/// <summary>
/// Challenge the specified authentication scheme.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <param name="scheme">The name of the authentication scheme.</param>
/// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
/// <returns>A task.</returns>
public virtual async Task ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties)
{
if (scheme == null)
{
var defaultChallengeScheme = await Schemes.GetDefaultChallengeSchemeAsync();
scheme = defaultChallengeScheme?.Name;
if (scheme == null)
{
throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultChallengeScheme found.");
}
}
var handler = await Handlers.GetHandlerAsync(context, scheme);
if (handler == null)
{
throw await CreateMissingHandlerException(scheme);
}
await handler.ChallengeAsync(properties);
}
/// <summary>
/// Forbid the specified authentication scheme.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <param name="scheme">The name of the authentication scheme.</param>
/// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
/// <returns>A task.</returns>
public virtual async Task ForbidAsync(HttpContext context, string scheme, AuthenticationProperties properties)
{
if (scheme == null)
{
var defaultForbidScheme = await Schemes.GetDefaultForbidSchemeAsync();
scheme = defaultForbidScheme?.Name;
if (scheme == null)
{
throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultForbidScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action<AuthenticationOptions> configureOptions).");
}
}
var handler = await Handlers.GetHandlerAsync(context, scheme);
if (handler == null)
{
throw await CreateMissingHandlerException(scheme);
}
await handler.ForbidAsync(properties);
}
/// <summary>
/// Sign out the specified authentication scheme.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <param name="scheme">The name of the authentication scheme.</param>
/// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
/// <returns>A task.</returns>
public virtual async Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties)
{
if (scheme == null)
{
var defaultScheme = await Schemes.GetDefaultSignOutSchemeAsync();
scheme = defaultScheme?.Name;
if (scheme == null)
{
throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultSignOutScheme found.");
}
}
var handler = await Handlers.GetHandlerAsync(context, scheme) as IAuthenticationSignOutHandler;
if (handler == null)
{
throw new InvalidOperationException($"No IAuthenticationSignOutHandler is configured to handle sign out for the scheme: {scheme}");
}
await handler.SignOutAsync(properties);
}
public void AddSchemes()
{
using (var toyapp = new ToyApplicationDbContext())
{
string schemeName, Description;
Console.WriteLine("Enter schemeName");
schemeName = Console.ReadLine();
Console.WriteLine("Enter Description");
Description = Console.ReadLine();
var scheme = new Schemes
{
SchemeName = schemeName,
Description = Description
};
toyapp.Schemes.Add(scheme);
toyapp.SaveChanges();
Console.WriteLine(" Scheme Successfully Added");
}
}
public async Task <Schemes> UpdateAsync(Schemes model)
{
// model.IsUpdated = true;
// ObjectValidation(model);
var dbobj = await GetByIdAsync(model.Id);
if (dbobj == null)
{
throw new ProjectException("The Record does not exist in the system");
}
dbobj.Description = model.Description;
dbobj.Fees = model.Fees;
dbobj.Name = model.Name;
if (model.Channel != null)
{
dbobj.Channel.Code = model.Channel.Code;
dbobj.Channel.Description = model.Channel.Description;
dbobj.Channel.Name = model.Channel.Name;
}
if (model.Route != null)
{
dbobj.Route.CardPAN = model.Route.CardPAN;
dbobj.Route.Description = model.Route.Description;
dbobj.Route.Name = model.Route.Name;
}
if (model.TransType != null)
{
dbobj.TransType.Code = model.TransType.Code;
dbobj.TransType.Description = model.TransType.Description;
dbobj.TransType.Name = model.TransType.Name;
}
_ModelRepository.Attach(dbobj, EntityStatus.Modified);
await _UnitOfWork.SaveChangesAsync();
return(dbobj);
}
/// <summary>
/// Sign a principal in for the specified authentication scheme.
/// </summary>
/// <param name="context">The <see cref="T:Microsoft.AspNetCore.Http.HttpContext" />.</param>
/// <param name="scheme">The name of the authentication scheme.</param>
/// <param name="principal">The <see cref="T:System.Security.Claims.ClaimsPrincipal" /> to sign in.</param>
/// <param name="properties">The <see cref="T:Microsoft.AspNetCore.Authentication.AuthenticationProperties" />.</param>
/// <returns>A task.</returns>
public virtual async Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties)
{
if (principal == null)
{
throw new ArgumentNullException(nameof(principal));
}
if (scheme == null)
{
var signInSchemeAsync = await Schemes.GetDefaultSignInSchemeAsync();
scheme = signInSchemeAsync?.Name;
if (scheme == null)
{
throw new InvalidOperationException("No authenticationScheme was specified, and there was no DefaultSignInScheme found.");
}
}
if (!(await Handlers.GetHandlerAsync(context, scheme) is IAuthenticationSignInHandler handlerAsync))
{
throw new InvalidOperationException(string.Format("No IAuthenticationSignInHandler is configured to handle sign in for the scheme: {0}", scheme));
}
var user = principal;
var properties1 = properties;
await handlerAsync.SignInAsync(user, properties1);
}
protected override void OnPaint(PaintEventArgs e)
{
G = e.Graphics;
base.OnPaint(e);
G.Clear(Parent.BackColor);
switch (Scheme)
{
case Schemes.Black:
if (Enabled)
{
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(54, 54, 53)))
{
using (Pen Border = new Pen(Color.FromArgb(42, 42, 41)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(58, 58, 57)))
{
using (Pen Border = new Pen(Color.FromArgb(46, 46, 45)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(50, 50, 49)))
{
using (Pen Border = new Pen(Color.FromArgb(38, 38, 37)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
}
else
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(40, 40, 39)))
{
using (Pen Border = new Pen(Color.FromArgb(38, 38, 37)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Green:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(123, 164, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(119, 160, 89)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(127, 168, 97)))
{
using (Pen Border = new Pen(Color.FromArgb(123, 164, 93)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(119, 160, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(115, 156, 85)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Red:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(164, 93, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(160, 89, 89)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(168, 97, 97)))
{
using (Pen Border = new Pen(Color.FromArgb(164, 93, 93)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(160, 89, 89)))
{
using (Pen Border = new Pen(Color.FromArgb(156, 85, 85)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Blue:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(93, 154, 164)))
{
using (Pen Border = new Pen(Color.FromArgb(89, 150, 160)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(97, 160, 168)))
{
using (Pen Border = new Pen(Color.FromArgb(93, 154, 164)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(89, 150, 160)))
{
using (Pen Border = new Pen(Color.FromArgb(85, 146, 156)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
}
