public static bool ShouldValidate(
this IAbpAntiForgeryManager manager,
IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration,
MethodInfo methodInfo,
Abp.Web.HttpVerb httpVerb,
bool defaultValue)
{
if (!antiForgeryWebConfiguration.IsEnabled)
{
return(false);
}
if (methodInfo.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true))
{
return(true);
}
if (ReflectionHelper.GetSingleAttributeOfMemberOrDeclaringTypeOrDefault <DisableAbpAntiForgeryTokenValidationAttribute>(methodInfo) != null)
{
return(false);
}
if (antiForgeryWebConfiguration.IgnoredHttpVerbs.Contains(httpVerb))
{
return(false);
}
if (methodInfo.DeclaringType?.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true) ?? false)
{
return(true);
}
return(defaultValue);
}
public AccountController(
IUserInfoAppService userInfoAppService,
IAbpAntiForgeryManager antiForgeryManager)
{
_userInfoAppService = userInfoAppService;
_antiForgeryManager = antiForgeryManager;
}
public AbpApplicationConfigurationController(
IAbpApplicationConfigurationAppService applicationConfigurationAppService,
IAbpAntiForgeryManager antiForgeryManager)
{
_applicationConfigurationAppService = applicationConfigurationAppService;
_antiForgeryManager = antiForgeryManager;
}
public PackageController(
PackageService packageService,
IAbpAntiForgeryManager antiForgeryManager
)
{
_packageService = packageService;
_antiForgeryManager = antiForgeryManager;
}
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpContextBase context, IIdentity identity = null)
{
if (identity != null)
{
context.User = new ClaimsPrincipal(identity);
}
context.Response.Cookies.Add(new HttpCookie(manager.Configuration.TokenCookieName, manager.GenerateToken()));
}
public AbpAntiForgeryMvcFilter(
IAbpAntiForgeryManager abpAntiForgeryManager,
IAbpMvcConfiguration mvcConfiguration,
IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_abpAntiForgeryManager = abpAntiForgeryManager;
_mvcConfiguration = mvcConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="abpAntiForgeryManager"></param>
/// <param name="webApiConfiguration"></param>
/// <param name="antiForgeryWebConfiguration"></param>
public AbpAntiForgeryApiFilter(
IAbpAntiForgeryManager abpAntiForgeryManager,
IAbpWebApiConfiguration webApiConfiguration,
IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_abpAntiForgeryManager = abpAntiForgeryManager;
_webApiConfiguration = webApiConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
private static string GetCookieValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
var cookie = headers.GetCookies(manager.Configuration.TokenCookieName).LastOrDefault();
if (cookie == null)
{
return null;
}
return cookie[manager.Configuration.TokenCookieName].Value;
}
public AbpAntiForgeryMvcFilter(
IAbpAntiForgeryManager abpAntiForgeryManager,
IAbpMvcConfiguration mvcConfiguration,
IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_abpAntiForgeryManager = abpAntiForgeryManager;
_mvcConfiguration = mvcConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
public AbpAntiForgeryApiFilter(
IAbpAntiForgeryManager abpAntiForgeryManager,
IAbpWebApiConfiguration webApiConfiguration,
IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_abpAntiForgeryManager = abpAntiForgeryManager;
_webApiConfiguration = webApiConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
private static string GetCookieValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
var cookie = headers.GetCookies(manager.Configuration.TokenCookieName).LastOrDefault();
if (cookie == null)
{
return(null);
}
return(cookie[manager.Configuration.TokenCookieName].Value);
}
public AbpApplicationConfigurationScriptController(
IAbpApplicationConfigurationAppService configurationAppService,
IJsonSerializer jsonSerializer,
IOptions <AbpAspNetCoreMvcOptions> options,
IJavascriptMinifier javascriptMinifier,
IAbpAntiForgeryManager antiForgeryManager)
{
_configurationAppService = configurationAppService;
_jsonSerializer = jsonSerializer;
_options = options.Value;
_javascriptMinifier = javascriptMinifier;
_antiForgeryManager = antiForgeryManager;
