示例#1
0
        public CompareResult CreateCompare()
        {
            //Get User from header token
            string userName;
            var    token = Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value.ElementAt(0);

            JWToken.Validate(token, out userName);
            if (string.IsNullOrWhiteSpace(userName))
            {
                return(new CompareResult()
                {
                    Status = 3,
                    Message = "Authorization failed."
                });
            }

            string       config       = HttpContext.Current.Request["Config"];
            CompareInput compareInput = JsonConvert.DeserializeObject <CompareInput>(config);

            HttpFileCollection files = HttpContext.Current.Request.Files;

            if (files.AllKeys.Length != 2)
            {
                return(new CompareResult()
                {
                    Status = 3,
                    Message = "Error Input"
                });
            }

            compareInput.FileName1 = SaveFile(files[0]);
            compareInput.FileName2 = SaveFile(files[1]);

            return(CompareSvc.Start(userName, compareInput));
        }
示例#2
0
        public List <CompareResult> GetCompareHistroy(int start, int count)
        {
            //Get User from header token
            string userName;
            var    token = Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value.ElementAt(0);

            JWToken.Validate(token, out userName);
            if (string.IsNullOrWhiteSpace(userName))
            {
                return(new List <CompareResult>());
            }


            return(CompareSvc.GetCompareHistory(userName, start, count));
        }
示例#3
0
        public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
        {
            //如果用户方位的Action带有AllowAnonymousAttribute,则不进行授权验证
            if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
            {
                return;
            }



            var tokenElements = actionContext.Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value;

            if (tokenElements != null)
            {
                var    token = tokenElements.ElementAt(0);
                string temp;
                if (JWToken.Validate(token, out temp))
                {
                    return;
                }
            }

            actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError("Authorization failed"));
        }
示例#4
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddOptions();
            // https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/dependency-injection
            services.Configure <EnabledRules>(_configuration.GetSection("EnabledRules"));
            services.Configure <Settings>(_configuration.GetSection("Thermostat"));
            services.Configure <AccountSettings>(_configuration.GetSection("Account"));

            // Uncomment to add settings from code
            //services.Configure<SampleWebSettings>(settings =>
            //{
            //    oauthCodes = new Dictionary
            //    settings.Updates = 17;
            //});

            //call this in case you need aspnet-user-authtype/aspnet-user-identity
            services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
            //services.AddSingleton(_configuration);
            services.AddSingleton <OAuthCodeStore>();

            // add repository as a service
            services.AddTransient <Repository>();
            services.AddSingleton(_engine);

            // Add framework services.
            services.AddApplicationInsightsTelemetry(_configuration);

            services.AddMvc().AddJsonOptions(options =>
            {
                //options.SerializerSettings.Converters.Add(new Newtonsoft.Json.Converters.StringEnumConverter());
                options.SerializerSettings.NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore;
            });
            //services.Configure<IISOptions>( options => options.)

            services.AddAuthorization(options =>
            {
                options.AddPolicy("passport", policy => policy.RequireClaim("passport"));
            });

            services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
            .AddCookie(o =>
            {
                o.LoginPath        = new PathString("/Account/Login");
                o.AccessDeniedPath = new PathString("/Account/Forbidden/");
                o.Cookie.Name      = "cookie";
            });

            // add Alexa JWT token validation
            //TOOD: create a separate nuget for that
            services.AddAuthorization(options =>
            {
                options.AddPolicy("AlexaJWT",
                                  policy => policy.RequireAssertion(context =>
                {
                    if (context.Resource is Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext mvcContext)
                    {
                        // Examine MVC specific things like routing data.
                        var tokenData = mvcContext.HttpContext.Request.Query["accessToken"].FirstOrDefault();
                        if (tokenData == null)
                        {
                            return(false);
                        }

                        JWToken token = JsonConvert.DeserializeObject <JWToken>(tokenData);

                        //TODO: something else..
                        return(token.Validate(_configuration.GetSection("Account").GetValue <string>("TokenKey")));
                    }
                    return(false);
                }
                                                                    ));
            });

            // Add our BackgroundService which will be saving telemetry at regular intervals
            services.AddSingleton <IHostedService, BackgroundService>();

            // Note .AddMiniProfiler() returns a IMiniProfilerBuilder for easy intellisense
            services.AddMiniProfiler(options =>
            {
                // All of this is optional. You can simply call .AddMiniProfiler() for all defaults

                // (Optional) Path to use for profiler URLs, default is /mini-profiler-resources
                options.RouteBasePath = "/profiler";

                // (Optional) Control storage
                // (default is 30 minutes in MemoryCacheStorage)
                //(options.Storage as MemoryCacheStorage).CacheDuration = TimeSpan.FromMinutes(60);

                // (Optional) Control which SQL formatter to use, InlineFormatter is the default
                options.SqlFormatter = new StackExchange.Profiling.SqlFormatters.InlineFormatter();

                // (Optional) To control authorization, you can use the Func<HttpRequest, bool> options:
                // (default is everyone can access profilers)
                //options.ResultsAuthorize = request => MyGetUserFunction(request).CanSeeMiniProfiler;
                //options.ResultsListAuthorize = request => MyGetUserFunction(request).CanSeeMiniProfiler;

                // (Optional)  To control which requests are profiled, use the Func<HttpRequest, bool> option:
                // (default is everything should be profiled)
                //options.ShouldProfile = request => MyShouldThisBeProfiledFunction(request);

                // (Optional) Profiles are stored under a user ID, function to get it:
                // (default is null, since above methods don't use it by default)
                //options.UserIdProvider = request => MyGetUserIdFunction(request);

                // (Optional) Swap out the entire profiler provider, if you want
                // (default handles async and works fine for almost all appliations)
                //options.ProfilerProvider = new MyProfilerProvider();
            });
        }