public override void OnActionExecuting(System.Web.Mvc.ActionExecutingContext filterContext) { var requestContext = new WfRequestContext { RequestResult = "ok" }; Context.Set("RequestContext", requestContext); var context = filterContext.HttpContext; var request = context.Request; var ip = request.GetClientIp(); requestContext.Context = Guid.NewGuid().ToString(); requestContext.CallStart = DateTime.Now; requestContext.ClientIp = ip; var actionDescriptor = filterContext.ActionDescriptor; requestContext.RequestController = actionDescriptor.ControllerDescriptor.ControllerName; requestContext.RequestAction = actionDescriptor.ActionName; requestContext.ClientTimeZone = 8; requestContext.ClientVer = "1.0.0.0"; requestContext.UserAgent = request.UserAgent; requestContext.AppKey = "6be59xofc78ox1e4oofb4fcyy14733140"; requestContext.ApiRole = "framework"; requestContext.Lang = request.Lang(); if (!CultureConfig.ValidCultures.Contains(requestContext.Lang)) { requestContext.Lang = CultureConfig.ValidCultures[0]; } base.OnActionExecuting(filterContext); }
public override async Task OnActionExecutingAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken) { var reason = "success;"; var requestContext = new WfRequestContext { RequestResult = reason }; requestContext.CallStart = DateTime.Now; var actionDescriptor = actionContext.ActionDescriptor; var header = actionContext.Request.Headers; var result = RequestResult <string> .Get(); var ip = actionContext.Request.GetClientIp(); Context().Set("RequestContext", requestContext); requestContext.Body = await actionContext.Request.GetBody(); requestContext.Context = Guid.NewGuid().ToString(); requestContext.ClientIp = ip; requestContext.AppIp = ip; requestContext.Lang = actionContext.Request.Lang(); requestContext.RequestController = actionDescriptor.ControllerDescriptor.ControllerName; requestContext.RequestAction = actionDescriptor.ActionName; var localOnlySuccess = true; //var localOnlyAttrs = actionDescriptor.GetCustomAttributes<LocalAccessAttribute>(true); //if (localOnlyAttrs.Count > 0) //{ // if (!requestContext.AppIp.IsPrivateIpAddress()) // { // localOnlySuccess = false; // } //} if (localOnlySuccess) { var nonSecurityAttr = actionDescriptor.GetCustomAttributes <NonSecurityFilter>(true); if (nonSecurityAttr.Count > 0) { if (header.Contains("entry-domain")) { var domain = header.GetValues("entry-domain").FirstOrDefault(); if (domain != null) { requestContext.EntryDomain = domain; } } await base.OnActionExecutingAsync(actionContext, cancellationToken); return; } else { if (header.Contains("api-appkey") && header.Contains("api-sign") && header.Contains("device") && header.Contains("client-timezone") && header.Contains("client-version") && header.Contains("client-ip") && header.Contains("entry-domain")) { var clientIp = header.GetValues("client-ip").FirstOrDefault(); if (clientIp != null) { requestContext.ClientIp = clientIp; } var domain = header.GetValues("entry-domain").FirstOrDefault(); if (domain != null) { requestContext.EntryDomain = domain; } int tempZone; var clientTimeZone = header.GetValues("client-timezone").FirstOrDefault(); if (!int.TryParse(clientTimeZone, out tempZone)) { tempZone = -100; } if (tempZone == -100) { tempZone = 8; } requestContext.ClientTimeZone = tempZone; requestContext.ClientVer = header.GetValues("client-version").FirstOrDefault(); var appkey = header.GetValues("api-appkey").FirstOrDefault(); //appkey:timestamp var sign = header.GetValues("api-sign").FirstOrDefault(); //hash(appsecret:timestamp) var device = header.GetValues("device").FirstOrDefault(); if (!string.IsNullOrWhiteSpace(appkey) && !string.IsNullOrWhiteSpace(sign) && !string.IsNullOrWhiteSpace(device)) { requestContext.UserAgent = device + "-- Client:" + requestContext.ClientVer; requestContext.Terminal = device; if (header.Contains("sdk-version")) { var sdkVersion = header.GetValues("sdk-version").FirstOrDefault(); if (!string.IsNullOrWhiteSpace(sdkVersion)) { requestContext.UserAgent = requestContext.UserAgent + "-- Sdk:" + sdkVersion; } } var keyTimePair = appkey.Split(new[] { ":" }, StringSplitOptions.RemoveEmptyEntries); if (keyTimePair.Length == 2) { long tempTime; if (long.TryParse(keyTimePair[1], out tempTime)) { var replayAttactAttr = actionDescriptor.GetCustomAttributes <ReplayAttackFilter>(true); if (replayAttactAttr.Count > 0) { var serverNow = DateTime.UtcNow.ToUnixTimeStamp(); if (tempTime < serverNow - 120 || tempTime > serverNow + 120) { reason = "bad clock:" + (tempTime - serverNow).ToString(); goto end; } } var temp = ApiSecurityService(actionContext); var app = temp.Get(keyTimePair[0]); //temp = null; if (app != null) { requestContext.AppKey = keyTimePair[0]; var roleAttrs = actionDescriptor.GetCustomAttributes <RoleFilter>(true).ToList(); var roleAttrsOnController = actionContext.ControllerContext.ControllerDescriptor .GetCustomAttributes <RoleFilter>().ToList(); roleAttrs.AddRange(roleAttrsOnController); //var keyRoleName = app.RoleName; if (roleAttrs.Count > 0) { var authedRoles = new List <string>(); roleAttrs.ForEach(rf => authedRoles.AddRange(rf.Roles)); //if (!authedRoles.Contains(keyRoleName)) //{ // reason = "api access deined"; // goto end; //} } //requestContext.ApiRole = keyRoleName; var body = requestContext.Body; var newSignStr = string.Format("{0}:{1}:{2}", app.AppSecret, keyTimePair[1], body); var newServerSign = HashAlgorithm.Sha256(newSignStr); if (newServerSign.Equals(sign, StringComparison.CurrentCultureIgnoreCase)) { await base.OnActionExecutingAsync(actionContext, cancellationToken); return; } else { reason = "" + sign; //appsecret mismatch, } } else { reason = "no app info or app disabled"; } } else { reason = "wrong timestamp"; } } else { reason = "wrong appkey or sign format"; } } else { reason = "no appkey or sign"; } } else { //var logs = AppLogService(actionContext); //var sb = new StringBuilder(); //foreach (var h in header) //{ // sb.AppendFormat("{0}:{1}&", h.Key, string.Join(",", h.Value)); //} //logs.CustomLog(sb.ToString(), LogLevel.Debug); reason = "no appkey or sign or device or other"; } } } else { reason = "local access only"; } end: requestContext.RequestResult = reason; var endDate = DateTime.Now; var ts = (endDate - requestContext.CallStart).TotalMilliseconds; requestContext.RequestTimeCast = ts; //AddCallLog(actionContext); //var los = LocalizationService(actionContext); //result.error = los.GetResource(LocalizationString.CommonAccessDenied); //actionContext.Response = new HttpResponseMessage { Content = new StringContent(result.ToJson()) }; }