Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
lichunlei
/
KxsConfigNew
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: cdc0662367
Atzari Tagi
KxsConfigNew
/
Filters
/
AuthorizationFilter.cs

AuthorizationFilter.cs 6.7 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136 
  1. using System.Text;
    2. 

  2. using System.Web;
    3. 

  3. using Common;
    4. 

  4. using Extensions;
    5. 

  5. using Infrastructure;
    6. 

  6. using Infrastructure.Model;
    7. 

  7. using Microsoft.AspNetCore.Mvc;
    8. 

  8. using Microsoft.AspNetCore.Mvc.Filters;
    9. 

  9. using Services;
    10. 

  10. 

  11. //本命名空间暂时先不改,改动比较大2023年9月2日
    12. 

  12. namespace Filters
    13. 

  13. {
    14. 

  14.     /// <summary>
    15. 

  15.     /// </summary>
    16. 

  16.     public class AuthorizationFilter : IAuthorizationFilter
    17. 

  17.     {
    18. 

  18.         
    19. 

  19.         private readonly ISysLoginService SysLoginService;
    20. 

  20. 

  21.         public AuthorizationFilter(ISysLoginService sysLoginService)
    22. 

  22.         {
    23. 

  23.             this.SysLoginService = sysLoginService;
    24. 

  24.         }
    25. 

  25. 

  26.         /// <summary>
    27. 

  27.         /// </summary>
    28. 

  28.         /// <param name="context"></param>
    29. 

  29.         public void OnAuthorization(AuthorizationFilterContext context)
    30. 

  30.         {
    31. 

  31.             var request = context.HttpContext.Request;
    32. 

  32.             if(!request.Path.Value.ToLower().Contains("noauth/"))
    33. 

  33.             {
    34. 

  34.                 string content = "";
    35. 

  35.                 if(context.HttpContext.Request.Method.ToLower() == "get")
    36. 

  36.                 {
    37. 

  37.                     content = context.HttpContext.GetQueryString();
    38. 

  38.                     content = content.Substring(content.IndexOf("=") + 1);
    39. 

  39.                     content = HttpUtility.UrlDecode(content);
    40. 

  40.                     content = Decrypt(content);
    41. 

  41.                     if(!string.IsNullOrEmpty(content))
    42. 

  42.                     {
    43. 

  43.                         Dictionary<string, object> dic = Newtonsoft.Json.JsonConvert.DeserializeObject<Dictionary<string, object>>(content);
    44. 

  44. 

  45.                         string queryString = "";
    46. 

  46.                         var parameters = context.ActionDescriptor.Parameters;
    47. 

  47.                         foreach(var parameter in parameters)
    48. 

  48.                         {
    49. 

  49.                             string parameterName = parameter.Name;
    50. 

  50.                             Type objectType = parameter.ParameterType;
    51. 

  51.                             if(objectType.FullName != "System.String")
    52. 

  52.                             {
    53. 

  53.                                 System.Reflection.Assembly assembly = System.Reflection.Assembly.GetAssembly(objectType);
    54. 

  54.                                 var entry = assembly.CreateInstance(objectType.FullName);
    55. 

  55.                                 Type type = entry.GetType();
    56. 

  56.                                 System.Reflection.PropertyInfo[] propertyInfos = type.GetProperties();
    57. 

  57.                                 for (int i = 0; i < propertyInfos.Length; i++)
    58. 

  58.                                 {
    59. 

  59.                                     foreach (string key in dic.Keys)
    60. 

  60.                                     {
    61. 

  61.                                         if (propertyInfos[i].Name == key)
    62. 

  62.                                         {
    63. 

  63.                                             object value = dic[key];
    64. 

  64.                                             string ParameterType = propertyInfos[i].GetMethod.ReturnParameter.ParameterType.Name;
    65. 

  65.                                             if (ParameterType == "Int32")
    66. 

  66.                                             {
    67. 

  67.                                                 if(value == null || value == "") value = "0";
    68. 

  68.                                                 value = Convert.ToInt32(value);
    69. 

