updateb

TEAMModelBI/Filter/RequestAuditFilter.cs

@@ -49,7 +49,7 @@ namespace TEAMModelOS.Filter
 
             
             // 获取来源 Url 地址
-           //var refererUrl = httpRequest.GetRefererUrlAddress();
+           var refererUrl = httpRequest.GetRefererUrlAddress();
 
             // 获取请求参数（写入日志，需序列化成字符串后存储）
             var parameters = context.ActionArguments;
@@ -67,12 +67,18 @@ namespace TEAMModelOS.Filter
                     client = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("roles"))?.Value;
                 } catch (Exception ex ) { }
             }
-            string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty;
+            string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, scope = string.Empty;
             if (!string.IsNullOrWhiteSpace(authtoken)) {
                 var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authtoken);
                 id = jwt.Payload.Sub;
                 school = jwt.Payload.Azp;
                 name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name"))?.Value;
+                scope = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("scope"))?.Value;
+            }
+            string secChUaPlatform = string.Empty;
+            if (httpContext.Request.Headers.TryGetValue("Sec-Ch-Ua-Platform", out var values))
+            {
+                secChUaPlatform = values.FirstOrDefault();
             }
             // 请求时间
             var requestedTime = DateTimeOffset.Now.GetGMTTime(8).ToUnixTimeMilliseconds();
@@ -88,19 +94,24 @@ namespace TEAMModelOS.Filter
             // var stackTrace = EnhancedStackTrace.Current();
             // string region = await _searcher.SearchIpAsync(remoteIPv4);
             //同一个账号，同一IP，同一接口,UA标识（UA标识随意切换则表示可能会存在DDOS）,时间段
-             //_logger.LogInformation(new{ ua=httpContext.GetUserAgent(), ip=remoteIPv4,time=requestedTime,path =$"{httpRequest.PathBase}{httpRequest.Path}",host= $"{httpRequest.Host}", param=parameters,id ,name ,school,succeed =isRequestSucceed }.ToJsonString());
-            var data = new {
-                //ua = httpContext.GetUserAgent(),
+            //_logger.LogInformation(new{ ua=httpContext.GetUserAgent(), ip=remoteIPv4,time=requestedTime,path =$"{httpRequest.PathBase}{httpRequest.Path}",host= $"{httpRequest.Host}", param=parameters,id ,name ,school,succeed =isRequestSucceed }.ToJsonString());
+            var data = new
+            {
+                ua = httpContext.GetUserAgent(),
                 ip = remoteIPv4,
                 time = requestedTime,
                 path = $"{httpRequest.PathBase}{httpRequest.Path}",
                 host = $"{httpRequest.Host}",
                 param = parameters,
-                id,
-                name,
-                school,
-                client,tid= tokenSha,
-                p="bi",
+                id = id,
+                name = name,
+                school = school,
+                client = client,
+                tid = tokenSha,
+                scope = scope,
+                referer = refererUrl,
+                platform = secChUaPlatform,
+                p = "bi",
             };
             _= _httpTrigger.RequestHttpTrigger(data, "China", "http-log");
             

TEAMModelOS/Controllers/System/BillController.cs

@@ -107,6 +107,8 @@ namespace TEAMModelOS.Controllers
                             (List<ApiVist> vists, List<(string uuid, List<string> tmdid, List<string> school)> uuidInfo)   = Convert(httpLogs);
                             vistsDay.AddRange(vists);
                             uuidInfos.AddRange(uuidInfo);
+
+
                         }
                     }
                     List<(string tmd, bool exists)> tmdexists = new List<(string tmd, bool exists)>();
@@ -432,7 +434,7 @@ namespace TEAMModelOS.Controllers
 
                     }
                 }
-                vists.Add(vist);
+                
 
                 uuidInfo.Add((uuid, useridMatch, schoolMatch));
                 vists.Add(vist);

TEAMModelOS/Filter/RequestAuditFilter.cs

@@ -29,7 +29,8 @@ namespace TEAMModelOS.Filter
         }
         public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
         {
-            string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, scope = string.Empty;
+            string id = string.Empty, name = string.Empty, picture = string.Empty, school = string.Empty, scope = string.Empty, roles = string.Empty;
+                 
             //============== 这里是执行方法之前获取数据 ====================
 
