C# (CSharp) MSLibrary.Security.WhitelistPolicy SystemOperation 예제들

예제 #1

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

        /// <summary>
        /// 检测请求是否合法
        /// 如果signature等于对应白名单中的密钥，则直接返回true，
        /// 否则signature的格式必须为JWT格式，其中playload的格式为
        /// {
        ///     "iat":颁发时间,
        ///     "exp":过期时间,
        ///     "systemname":系统名称
        /// }
        /// 签名密钥为对应白名单中的密钥
        /// 将判断是否过期、签名中的systemname是否与传入的systemname一致
        /// 如果检测IP已打开，则还需要检查IP是否在可信IP中
        /// </summary>
        /// <param name="operation"></param>
        /// <param name="systemName"></param>
        /// <param name="signature"></param>
        /// <param name="ip"></param>
        /// <returns></returns>
        public async Task <ValidateResult> Validate(SystemOperation operation, string systemName, string signature, string ip)
        {
            ValidateResult result = new ValidateResult()
            {
                Result = true
            };
            //获取关联的白名单
            var whitelist = await GetWhitelist(operation, systemName, 1);

            if (whitelist == null)
            {
                result.Result      = false;
                result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.NotFoundWhitelistInSystemOperationWithNameStatus, "在系统操作{0}中找不到系统名称为{1}、状态为{2}的白名单"), operation.Name, systemName, OptionSetMetadataValueHelper.GetLable(_optionSetValueMetadataRepository, $"{typeof(Whitelist).FullName}.Status", 1));
                return(result);
            }

            //判断签名是否等于密钥
            if (signature == whitelist.SystemSecret)
            {
                return(result);
            }

            //判断JWT是否正确

            var jwtValidateResult = _securityService.ValidateJWT(whitelist.SystemSecret, signature);

            if (!jwtValidateResult.ValidateResult.Result)
            {
                return(jwtValidateResult.ValidateResult);
            }



            //检查系统名称是否正确
            if (!jwtValidateResult.Playload.TryGetValue("systemname", out string strSystemName))
            {
                result.Result      = false;
                result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.NotFoundKeyNameInSystemOperation, "在系统操作{0}的验证方法中，JWT的Playload中找不到键为{1}的键值对"), operation.Name, "systemname");
                return(result);
            }

            if (string.IsNullOrEmpty(strSystemName) || strSystemName != systemName)
            {
                result.Result      = false;
                result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.SystemNameNotEqualInSystemOperationValidation, "在系统操作{0}的验证方法中，签名中的系统名称为{1}，传入的系统名称为{2}，两者不相等"), operation.Name, strSystemName, systemName);
                return(result);
            }


            //如果启用了IP检测，则还需要检测IP
            if (whitelist.EnableIPValidation)
            {
                if (!whitelist.TrustIPs.Contains(ip))
                {
                    result.Result      = false;
                    result.Description = string.Format(StringLanguageTranslate.Translate(TextCodes.IPFailInSystemOperationValidation, "在系统操作{0}的验证方法中，白名单系统名称为{1}的合法IP为{2}，访问IP为{3}，两者不匹配"), operation.Name, systemName, whitelist.TrustIPs, ip);
                    return(result);
                }
            }

            return(result);
        }

예제 #2

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task RemoveWhitelistRelation(SystemOperation operation, Guid whitelistId)
 {
     await _systemOperationWhitelistRelationStore.Delete(operation.ID, whitelistId);
 }

예제 #3

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task Update(SystemOperation operation)
 {
     await _systemOperationStore.Update(operation);
 }

예제 #4

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task <Whitelist> GetWhitelist(SystemOperation operation, string systemName, int status)
 {
     return(await _whitelistStore.QueryBySystemOperationRelation(operation.ID, systemName, status));
 }

예제 #5

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task <Whitelist> GetWhitelist(SystemOperation operation, Guid whitelistId)
 {
     return(await _whitelistStore.QueryBySystemOperationRelation(operation.ID, whitelistId));
 }

예제 #6

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task Delete(SystemOperation operation)
 {
     await _systemOperationStore.Delete(operation.ID);
 }

예제 #7

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task AddWhitelistRelation(SystemOperation operation, Guid whitelistId)
 {
     await _systemOperationWhitelistRelationStore.Add(operation.ID, whitelistId);
 }

예제 #8

파일: SystemOperation.cs 프로젝트: rhw1111/DCEM

 public async Task Add(SystemOperation operation)
 {
     await _systemOperationStore.Add(operation);
 }