public override void OnAuthorization(AuthorizationContext filterContext)
{
HttpRequestBase Request = filterContext.RequestContext.HttpContext.Request;
NameValueCollection parameters = new NameValueCollection()
{
Request.Form,
Request.QueryString
};
string sign = parameters["sign"];
parameters.Remove("sign");
List <string> paramlist = new List <string>();
foreach (var item in parameters.AllKeys.OrderBy(k => k))
{
paramlist.Add(item + "=" + HttpUtility.UrlDecode(parameters[item]));
}
string presignstr = string.Join("&", paramlist);
string digest = RSAHelper.DecryptString(sign, ConfigurationManager.AppSettings[PrivateKey]);
if (Sha1.Compute(presignstr) != digest)
{
ContentResult result = new ContentResult();
result.Content = "Sign Error.";
filterContext.Result = result;
}
}
public static string Create(string urlpath, object querystring, object form, string publickey)
{
List <string> paramlist = new List <string>();
List <string> signparam = new List <string>();
NameValueCollection QueryString = new NameValueCollection();
NameValueCollection Form = new NameValueCollection();
if (querystring != null)
{
foreach (PropertyDescriptor propertyDescriptor in TypeDescriptor.GetProperties(querystring))
{
object obj = propertyDescriptor.GetValue(querystring);
paramlist.Add(propertyDescriptor.Name + "=" + HttpUtility.UrlEncode(obj.ToString()));
QueryString.Add(propertyDescriptor.Name, obj.ToString());
}
}
if (form != null)
{
foreach (PropertyDescriptor propertyDescriptor in TypeDescriptor.GetProperties(form))
{
object obj = propertyDescriptor.GetValue(form);
paramlist.Add(propertyDescriptor.Name + "=" + HttpUtility.UrlEncode(obj.ToString()));
Form.Add(propertyDescriptor.Name, obj.ToString());
}
}
NameValueCollection parameters = new NameValueCollection()
{
Form,
QueryString
};
foreach (var item in parameters.AllKeys.OrderBy(k => k))
{
signparam.Add(item + "=" + parameters[item]);
}
string digest = Sha1.Compute(string.Join("&", signparam));
paramlist.Add("sign=" + RSAHelper.EncryptString(digest, publickey));
return(urlpath + (paramlist.Count > 0 ? "?" + string.Join("&", paramlist) : ""));
}
public async Task <CompilerResult> Compile(string name, string script, CompilerOptions compilerOptions)
{
var result = new CompilerResult(name);
var rootClass = result.RootClass;
var parsedScript = new ScriptParser(compilerOptions, name, script);
result.ParsedScript = parsedScript;
foreach (var assemblyName in parsedScript.AssemblyFiles)
{
var ass = assemblyName;
// ignore during debugging
if (ass.StartsWith('!'))
{
if (compilerOptions.Debugging)
{
continue;
}
ass = assemblyName.Substring(1);
}
if (_loadedAssemblies.Contains(ass))
{
continue;
}
try
{
var found = false;
foreach (var assemblyDirectory in _runtime.AssemblyDirectories)
{
var assemblyPath = Path.Combine(assemblyDirectory.FullName, ass);
if (File.Exists(assemblyPath))
{
var assembly = Assembly.LoadFrom(assemblyPath);
_runtime.ReferenceAssembly(assembly);
_loadedAssemblies.Add(ass);
found = true;
break;
}
}
if (!found)
{
throw new FileNotFoundException("Assembly not found.", ass);
}
}
catch (ReflectionTypeLoadException ex)
{
var error = new StringBuilder();
error.AppendLine(ass);
foreach (Exception loaderEx in ex.LoaderExceptions)
{
error.AppendLine(loaderEx.Message);
}
var e = error.ToString();
Log.Error(e, this);
result.SetError(CompilerResultType.AssemblyError, e);
return(result);
}
catch (Exception ex)