             // 获取控制器、路由信息
@@ -40,6 +41,7 @@ namespace TEAMModelOS.Filter
 
             // 获取 HttpContext 和 HttpRequest 对象
             var httpContext = context.HttpContext;
+           string ua = httpContext.GetUserAgent();
             var httpRequest = httpContext.Request;
 
             // 获取客户端 Ipv4 地址
@@ -61,7 +63,19 @@ namespace TEAMModelOS.Filter
             string tokenSha = string.Empty, client = string.Empty;
             if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out StringValues Authorization))
             {
-
+                var jwt = new JwtSecurityTokenHandler().ReadJwtToken(Authorization.ToString().Replace("Bearer ", ""));
+                client= roles = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("roles"))?.Value;
+                tokenSha= ShaHashHelper.GetSHA1(Authorization.ToString());
+            }
+            if (context.HttpContext.Request.Headers.TryGetValue("X-Auth-IdToken", out StringValues XAuthIdToken))
+            {
+                var jwt = new JwtSecurityTokenHandler().ReadJwtToken(XAuthIdToken);
+                id = jwt.Payload.Sub;
+                name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name"))?.Value;
+                if (string.IsNullOrEmpty(tokenSha))
+                {
+                    tokenSha= ShaHashHelper.GetSHA1(XAuthIdToken.ToString());
+                }
             }
             if (context.HttpContext.Request.Headers.TryGetValue("X-Auth-School", out StringValues XAuthSchool))
             {
@@ -79,14 +93,23 @@ namespace TEAMModelOS.Filter
                 school = jwt.Payload.Azp;
                 name = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("name"))?.Value;
                 scope = jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("scope"))?.Value;
+                if (string.IsNullOrEmpty(tokenSha))
+                {
+                    tokenSha= ShaHashHelper.GetSHA1(authtoken);
+                }
             }
             string secChUaPlatform = string.Empty;
             if (httpContext.Request.Headers.TryGetValue("Sec-Ch-Ua-Platform", out var values))
             {
                 secChUaPlatform = values.FirstOrDefault();
             }
-            // 请求时间
-            var requestedTime = DateTimeOffset.Now.GetGMTTime(8).ToUnixTimeMilliseconds();
+            if (string.IsNullOrEmpty(tokenSha)) 
+            
+            {
+                tokenSha= ShaHashHelper.GetSHA1($"{ua}{remoteIPv4}{httpRequest.Host}{secChUaPlatform}");
+            }
+                // 请求时间
+                var requestedTime = DateTimeOffset.Now.GetGMTTime(8).ToUnixTimeMilliseconds();
             //============== 这里是执行方法之后获取数据 ====================
             var actionContext = await next();
             // 获取返回的结果
@@ -103,7 +126,7 @@ namespace TEAMModelOS.Filter
           
             var data = new
             {
-                ua = httpContext.GetUserAgent(),
+                ua =ua,
                 ip = remoteIPv4,
                 time = requestedTime,
                 path = $"{httpRequest.PathBase}{httpRequest.Path}",
@@ -118,6 +141,7 @@ namespace TEAMModelOS.Filter
                 referer = refererUrl,
                 platform = secChUaPlatform,
                 p = "os",
+                idToken=XAuthIdToken
             };
             _= _httpTrigger.RequestHttpTrigger(data, "China", "http-log");
 

TEAMModelOS/Startup.cs

@@ -113,7 +113,7 @@ namespace TEAMModelOS
 #if DEBUG
                     builder.AllowAnyOrigin() // 添加允许的源
                            .AllowAnyHeader() // 允许任何请求标头
-                           .AllowCredentials()
+                         //  .AllowCredentials()
                            ; // 允许包含凭据
 #else
                     //builder.WithOrigins("https://teammodeltest.blob.core.chinacloudapi.cn",  "https://teammodelos.blob.core.chinacloudapi.cn") // 添加允许的源       .AllowAnyMethod() // 允许任何请求方法