if (Scheme == Schemes.Black)
{
if (Enabled)
{
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(220, 220, 219)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat { Alignment = StringAlignment.Center })
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
else
{
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(140, 140, 139)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat { Alignment = StringAlignment.Center })
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
}
else
{
if (!Enabled)
{
Scheme = Schemes.Black;
}
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(250, 250, 249)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat { Alignment = StringAlignment.Center })
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
}
//public List<Security> security { get; set; }
public void Serialize(JsonWriter writer)
{
writer.WritePropertyName(Id);
writer.WriteStartObject();
if (Tags != null && Tags.Any())
{
writer.WritePropertyName("tags");
writer.WriteStartArray();
foreach (string tag in Tags)
{
writer.WriteValue(tag);
}
writer.WriteEndArray();
}
if (!string.IsNullOrWhiteSpace(Summary))
{
writer.WritePropertyName("summary");
writer.WriteValue(Summary);
}
if (!string.IsNullOrWhiteSpace(Description))
{
writer.WritePropertyName("description");
writer.WriteValue(Description);
}
if (ExternalDocs != null)
{
writer.WritePropertyName("externalDocs");
ExternalDocs.Serialize(writer);
}
if (!string.IsNullOrWhiteSpace(OperationId))
{
writer.WritePropertyName("operationId");
writer.WriteValue(OperationId);
}
if (Consumes != null && Consumes.Any())
{
writer.WritePropertyName("consumes");
writer.WriteStartArray();
foreach (string cons in Consumes)
{
writer.WriteValue(cons);
}
writer.WriteEndArray();
}
if (Produces != null && Produces.Any())
{
writer.WritePropertyName("produces");
writer.WriteStartArray();
foreach (string prod in Produces)
{
writer.WriteValue(prod);
}
writer.WriteEndArray();
}
if (Parameters != null && Parameters.Any())
{
writer.WritePropertyName("parameters");
writer.WriteStartArray();
foreach (ParameterBase p in Parameters)
{
p.Serialize(writer);
}
writer.WriteEndArray();
}
if (Responses != null && Responses.Any())
{
writer.WritePropertyName("responses");
writer.WriteStartObject();
foreach (Response r in Responses)
{
r.Serialize(writer);
}
writer.WriteEndObject();
}
if (Schemes != null && Schemes.Any())
{
writer.WritePropertyName("schemes");
writer.WriteStartArray();
foreach (string sch in Schemes)
{
writer.WriteValue(sch);
}
writer.WriteEndArray();
}
if (Deprecated)
{
writer.WritePropertyName("deprecated");
writer.WriteValue(Deprecated);
}
writer.WriteEndObject();
}
public bool UpdateScheme(Schemes a)
{
return(admin.UpdateScheme(a));
}
public void schemeBuilder()
{
int[][] scheme = new int[6][];
scheme[0] = new int[] { 1, 1, 1, 2, 2, 2, 2, 3, 3,
1, 1, 4, 4, 4, 2, 2, 3, 3,
1, 1, 4, 5, 5, 2, 3, 3, 3,
1, 1, 4, 5, 2, 2, 6, 3, 3,
4, 4, 4, 5, 5, 5, 6, 6, 6,
7, 7, 4, 8, 8, 5, 6, 0, 0,
7, 7, 7, 8, 5, 5, 6, 0, 0,
7, 7, 8, 8, 6, 6, 6, 0, 0,
7, 7, 8, 8, 8, 8, 0, 0, 0 };
scheme[1] = new int[] { 1, 1, 2, 2, 2, 3, 3, 3, 4,
1, 1, 2, 2, 2, 3, 3, 3, 4,
1, 1, 2, 2, 2, 3, 3, 4, 4,
5, 1, 1, 1, 6, 6, 3, 4, 4,
5, 5, 6, 6, 6, 6, 6, 4, 4,
5, 5, 7, 6, 6, 0, 0, 0, 4,
5, 5, 7, 7, 8, 8, 8, 0, 0,
5, 7, 7, 7, 8, 8, 8, 0, 0,
5, 7, 7, 7, 8, 8, 8, 0, 0 };
scheme[2] = new int[] { 1, 1, 1, 2, 2, 2, 3, 3, 3,
1, 1, 1, 2, 2, 2, 4, 3, 3,
1, 5, 5, 2, 6, 2, 4, 3, 3,
1, 1, 5, 2, 6, 6, 4, 3, 3,
5, 5, 5, 6, 6, 6, 4, 4, 4,
7, 7, 5, 6, 6, 8, 4, 0, 0,
7, 7, 5, 8, 6, 8, 4, 4, 0,
7, 7, 5, 8, 8, 8, 0, 0, 0,
7, 7, 7, 8, 8, 8, 0, 0, 0 };
scheme[3] = new int[] { 1, 1, 1, 2, 2, 2, 2, 3, 3,
1, 1, 4, 2, 2, 2, 2, 3, 3,
5, 1, 4, 2, 4, 4, 4, 4, 3,
5, 1, 4, 4, 4, 6, 6, 6, 3,
5, 1, 1, 6, 6, 6, 8, 8, 3,
5, 6, 6, 6, 7, 7, 7, 8, 3,
5, 7, 7, 7, 7, 0, 7, 8, 3,
5, 5, 0, 0, 0, 0, 7, 8, 8,
5, 5, 0, 0, 0, 0, 8, 8, 8 };
scheme[4] = new int[] { 1, 1, 2, 2, 2, 2, 2, 2, 2,
1, 1, 1, 1, 3, 2, 2, 3, 4,
1, 5, 5, 1, 3, 3, 3, 3, 4,
1, 5, 6, 6, 3, 3, 3, 4, 4,
5, 5, 6, 6, 6, 6, 6, 4, 4,
5, 5, 7, 7, 7, 6, 6, 4, 8,
5, 7, 7, 7, 7, 8, 4, 4, 8,
5, 7, 0, 0, 7, 8, 8, 8, 8,
0, 0, 0, 0, 0, 0, 0, 8, 8 };
for (int s = 0; s < 5; s++)
{
int[,] Puzzle = new int[9, 9];
for (int i = 0; i < 9; i++)
{
for (int j = 0; j < 9; j++)
{
Puzzle[i, j] = scheme[s][i * 9 + j];
}
}
Schemes.Add(Puzzle);
}
}
internal static void Load()
{
try
{
XmlDocument Doc = new XmlDocument();
using (MemoryStream ms = new MemoryStream(Waher.Content.Resources.LoadResource(
typeof(PersonalNumberSchemes).Namespace + ".PersonalNumberSchemes.xml")))
{
Doc.Load(ms);
}
foreach (XmlNode N in Doc.DocumentElement.ChildNodes)
{
if (N is XmlElement E && E.LocalName == "Entry")
{
string Country = XML.Attribute(E, "country");
string DisplayString = XML.Attribute(E, "displayString");
string Variable = null;
Expression Pattern = null;
Expression Check = null;
Expression Normalize = null;
try
{
foreach (XmlNode N2 in E.ChildNodes)
{
if (N2 is XmlElement E2)
{
switch (E2.LocalName)
{
case "Pattern":
Pattern = new Expression(E2.InnerText);
Variable = XML.Attribute(E2, "variable");
break;
case "Check":
Check = new Expression(E2.InnerText);
break;
case "Normalize":
Normalize = new Expression(E2.InnerText);
break;
}
}
}
}
catch (Exception ex)
{
Log.Critical(ex);
continue;
}
if (Pattern is null || string.IsNullOrEmpty(Variable) || string.IsNullOrEmpty(DisplayString))
{
continue;
}
if (!schemesByCode.TryGetValue(Country, out LinkedList <PersonalNumberScheme> Schemes))
{
Schemes = new LinkedList <PersonalNumberScheme>();
schemesByCode[Country] = Schemes;
}
Schemes.AddLast(new PersonalNumberScheme(Variable, DisplayString, Pattern, Check, Normalize));
}
}
}
catch (Exception ex)
{
Log.Critical(ex);
}
}
/// <summary>
/// 重载异步处理程序
/// </summary>
/// <param name="context"></param>
/// <param name="requirement"></param>
/// <returns></returns>
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// 将最新的角色和接口列表更新,
// 注意这里我用到了AOP缓存,只是减少与数据库的访问次数,而又保证是最新的数据
var data = await _roleModulePermissionServices.GetRoleModule();
var list = (from item in data
orderby item.Id
select new Permission
{
Id = item.Id,
ApiUrl = item.ApiUrl,
RequestMethod = item.RequestMethod,
ActionName = item.ActionName
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表头信息
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext;
//请求Url
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//权限中是否存在请求的url
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).FirstOrDefault();
//这里就是对权限的验证
//请求方式 httpContext.Request.Method
//请求连接 questUrl
//我们的权限 Permissions
if (requirement.Permissions.Where(g => g.Id == currentUserRoles && g.ApiUrl?.ToLower() == questUrl && g.RequestMethod == httpContext.Request.Method).Count() <= 0)
{
context.Fail();
return;
}
//判断过期时间
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") ||
!httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
context.Succeed(requirement);
}
/// <summary>
/// Creates a new key file with authentication information.
/// </summary>
/// <param name="sheme"></param>
/// <param name="host"></param>
/// <param name="path"></param>
/// <param name="user"></param>
/// <param name="pass"></param>
/// <returns></returns>
public static KeyFile BuildUri(Schemes sheme, string host, string path, string user, string pass)
{
return new KeyFile(string.Format("{0}://{1}:{2}@{3}/{4}",
sheme, user, pass, host, path));
}
/// <summary>
/// Creates a new key file.
