代碼調整

TEAMModelOS.SDK/DI/AzureCosmos/AzureCosmosFactory.cs

@@ -1,7 +1,5 @@
 using Azure;
 using Azure.Cosmos;
-using DocumentFormat.OpenXml.Office2010.ExcelAc;
-using Microsoft.Azure.Cosmos;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -15,9 +13,6 @@ using TEAMModelOS.SDK.Context.Attributes.Azure;
 using TEAMModelOS.SDK.Context.Configuration;
 using TEAMModelOS.SDK.DI.AzureCosmos.Inner;
 using TEAMModelOS.SDK.Helper.Common.ReflectorExtensions;
-using ContainerProperties = Azure.Cosmos.ContainerProperties;
-using CosmosClient = Azure.Cosmos.CosmosClient;
-using CosmosClientOptions = Azure.Cosmos.CosmosClientOptions;
 using OpenXmlPowerTools;
 using System.Diagnostics;
 using System.IO;
@@ -29,7 +24,6 @@ using System.Text.Json;
 using System.Threading;
 using TEAMModelOS.SDK.Context.Exception;
 using TEAMModelOS.SDK.DI;
-using PartitionKey = Azure.Cosmos.PartitionKey;
 
 namespace TEAMModelOS.SDK.DI
 {

TEAMModelOS.SDK/Extension/HttpContextExtensions.cs

@@ -60,6 +60,20 @@ namespace TEAMModelOS.SDK.Extension
             }
         }
 
+        /// <summary>
+        /// 取得AuthToken權杖資訊
+        /// </summary>        
+        /// <param name="key">Key Name</param>
+        /// <returns></returns>
+        public static (string id,string school) GetAuthTokenInfo(this HttpContext httpContext, string key = null)
+        {            
+                object id= null, school = null;
+                httpContext?.Items.TryGetValue("ID", out id);
+                httpContext?.Items.TryGetValue("School", out school);
+
+                return (id?.ToString(), school?.ToString());          
+        }
+
         /// <summary>
         /// 取得User-Agent值
         /// </summary>       

TEAMModelOS/Controllers/Client/HiTeachController.cs

@@ -14,6 +14,7 @@ using System.Text;
 using System.Text.Json;
 using System.Threading.Tasks;
 using TEAMModelOS.Models;
+using TEAMModelOS.Filter;
 using TEAMModelOS.SDK.DI;
 using TEAMModelOS.SDK.Extension;
 
@@ -138,9 +139,11 @@ namespace TEAMModelOS.Controllers.Client
         [ProducesResponseType(StatusCodes.Status400BadRequest)]
         [ProducesDefaultResponseType]
         [HttpPost("GetSchoolInfo")]
-        [AuthToken(Roles ="Admin,Teacher",Permissions = "classroom-read,classroom-upd")]
+        [AuthToken(Roles = "Admin,Teacher", Permissions = "classroom-read,classroom-upd")]
         public async Task<IActionResult> GetSchoolInfo(JsonElement requert)
         {
+            var (id, school) = HttpContext.GetAuthTokenInfo(); //此API有設置權杖，需要取得權杖使用者id及當前學校代碼(學校不一定有)
+
             if (!requert.TryGetProperty("id_token", out JsonElement id_token)) return BadRequest();
             //if (!requert.TryGetProperty("school_code", out JsonElement school_code)) return BadRequest();
             var jwt = new JwtSecurityToken(id_token.GetString());

TEAMModelOS/Controllers/Client/Filter/AuthTokenAttribute.cs

@@ -8,7 +8,7 @@ using Microsoft.Extensions.DependencyInjection;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
 
-namespace TEAMModelOS.Controllers.Client
+namespace TEAMModelOS.Filter
 {
     public class AuthTokenAttribute : Attribute, IFilterFactory
     {
@@ -25,8 +25,8 @@ namespace TEAMModelOS.Controllers.Client
         private class InternalAuthTokenFilter : IResourceFilter
         {
             private readonly Option _option;
-            private readonly string _roles ;
-            private readonly string _permissions ;
+            private readonly string _roles;
+            private readonly string _permissions;
 
             public InternalAuthTokenFilter(IOptions<Option> option, string roles, string permissions)
             {
@@ -37,10 +37,13 @@ namespace TEAMModelOS.Controllers.Client
             public void OnResourceExecuting(ResourceExecutingContext context)
             {
                 bool pass = false;
+                string id = string.Empty, school = string.Empty;
                 var authtoken = context.HttpContext.GetXAuth("AuthToken");
                 if (!string.IsNullOrWhiteSpace(authtoken) && JwtAuthExtension.ValidateAuthToken(authtoken, _option.JwtSecretKey))
                 {
                     var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authtoken);
+                    id = jwt.Payload.Sub;
+                    school = jwt.Payload.Azp;
                     if (!string.IsNullOrWhiteSpace(_roles))
                     {
                         var roles = jwt.Claims.Where(c => c.Type == "roles");
@@ -57,7 +60,7 @@ namespace TEAMModelOS.Controllers.Client
                     {
                         var permissions = jwt.Claims.Where(c => c.Type == "permissions");
                         foreach (var permission in permissions)
-                        {                            
+                        {
                             if (_permissions.Contains(permission.Value, StringComparison.Ordinal))
                             {
                                 pass = true;
@@ -67,7 +70,13 @@ namespace TEAMModelOS.Controllers.Client
                     }
                 }
 
-                if (!pass) context.Result = new BadRequestResult();               
+                if (pass)
+                {
+                    context.HttpContext.Items.Add("ID", id);
+                    context.HttpContext.Items.Add("School", school);
+                }
+                else
+                    context.Result = new BadRequestResult();
             }
 
             public void OnResourceExecuted(ResourceExecutedContext context)