public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
await next();
try
{
var isDebug = _config.IsDebug;
if (isDebug)
{
string requestBodyText = string.Empty;
var request = context.HttpContext.Request;
var method = request.Method.ToUpper();
var url = HttpUtility.UrlDecode(UriHelper.GetDisplayUrl(request));
var macName = Environment.MachineName;
var requestIp = _webHelper.GetCurrentIpAddress();
var bodyText = ActionFilterHelper.GetRequestBodyText(request);
if (Regex.IsMatch(bodyText, "(\\d+?,)+"))
{
var index = url.IndexOf('?');
if (index > -1)
{
url = url.Substring(0, index);
}
string filePath = Path.Combine("C:", "BadUrls");
await WriteTxt(filePath, $"{request.Host.Port}.txt", url);
}
}
}
catch (Exception ex)
{
_logger.Error(ex, "【ReqeustBodyFilter】error:" + ex.Message);
}
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
int requestWarning = _config.RequestWarningThreshold < 3 ? 3 : _config.RequestWarningThreshold;
var stopWatch = new Stopwatch();
stopWatch.Start();
var executedContext = await next();
stopWatch.Stop();
try
{
//如果执行超过设定的阈值则记录日志
long executeTime = stopWatch.ElapsedMilliseconds / 1000;
string requestBodyText = string.Empty;
var request = context.HttpContext.Request;
var method = request.Method.ToUpper();
var url = UriHelper.GetDisplayUrl(request);
var macName = Environment.MachineName;
var requestIp = _webHelper.GetCurrentIpAddress();
var bodyText = ActionFilterHelper.GetRequestBodyText(request, _configuration.GetValue <string>("AliyunLogRule:Regex"));
if (executeTime >= requestWarning)
{
_logger.Warning("请求时间超过阈值.执行时间:{0}秒.请求url:{1},请求Body:{2},请求IP:{3},服务器名称:{4}",
stopWatch.ElapsedMilliseconds / 1000, url, bodyText, requestIp, macName);
}
if (!context.HttpContext.Response.Headers.ContainsKey("x-time-elapsed"))
{
context.HttpContext.Response.Headers.Add(
"x-time-elapsed",
stopWatch.Elapsed.ToString());
}
}
catch (Exception ex)
{
_logger.Error(ex, "获得基础信息写入阿里云日志时异常!");
}
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public void OnException(ExceptionContext context)
{
string requestBodyText = string.Empty;
var request = context.HttpContext.Request;
var method = request.Method.ToUpper();
var url = UriHelper.GetDisplayUrl(request);
var macName = Environment.MachineName;
var requestIp = _webHelper.GetCurrentIpAddress();
var exception = context.Exception;
#region 获取body参数
if (!(exception is ViewModelStateValidException))
{
requestBodyText = ActionFilterHelper.GetRequestBodyText(request);
}
#endregion
AppErrorCode errorCode = AppErrorCode.None;
string requestId = string.Empty;
var errorMsg = "程序访问异常,请稍后重试!";
//请求bindModel验证失败时 请求body参数
if (exception is ViewModelStateValidException)
{
requestBodyText = ((ViewModelStateValidException)exception).BindModelText;
}
HttpStatusCode statusCode = HttpStatusCode.InternalServerError;
//自定义异常,可预见性异常400,不可预见性异常500
if (exception is NetProException)
{
var NetProEx = (NetProException)context.Exception;
var exErrorCode = NetProEx.ErrorCode;
errorMsg = NetProEx.Message;
//判断errorCode是否为系统定义的错误代码
if (((AppErrorCode)exErrorCode).IsValid())
{
errorCode = (AppErrorCode)NetProEx.ErrorCode;
}
else
{
errorCode = AppErrorCode.None;
}
requestId = NetProEx.RequestId;
statusCode = HttpStatusCode.BadRequest;
}
var appName = "WebApi";
if (_config != null)
{
appName = _config.ApplicationName;
}
//错误代码对应的日志级别
NetProErrorLevel errorLevel = NetProErrorLevel.Error;
var currentLevel = errorCode.GetAttributes()?.Get <ErrorCodeLevelAttribute>()?.Level;
if (currentLevel.HasValue)
{
errorLevel = currentLevel.Value;
}
LogEventLevel eventLevel = LogEventLevel.Error;
switch (errorLevel)
{
case NetProErrorLevel.Error:
eventLevel = LogEventLevel.Error;
break;
case NetProErrorLevel.Fatal:
eventLevel = LogEventLevel.Fatal;
break;
case NetProErrorLevel.Warning:
eventLevel = LogEventLevel.Warning;
exception = null;
break;
}
//写入日志系统
_logger.Write(eventLevel, exception, "{0}异常.errorCode:{1},errorMsg:{2},请求url:{3},请求Body:{4},请求IP:{5},服务器名称:{6}", appName, errorCode.Value(), errorMsg, url, requestBodyText, requestIp, macName);
//自定义异常返回
if (_config.AppType == AppType.Api)
{
context.Result = errorMsg.ToErrorActionResult(errorCode.Value());
context.HttpContext.Response.StatusCode = (int)statusCode;
}
else
{
string errorUrl = _config.ErrorUrl;
if (string.IsNullOrWhiteSpace(errorUrl) || (!string.IsNullOrWhiteSpace(errorUrl) && errorUrl.Split('/').Length != 2))
{
context.Result = new ContentResult()
{
Content = "您访问的页面出错!"