/// </summary>
/// <param name="sheme">The sheme of the source.</param>
/// <param name="host">The hostname.</param>
/// <param name="path">The path.</param>
/// <returns></returns>
public static KeyFile BuildUri(Schemes sheme, string host, string path)
{
return new KeyFile(string.Format("{0}://{1}/{2}",
sheme, host, path));
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// 将最新的角色和接口列表更新
var data = await RoleModulePermissionService.GetRoleModule().ConfigureAwait(false);
var list = (from item in data
where item.IsDelete == false
orderby item.Id
select new PermissionItem
{
Url = item.Module?.LinkUrl,
Role = item.Role?.RoleName,
}).ToList();
requirement.Permissions = list;
// 从AuthorizationHandlerContext转成HttpContext,以便取出表头信息
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext)?.HttpContext;
// https://q.cnblogs.com/q/120091/
if (httpContext == null)
{
httpContext = _accessor.HttpContext;
}
// 请求Url
if (httpContext != null)
{
var questUrl = httpContext.Request.Path.Value.ToLower();
// 判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync().ConfigureAwait(false))
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name).ConfigureAwait(false) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
// 判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync().ConfigureAwait(false);
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name).ConfigureAwait(false);
// result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
// 权限中是否存在请求的url
// if (requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key?.ToLower() == questUrl).Count() > 0)
// if (isMatchUrl)
if (true)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
var isMatchRole = false;
var permissionRoles = requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role));
foreach (var item in permissionRoles)
{
try
{
if (Regex.Match(questUrl, item.Url?.ObjToString().ToLower())?.Value == questUrl)
{
isMatchRole = true;
break;
}
}
catch (Exception)
{
// ignored
}
}
// 验证权限
// if (currentUserRoles.Count <= 0 || requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role) && w.Url.ToLower() == questUrl).Count() <= 0)
if (currentUserRoles.Count <= 0 || !isMatchRole)
{
context.Fail();
return;
}
}
// 判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
return;
}
return;
}
}
// 判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
}
context.Succeed(requirement);
}
/// <summary>
/// 判断是否授权
/// </summary>
/// <param name="context"></param>
/// <param name="requirement"></param>
/// <returns></returns>
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, MvcAuthorizeHandlerReq requirement)
{
#region 说明
/*
* .netcore3.0 启用EndpointRouting后,权限filter不再添加到ActionDescriptor ,而将权限直接作为中间件运行,
* 同时所有filter都会添加到endpoint.Metadata。因此,文中的
* context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext不再成立。
*
* 解决方案有两个:
*
* 首先必须在 controller 上进行配置 Authorize ,可以策略授权,也可以角色等基本授权
*
* 1、开启公约, startup 中的全局授权过滤公约:o.Conventions.Insert(0, new GlobalRouteAuthorizeConvention());
*
* 2、不开启公约,使用 IHttpContextAccessor ,也能实现效果,但是不能自定义返回格式,详细看下边配置;
*/
#endregion
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息(netcore2.2之前有效,3.0需要开启全局过滤公约才有这个上下文)
var filterContext = (context.Resource as AuthorizationFilterContext);
var httpContext = (context.Resource as AuthorizationFilterContext)?.HttpContext;
if (httpContext == null)
{
httpContext = HttpContextAccessor.HttpContext;
}
//请求Url
if (httpContext != null)
{
var user = httpContext.User;
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
AuthDeal(context, requirement, httpContext, false);
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
// todo:根据用户判断是否 有对应角色和路由的权限
//var questUrl = httpContext.Request.Path.Value.ToLower();
if (requirement.Roles != null && requirement.Roles.Length > 0)
{
var strReqRoles = string.Join(",", requirement.Roles.Select(x => ((int)x).ToString()));
var isUserHadRoles = httpContext.User.IsInRole(strReqRoles);
if (!isUserHadRoles)
{
AuthDeal(context, requirement, httpContext, false);
return;
}
}
if (true)
{
AuthDeal(context, requirement, httpContext, true);
return;
}
}
}
}
}
AuthDeal(context, requirement, httpContext, false);
return;
}
public SchemeViewModel()
{
#region 初始化方案
using (var db = new HomeAutomationEntities())
{
Schemes = db.t_Scheme.ToList();
}
if (Schemes.Count > 0)
{
Scheme = Schemes[0];
SchemeName = Schemes[0].SchemeName;
}
#endregion
#region 初始化详细方案//test
RefreshDetailScheme();
#endregion
#region 初始化电器
using (var db = new HomeAutomationEntities())
{
HomeAppliances = db.t_HomeAppliances.ToList();
}
#endregion
#region 新建方案
CreateSchemeCommand = new RelayCommand(() =>
{
if (SchemeState)
{
UMessageBox.Show($"请先停止方案!", false);
return;
}
if (SchemeNameEidtState)
{
return;
}
using (var db = new HomeAutomationEntities())
{
var count = db.t_Scheme.ToList().Count;
db.t_Scheme.Add(new t_Scheme()
{
SchemeName = $"方案{++count}"
});
db.SaveChanges();
Schemes = db.t_Scheme.ToList();
Scheme = Schemes.Find(x => x.SchemeName == $"方案{count}");
DetailSchemes = new ObservableCollection <DetailSchemeModel>();
}
});
#endregion
#region 除方案
DeleteSchemeCommand = new RelayCommand(() =>
{
if (SchemeState)
{
UMessageBox.Show($"请先停止方案!", false);
return;
}
if (SchemeNameEidtState)
{
return;
}
var result = UMessageBox.Show("确定删除当前方案吗?");
if (result == false)
{
return;
}
using (var db = new HomeAutomationEntities())
{
if (Scheme == null)
{
return;
}
var scheme = db.t_Scheme.FirstOrDefault(x => x.Id == Scheme.Id);
if (scheme != null)
{
db.t_Scheme.Remove(scheme);
}
var detailScheme = db.t_DetailScheme.Where(x => x.SchemeId == Scheme.Id);
db.t_DetailScheme.RemoveRange(detailScheme);
db.SaveChanges();
Schemes = db.t_Scheme.ToList();
if (Schemes.Count <= 0)
{
return;
}
Scheme = Schemes[0];
SchemeName = Schemes[0].SchemeName;
}
});
#endregion
#region 刷新方案列表命令
HomeApplianceScheme = new RelayCommand(() =>
{
if (SchemeNameEidtState)
{
return;
}
RefreshDetailScheme();
});
#endregion
#region 方案定时开关 (开关定时任务)
StartSchemeCommand = new RelayCommand((() =>
{
if (!UMessageBox.Result)
{
return;
}
//是否选择方案,执行方案是否为空
if (Scheme == null)
{
UMessageBox.Show($"当前没有选中方案!", false);
return;
}
//是否正在编辑方案
if (SchemeNameEidtState)
{
return;
}
//定时方案停止
if (SchemeState)
{
//
//等待提示框
//强制关闭所有电器
//var driver =new Rs485Driver();
//try
//{
// driver.Connect(new NetArg("192.168.0.233", 10001));
//}
//catch (Exception e)
//{
// MessageBox.Show($"连接不上设备", "提示", MessageBoxButton.OK, MessageBoxImage.Information);
// return;
//}
//var state= driver.Read32RelayOutputState();
//foreach (var value in state)
//{
// if (value.Value==true)
// {
// ControllerHomeAutomation(value.Key, false);
// }
//}
foreach (var value in DetailSchemes)
{
value.RunSchemeState = false;
value.SchemevisibiState = "Hidden";
value.Cancel.Cancel();
}
SchemeState = false;
SchemeList = true;
}
//定时方案启动
else
{
SchemeState = true;
SchemeList = false;
foreach (var value in DetailSchemes)
{
value.Cancel = new CancellationTokenSource();
value.Task = new Task(() =>
{
//等待开始
var waitTime = 0;
while (waitTime < value.DtailScheme.WaitTime)
{
try
{
value.Cancel.Token.ThrowIfCancellationRequested();
}
catch (Exception e)
{
value.RunSchemeState = false;
value.SchemevisibiState = "Hidden";
return;
}
waitTime++;
Thread.Sleep(1000);
}
value.RunSchemeState = true;
value.SchemevisibiState = "Visible";
//启动电器
//try
//{
//
// AsyncControllerHomeAutomation(value.DtailScheme.HomeAppliancesId, true);
//}
//catch (Exception e)
//{
// MessageBox.Show($"连接不上设备", "提示", MessageBoxButton.OK, MessageBoxImage.Information);
// value.RunSchemeState = false;
// value.SchemevisibiState = "Hidden";
// return;
//}
//执行时长
var runTime = 0;
//等待结束
while (runTime < value.DtailScheme.RunTime)
{
var timeSpan = new TimeSpan(0, 0, value.DtailScheme.RunTime - runTime - 1);
value.SchemeTime = timeSpan.Hours.ToString() + " h " + timeSpan.Minutes + " m " +
timeSpan.Seconds + " s";
try
{
value.Cancel.Token.ThrowIfCancellationRequested();
}
catch (Exception e)
{
value.RunSchemeState = false;
value.SchemevisibiState = "Hidden";
return;
}
runTime++;
Thread.Sleep(1000);
}
//关闭电器
//try
//{