  69.                                             }
    70. 

  70.                                             else if (ParameterType == "Int64[]")
    71. 

  71.                                             {
    72. 

  72.                                                 value = Tools.SpitLongArrary(Newtonsoft.Json.JsonConvert.SerializeObject(value).Replace("[", "").Replace("]", "").Trim('"'), ',');
    73. 

  73.                                             }
    74. 

  74.                                             else if (ParameterType == "Int32[]")
    75. 

  75.                                             {
    76. 

  76.                                                 value = Tools.SpitIntArrary(Newtonsoft.Json.JsonConvert.SerializeObject(value).Replace("[", "").Replace("]", "").Trim('"'), ',');
    77. 

  77.                                             }
    78. 

  78.                                             else if (ParameterType == "List`1")
    79. 

  79.                                             {
    80. 

  80.                                                 string val = Newtonsoft.Json.JsonConvert.SerializeObject(value).Replace("[", "").Replace("]", "").Trim('"');
    81. 

  81.                                                 value = Tools.SpitLongArrary(val, ',').ToList();
    82. 

  82.                                             }
    83. 

  83.                                             if(value.ToString() == "-1") value = -1;
    84. 

  84.                                             if(value.ToString() == "[]") value = "";
    85. 

  85.                                             queryString += key + "=" + value.ToString() + "&";
    86. 

  86.                                             break;
    87. 

  87.                                         }
    88. 

  88.                                     }
    89. 

  89.                                 }
    90. 

  90.                             }
    91. 

  91.                         }
    92. 

  92. 

  93.                         request.QueryString = new QueryString("?" + queryString.TrimEnd('&'));
    94. 

  94.                     }
    95. 

  95.                 }
    96. 

  96.                 else if(context.HttpContext.Request.Method.ToLower() == "delete")
    97. 

  97.                 {
    98. 

  98.                     string path = request.Path.Value;
    99. 

  99.                     string value = path.Substring(path.LastIndexOf("/") + 1);
    100. 

  100.                     path = path.Substring(0, path.LastIndexOf("/") + 1);
    101. 

  101.                     value = Decrypt(value);
    102. 

  102.                     path += value;
    103. 

  103.                     request.Path = new PathString(path);
    104. 

  104.                     request.RouteValues["id"] = value;
    105. 

  105.                 }
    106. 

  106.                 else
    107. 

  107.                 {
    108. 

  108.                     content = context.HttpContext.GetBody();
    109. 

  109.                     content = Decrypt(content);
    110. 

  110.                     //{"username":"admin","password":"000000"}
    111. 

  111.                     request.Body = new MemoryStream(Encoding.UTF8.GetBytes(content));
    112. 

  112. 

  113.                     //验证登录接口
    114. 

  114.                     if(request.Path.Value.EndsWith("/oauth2/token"))
    115. 

  115.                     {
    116. 

  116.                         var scope = request.Query["scope"].ToString();
    117. 

  117.                         var grantType = request.Query["grant_type"].ToString();
    118. 

  118.                         bool checkLogin = SysLoginService.CheckLogin(scope, grantType, context.HttpContext.GetToken().Replace("Basic ", ""));
    119. 

  119.                         if(!checkLogin)
    120. 

  120.                         {
    121. 

  121.                             string msg = $"请求访问失败,无法访问系统资源";
    122. 

  122.                             context.Result = new JsonResult(ApiResult.Error(ResultCode.DENY, msg));
    123. 

  123.                         }
    124. 

  124.                     }
    125. 

  125.                 }
    126. 

  126.             }
    127. 

  127.         }
    128. 

  128. 

  129.         public string Decrypt(string str)
    130. 

  130.         {
    131. 

  131.             str = str.Trim('"');
    132. 

  132.             str = Encoding.UTF8.GetString(Convert.FromBase64String(str));
    133. 

  133.             return Dbconn.AesDecrypt(str, Base.GlobalConstant.ApiKey, Base.GlobalConstant.ApiIv);
    134. 

  134.         }
    135. 

  135.     }
    136. 

  136. }
    137.