utilityException.GetCurrentLcidMessage() }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(utilityException); } /*ErrorMessage errorMessage = new ErrorMessage() * { * Code = utilityException.Code, * Message = await utilityException.GetCurrentLcidMessage() * };*/ if (!UtilityExceptionTypeStatusCodeMappings.Mappings.TryGetValue(utilityException.Type, out int statusCode)) { statusCode = 500; } context.Result = new JsonContentResult(statusCode, errorType, errorMessage); } else { string message; if (_isDebug) { message = context.Exception.ToStackTraceString(); } else { message = string.Format(StringLanguageTranslate.Translate(TextCodes.InnerError, "系统内部错误,请查看系统日志")); } object errorMessage = new ErrorMessage() { Code = -1, Message = message }; var errorType = typeof(ErrorMessage); if (ExceptionConvert != null) { (errorType, errorMessage) = await ExceptionConvert.Convert(context.Exception); } context.Result = new JsonContentResult(StatusCodes.Status500InternalServerError, errorType, errorMessage); } //加到日志中 var logObj = await _appExceptionContextLogConvert.Do(context); LoggerHelper.LogError(_categoryName, logObj); //logger.Log(LogLevel.Error,new EventId(),logObj, context.Exception,) //logger.LogError($"Action {context.ActionDescriptor.DisplayName} error,\nmessage:{context.Exception.Message},\nstacktrace:{context.Exception.StackTrace}"); } }