{
var error = Tr.Get("Compiler.AssemblyError", ass, ex.Message);
Log.Error(error, this);
result.SetError(CompilerResultType.AssemblyError, error);
return(result);
}
}
var finalScript = parsedScript.Script;
if (string.IsNullOrWhiteSpace(finalScript))
{
var error = Tr.Get("Compiler.ScriptEmpty", name);
Log.Error(error, this);
result.SetError(CompilerResultType.CompileError, error);
return(result);
}
var useCachedAssemblies = compilerOptions.UseCachedAssemblies;
var baseFileName = $"{Sha1.Compute($"{Sha1.Compute(finalScript)}|{Environment.UserName}").Replace("-", "")}-{rootClass}-rosi";
var pdbFilePath = Path.Combine(Path.GetTempPath(), $"{baseFileName}.pdb");
var assemblyFilPath = Path.Combine(Path.GetTempPath(), $"{baseFileName}.dll");
var loadedFromFile = false;
if (useCachedAssemblies && File.Exists(assemblyFilPath) && File.Exists(pdbFilePath))
{
try
{
var assemblyData = await File.ReadAllBytesAsync(assemblyFilPath);
var pdbData = await File.ReadAllBytesAsync(pdbFilePath);
result.Assembly = AppDomain.CurrentDomain.Load(assemblyData, pdbData);
loadedFromFile = true;
}
catch { }
}
try
{
if (!loadedFromFile)
{
var compilerSettings = ScriptOptions.Default.AddReferences(_runtime.ReferencedAssemblies).WithEmitDebugInformation(compilerOptions.Debugging);
var compilation = CSharpScript.Create(finalScript, compilerSettings).GetCompilation();
compilation = compilation.WithOptions(compilation.Options
.WithOutputKind(OutputKind.DynamicallyLinkedLibrary)
.WithOptimizationLevel(compilerOptions.Debugging ? OptimizationLevel.Debug : OptimizationLevel.Release)
.WithScriptClassName(rootClass)
);
var emitOptions = new EmitOptions(false, DebugInformationFormat.PortablePdb);
using var pdbStream = new MemoryStream();
using var assemblyStream = new MemoryStream();
var emitResult = compilation.Emit(assemblyStream, pdbStream, options: emitOptions);
if (emitResult.Success)
{
assemblyStream.Seek(0, SeekOrigin.Begin);
var assemblyData = assemblyStream.GetBuffer();
pdbStream.Seek(0, SeekOrigin.Begin);
var pdbData = pdbStream.GetBuffer();
await File.WriteAllBytesAsync(assemblyFilPath, assemblyData);
await File.WriteAllBytesAsync(pdbFilePath, pdbData);
result.Assembly = AppDomain.CurrentDomain.Load(assemblyData, pdbData);
}
else
{
var diagnostics = emitResult.Diagnostics.Where(d => d.IsWarningAsError || d.Severity == DiagnosticSeverity.Error);
var message = new StringBuilder();
foreach (var diagnostic in diagnostics)
{
var errorLocation = string.Empty;
if (diagnostic.Location.IsInSource)
{
var errorPosition = diagnostic.Location.GetLineSpan().StartLinePosition;
errorLocation = $" ({errorPosition.Line},{errorPosition.Character})";
}
message.AppendLine($"{diagnostic.Id}{errorLocation}: {diagnostic.GetMessage()}");
}
throw new Exception(message.ToString());
}
}
}
catch (Exception ex)
{
var error = Tr.Get("Compiler.Error", name, ex.Message);
if (compilerOptions.LogScriptOnError)
{
error += finalScript + "\n";
}
Log.Error(error, this);
result.SetError(CompilerResultType.CompileError, error);
return(result);
}
var outputPath = compilerOptions.ScriptOutputPath;
if (!string.IsNullOrWhiteSpace(outputPath))
{
try
{
var scriptPath = Path.Combine(outputPath, name);
if (!loadedFromFile || !File.Exists(scriptPath))
{
Directory.CreateDirectory(outputPath);
await File.WriteAllTextAsync(scriptPath, finalScript);
}
}
catch
{ }
}
result.Result = CompilerResultType.Ok;
return(result);
}