feat: 新增授权异常处理器

Author: jianxuanbing

framework/src/Bing.AspNetCore/Bing/AspNetCore/ExceptionHandling/BingAuthorizationExceptionHandlerOptions.cs

@@ -0,0 +1,13 @@
+namespace Bing.AspNetCore.ExceptionHandling
+{
+    /// <summary>
+    /// 授权异常处理器选项配置
+    /// </summary>
+    public class BingAuthorizationExceptionHandlerOptions
+    {
+        /// <summary>
+        /// 认证方案
+        /// </summary>
+        public string AuthenticationScheme { get; set; }
+    }
+}

framework/src/Bing.AspNetCore/Bing/AspNetCore/ExceptionHandling/DefaultBingAuthorizationExceptionHandler.cs

@@ -0,0 +1,64 @@
+using System.Threading.Tasks;
+using Bing.Authorization;
+using Bing.DependencyInjection;
+using Bing.Exceptions;
+using Bing.Text;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+
+namespace Bing.AspNetCore.ExceptionHandling
+{
+    /// <summary>
+    /// 授权异常处理器
+    /// </summary>
+    public class DefaultBingAuthorizationExceptionHandler : IBingAuthorizationExceptionHandler, ITransientDependency
+    {
+        /// <summary>
+        /// 处理
+        /// </summary>
+        /// <param name="exception">授权异常</param>
+        /// <param name="httpContext">Http上下文</param>
+        public virtual async Task HandleAsync(BingAuthorizationException exception, HttpContext httpContext)
+        {
+            var handlerOptions = httpContext.RequestServices
+                .GetRequiredService<IOptions<BingAuthorizationExceptionHandlerOptions>>().Value;
+            var isAuthenticated = httpContext.User.Identity?.IsAuthenticated ?? false;
+            var authenticationSchemeProvider =
+                httpContext.RequestServices.GetRequiredService<IAuthenticationSchemeProvider>();
+
+            AuthenticationScheme scheme = null;
+            if (!handlerOptions.AuthenticationScheme.IsNullOrWhiteSpace())
+            {
+                scheme = await authenticationSchemeProvider.GetSchemeAsync(handlerOptions.AuthenticationScheme);
+                if (scheme == null)
+                    throw new Warning($"No authentication scheme named {handlerOptions.AuthenticationScheme} was found.");
+            }
+            else
+            {
+                if (isAuthenticated)
+                {
+                    scheme = await authenticationSchemeProvider.GetDefaultForbidSchemeAsync();
+                    if (scheme == null)
+                        throw new Warning($"There was no DefaultForbidScheme found.");
+                }
+                else
+                {
+                    scheme = await authenticationSchemeProvider.GetDefaultChallengeSchemeAsync();
+                    if (scheme == null)
+                        throw new Warning($"There was no DefaultForbidScheme found.");
+                }
+            }
+
+            var handlers = httpContext.RequestServices.GetRequiredService<IAuthenticationHandlerProvider>();
+            var handler = await handlers.GetHandlerAsync(httpContext, scheme.Name);
+            if (handler == null)
+                throw new Warning($"No handler of {scheme.Name} was found.");
+            if (isAuthenticated)
+                await handler.ForbidAsync(null);
+            else
+                await handler.ChallengeAsync(null);
+        }
+    }
+}

framework/src/Bing.AspNetCore/Bing/AspNetCore/ExceptionHandling/IBingAuthorizationExceptionHandler.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using Bing.Authorization;
+using Microsoft.AspNetCore.Http;
+
+namespace Bing.AspNetCore.ExceptionHandling
+{
+    /// <summary>
+    /// 授权异常处理器
+    /// </summary>
+    public interface IBingAuthorizationExceptionHandler
+    {
+        /// <summary>
+        /// 处理
+        /// </summary>
+        /// <param name="exception">授权异常</param>
+        /// <param name="httpContext">Http上下文</param>
+        Task HandleAsync(BingAuthorizationException exception, HttpContext httpContext);
+    }
+}

framework/src/Bing.AspNetCore/Bing/AspNetCore/Extensions/Extensions.ServiceCollection.cs

@@ -1,6 +1,5 @@
 using Bing.AspNetCore.Mvc;
 using Bing.AspNetCore.Uploads;
-using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 
@@ -37,20 +36,5 @@ public static class BingServiceCollectionExtensions
         /// <param name="services">服务集合</param>
         public static void AddApiInterfaceService<TApiInterfaceService>(this IServiceCollection services) where TApiInterfaceService : class, IApiInterfaceService =>
             services.TryAddSingleton<IApiInterfaceService, TApiInterfaceService>();
-
-#if NETCOREAPP3_0 || NETCOREAPP3_1 || NET5_0
-        /// <summary>
-        /// 获取<see cref="IWebHostEnvironment"/>环境信息
-        /// </summary>
-        /// <param name="services">服务集合</param>
-        public static IWebHostEnvironment GetWebHostEnvironment(this IServiceCollection services) => services.GetSingletonInstance<IWebHostEnvironment>();
-#elif NETSTANDARD2_0
-        /// <summary>
-        /// 获取<see cref="IHostingEnvironment"/>环境信息
-        /// </summary>
-        /// <param name="services">服务集合</param>
-        public static IHostingEnvironment GetHostingEnvironment(this IServiceCollection services) => services.GetSingletonInstance<IHostingEnvironment>();
-#endif
-
     }
 }

framework/src/Bing.AspNetCore/Bing/AspNetCore/Security/Claims/BingClaimsMapMiddleware.cs

