protected virtual void Authorization(UMC.Net.NetContext context)
{
var cookie = context.Cookies[Membership.SessionCookieName];// : CookieKey;
var sessionKey = String.Empty;
string contentType = "Client/" + context.UserHostAddress;
if (UMC.Data.Utility.IsApp(context.UserAgent))
{
contentType = "App/" + context.UserHostAddress;
}
if (String.IsNullOrEmpty(cookie) == false)
{
sessionKey = cookie;
}
var ns = new NameValueCollection();
var sign = String.Empty;
var hs = context.Headers;
for (var i = 0; i < hs.Count; i++)
{
var key = hs.GetKey(i);
switch (key.ToLower())
{
case "umc-request-sign":
sign = hs[i];
break;
default:
if (key.StartsWith("umc-"))
{
ns.Add(key, Uri.UnescapeDataString(hs[i]));
}
break;
}
}
if (String.IsNullOrEmpty(sign) == false)
{
if (String.Equals(Utility.Sign(ns, Data.WebResource.Instance().AppSecret()), sign, StringComparison.CurrentCultureIgnoreCase))
{
var roles = ns["umc-request-user-role"];
var id = ns["umc-request-user-id"];
var name = ns["umc-request-user-name"];
var alias = ns["umc-request-user-alias"];
var sid = Data.Utility.Guid(sessionKey, true).Value;
if (String.IsNullOrEmpty(roles) == false)
{
var user = UMC.Security.Identity.Create(Utility.Guid(id) ?? sid, name, alias, roles.Split(','));
UMC.Security.Principal.Create(user, UMC.Security.AccessToken.Create(user, sid, contentType, 0));
}
else
{
var user = UMC.Security.Identity.Create(Utility.Guid(id) ?? sid, name, alias);
UMC.Security.Principal.Create(user, UMC.Security.AccessToken.Create(user, sid, contentType, 0));
}
return;
}
}
if (String.IsNullOrEmpty(sessionKey))
{
var uid = Guid.NewGuid();
sessionKey = Utility.Guid(uid);
context.AppendCookie(Membership.SessionCookieName, sessionKey);
var user = new UMC.Security.Guest(uid);
UMC.Security.Principal.Create(user, UMC.Security.AccessToken.Create(user, uid, contentType, 0));
}
else
{
UMC.Security.Membership.Instance().Authorization(sessionKey, contentType);
}
}
protected virtual bool Authorization(UMC.Net.NetContext context)
{
var path = context.Url.LocalPath;
var paths = new List <string>(path.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries));
if (paths.Count > 0)
{
if (paths[paths.Count - 1].IndexOf('.') > -1)
{
paths.RemoveAt(paths.Count - 1);
}
}
else
{
return(false);
}
var CookieKey = String.Empty;
if (paths.Count == 2 || paths.Count >= 4)
{
CookieKey = paths[1];
}
var cookie = String.IsNullOrEmpty(CookieKey) ? context.Cookies[Membership.SessionCookieName] : CookieKey;
var sessionKey = Guid.Empty;
string contentType = "Client/" + context.UserHostAddress;
if (UMC.Data.Utility.IsApp(context.UserAgent))
{
contentType = "App/" + context.UserHostAddress;
}
if (String.IsNullOrEmpty(cookie) == false)
{
sessionKey = UMC.Data.Utility.Guid(cookie, true) ?? Guid.Empty;
}
if (sessionKey == Guid.Empty)
{
sessionKey = Guid.NewGuid();
context.AppendCookie(Membership.SessionCookieName, UMC.Data.Utility.Guid(sessionKey));
var user = new UMC.Security.Guest(sessionKey);
UMC.Security.Principal.Create(user, UMC.Security.AccessToken.Create(user, sessionKey, contentType, 0));
}
else
{
UMC.Security.Membership.Instance().Authorization(sessionKey, contentType);
}
var urf = context.UrlReferrer;
if (urf != null)
{
if (String.IsNullOrEmpty(urf.Query) == false)
{
var query = System.Web.HttpUtility.ParseQueryString(urf.Query.Substring(1));
var sp = UMC.Data.Utility.Guid(query["sp"]);
if (sp.HasValue)
{
if (String.Equals(UMC.Security.AccessToken.Get("Spread-Id"), sp.ToString()) == false)
{
UMC.Security.AccessToken.Set("Spread-Id", sp.ToString());
}
}
}
}
return(true);
}