};
}
else
{
var array = errorUrl.Split('/');
context.Result = new RedirectToActionResult(array[1], array[0], new { error = exception.Message });
}
context.HttpContext.Response.StatusCode = (int)statusCode;
}
context.ExceptionHandled = true;
return;
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var isOpenVerifySign = _configuration.GetValue("IsOpenVerifySign", false);
var descriptor = (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;
var hasIgnoreattribute = descriptor.MethodInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).Any();
var hasVerifySignAttribute = descriptor.MethodInfo.GetCustomAttributes(typeof(VerifySignAttribute), true).Any();
//方法不加鉴权特性并且鉴权打开并且有忽略或者方法不加鉴权并且鉴权关闭统一都忽略鉴权否则打开鉴权---方法加鉴权>鉴权开关
if (!hasVerifySignAttribute && ((isOpenVerifySign && hasIgnoreattribute) || !isOpenVerifySign))
{
goto gotoNext;
}
string appId = null;
string bodyText = null;
try
{
var request = context.HttpContext.Request;
bodyText = TryPassJsonToQueryString(ActionFilterHelper.GetRequestBodyText(request)?.Trim());
var allKeys = new Dictionary <string, object>();
if (!string.IsNullOrWhiteSpace(bodyText))
{
allKeys = bodyText.TrimStart('?').Split('&').Select(a => new
{
Key = a.Substring(0, a.IndexOf('=')).ToLower(),
Value = (object)a.Substring(a.IndexOf('=') + 1)
}).ToDictionary(a => a.Key, a => (object)HttpUtility.UrlDecode(a.Value.ToString()));
}
if (request.Headers != null && request.Headers.Keys.Any())
{
var headers = request.Headers.ToDictionary(a => a.Key.ToLower(), a => a.Value).Where(a => new[] { "appid", "sign" }.Contains(a.Key)).ToDictionary(a => a.Key, a => a.Value.ToString());
if (headers.Any())
{
foreach (var header in headers)
{
if (allKeys.ContainsKey(header.Key))
{
allKeys[header.Key] = header.Value;
}
else
{
allKeys.Add(header.Key, header.Value);
}
}
}
}
if (request.Query != null && request.Query.Keys.Any())
{
foreach (var key in request.Query.Keys)
{
var value = HttpUtility.UrlDecode(request.Query[key]);
var lowerKey = key.ToLower();
if (allKeys.ContainsKey(lowerKey))
{
allKeys[lowerKey] = value;
}
else
{
allKeys.Add(lowerKey, value);
}
}
}
if (!allKeys.ContainsKey("appid") || !allKeys.ContainsKey("sign"))
{
BuildErrorJson(context, "不存在AppId/Sign", bodyText);
return;
}
var secrets = new List <AppSecret>();
_configuration.GetSection("Secrets").Bind(secrets);
appId = (string)allKeys["appid"];
var secret = secrets.FirstOrDefault(a => a.AppId == appId)?.Secret;
//获取两份签名,一份原始数据,一份忽略大小写的签名。然后用两份签名比较
var upperSign = SignHelper.GetSign(allKeys, secret);
var lowerSign = SignHelper.GetSign(allKeys, secret, true);
var sign = (string)allKeys["sign"];
if (upperSign != sign && lowerSign != sign)
{
BuildErrorJson(context, $"签名不正确:sign:{sign},upperSign:{upperSign},lowerSign:{lowerSign}", bodyText);
return;
}
}
catch (Exception ex)
{
BuildErrorJson(context, "签名验证失败!" + ex.Message, bodyText);
return;
}
gotoNext:
await next();
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var descriptor = (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor;
var attribute = (IgnoreSignAttribute)descriptor.MethodInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).FirstOrDefault();
if (attribute != null)
{
goto gotoNext;
}
string appId = null;
try
{
var request = context.HttpContext.Request;
var bodyText = TryPassJsonToQueryString(ActionFilterHelper.GetRequestBodyText(request).Trim());
if (string.IsNullOrWhiteSpace(bodyText))
{
BuildErrorJson(context);
return;
}
var allKeys = bodyText.TrimStart('?').Split('&').Select(a => new
{
Key = a.Substring(0, a.IndexOf('=')).ToLower(),
Value = (object)a.Substring(a.IndexOf('=') + 1)
}).ToDictionary(a => a.Key, a => a.Value);
if (request.Headers != null)
{
var headers = request.Headers.ToDictionary(a => a.Key.ToLower(), a => a.Value).Where(a => new[] { "appid", "sign" }.Contains(a.Key)).ToDictionary(a => a.Key, a => a.Value.ToString());
foreach (var header in headers)
{
if (allKeys.ContainsKey(header.Key))
{
allKeys[header.Key] = header.Value;
}
else
{
allKeys.Add(header.Key, header.Value);
}
}
}
if (!allKeys.ContainsKey("appid") || !allKeys.ContainsKey("sign"))
{
BuildErrorJson(context);
return;
}
////判断请求是否在有效期内
////获取过期时间(秒)
//var expireSeconds = _configuration.GetValue<double>("ExpireSeconds", 0);
////请求过期时间
//var requestExpireTime = new DateTime(ticks + TimeSpan.FromSeconds(expireSeconds).Ticks);
////如果请求过期时间小于当前时间则判定为过期
//if (DateTime.Compare(requestExpireTime, DateTime.Now) == -1)
//{
// BuildErrorJson(context);
// return;
//}
var secrets = new List <AppSecret>();
_configuration.GetSection("Secrets").Bind(secrets);
appId = (string)allKeys["appid"];
var secret = secrets.FirstOrDefault(a => a.AppId == appId)?.Secret;
var sign = SignHelper.GetSign(allKeys, secret);
if (sign != (string)allKeys["sign"])
{
BuildErrorJson(context);
return;
}
}
catch (Exception ex)
{
_logger.Error(ex, "【VerifySignFilter】error:" + ex.Message);
BuildErrorJson(context, "签名验证失败!" + ex.Message);
return;
}
gotoNext:
await next();
}