}
private static string GetHeaderValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
IEnumerable<string> headerValues;
if (!headers.TryGetValues(manager.Configuration.TokenHeaderName, out headerValues))
{
return null;
}
var headersArray = headerValues.ToArray();
if (!headersArray.Any())
{
return null;
}
return headersArray.Last().Split(", ").Last();
}
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpContext context, IIdentity identity = null, CookieOptions cookieOptions = null)
{
if (identity != null)
{
context.User = new ClaimsPrincipal(identity);
}
if (cookieOptions != null)
{
context.Response.Cookies.Append(manager.Configuration.TokenCookieName, manager.GenerateToken(), cookieOptions);
}
else
{
context.Response.Cookies.Append(manager.Configuration.TokenCookieName, manager.GenerateToken());
}
}
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
var cookieTokenValue = GetCookieValue(manager, headers);
if (cookieTokenValue.IsNullOrEmpty())
{
return(true);
}
var headerTokenValue = GetHeaderValue(manager, headers);
if (headerTokenValue.IsNullOrEmpty())
{
return(false);
}
return(manager.As <IAbpAntiForgeryValidator>().IsValid(cookieTokenValue, headerTokenValue));
}
private static string GetHeaderValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
IEnumerable <string> headerValues;
if (!headers.TryGetValues(manager.Configuration.TokenHeaderName, out headerValues))
{
return(null);
}
var headersArray = headerValues.ToArray();
if (!headersArray.Any())
{
return(null);
}
return(headersArray.Last().Split(", ").Last());
}
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpContextBase context)
{
var cookieValue = GetCookieValue(context);
if (cookieValue.IsNullOrEmpty())
{
return(true);
}
var formOrHeaderValue = manager.Configuration.GetFormOrHeaderValue(context);
if (formOrHeaderValue.IsNullOrEmpty())
{
return(false);
}
return(manager.As <IAbpAntiForgeryValidator>().IsValid(cookieValue, formOrHeaderValue));
}
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpRequestHeaders headers)
{
var authCookieValue = GetCookieValue(manager.Configuration.AuthorizationCookieName, headers);
var antiForgeryCookieValue = GetCookieValue(manager.Configuration.TokenCookieName, headers);
if (antiForgeryCookieValue.IsNullOrEmpty())
{
return(authCookieValue.IsNullOrEmpty());
}
var headerTokenValue = GetHeaderValue(manager, headers);
if (headerTokenValue.IsNullOrEmpty())
{
return(false);
}
return(manager.As <IAbpAntiForgeryValidator>().IsValid(antiForgeryCookieValue, headerTokenValue));
}
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpContextBase context)
{
var authCookieValue = GetCookieValue(context, manager.Configuration.AuthorizationCookieName);
var antiForgeryCookieValue = GetCookieValue(context, AntiForgeryConfig.CookieName);
if (antiForgeryCookieValue.IsNullOrEmpty())
{
return(authCookieValue.IsNullOrEmpty());
}
var formOrHeaderValue = manager.Configuration.GetFormOrHeaderValue(context);
if (formOrHeaderValue.IsNullOrEmpty())
{
return(false);
}
return(manager.As <IAbpAntiForgeryValidator>().IsValid(antiForgeryCookieValue, formOrHeaderValue));
}
public AbpSwashbuckleController(IAbpAntiForgeryManager antiForgeryManager)
{
_antiForgeryManager = antiForgeryManager;
}
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpResponseHeaders headers)
{
headers.SetCookie(new Cookie(manager.Configuration.TokenCookieName, manager.GenerateToken()));
}
public HomeController(INotificationPublisher notificationPublisher, IAbpAntiForgeryManager abpAntiForgeryManager)
{
_notificationPublisher = notificationPublisher;
_abpAntiForgeryManager = abpAntiForgeryManager;
}
public AntiForgeryController(IAbpAntiForgeryManager antiForgeryManager)
{
_antiForgeryManager = antiForgeryManager;
}
public AntiForgeryController(IAntiforgery antiforgery, IAbpAntiForgeryManager antiForgeryManager)
{
_antiforgery = antiforgery;
_antiForgeryManager = antiForgeryManager;
}
public static void SetCookie(this IAbpAntiForgeryManager manager)
{
manager.HttpContext.Response.Cookies.Append(manager.Options.TokenCookieName, manager.GenerateToken());
}