// AsyncControllerHomeAutomation(value.DtailScheme.HomeAppliancesId, false);
//}
//catch (Exception e)
//{
// MessageBox.Show($"连接不上设备", "提示", MessageBoxButton.OK, MessageBoxImage.Information);
//}
value.RunSchemeState = false;
}, value.Cancel.Token);
value.Task.Start();
}
}
}));
#endregion
#region 添加 定时命令
AddSchemeCommand = new RelayCommand(() =>
{
if (DetailSchemes.FirstOrDefault(x => x.DtailScheme.HomeAppliancesName == "选择电器") != null)
{
//提示选择电器
UMessageBox.Show($"请选择电器!", false);
return;
}
using (var db = new HomeAutomationEntities())
{
//遍历详细方案
for (var i = 0; i < DetailSchemes.Count; i++)
{
if (DetailSchemes[i].DtailScheme.WaitTime < 0 || DetailSchemes[i].DtailScheme.RunTime <= 0)
{
UMessageBox.Show($"{DetailSchemes[i].DtailScheme.HomeAppliancesName} 时间运行太短!", false);
return;
}
//id= 100表示没有选中
if (DetailSchemes[i] == null || DetailSchemes[i].DtailScheme.HomeAppliancesId == 100)
{
continue;
}
//判断时间重复
for (var j = 0; j < i; j++)
{
//根据电器名称相同,断定同一电器
if (DetailSchemes[i].DtailScheme.HomeAppliancesName !=
DetailSchemes[j].DtailScheme.HomeAppliancesName)
{
}
//判断同一电器启动,一分钟间隔以上
else if (DetailSchemes[i].DtailScheme.WaitTime >
(DetailSchemes[j].DtailScheme.RunTime +
DetailSchemes[j].DtailScheme.WaitTime) + 60 ||
DetailSchemes[i].DtailScheme.RunTime + DetailSchemes[i].DtailScheme.WaitTime + 60 <
DetailSchemes[j].DtailScheme.WaitTime)
{
}
else
{
UMessageBox.Show($"{DetailSchemes[i].DtailScheme.HomeAppliancesName} 运行时间冲突或者间隔太近!", false);
return;
}
}
var detail = DetailSchemes[i];
var homeAppliance =
db.t_HomeAppliances.FirstOrDefault(
x => x.Name == detail.DtailScheme.HomeAppliancesName);
if (homeAppliance != null)
{
db.t_DetailScheme.AddOrUpdate(new t_DetailScheme()
{
Id = DetailSchemes[i].DtailScheme.DetailSchemeId,
HomeAppliancesId = homeAppliance.Id,
RunTime = DetailSchemes[i].DtailScheme.RunTime,
WaitTime = DetailSchemes[i].DtailScheme.WaitTime,
SchemeId = DetailSchemes[i].DtailScheme.SchemeId
});
}
}
db.SaveChanges();
Schemes = db.t_Scheme.ToList();
Scheme = Schemes.FirstOrDefault(x => x.Id == SchemmeId);
}
RefreshDetailScheme();
DetailSchemes.Add(new DetailSchemeModel()
{
DtailScheme = new v_DtailScheme()
{
RunTime = 0,
WaitTime = 0,
SchemeId = Scheme.Id,
HomeAppliancesName = "选择电器"
}
});
});
#endregion
#region 更新选中定时
UpdataSchemeCommand = new RelayCommand <long>((detailSchemeId) =>
{
var detailscheme = DetailSchemes.FirstOrDefault(x => x.DtailScheme.DetailSchemeId == detailSchemeId);
//id 100表示没有选中
if (detailscheme == null || detailSchemeId == 100)
{
return;
}
//判断时间重复
using (var db = new HomeAutomationEntities())
{
var homeAppliance =
db.t_HomeAppliances.FirstOrDefault(x => x.Name == detailscheme.DtailScheme.HomeAppliancesName);
var detailScheme =
db.t_DetailScheme.FirstOrDefault(x => x.Id == detailscheme.DtailScheme.DetailSchemeId);
if (detailScheme == null || homeAppliance == null)
{
return;
}
detailScheme.HomeAppliancesId = homeAppliance.Id;
detailScheme.RunTime = detailscheme.DtailScheme.RunTime;
detailScheme.WaitTime = detailscheme.DtailScheme.WaitTime;
db.SaveChanges();
}
RefreshDetailScheme();
});
#endregion
#region 除选中定时命令
DeleletChooseDetailScheme = new RelayCommand <long>(((detailSchemeId) =>
{
using (var db = new HomeAutomationEntities())
{
//删除定时
var descheme = db.t_DetailScheme.FirstOrDefault(x => x.Id == detailSchemeId);
if (descheme != null)
{
db.t_DetailScheme.Remove(descheme);
}
db.SaveChanges();
}
DetailSchemes.Remove(DetailSchemes.FirstOrDefault(x => x.DtailScheme.DetailSchemeId == detailSchemeId));
}));
#endregion
#region 编辑选中方案
UpdataChooseDatailScheme = new RelayCommand((() =>
{
if (SchemeState)
{
UMessageBox.Show($"请先停止方案!", false);
return;
}
if (SchemeName == null)
{
return;
}
if (SchemeEidtState)
{
SchemmeId = Scheme.Id;
SchemeEidtState = false;
ButtonNameSave = "完成";
SchemeAddState = "Visible";
SchemeNameEidtState = true;
}
else
{
for (var i = DetailSchemes.Count() - 1; i >= 0; i--)
{
if (DetailSchemes[i].DtailScheme.HomeAppliancesName == "选择电器")
{
DetailSchemes.Remove(DetailSchemes[i]);
}
}
using (var db = new HomeAutomationEntities())
{
//更新方案名称
var scheme = db.t_Scheme.FirstOrDefault(x => x.Id == SchemmeId);
if (scheme != null)
{
scheme.SchemeName = SchemeName;
}
//遍历详细方案
for (var i = 0; i < DetailSchemes.Count; i++)
{
if (DetailSchemes[i].DtailScheme.WaitTime <= 0 || DetailSchemes[i].DtailScheme.RunTime <= 0)
{
UMessageBox.Show($"{DetailSchemes[i].DtailScheme.HomeAppliancesName} 时间运行太短!", false);
return;
}
//id= 100表示没有选中
if (DetailSchemes[i] == null || DetailSchemes[i].DtailScheme.HomeAppliancesId == 100)
{
continue;
}
//判断时间重复
for (var j = 0; j < i; j++)
{
//根据电器名称相同,断定同一电器
if (DetailSchemes[i].DtailScheme.HomeAppliancesName !=
DetailSchemes[j].DtailScheme.HomeAppliancesName)
{
}
//判断同一电器启动,一分钟间隔以上
else if (DetailSchemes[i].DtailScheme.WaitTime >
(DetailSchemes[j].DtailScheme.RunTime +
DetailSchemes[j].DtailScheme.WaitTime) + 60 ||
DetailSchemes[i].DtailScheme.RunTime + DetailSchemes[i].DtailScheme.WaitTime +
60 <
DetailSchemes[j].DtailScheme.WaitTime)
{
}
else
{
UMessageBox.Show($"{DetailSchemes[i].DtailScheme.HomeAppliancesName} 时间冲突!", false);
return;
}
}
var detail = DetailSchemes[i];
var homeAppliance =
db.t_HomeAppliances.FirstOrDefault(
x => x.Name == detail.DtailScheme.HomeAppliancesName);
if (homeAppliance != null)
{
db.t_DetailScheme.AddOrUpdate(new t_DetailScheme()
{
Id = DetailSchemes[i].DtailScheme.DetailSchemeId,
HomeAppliancesId = homeAppliance.Id,
RunTime = DetailSchemes[i].DtailScheme.RunTime,
WaitTime = DetailSchemes[i].DtailScheme.WaitTime,
SchemeId = DetailSchemes[i].DtailScheme.SchemeId
});
}
}
db.SaveChanges();
Schemes = db.t_Scheme.ToList();
Scheme = Schemes.FirstOrDefault(x => x.Id == SchemmeId);
}
RefreshDetailScheme();
SchemeEidtState = true;
ButtonNameSave = "方案编辑";
SchemeAddState = "Hidden";
SchemeNameEidtState = false;
}
}));
#endregion
#region 编辑运行时间
InstallRunTimeCommand = new RelayCommand <long>(detailSchemeId =>
{
if (SchemeEidtState)
{
return;
}
var detailScheme =
DetailSchemes.FirstOrDefault(x => x.DtailScheme.DetailSchemeId == detailSchemeId);
if (detailScheme == null)
{
return;
}
var result = UTimePiker.ChooseEquals(detailScheme.DtailScheme.RunTime);
var dtailScheme = new v_DtailScheme()
{
DetailSchemeId = detailSchemeId,
HomeAppliancesId = detailScheme.DtailScheme.HomeAppliancesId,
HomeAppliancesName = detailScheme.DtailScheme.HomeAppliancesName,
RunTime = result,
SchemeId = detailScheme.DtailScheme.SchemeId,
SchemeName = detailScheme.DtailScheme.SchemeName,
WaitTime = detailScheme.DtailScheme.WaitTime
};
detailScheme.DtailScheme = dtailScheme;
});
#endregion
#region 编辑等待时间
InstallWaitTimeCommand = new RelayCommand <long>(detailSchemeId =>
{
if (SchemeEidtState)
{
return;
}
var detailScheme =
DetailSchemes.FirstOrDefault(x => x.DtailScheme.DetailSchemeId == detailSchemeId);
if (detailScheme == null)
{
return;
}
var result = UTimePiker.ChooseEquals(detailScheme.DtailScheme.WaitTime);
var dtailScheme = new v_DtailScheme()
{
DetailSchemeId = detailSchemeId,
HomeAppliancesId = detailScheme.DtailScheme.HomeAppliancesId,
HomeAppliancesName = detailScheme.DtailScheme.HomeAppliancesName,
RunTime = detailScheme.DtailScheme.RunTime,
SchemeId = detailScheme.DtailScheme.SchemeId,
SchemeName = detailScheme.DtailScheme.SchemeName,
WaitTime = result
};
detailScheme.DtailScheme = dtailScheme;
});
#endregion
}
// 重载异步处理程序
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// 将最新的角色和权限列表更新
var data = await roleModulePermissionServices.GetPermission();
var list = (from item in data
where item.S04_IsValid == 0
select new PermissionItem
{
Url = item.S03_BackRoute,
RoleId = item.S02_RoleId,
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext)?.HttpContext;
//请求Url
if (httpContext != null)
{
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
if (true)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
var isMatchRole = false;
var permisssionRoles = requirement.Permissions.Where(w => currentUserRoles.Contains(w.RoleId.ToString()));
foreach (var item in permisssionRoles)
{
try
{
if (Regex.Match(questUrl, item.Url?.ToString().ToLower())?.Value == questUrl)
{
