|
@@ -1,234 +0,0 @@
|
|
|
-using Lib.AspNetCore.ServerSentEvents;
|
|
|
|
|
-using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
|
|
|
-using Microsoft.AspNetCore.Builder;
|
|
|
|
|
-using Microsoft.AspNetCore.Hosting;
|
|
|
|
|
-using Microsoft.AspNetCore.Http;
|
|
|
|
|
-using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
-using Microsoft.AspNetCore.SpaServices;
|
|
|
|
|
-using Microsoft.Azure.Cosmos.Table;
|
|
|
|
|
-using Microsoft.Extensions.Configuration;
|
|
|
|
|
-using Microsoft.Extensions.DependencyInjection;
|
|
|
|
|
-using Microsoft.Extensions.Hosting;
|
|
|
|
|
-using Microsoft.IdentityModel.Tokens;
|
|
|
|
|
-using System;
|
|
|
|
|
-using System.Collections.Generic;
|
|
|
|
|
-using System.IdentityModel.Tokens.Jwt;
|
|
|
|
|
-using System.Linq;
|
|
|
|
|
-using System.Threading.Tasks;
|
|
|
|
|
-using TEAMModelOS.SDK.DI.Multiple;
|
|
|
|
|
-using TEAMModelBI.Models;
|
|
|
|
|
-using TEAMModelOS.Models;
|
|
|
|
|
-using TEAMModelOS.SDK;
|
|
|
|
|
-using TEAMModelOS.SDK.DI;
|
|
|
|
|
-using TEAMModelOS.SDK.Extension;
|
|
|
|
|
-using TEAMModelOS.SDK.Filter;
|
|
|
|
|
-using TEAMModelOS.SDK.Helper.Common.ReflectorExtensions;
|
|
|
|
|
-using TEAMModelOS.SDK.Models;
|
|
|
|
|
-using VueCliMiddleware;
|
|
|
|
|
-using System.Net.Http;
|
|
|
|
|
-
|
|
|
|
|
-namespace TEAMModelBI
|
|
|
|
|
-{
|
|
|
|
|
- public class Startup
|
|
|
|
|
- {
|
|
|
|
|
- public IWebHostEnvironment environment { get; set; }
|
|
|
|
|
- readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
|
|
|
|
|
- public Startup(IConfiguration configuration,IWebHostEnvironment env)
|
|
|
|
|
- {
|
|
|
|
|
- Configuration = configuration;
|
|
|
|
|
- environment = env;
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- public IConfiguration Configuration { get; }
|
|
|
|
|
-
|
|
|
|
|
- // This method gets called by the runtime. Use this method to add services to the container.
|
|
|
|
|
- public void ConfigureServices(IServiceCollection services)
|
|
|
|
|
- {
|
|
|
|
|
- // true,默認情況下,聲明映射將以舊格式映射聲明名稱,以適應較早的SAML應用程序,RoleClaimType = 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role'
|
|
|
|
|
- // false,RoleClaimType = 'roles'
|
|
|
|
|
- JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
|
|
|
|
|
- services.AddAuthentication(options => options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme)
|
|
|
|
|
- .AddJwtBearer(options => //AzureADJwtBearer
|
|
|
|
|
- {
|
|
|
|
|
- //options.SaveToken = true; //驗證令牌由服務器生成才有效,不適用於服務重啟或分布式架構
|
|
|
|
|
- options.Authority = Configuration["Option:Authority"];
|
|
|
|
|
- options.Audience = Configuration["Option:Audience"];
|
|
|
|
|
- options.RequireHttpsMetadata = true;
|
|
|
|
|
- options.TokenValidationParameters = new TokenValidationParameters
|
|
|
|
|
- {
|
|
|
|
|
- RoleClaimType = "roles",
|
|
|
|
|
- ValidAudiences = new string[] { Configuration["Option:Audience"], $"api://{Configuration["Option:Audience"]}" }
|
|
|
|
|
- };
|
|
|
|
|
- options.Events = new JwtBearerEvents();
|
|
|
|
|
- //下列事件有需要紀錄則打開
|
|
|
|
|
- //options.Events.OnMessageReceived = async context => { await Task.FromResult(0); };
|
|
|
|
|
- //options.Events.OnForbidden = async context => { await Task.FromResult(0); };
|
|
|
|
|
- //options.Events.OnChallenge = async context => { await Task.FromResult(0); };
|
