lichunlei
/
KxsConfigNew


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
							using System.Text;
using System.Web;
using Common;
using Extensions;
using Infrastructure;
using Infrastructure.Model;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Services;

//本命名空间暂时先不改，改动比较大2023年9月2日
namespace Filters
{
    /// <summary>
    /// </summary>
    public class AuthorizationFilter : IAuthorizationFilter
    {
        
        private readonly ISysLoginService SysLoginService;

        public AuthorizationFilter(ISysLoginService sysLoginService)
        {
            this.SysLoginService = sysLoginService;
        }

        /// <summary>
        /// </summary>
        /// <param name="context"></param>
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var request = context.HttpContext.Request;
            if(!request.Path.Value.ToLower().Contains("noauth/"))
            {
                string content = "";
                if(context.HttpContext.Request.Method.ToLower() == "get")
                {
                    content = context.HttpContext.GetQueryString();
                    content = content.Substring(content.IndexOf("=") + 1);
                    content = HttpUtility.UrlDecode(content);
                    content = Decrypt(content);
                    if(!string.IsNullOrEmpty(content))
                    {
                        Dictionary<string, string> dic = Newtonsoft.Json.JsonConvert.DeserializeObject<Dictionary<string, string>>(content);
                        string queryString = "";
                        foreach(string key in dic.Keys)
                        {
                            queryString += key + "=" + dic[key] + "&";
                        }
                        request.QueryString = new QueryString("?" + queryString.TrimEnd('&'));
                    }
                }
                else if(context.HttpContext.Request.Method.ToLower() == "delete")
                {
                    string path = request.Path.Value;
                    string value = path.Substring(path.LastIndexOf("/") + 1);
                    path = path.Substring(0, path.LastIndexOf("/") + 1);
                    value = Decrypt(value);
                    path += value;
                    request.Path = new PathString(path);
                    request.RouteValues["id"] = value;
                }
                else
                {
                    content = context.HttpContext.GetBody();
                    content = Decrypt(content);
                    //{"username":"admin","password":"000000"}
                    request.Body = new MemoryStream(Encoding.UTF8.GetBytes(content));

                    //验证登录接口
                    if(request.Path.Value.EndsWith("/oauth2/token"))
                    {
                        var scope = request.Query["scope"].ToString();
                        var grantType = request.Query["grant_type"].ToString();
                        bool checkLogin = SysLoginService.CheckLogin(scope, grantType, context.HttpContext.GetToken().Replace("Basic ", ""));
                        if(!checkLogin)
                        {
                            string msg = $"请求访问失败，无法访问系统资源";
                            context.Result = new JsonResult(ApiResult.Error(ResultCode.DENY, msg));
                        }
                    }
                }
            }
        }

        public string Decrypt(string str)
        {
            str = str.Trim('"');
            str = Encoding.UTF8.GetString(Convert.FromBase64String(str));
            return Dbconn.AesDecrypt(str, Base.GlobalConstant.ApiKey, Base.GlobalConstant.ApiIv);
        }
    }
}