isMatchRole = true;
break;
}
}
catch (Exception)
{
// ignored
}
}
//验证权限
//if (currentUserRoles.Count <= 0 || requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role) && w.Url.ToLower() == questUrl).Count() <= 0)
if (currentUserRoles.Count <= 0 || !isMatchRole)
{
context.Fail();
// 可以在这里设置跳转页面,不过还是会访问当前接口地址的
httpContext.Response.Redirect(requirement.DeniedAction);
}
}
//else
//{
// context.Fail();
// return;
//}
//判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
}
context.Succeed(requirement);
}
// 重载异步处理程序
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// 将最新的角色和接口列表更新
var data = await _roleModulePermissionServices.GeRoleModule();
var list = (from item in data
where item.IsDeleted == false
orderby item.Id
select new Permission
{
Url = item.Module?.LinkUrl,
Role = item.Role?.Name,
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext;
//请求Url
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//权限中是否存在请求的url
if (requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key?.ToLower() == questUrl).Count() > 0)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
//验证权限
if (currentUserRoles.Count <= 0 || requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role) && w.Url.ToLower() == questUrl).Count() <= 0)
{
context.Fail();
return;
// 可以在这里设置跳转页面,不过还是会访问当前接口地址的
httpContext.Response.Redirect(requirement.DeniedAction);
}
}
else
{
context.Fail();
return;
}
//判断过期时间
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") ||
!httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
context.Succeed(requirement);
}
protected override async void OnInitialize()
{
var schemes = await schemeStorage.GetSchemesAsync();
Schemes.AddRange(schemes.Select(s => new SchemeViewModel(s)));
}
public bool CanHandleUrl(string url)
{
return(Schemes.Any(p => Regex.IsMatch(url, p)));
}
// 重写异步处理程序
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
/*
*
* 首先必须在 controller 上进行配置 Authorize ,可以策略授权,也可以角色等基本授权
*
* 1、开启公约, startup 中的全局授权过滤公约:o.Conventions.Insert(0, new GlobalRouteAuthorizeConvention());
*
* 2、不开启公约,使用 IHttpContextAccessor ,也能实现效果;
*/
// 将最新的角色和接口列表更新
var data = await _roleModuleService.GetRoleModule();
var list = (from item in data
orderby item.Id
select new PermissionItem
{
Url = item.ModuleApi?.LinkUrl,
Role = item.Role?.Name,
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
//var filterContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext);
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext)?.HttpContext;
if (httpContext == null)
{
httpContext = _accessor.HttpContext;
}
//请求Url
if (httpContext != null)
{
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
context.Fail();
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//权限中是否存在请求的url
//验证权限临时判断 需要加上按钮管理才能控制
if (true)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
var isMatchRole = false;
var permisssionRoles = requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role));
foreach (var item in permisssionRoles)
{
try
{
if (Regex.Match(questUrl, item.Url?.ToLower())?.Value == questUrl)
{
isMatchRole = true;
break;
}
}
catch (Exception)
{
// ignored
}
}
//验证权限
if (currentUserRoles.Count <= 0 || !isMatchRole)
{
context.Succeed(requirement); //测试验证权限临时通过 需要加上按钮管理才能控制
//context.Fail();
//return;
}
}
//判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
}
context.Succeed(requirement);
}
/// <summary>
/// Default-Constructor
/// </summary>
/// <param name="scheme"></param>
public ColorScheme(Schemes scheme = Schemes.Normal, bool rightToLeft = true)
{
Scheme = scheme;
RightToLeft = rightToLeft;
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
////赋值用户权限
Requirement = requirement;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
AuthorizationFilterContext authorizationFilterContext = context.Resource as AuthorizationFilterContext;
if (authorizationFilterContext != null)
{
var httpContext = authorizationFilterContext.HttpContext;
//请求Url
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
if (handler != null && await handler.HandleRequestAsync())
{
httpContext.Response.Redirect(requirement.DeniedAction);
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Name).Value;
if (!Permissions.Any(g => g.UserName == name && g.Role?.Urls != null && g.Role.Urls.Any(w => w.Url.ToLower() == questUrl)))
{
//无权限跳转到拒绝页面
context.Fail();
return;
}
//判断过期时间
if (DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration).Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) &&
(!httpContext.Request.Method.Equals("POST") ||
!httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
}
context.Succeed(requirement);
}
private async Task <string> GetAllSignOutSchemeNames()
{
return(string.Join(", ", (await Schemes.GetAllSchemesAsync())
.Where(sch => typeof(IAuthenticationSignOutHandler).IsAssignableFrom(sch.HandlerType))
.Select(sch => sch.Name)));
}
public Bitmap drawSchemePreview(int w, int h, Schemes scheme)
{
Bitmap b = new Bitmap(w, h);
int padding = 2;
int margin = 4;
Size sqr_1 = new Size((w - ((margin * 2))), (((h - ((2 * margin) + (2 * padding))) / 4) * 2));
Size sqr_2 = new Size((w - ((margin * 2) + padding)) / 2, (((h - ((2 * margin) + (2 * padding))) / 4)));
Size sqr_3 = new Size((w - ((2 * padding) + (2 * margin))) / 3, (((h - ((2 * margin) + (2 * padding))) / 4)));
Size sqr_4 = new Size((w - ((3 * padding) + (2 * margin))) / 4, (((h - ((2 * margin) + (2 * padding))) / 4)));
int hp3 = (((h - ((2 * margin) + (2 * padding))) / 3));
using (Graphics g = Graphics.FromImage(b))
{
switch (scheme)
{
case Schemes.s133:
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin, margin), sqr_1));
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + padding + sqr_1.Height), sqr_3));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding * 2) + sqr_3.Height + sqr_1.Height), sqr_3));
}
break;
case Schemes.s134:
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin, margin), sqr_1));
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + padding + sqr_1.Height), sqr_3));
}
for (int i = 0; i < 4; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + 1 + (i * (sqr_4.Width + padding)), margin + (padding * 2) + sqr_3.Height + sqr_1.Height), sqr_4));
}
break;
case Schemes.s212:
for (int i = 0; i < 2; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_2.Width + padding)), margin), sqr_2));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_2.Width + padding)), margin + (padding * 2) + sqr_1.Height + sqr_2.Height), sqr_2));
}
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin, margin + padding + sqr_2.Height), sqr_1));
break;
case Schemes.s232:
for (int i = 0; i < 2; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_2.Width + padding)), margin), new Size(sqr_2.Width, hp3)));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_2.Width + padding)), margin + (padding * 2) + hp3 + hp3), new Size(sqr_2.Width, hp3)));
}
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + padding + hp3), new Size(sqr_3.Width, hp3)));
}
break;
case Schemes.s313:
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin, margin + padding + sqr_3.Height), sqr_1));
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin), sqr_3));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding * 2) + sqr_3.Height + sqr_1.Height), sqr_3));
}
break;
case Schemes.s323:
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin), new Size(sqr_3.Width, hp3)));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding * 2) + hp3 + hp3), new Size(sqr_3.Width, hp3)));
}
for (int i = 0; i < 2; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_2.Width + padding)), margin + padding + hp3), new Size(sqr_2.Width, hp3)));
}
break;
case Schemes.s333:
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin), new Size(sqr_3.Width, hp3)));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding) + hp3), new Size(sqr_3.Width, hp3)));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding * 2) + hp3 + hp3), new Size(sqr_3.Width, hp3)));
}
break;
case Schemes.s434:
for (int i = 0; i < 3; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin), new Size(sqr_3.Width, hp3)));
