|
@@ -9,6 +9,7 @@ using DotNetCore.CAP.Dashboard.GatewayProxy; |
|
|
using DotNetCore.CAP.Dashboard.NodeDiscovery; |
|
|
using DotNetCore.CAP.Dashboard.NodeDiscovery; |
|
|
using Microsoft.AspNetCore.Authentication; |
|
|
using Microsoft.AspNetCore.Authentication; |
|
|
using Microsoft.AspNetCore.Authentication.Cookies; |
|
|
using Microsoft.AspNetCore.Authentication.Cookies; |
|
|
|
|
|
using Microsoft.AspNetCore.Authorization; |
|
|
using Microsoft.AspNetCore.Builder; |
|
|
using Microsoft.AspNetCore.Builder; |
|
|
using Microsoft.AspNetCore.Http; |
|
|
using Microsoft.AspNetCore.Http; |
|
|
using Microsoft.AspNetCore.Mvc; |
|
|
using Microsoft.AspNetCore.Mvc; |
|
@@ -44,6 +45,12 @@ namespace DotNetCore.CAP |
|
|
app.Map(options.PathMatch + "/api", false, x => |
|
|
app.Map(options.PathMatch + "/api", false, x => |
|
|
{ |
|
|
{ |
|
|
|
|
|
|
|
|
|
|
|
IAuthorizationService authService = null; |
|
|
|
|
|
if (!String.IsNullOrEmpty(options.AuthorizationPolicy)) |
|
|
|
|
|
{ |
|
|
|
|
|
authService = app.ApplicationServices.GetService<IAuthorizationService>(); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
var builder = new RouteBuilder(x); |
|
|
var builder = new RouteBuilder(x); |
|
|
|
|
|
|
|
|
var methods = typeof(RouteActionProvider).GetMethods(BindingFlags.Instance | BindingFlags.Public); |
|
|
var methods = typeof(RouteActionProvider).GetMethods(BindingFlags.Instance | BindingFlags.Public); |
|
@@ -64,6 +71,12 @@ namespace DotNetCore.CAP |
|
|
return; |
|
|
return; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (!await Authorize(request, response, options, authService)) |
|
|
|
|
|
{ |
|
|
|
|
|
response.StatusCode = StatusCodes.Status401Unauthorized; |
|
|
|
|
|
return; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
var actionProvider = new RouteActionProvider(request, response, data); |
|
|
var actionProvider = new RouteActionProvider(request, response, data); |
|
|
try |
|
|
try |
|
|
{ |
|
|
{ |
|
@@ -88,6 +101,12 @@ namespace DotNetCore.CAP |
|
|
return; |
|
|
return; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (!await Authorize(request, response, options, authService)) |
|
|
|
|
|
{ |
|
|
|
|
|
response.StatusCode = StatusCodes.Status401Unauthorized; |
|
|
|
|
|
return; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
var actionProvider = new RouteActionProvider(request, response, data); |
|
|
var actionProvider = new RouteActionProvider(request, response, data); |
|
|
try |
|
|
try |
|
|
{ |
|
|
{ |
|
@@ -144,5 +163,18 @@ namespace DotNetCore.CAP |
|
|
|
|
|
|
|
|
return true; |
|
|
return true; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
internal static async Task<bool> Authorize(HttpRequest request, HttpResponse response, DashboardOptions options, IAuthorizationService authservice) |
|
|
|
|
|
{ |
|
|
|
|
|
if (!String.IsNullOrEmpty(options.AuthorizationPolicy) && (authservice != null)) |
|
|
|
|
|
{ |
|
|
|
|
|
AuthorizationResult authorizationResult = await authservice.AuthorizeAsync(request.HttpContext.User, null, options.AuthorizationPolicy); |
|
|
|
|
|
if (!authorizationResult.Succeeded) |
|
|
|
|
|
{ |
|
|
|
|
|
return false; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
return true; |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |