/// <summary>
/// 请求目标服务器,获取响应结果
/// </summary>
/// <param name="request"></param>
/// <param name="url"></param>
/// <param name="baseAddress"></param>
/// <returns></returns>
private async Task <HttpResponseMessage> GetNewResponseMessage(HttpRequestMessage request, string url, Uri baseAddress)
{
HttpResponseMessage result = null;
HttpClient client = new HttpClient();
client.BaseAddress = baseAddress;
//复制请求头,转发请求
foreach (var item in request.Headers)
{
client.DefaultRequestHeaders.Add(item.Key, item.Value);
}
client.DefaultRequestHeaders.Add("Proxy-Server", this.Config.ServerName);
client.DefaultRequestHeaders.Host = baseAddress.Host;
var identity = HttpContext.Current.User.Identity;
if (identity == null || identity.IsAuthenticated == false)
{
return(await ProxyReuqest(request, url, result, client));
}
using (TokenManager tm = new TokenManager(identity.Name))
{
TokenResponse token = tm.TakeToken();
if (token == null)
{
if (this.Config.EnableRequestLog)
{
string logTxt = string.Format("Begin Time:{0} ,\r\n Request-Url:{1} {2} ,\r\n Map-Url:{3} {4} ,\r\n Old-Token:{5}\r\n Statue:{6} \r\n ExctionMessage:{7}\r\n",
DateTime.Now.ToLongTimeString(),
request.Method.ToString(), request.RequestUri.ToString(),
client.BaseAddress.ToString(), url,
tm.OldToken.AccessToken,
"BadRequest",
tm.TokenExctionMessage
);
WriteLogFile(logTxt);
}
return(SendError("代理请求刷新令牌失败:" + tm.TokenExctionMessage, HttpStatusCode.BadRequest));
}
else
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
return(await ProxyReuqest(request, url, result, client));
}
}
}
/// <summary>
/// 请求目标服务器,获取响应结果
/// </summary>
/// <param name="request"></param>
/// <param name="url"></param>
/// <param name="baseAddress"></param>
/// <param name="sessionRequired">是否需要会话支持</param>
/// <param name="isAuthenticated">当前请求必须是登录验证过的,默认不要求</param>
/// <returns></returns>
private async Task <HttpResponseMessage> GetNewResponseMessage(HttpRequestMessage request, string url, Uri baseAddress, bool sessionRequired, bool isAuthenticated = false)
{
string userHostAddress = HttpContext.Current.Request.UserHostAddress;
HttpClient client = GetHttpClient(baseAddress, request, sessionRequired);
var identity = HttpContext.Current.User.Identity;
if (identity == null || identity.IsAuthenticated == false)
{
if (isAuthenticated)
{
if (this.Config.EnableRequestLog)
{
string logTxt = string.Format("Begin Time:{0} ,\r\n {1} Request-Url:{2} {3} ,\r\n Map-Url:{4} {5} ,\r\n []:{6} Statue:{7} \r\n ExctionMessage:{8}",
DateTime.Now.ToLongTimeString(),
userHostAddress,
request.Method.ToString(), request.RequestUri.ToString(),
client.BaseAddress.ToString(), url,
"[N/A]",
"Unauthorized",
"this url request need is authenticated."
);
WriteLogFile(logTxt);
}
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
response.Headers.Add("Proxy-Server", this.Config.ServerName);
return(response);
}
else
{
return(await ProxyReuqest(request, url, client, "[NULL]"));
}
}
//处理代理的服务器变量:
//url = url.Replace("[UserName]", identity.Name);
//请求结果无权限,重新获取令牌,尝试3次
int unauthorizedCount = 0;
string errorMessage = "";
for (int i = 0; i < 3; i++)
{
using (TokenManager tm = new TokenManager(identity.Name, null))
{
//重试的时候,强制刷新令牌
if (i > 0)
{
tm.NeedRefresh = true;
}
TokenResponse token = tm.TakeToken();
//存在客户端登录,但是服务器重启会话丢失的情况,这时候将无法取到令牌,
//这种情况下视为客户未登录,由资源服务器来决定该访问是否需要验证授权
//所以代理服务不直接抛出错误请求。
if (token == null)
{
if (this.Config.EnableRequestLog)
{
string logTxt = string.Format("Begin Time:{0} ,\r\n {1} Request-Url:{2} {3} ,\r\n Map-Url:{4} {5} ,\r\n Old-Token:{6}\r\n Statue:{7} \r\n ExctionMessage:{8}",
DateTime.Now.ToLongTimeString(),
userHostAddress,
request.Method.ToString(), request.RequestUri.ToString(),
client.BaseAddress.ToString(), url,
tm.OldToken == null ? "[OldToken=null]" : tm.OldToken.AccessToken,
"TokenGainFailure",
tm.TokenExctionMessage
);
WriteLogFile(logTxt);
}
if (tm.TokenExctionMessage == "UserNoToken")
{
return(await ProxyReuqest(request, url, client, tm.UserName));
}
else
{
return(SendError("代理请求刷新令牌失败:" + tm.TokenExctionMessage, HttpStatusCode.Unauthorized));
}
}
else
{
try
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
var result = await ProxyReuqest(request, url, client, tm.UserName);
if (result.StatusCode == HttpStatusCode.Unauthorized)
{
WriteLogFile(string.Format("----未授权,尝试第{0}次访问----", i + 1));
unauthorizedCount++;
client = GetHttpClient(baseAddress, request, true);
}
else
{
return(result);
}
}
catch (Exception ex)
{
errorMessage = string.Format("----{0} Proxy Request Error:{1},Request Url:{2} ----",
DateTime.Now.ToString("HH:mm:ss.fff"), ex.Message, url);
if (ex.InnerException != null)
{
errorMessage += ex.InnerException.Message;
}
WriteLogFile(errorMessage);
WriteLogFile(ex.StackTrace);
break;
}
}
}
}//end for
if (unauthorizedCount >= 3)
{
return(SendError("已经3次尝试使用令牌访问资源服务器,仍然被拒绝授权访问。", HttpStatusCode.Unauthorized));
}
else
{
return(SendError("访问资源服务器发生错误:" + errorMessage, HttpStatusCode.InternalServerError));
}
}