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + (i * (sqr_3.Width + padding)), margin + (padding * 2) + hp3 + hp3), new Size(sqr_3.Width, hp3)));
}
for (int i = 0; i < 4; i++)
{
g.DrawRectangle(Pens.Red, new Rectangle(new Point(margin + 1 + (i * (sqr_4.Width + padding)), margin + padding + hp3), new Size(sqr_4.Width, hp3)));
}
break;
}
}
return(b);
}
protected override void OnPaint(PaintEventArgs e)
{
G = e.Graphics;
base.OnPaint(e);
G.Clear(Parent.BackColor);
switch (Scheme)
{
case Schemes.Black:
if (Enabled)
{
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(54, 54, 53)))
{
using (Pen Border = new Pen(Color.FromArgb(42, 42, 41)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(58, 58, 57)))
{
using (Pen Border = new Pen(Color.FromArgb(46, 46, 45)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(50, 50, 49)))
{
using (Pen Border = new Pen(Color.FromArgb(38, 38, 37)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
}
else
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(40, 40, 39)))
{
using (Pen Border = new Pen(Color.FromArgb(38, 38, 37)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Green:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(123, 164, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(119, 160, 89)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(127, 168, 97)))
{
using (Pen Border = new Pen(Color.FromArgb(123, 164, 93)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(119, 160, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(115, 156, 85)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Red:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(164, 93, 93)))
{
using (Pen Border = new Pen(Color.FromArgb(160, 89, 89)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(168, 97, 97)))
{
using (Pen Border = new Pen(Color.FromArgb(164, 93, 93)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(160, 89, 89)))
{
using (Pen Border = new Pen(Color.FromArgb(156, 85, 85)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
case Schemes.Blue:
if (State == Helpers.MouseState.None)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(93, 154, 164)))
{
using (Pen Border = new Pen(Color.FromArgb(89, 150, 160)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Over)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(97, 160, 168)))
{
using (Pen Border = new Pen(Color.FromArgb(93, 154, 164)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
else if (State == Helpers.MouseState.Down)
{
using (SolidBrush Background = new SolidBrush(Color.FromArgb(89, 150, 160)))
{
using (Pen Border = new Pen(Color.FromArgb(85, 146, 156)))
{
G.FillPath(Background, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
G.DrawPath(Border, Helpers.RoundRect(new Rectangle(0, 0, Width - 1, Height - 1), 2));
}
}
}
break;
}
if (Scheme == Schemes.Black)
{
if (Enabled)
{
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(220, 220, 219)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat {
Alignment = StringAlignment.Center
})
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
else
{
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(140, 140, 139)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat {
Alignment = StringAlignment.Center
})
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
}
else
{
if (!Enabled)
{
Scheme = Schemes.Black;
}
using (SolidBrush TextBrush = new SolidBrush(Color.FromArgb(250, 250, 249)))
{
using (Font TextFont = new Font("Segoe UI", 9))
{
using (StringFormat SF = new StringFormat {
Alignment = StringAlignment.Center
})
{
G.DrawString(Text, TextFont, TextBrush, new Rectangle(0, Height / 2 - 9, Width, Height), SF);
}
}
}
}
}
// 重写异步处理程序
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
/*
* .netcore3.0 启用EndpointRouting后,权限filter不再添加到ActionDescriptor ,而将权限直接作为中间件运行,
* 同时所有filter都会添加到endpoint.Metadata。因此,文中的
* context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext不再成立。
*
* 解决方案有两个:
*
* 首先必须在 controller 上进行配置 Authorize ,可以策略授权,也可以角色等基本授权
*
* 1、开启公约, startup 中的全局授权过滤公约:o.Conventions.Insert(0, new GlobalRouteAuthorizeConvention());
*
* 2、不开启公约,使用 IHttpContextAccessor ,也能实现效果,但是不能自定义返回格式,详细看下边配置;
*/
// 将最新的角色和接口列表更新
var data = await RoleModulePermissionServices.GetRoleModule();
var list = (from item in data
where item.IsDeleted == false
orderby item.Id
select new PermissionItem
{
Url = item.Module?.LinkUrl,
Role = item.Role?.Name,
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
var filterContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext);
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext)?.HttpContext;
if (httpContext == null)
{
httpContext = _accessor.HttpContext;
}
//请求Url
if (httpContext != null)
{
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口,请确保已经登录!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
httpContext.Response.ContentType = "application/json";
await httpContext.Response.WriteAsync(payload);
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//权限中是否存在请求的url
//if (requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key?.ToLower() == questUrl).Count() > 0)
//if (isMatchUrl)
if (true)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
var isMatchRole = false;
var permisssionRoles = requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role));
foreach (var item in permisssionRoles)
{
try
{
if (Regex.Match(questUrl, item.Url?.ObjToString().ToLower())?.Value == questUrl)
{
isMatchRole = true;
break;
}
}
catch (Exception)
{
// ignored
}
}
//验证权限
//if (currentUserRoles.Count <= 0 || requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role) && w.Url.ToLower() == questUrl).Count() <= 0)
if (currentUserRoles.Count <= 0 || !isMatchRole)
{
// 可以在这里设置跳转页面
//context.Fail();
//return;
var payload = JsonConvert.SerializeObject(new { Code = "403", Message = "很抱歉,您的访问权限等级不够,联系管理员!" });
httpContext.Response.StatusCode = StatusCodes.Status403Forbidden;
httpContext.Response.ContentType = "application/json";
await httpContext.Response.WriteAsync(payload);
return;
}
}
//判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口,请确保已经登录!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
httpContext.Response.ContentType = "application/json";
await httpContext.Response.WriteAsync(payload);
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType))
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口,请确保已经登录!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
httpContext.Response.ContentType = "application/json";
await httpContext.Response.WriteAsync(payload);
return;
}
}
context.Succeed(requirement);
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
////赋值用户权限
Requirement = requirement;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext).HttpContext;
//请求Url
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
//var handlers = httpContext.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>();
//foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
//{
// var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name) as IAuthenticationRequestHandler;
// if (handler != null && await handler.HandleRequestAsync())
// {
// context.Fail();
// return;
// }
//}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
//权限中是否存在请求的url
if (Requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key.ToLower() == questUrl).Count() > 0)
{
var name = httpContext.User.Claims.SingleOrDefault(s => s.Type == requirement.ClaimType).Value;
//验证权限
if (Requirement.Permissions.Where(w => w.Name == name && w.Url.ToLower() == questUrl).Count() <= 0)
{
//无权限跳转到拒绝页面
httpContext.Response.Redirect(requirement.DeniedAction);
}
}
//判断过期时间
if (DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == "exp").Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并助是form表单提交类型,否则为失败
if (!questUrl.Equals(Requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") || !httpContext.Request.HasFormContentType))
{
context.Fail();
return;
}
context.Succeed(requirement);
}
/// <summary>
/// Compare a modified document node (this) to a previous one and look for breaking as well as non-breaking changes.
