aspnetcore 认证和授权
public class EAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions> { private readonly IHttpContextAccessor _httpContextAccessor; public EAuthenticationHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, IHttpContextAccessor httpContextAccessor) : base(options, logger, encoder, clock) { _httpContextAccessor = httpContextAccessor; } protected override async Task<AuthenticateResult> HandleAuthenticateAsync() { Console.WriteLine("HandleAuthenticateAsync "); const string headerKey = "authorization"; var header = _httpContextAccessor.HttpContext.Request.Headers; if (header.ContainsKey(headerKey)) { var claims = new List<Claim> { new Claim(headerKey, header[headerKey]) }; var identity = new ClaimsIdentity(claims, headerKey); var identities = new List<ClaimsIdentity> { identity }; var principal = new ClaimsPrincipal(identities); var ticket = new AuthenticationTicket(principal, headerKey); return AuthenticateResult.Success(ticket); } return AuthenticateResult.NoResult(); } protected override async Task HandleChallengeAsync(AuthenticationProperties properties) { Console.WriteLine("HandleChallengeAsync "); Response.ContentType = "application/json"; Response.StatusCode = StatusCodes.Status401Unauthorized; await Response.WriteAsync(JsonConvert.SerializeObject(new { Code = "401"})); } protected override async Task HandleForbiddenAsync(AuthenticationProperties properties) { Console.WriteLine("HandleForbiddenAsync "); Response.ContentType = "application/json"; Response.StatusCode = StatusCodes.Status403Forbidden; await Response.WriteAsync(JsonConvert.SerializeObject(new { Code = "403" })); } } public class EAuthorizationService : DefaultAuthorizationService, IAuthorizationService { private readonly IHttpContextAccessor _httpContextAccessor; public EAuthorizationService(IAuthorizationPolicyProvider policyProvider, IAuthorizationHandlerProvider handlers, ILogger<DefaultAuthorizationService> logger, IAuthorizationHandlerContextFactory contextFactory, IAuthorizationEvaluator evaluator, IOptions<AuthorizationOptions> options, IHttpContextAccessor httpContextAccessor) : base(policyProvider, handlers, logger, contextFactory, evaluator, options) { _httpContextAccessor = httpContextAccessor; } public async new Task<AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable<IAuthorizationRequirement> requirements) { Console.WriteLine("EAuthorizationService -- requirements"); var header = _httpContextAccessor.HttpContext.Request.Headers; const string OpenId = "OpenId"; if (header.ContainsKey(OpenId)) { Console.WriteLine("OpenId = " + header[OpenId]); var isExist = true;// 缓存中判断是否有效 if (isExist) { return AuthorizationResult.Success(); } return AuthorizationResult.Failed(); } else { Console.WriteLine("base.AuthorizeAsync"); var res = await base.AuthorizeAsync(user, resource, requirements); return res; } } public new Task<AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName) { Console.WriteLine("EAuthorizationService -- policyName"); var res = base.AuthorizeAsync(user, resource, policyName); return res; } }
services.AddHttpContextAccessor(); services.AddAuthentication(x => { x.AddScheme<EAuthenticationHandler>("e", "e"); x.DefaultAuthenticateScheme = "e"; x.DefaultChallengeScheme = "e"; }); services.AddAuthorization(); services.AddSingleton<IAuthorizationService, EAuthorizationService>();
posted on 2022-04-02 09:08 jonney_wang 阅读(169) 评论(0) 编辑 收藏 举报