|
|
|
|
- //options.Events.OnAuthenticationFailed = async context => { await Task.FromResult(0); };
|
|
|
|
|
- options.Events.OnTokenValidated = async context =>
|
|
|
|
|
- {
|
|
|
|
|
- if (!context.Principal.Claims.Any(x => x.Type.Equals("http://schemas.microsoft.com/identity/claims/scope")) //ClaimConstants.Scope
|
|
|
|
|
- && !context.Principal.Claims.Any(y => y.Type.Equals("roles"))) //ClaimConstants.Roles //http://schemas.microsoft.com/ws/2008/06/identity/claims/role
|
|
|
|
|
- {
|
|
|
|
|
- //TODO 需處理額外授權非角色及範圍的訪問異常紀錄
|
|
|
|
|
- throw new UnauthorizedAccessException("Neither scope or roles claim was found in the bearer token.");
|
|
|
|
|
- }
|
|
|
|
|
- await Task.FromResult(0);
|
|
|
|
|
- };
|
|
|
|
|
- });
|
|
|
|
|
- //設定跨域請求
|
|
|
|
|
- services.AddCors(options =>
|
|
|
|
|
- {
|
|
|
|
|
- options.AddPolicy(MyAllowSpecificOrigins,
|
|
|
|
|
- builder =>
|
|
|
|
|
- {
|
|
|
|
|
- builder.WithOrigins("http://teammodelos-test.chinacloudsites.cn",
|
|
|
|
|
- "https://www.teammodel.cn", "https://localhost:5001",
|
|
|
|
|
- "http://localhost:5000")
|
|
|
|
|
-
|
|
|
|
|
- .AllowAnyHeader()
|
|
|
|
|
- .AllowAnyMethod();
|
|
|
|
|
- });
|
|
|
|
|
- });
|
|
|
|
|
-
|
|
|
|
|
- //Table和blob注入
|
|
|
|
|
- List<(string name, string connectionString)> storageConnects = new();
|
|
|
|
|
- storageConnects.Add(("Default", Configuration.GetValue<string>("Azure:Storage:ConnectionString"))); //大路站ClientString
|
|
|
|
|
- storageConnects.Add(("Global", Configuration.GetValue<string>("GlobalAzure:Storage:ConnectionString"))); //国际站ClientString
|
|
|
|
|
-
|
|
|
|
|
- storageConnects.Add(("LogChina", Configuration.GetValue<string>("Azure:LogStorage:ConnectionString"))); //防火墙日志 大陆站ClientString
|
|
|
|
|
- storageConnects.Add(("LogGlobal", Configuration.GetValue<string>("GlobalAzure:LogStorage:ConnectionString"))); //防火墙日志 国际站ClientString
|
|
|
|
|
- services.AddMultipleAzureStorage(storageConnects);
|
|
|
|
|
-
|
|
|
|
|
- //cosmosDB注入
|
|
|
|
|
- List<(string name,string connectionString)> cosmosDBConnects = new();
|
|
|
|
|
- cosmosDBConnects.Add(("Default", Configuration.GetValue<string>("Azure:Cosmos:ConnectionString"))); //大路站ClientString
|
|
|
|
|
- cosmosDBConnects.Add(("Global", Configuration.GetValue<string>("GlobalAzure:Cosmos:ConnectionString"))); //国际站ClientString
|
|
|
|
|
- services.AddMultipleAzureCosmos(cosmosDBConnects);
|
|
|
|
|
-
|
|
|
|
|
- //redis注入
|
|
|
|
|
- List<(string name, string connectionString)> redisConnects = new();
|
|
|
|
|
- redisConnects.Add(("Default", Configuration.GetValue<string>("Azure:Redis:ConnectionString")));
|
|
|
|
|
- redisConnects.Add(("Global", Configuration.GetValue<string>("GlobalAzure:Redis:ConnectionString")));
|
|
|
|
|
- services.AddMultipleAzureRedis(redisConnects);
|
|
|
|
|
-
|
|
|
|
|
- //serverBus 注入
|
|
|
|
|
- List<(string name, string connectionString)> funConnects = new();
|
|
|
|
|
- funConnects.Add(("Default", Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString")));
|
|
|
|
|
- funConnects.Add(("Global", Configuration.GetValue<string>("GlobalAzure:ServiceBus:ConnectionString")));
|
|
|
|
|
- services.AddMultipleAzureServiceBus(funConnects);
|
|
|
|
|
-
|
|
|
|
|
- //单一注入
|
|
|
|
|
- //services.AddAzureStorage(Configuration.GetValue<string>("Azure:Storage:ConnectionString"));