/// </summary>
/// <param name="context">The modified document context.</param>
/// <param name="previous">The original document model.</param>
/// <returns>A list of messages from the comparison.</returns>
public override IEnumerable <ComparisonMessage> Compare(
ComparisonContext <ServiceDefinition> context,
ServiceDefinition previousDefinition
)
{
if (context.CurrentRoot != this)
{
throw new ArgumentException("context.CurrentRoot != this");
}
if (context.PreviousRoot != previousDefinition)
{
throw new ArgumentException("context.PreviousRoot != previousDefinition");
}
if (previousDefinition == null)
{
throw new ArgumentException("Comparing a service definition with something else.");
}
base.Compare(context, previousDefinition);
if (Info?.Version != null &&
previousDefinition.Info?.Version != null)
{
context.PushProperty("info");
context.PushProperty("version");
CompareVersions(context, Info.Version, previousDefinition.Info.Version);
context.Pop();
context.Pop();
}
if (context.Strict)
{
// There was no version change between the documents. This is not an error, but noteworthy.
context.LogInfo(ComparisonMessages.NoVersionChange);
}
// Check that all the protocols of the old version are supported by the new version.
context.PushProperty("schemes");
foreach (var scheme in previousDefinition.Schemes)
{
if (!Schemes.Contains(scheme))
{
context.LogBreakingChange(ComparisonMessages.ProtocolNoLongerSupported, scheme);
}
}
context.Pop();
// Check that all the request body formats that were accepted still are.
context.PushProperty("consumes");
foreach (var format in previousDefinition.Consumes)
{
if (!Consumes.Contains(format))
{
context.LogBreakingChange(ComparisonMessages.RequestBodyFormatNoLongerSupported, format);
}
}
context.Pop();
// Check that all the response body formats were also supported by the old version.
context.PushProperty("produces");
foreach (var format in Produces)
{
if (!previousDefinition.Produces.Contains(format))
{
context.LogBreakingChange(ComparisonMessages.ResponseBodyFormatNowSupported, format);
}
}
context.Pop();
// Check that no paths were removed, and compare the paths that are still there.
var newPaths = RemovePathVariables(Paths);
context.PushProperty("paths");
foreach (var path in previousDefinition.Paths.Keys)
{
var p = ObjectPath.OpenApiPathName(path);
context.PushPathProperty(path);
if (!newPaths.TryGetValue(p, out var operations))
{
// Entrie path was removeed
context.LogBreakingChange(ComparisonMessages.RemovedPath, path);
}
else
{
// 1. Remove this path from the current list to find the added paths
newPaths.Remove(p);
var copyOfOperations = operations.ToDictionary(e => e.Key, e => e.Value);
// 2. look for operation match inside this path
var previousOperations = previousDefinition.Paths[path];
foreach (var previousOperation in previousOperations)
{
if (!operations.TryGetValue(previousOperation.Key, out var newOperation))
{
// Operation was removed from the path
context.LogBreakingChange(ComparisonMessages.RemovedOperation, previousOperation.Value.OperationId);
}
else
{
copyOfOperations.Remove(previousOperation.Key);
}
}
// Look for added operations
foreach (var copyOfOperation in copyOfOperations)
{
context.PushProperty(copyOfOperation.Key);
context.LogInfo(ComparisonMessages.AddedOperation);
context.Pop();
}
// Compare operations
foreach (var operation in operations)
{
if (previousDefinition.Paths[path].TryGetValue(operation.Key, out var previousOperation))
{
context.PushProperty(operation.Key);
operation.Value.Compare(context, previousOperation);
context.Pop();
}
}
}
context.Pop();
}
// Check wether any new paths are being added
foreach (var path in newPaths.Keys)
{
context.PushPathProperty(path);
context.LogInfo(ComparisonMessages.AddedPath);
context.Pop();
}
context.Pop();
// Check for custom paths : x-ms-paths
var newCustomPaths = RemovePathVariables(CustomPaths);
context.PushProperty("x-ms-paths");
foreach (var path in previousDefinition.CustomPaths.Keys)
{
var p = ObjectPath.OpenApiPathName(path);
context.PushPathProperty(path);
Dictionary <string, Operation> operations = null;
if (!newCustomPaths.TryGetValue(p, out operations))
{
context.LogBreakingChange(ComparisonMessages.RemovedPath, path);
}
else
{
// 1. Remove this custom path from the current list to find the added paths
newCustomPaths.Remove(p);
Dictionary <string, Operation> copyOfOperations = operations.ToDictionary(e => e.Key, e => e.Value);
// 2. look for operation match inside this path
Dictionary <string, Operation> previousOperations = previousDefinition.CustomPaths[path];
foreach (var previousOperation in previousOperations)
{
Operation newOperation = null;
if (!operations.TryGetValue(previousOperation.Key, out newOperation))
{
context.LogBreakingChange(ComparisonMessages.RemovedOperation, previousOperation.Value.OperationId);
}
}
// Look for added operations
foreach (var copyOfOperation in copyOfOperations)
{
context.PushProperty(copyOfOperation.Key);
context.LogInfo(ComparisonMessages.AddedOperation);
context.Pop();
}
// Compare operations
foreach (var operation in operations)
{
Operation previousOperation = null;
if (previousDefinition.CustomPaths[path].TryGetValue(operation.Key, out previousOperation))
{
context.PushProperty(operation.Key);
operation.Value.Compare(context, previousOperation);
context.Pop();
}
}
}
context.Pop();
}
// Check wether any new paths are being added into x-ms-paths
foreach (var path in newCustomPaths.Keys)
{
context.PushPathProperty(path);
context.LogInfo(ComparisonMessages.AddedPath);
context.Pop();
}
context.Pop();
ReferenceTrackSchemas(this);
ReferenceTrackSchemas(previousDefinition);
context.PushProperty("parameters");
foreach (var def in previousDefinition.Parameters.Keys)
{
SwaggerParameter parameter = null;
if (!Parameters.TryGetValue(def, out parameter))
{
context.LogBreakingChange(ComparisonMessages.RemovedClientParameter, def);
}
else
{
context.PushProperty(def);
parameter.Compare(context, previousDefinition.Parameters[def]);
context.Pop();
}
}
context.Pop();
context.PushProperty("responses");
foreach (var def in previousDefinition.Responses.Keys)
{
OperationResponse response = null;
if (!Responses.TryGetValue(def, out response))
{
context.LogBreakingChange(ComparisonMessages.RemovedDefinition, def);
}
else
{
context.PushProperty(def);
response.Compare(context, previousDefinition.Responses[def]);
context.Pop();
}
}
context.Pop();
context.PushProperty("definitions");
foreach (var def in previousDefinition.Definitions.Keys)
{
Schema schema = null;
Schema oldSchema = previousDefinition.Definitions[def];
if (!Definitions.TryGetValue(def, out schema))
{
if (oldSchema.IsReferenced)
{
// It's only an error if the definition is referenced in the old service.
context.LogBreakingChange(ComparisonMessages.RemovedDefinition, def);
}
}
else
{
context.PushProperty(def);
schema.Compare(context, previousDefinition.Definitions[def]);
context.Pop();
}
}
context.Pop();
context.Pop();
return(context.Messages);
}
public bool AddScheme(Schemes a)
{
return(admin.AddScheme(a));
}
/// <summary>
/// Compare a modified document node (this) to a previous one and look for breaking as well as non-breaking changes.
/// </summary>
/// <param name="context">The modified document context.</param>
/// <param name="previous">The original document model.</param>
/// <returns>A list of messages from the comparison.</returns>
public override IEnumerable <ComparisonMessage> Compare(ComparisonContext context, SwaggerBase previous)
{
if (previous == null)
{
throw new ArgumentNullException("previous");
}
context.CurrentRoot = this;
context.PreviousRoot = previous;
base.Compare(context, previous);
var previousDefinition = previous as ServiceDefinition;
if (previousDefinition == null)
{
throw new ArgumentException("Comparing a service definition with something else.");
}
if (Info != null && previousDefinition.Info != null)
{
context.PushProperty("info");
context.PushProperty("version");
CompareVersions(context, Info.Version, previousDefinition.Info.Version);
context.Pop();
context.Pop();
}
if (context.Strict)
{
// There was no version change between the documents. This is not an error, but noteworthy.
context.LogInfo(ComparisonMessages.NoVersionChange);
}
// Check that all the protocols of the old version are supported by the new version.
context.PushProperty("schemes");
foreach (var scheme in previousDefinition.Schemes)
{
if (!Schemes.Contains(scheme))
{
context.LogBreakingChange(ComparisonMessages.ProtocolNoLongerSupported, scheme);
}
}
context.Pop();
// Check that all the request body formats that were accepted still are.
context.PushProperty("consumes");
foreach (var format in previousDefinition.Consumes)
{
if (!Consumes.Contains(format))
{
context.LogBreakingChange(ComparisonMessages.RequestBodyFormatNoLongerSupported, format);
}
}
context.Pop();
// Check that all the response body formats were also supported by the old version.
context.PushProperty("produces");
foreach (var format in Produces)
{
if (!previousDefinition.Produces.Contains(format))
{
context.LogBreakingChange(ComparisonMessages.ResponseBodyFormatNowSupported, format);
}
}
context.Pop();
// Check that no paths were removed, and compare the paths that are still there.
