/// <summary>
/// 使用指定程序集初始化权限节点
/// </summary>
/// <param name="assembly"></param>
/// <param name="connectionString"></param>
/// <param name="appId"></param>
/// <param name="preAccessEndPointKey"></param>
public static void InitAccessEndPointData(Assembly assembly, string connectionString, string appId, string preAccessEndPointKey)
{
using var npgsqlDapperHelper = NpgsqlDapperHelper.Helper(connectionString);
//加载授权节点
IEnumerable <AuthEndPointAttribute> authEndPointParms = new AuthEndPointAttribute[0];
string assemblyName = assembly.FullName.Split()[0]?.Trim(',') + ".Controllers";
var types = assembly.GetTypes().Where(x => !x.IsNestedPrivate && x.FullName.StartsWith(assemblyName)).ToList();
foreach (var item in types)
{
var accessParm = AuthServiceCollectionExtensions.GetClassAccessParm_AuthEndPointAttribute(item);
authEndPointParms = authEndPointParms.Union(accessParm);
foreach (AuthEndPointAttribute parmItem in accessParm)
{
if (parmItem == null)
{
continue;
}
if (string.IsNullOrEmpty(parmItem.AuthEndPoint))
{
parmItem.AuthEndPoint = $"{preAccessEndPointKey}:{parmItem.ControllerName}.{parmItem.ActionName}";
}
Console.WriteLine($"加载成功 -> {parmItem.AuthEndPoint}");
}
}
foreach (var item in authEndPointParms)
{
var https = item.Routes.Select(x => x.HttpMethods).SelectMany((x, y) => x).Select(x => x.ToUpper());
int httpMethod = 0;
foreach (var method in https)
{
HttpMethod.HttpMethodMaps.TryGetValue(method, out int val);
httpMethod |= val;
}
npgsqlDapperHelper.Execute(@$ "INSERT INTO " "Sys_Access" " (" "Id" "," "AccessCode" "," "AppId" "," "RequestMethod" ") VALUES('{Guid.NewGuid().ToString(" N ")}','{item.AuthEndPoint}','{(appId == null ? string.Empty : appId)}','{httpMethod}')");
}
}
/// <summary>
/// 配置授权服务运行状态
/// </summary>
/// <param name="services"></param>
/// <param name="setupAction"></param>
public static void ConfigureAuth(this IServiceCollection services, Action <AuthOptions> setupAction)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (setupAction == null)
{
throw new ArgumentNullException(nameof(setupAction));
}
AuthOptions authOptions = new AuthOptions();
setupAction(authOptions);
services.AddSingleton(x => authOptions);
services.TryAddSingleton <IAuthService, AuthenticationService>();
ServiceProvider sp = services.BuildServiceProvider();
IAuthService authService = sp.GetService <IAuthService>();
Assembly assembly = null;
if (string.IsNullOrEmpty(authOptions?.WatchAssemblyPath))
{
assembly = Assembly.GetEntryAssembly();
}
else
{
assembly = Assembly.LoadFile(authOptions.WatchAssemblyPath);
}
#region MyRegion
////加载授权节点
//IEnumerable<AuthEndPointParm> authEndPointParms = new AuthEndPointParm[0];
//string assemblyName = assembly.FullName.Split()[0]?.Trim(',') + ".Controllers";
//var types = assembly.GetTypes().Where(x => !x.IsNestedPrivate && x.FullName.StartsWith(assemblyName)).ToList();
//foreach (var item in types)
//{
// var accessParm = authService.GetClassAccessParm(item);
// authEndPointParms = authEndPointParms.Union(accessParm);
// foreach (AuthEndPointParm parmItem in accessParm)
// {
// foreach (var attItem in parmItem.AuthEndPointAttributes)
// {
// if (attItem == null)
// {
// continue;
// }
// if (string.IsNullOrEmpty(attItem.AuthEndPoint))
// {
// attItem.AuthEndPoint = $"{parmItem.ControllerName}.{parmItem.ActionName}";
// }
// authService.RegisterAccessCode(attItem.AuthEndPoint, attItem.IsAllow);
// Console.WriteLine($"加载成功 -> {attItem.AuthEndPoint} 允许访问");
// }
// }
//}
//authOptions.WatchAuthEndPoint = authEndPointParms.ToArray();
#endregion
//正则匹配有鉴权攻击风险!!!
//加载授权节点
IEnumerable <AuthEndPointAttribute> authEndPointParms = new AuthEndPointAttribute[0];
string assemblyName = assembly.FullName.Split()[0]?.Trim(',') + ".Controllers";
var types = assembly.GetTypes().Where(x => !x.IsNestedPrivate && x.FullName.StartsWith(assemblyName)).ToList();
foreach (var item in types)
{
AuthEndPointAttribute[] accessParm = AuthServiceCollectionExtensions.GetClassAccessParm_AuthEndPointAttribute(item);
authEndPointParms = authEndPointParms.Union(accessParm);
foreach (AuthEndPointAttribute parmItem in accessParm)
{
if (parmItem == null)
{
continue;
}
if (string.IsNullOrEmpty(parmItem.AuthEndPoint))
{
parmItem.AuthEndPoint = $"{authOptions.PreAccessEndPointKey}:{parmItem.ControllerName}.{parmItem.ActionName}";
}
authService.RegisterAccessCode(parmItem.AuthEndPoint, parmItem.IsAllow);
Console.WriteLine($"加载成功 -> {parmItem.AuthEndPoint} 允许访问");
}
AuthEnableRegexAttribute[] accessRegexParm = AuthServiceCollectionExtensions.GetClassAccessParm_AuthEnableRegexAttribute(item);
foreach (AuthEnableRegexAttribute parmItem in accessRegexParm)
{
if (parmItem == null)
{
continue;
}
parmItem.AuthEndPoint = $"{authOptions.PreAccessEndPointKey}:Regex⊇{parmItem.AuthEndPoint}";
authService.RegisterAccessCode(parmItem.AuthEndPoint, parmItem.IsAllow);
Console.WriteLine($"加载成功 -> {parmItem.AuthEndPoint} 允许访问");
}
}
authOptions.WatchAuthEndPoint = authEndPointParms.ToArray();
//获取处理后的缓存并覆盖
var memoryCache = sp.GetService <IMemoryCache>();
var existService = services.FirstOrDefault(x => x.ServiceType == typeof(IMemoryCache));
services.Remove(existService);
services.TryAddSingleton <IMemoryCache>(x => memoryCache);
}