@@ -22,10 +22,7 @@ public class BingClaimsMapMiddleware : IMiddleware
         /// 初始化一个<see cref="BingClaimsMapMiddleware"/>类型的实例
         /// </summary>
         /// <param name="next">方法</param>
-        public BingClaimsMapMiddleware(RequestDelegate next)
-        {
-            _next = next;
-        }
+        public BingClaimsMapMiddleware(RequestDelegate next) => _next = next;
 
         /// <summary>
         /// 执行中间件拦截逻辑

framework/src/Bing.AspNetCore/Bing/AspNetCore/Tracing/BingCorrelationIdMiddleware.cs

@@ -46,7 +46,6 @@ public async Task InvokeAsync(HttpContext context)
         {
             var correlationId = _correlationIdProvider.Get();
             TraceIdContext.Current ??= new TraceIdContext(correlationId);
-            CheckAndSetCorrelationIdOnResponse(context, _options, correlationId);
             try
             {
                 await _next(context);

framework/src/Bing.AspNetCore/Microsoft/AspNetCore/Http/BingHttpRequestExtensions.cs

@@ -1,4 +1,6 @@
-using Bing.Helpers;
+using System;
+using Bing.Helpers;
+using Microsoft.Net.Http.Headers;
 
 namespace Microsoft.AspNetCore.Http
 {
@@ -10,7 +12,7 @@ public static class BingHttpRequestExtensions
         /// <summary>
         /// 请求头：X-Requested-With
         /// </summary>
-        private const string RequestedWithHeader = "X-Requested-With";
+        private const string XRequestedWith = "X-Requested-With";
 
         /// <summary>
         /// 请求头值：XMLHttpRequest
@@ -26,7 +28,8 @@ public static bool IsAjax(this HttpRequest request)
             Check.NotNull(request, nameof(request));
             if (request.Headers == null)
                 return false;
-            return request.Headers[RequestedWithHeader] == XmlHttpRequest;
+            return string.Equals(request.Query[XRequestedWith], XmlHttpRequest, StringComparison.Ordinal) ||
+                   string.Equals(request.Headers[XRequestedWith], XmlHttpRequest, StringComparison.Ordinal);
         }
 
         /// <summary>
@@ -38,7 +41,11 @@ public static bool CanAccept(this HttpRequest request, string contentType)
         {
             Check.NotNull(request, nameof(request));
             Check.NotNull(contentType, nameof(contentType));
-            return request.Headers["Accept"].ToString().Contains(contentType);
+#if NETCOREAPP3_0 || NETCOREAPP3_1 || NET5_0
+            return request.Headers[HeaderNames.Accept].ToString().Contains(contentType, StringComparison.OrdinalIgnoreCase);
+#elif NETSTANDARD2_0
+            return request.Headers[HeaderNames.Accept].ToString().Contains(contentType);
+#endif
         }
     }
 }

framework/src/Bing.AspNetCore/Microsoft/Extensions/DependencyInjection/BingAspNetCoreServiceCollectionExtensions.cs

@@ -0,0 +1,24 @@
+using Microsoft.AspNetCore.Hosting;
+
+namespace Microsoft.Extensions.DependencyInjection
+{
+    /// <summary>
+    /// 服务集合(<see cref="IServiceCollection"/>) 扩展
+    /// </summary>
+    public static class BingAspNetCoreServiceCollectionExtensions
+    {
+#if NETCOREAPP3_0 || NETCOREAPP3_1 || NET5_0
+        /// <summary>
+        /// 获取<see cref="IWebHostEnvironment"/>环境信息
+        /// </summary>
+        /// <param name="services">服务集合</param>
+        public static IWebHostEnvironment GetWebHostEnvironment(this IServiceCollection services) => services.GetSingletonInstance<IWebHostEnvironment>();
+#elif NETSTANDARD2_0
+        /// <summary>
+        /// 获取<see cref="IHostingEnvironment"/>环境信息
+        /// </summary>
+        /// <param name="services">服务集合</param>
+        public static IHostingEnvironment GetHostingEnvironment(this IServiceCollection services) => services.GetSingletonInstance<IHostingEnvironment>();
+#endif
+    }
+}