var newPaths = RemovePathVariables(Paths);
context.PushProperty("paths");
foreach (var path in previousDefinition.Paths.Keys)
{
var p = Regex.Replace(path, @"\{\w*\}", @"{}");
context.PushProperty(path);
Dictionary <string, Operation> operations = null;
if (!newPaths.TryGetValue(p, out operations))
{
context.LogBreakingChange(ComparisonMessages.RemovedPath, path);
}
else
{
Dictionary <string, Operation> previousOperations = previousDefinition.Paths[path];
foreach (var previousOperation in previousOperations)
{
Operation newOperation = null;
if (!operations.TryGetValue(previousOperation.Key, out newOperation))
{
context.LogBreakingChange(ComparisonMessages.RemovedOperation, previousOperation.Value.OperationId);
}
}
foreach (var operation in operations)
{
Operation previousOperation = null;
if (previousDefinition.Paths[path].TryGetValue(operation.Key, out previousOperation))
{
context.PushProperty(operation.Key);
operation.Value.Compare(context, previousOperation);
context.Pop();
}
}
}
context.Pop();
}
context.Pop();
newPaths = RemovePathVariables(CustomPaths);
context.PushProperty("x-ms-paths");
foreach (var path in previousDefinition.CustomPaths.Keys)
{
var p = Regex.Replace(path, @"\{\w*\}", @"{}");
context.PushProperty(path);
Dictionary <string, Operation> operations = null;
if (!newPaths.TryGetValue(p, out operations))
{
context.LogBreakingChange(ComparisonMessages.RemovedPath, path);
}
else
{
Dictionary <string, Operation> previousOperations = previousDefinition.CustomPaths[path];
foreach (var previousOperation in previousOperations)
{
Operation newOperation = null;
if (!operations.TryGetValue(previousOperation.Key, out newOperation))
{
context.LogBreakingChange(ComparisonMessages.RemovedOperation, previousOperation.Value.OperationId);
}
}
foreach (var operation in operations)
{
Operation previousOperation = null;
if (previousDefinition.CustomPaths[path].TryGetValue(operation.Key, out previousOperation))
{
context.PushProperty(operation.Key);
operation.Value.Compare(context, previousOperation);
context.Pop();
}
}
}
context.Pop();
}
context.Pop();
ReferenceTrackSchemas(this);
ReferenceTrackSchemas(previousDefinition);
context.PushProperty("parameters");
foreach (var def in previousDefinition.Parameters.Keys)
{
SwaggerParameter parameter = null;
if (!Parameters.TryGetValue(def, out parameter))
{
context.LogBreakingChange(ComparisonMessages.RemovedClientParameter, def);
}
else
{
context.PushProperty(def);
parameter.Compare(context, previousDefinition.Parameters[def]);
context.Pop();
}
}
context.Pop();
context.PushProperty("responses");
foreach (var def in previousDefinition.Responses.Keys)
{
OperationResponse response = null;
if (!Responses.TryGetValue(def, out response))
{
context.LogBreakingChange(ComparisonMessages.RemovedDefinition, def);
}
else
{
context.PushProperty(def);
response.Compare(context, previousDefinition.Responses[def]);
context.Pop();
}
}
context.Pop();
context.PushProperty("definitions");
foreach (var def in previousDefinition.Definitions.Keys)
{
Schema schema = null;
Schema oldSchema = previousDefinition.Definitions[def];
if (!Definitions.TryGetValue(def, out schema))
{
if (oldSchema.IsReferenced)
{
// It's only an error if the definition is referenced in the old service.
context.LogBreakingChange(ComparisonMessages.RemovedDefinition, def);
}
}
else if (schema.IsReferenced && oldSchema.IsReferenced)
{
context.PushProperty(def);
schema.Compare(context, previousDefinition.Definitions[def]);
context.Pop();
}
}
context.Pop();
context.Pop();
return(context.Messages);
}
// 重载异步处理程序
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
// 将最新的角色和接口列表更新
var data = await RoleModulePermissionServices.GetRoleModule();
var list = (from item in data
where item.IsDeleted == false
orderby item.Id
select new PermissionItem
{
Url = item.Module?.LinkUrl,
Role = item.Role?.Name,
}).ToList();
requirement.Permissions = list;
//从AuthorizationHandlerContext转成HttpContext,以便取出表求信息
var filterContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext);
var httpContext = (context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext)?.HttpContext;
//请求Url
if (httpContext != null)
{
var questUrl = httpContext.Request.Path.Value.ToLower();
//判断请求是否停止
var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
foreach (var scheme in await Schemes.GetRequestHandlerSchemesAsync())
{
if (await handlers.GetHandlerAsync(httpContext, scheme.Name) is IAuthenticationRequestHandler handler && await handler.HandleRequestAsync())
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
filterContext.Result = new JsonResult(payload);
context.Succeed(requirement);
return;
}
}
//判断请求是否拥有凭据,即有没有登录
var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();
if (defaultAuthenticate != null)
{
var result = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);
//result?.Principal不为空即登录成功
if (result?.Principal != null)
{
httpContext.User = result.Principal;
// 取消对URL的判断,因为只需判断该角色下是否匹配当前URL即可,若不匹配都是无效请求
//var isMatchUrl = false;
//var permisssionGroup = requirement.Permissions.GroupBy(g => g.Url);
//foreach (var item in permisssionGroup)
//{
// try
// {
// if (Regex.Match(questUrl, item.Key?.ObjToString().ToLower())?.Value == questUrl)
// {
// isMatchUrl = true;
// break;
// }
// }
// catch (Exception)
// {
// }
//}
//权限中是否存在请求的url
//if (requirement.Permissions.GroupBy(g => g.Url).Where(w => w.Key?.ToLower() == questUrl).Count() > 0)
//if (isMatchUrl)
if (true)
{
// 获取当前用户的角色信息
var currentUserRoles = (from item in httpContext.User.Claims
where item.Type == requirement.ClaimType
select item.Value).ToList();
var isMatchRole = false;
var permisssionRoles = requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role));
foreach (var item in permisssionRoles)
{
try
{
if (Regex.Match(questUrl, item.Url?.ObjToString().ToLower())?.Value == questUrl)
{
isMatchRole = true;
break;
}
}
catch (Exception)
{
// ignored
}
}
//验证权限
//if (currentUserRoles.Count <= 0 || requirement.Permissions.Where(w => currentUserRoles.Contains(w.Role) && w.Url.ToLower() == questUrl).Count() <= 0)
if (currentUserRoles.Count <= 0 || !isMatchRole)
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "403", Message = "很抱歉,您无权访问该接口!" });
httpContext.Response.StatusCode = StatusCodes.Status403Forbidden;
filterContext.Result = new JsonResult(payload);
context.Succeed(requirement);
return;
// 可以在这里设置跳转页面,不过还是会访问当前接口地址的
//httpContext.Response.Redirect(requirement.DeniedAction);
}
}
//else
//{
// context.Fail();
// return;
//}
//判断过期时间(这里仅仅是最坏验证原则,你可以不要这个if else的判断,因为我们使用的官方验证,Token过期后上边的result?.Principal 就为 null 了,进不到这里了,因此这里其实可以不用验证过期时间,只是做最后严谨判断)
if ((httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) != null && DateTime.Parse(httpContext.User.Claims.SingleOrDefault(s => s.Type == ClaimTypes.Expiration)?.Value) >= DateTime.Now)
{
context.Succeed(requirement);
}
else
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
filterContext.Result = new JsonResult(payload);
context.Succeed(requirement);
return;
}
return;
}
}
//判断没有登录时,是否访问登录的url,并且是Post请求,并且是form表单提交类型,否则为失败
if (!questUrl.Equals(requirement.LoginPath.ToLower(), StringComparison.Ordinal) && (!httpContext.Request.Method.Equals("POST") ||
!httpContext.Request.HasFormContentType))
{
//context.Fail();
//return;
//自定义返回数据
var payload = JsonConvert.SerializeObject(new { Code = "401", Message = "很抱歉,您无权访问该接口!" });
httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
filterContext.Result = new JsonResult(payload);
}
}
context.Succeed(requirement);
}
/// <summary>
/// Add a transfer protocol
/// </summary>
/// <param name="scheme">
/// The scheme.
/// </param>
/// <returns>
/// The <see cref="OperationBuilder"/>.
/// </returns>
public OperationBuilder Scheme(Schemes scheme)
{
if (this.schemes == null)
{
this.schemes = new List<Schemes>();
}
this.schemes.Add(scheme);
return this;
}