|
|
|
|
|
- //services.AddAzureCosmos(Configuration.GetValue<string>("Azure:Cosmos:ConnectionString"));
|
|
|
|
|
- //services.AddAzureRedis(Configuration.GetValue<string>("Azure:Redis:ConnectionString"));
|
|
|
|
|
- //services.AddAzureServiceBus(Configuration.GetValue<string>("Azure:ServiceBus:ConnectionString"));
|
|
|
|
|
-
|
|
|
|
|
- services.AddSnowflakeId(Convert.ToInt64(Configuration.GetValue<string>("Option:LocationNum")), 1);
|
|
|
|
|
- services.AddHttpClient();
|
|
|
|
|
- services.AddHttpClient<DingDing>();
|
|
|
|
|
- //services.AddCoreAPIHttpService(Configuration);
|
|
|
|
|
- services.AddHttpClient<CoreAPIHttpService>().ConfigureHttpMessageHandlerBuilder(builder =>
|
|
|
|
|
- {
|
|
|
|
|
- builder.PrimaryHandler = new HttpClientHandler
|
|
|
|
|
- {
|
|
|
|
|
- ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
|
|
|
|
|
- };
|
|
|
|
|
- });
|
|
|
|
|
- services.AddHttpClient<HttpTrigger>();
|
|
|
|
|
- services.AddMemoryCache();
|
|
|
|
|
- services.AddControllers().AddJsonOptions(options => { options.JsonSerializerOptions.IgnoreNullValues = false; });
|
|
|
|
|
- services.Configure<SysConfig>(Configuration.GetSection("sysConfig")); //注册连接
|
|
|
|
|
- //HttpContextAccessor,并用来访问HttpContext。(提供組件或非控制器服務存取HttpContext)
|
|
|
|
|
- services.AddHttpContextAccessor();
|
|
|
|
|
- services.Configure<Option>(options => Configuration.GetSection("Option").Bind(options));
|
|
|
|
|
- services.AddControllers();
|
|
|
|
|
-
|
|
|
|
|
- string path = $"{ environment.ContentRootPath}/JsonFile/Core";
|
|
|
|
|
- services.AddIPSearcher(path);
|
|
|
|
|
- services.AddSpaStaticFiles(configuration =>
|
|
|
|
|
- {
|
|
|
|
|
- configuration.RootPath = "ClientApp";
|
|
|
|
|
- });
|
|
|
|
|
- services.AddServerSentEvents(o =>
|
|
|
|
|
- {
|
|
|
|
|
- o.KeepaliveMode = ServerSentEventsKeepaliveMode.Always;
|
|
|
|
|
- o.OnClientConnected = async (service, client) =>
|
|
|
|
|
- {
|
|
|
|
|
- //if (client.Request.Headers.TryGetValue("X-Auth-Name", out StringValues name))
|
|
|
|
|
- //{
|
|
|
|
|
- // client.Client.SetProperty("NAME", name.ToString());
|
|
|
|
|
- //}
|
|
|
|
|
- //if (client.Request.Headers.TryGetValue("X-Auth-DID", out StringValues did))
|
|
|
|
|
- //{
|
|
|
|
|
- // client.Client.SetProperty("DID", did.ToString());
|
|
|
|
|
- //}
|
|
|
|
|
- //if (client.Request.Headers.TryGetValue("X-Auth-CID", out StringValues cid))
|
|
|
|
|
- //{
|
|
|
|
|
- // client.Client.SetProperty("CID", cid.ToString());
|
|
|
|
|
- //}
|
|
|
|
|
- //if (client.Request.Headers.TryGetValue("X-Auth-PIN", out StringValues pin))
|
|
|
|
|
- //{
|
|
|
|
|
- // client.Client.SetProperty("PIN", pin.ToString());
|
|
|
|
|
- //}
|
|
|
|
|
- //if (client.Request.Headers.TryGetValue("X-Auth-APP", out StringValues app))
|
|
|
|
|
- //{
|
|
|
|
|
- // client.Client.SetProperty("APP", app.ToString());
|
|
|
|
|
- //}
|
|
|
|
|
-
|
|
|
|
|
- await client.Client.SendEventAsync(new { sid = client.Client.Id.ToString() }.ToJsonString());
|
|
|
|
|
- };
|
|
|
|
|
- });
|
|
|
|
|
- //等保安全性验证。
|
|
|
|
|
- services.AddScoped<SecurityHeadersAttribute>();
|
|
|
|
|
- services.AddAntiforgery(options => options.HeaderName = "X-CSRF-TOKEN");
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
|
|
|
|
- public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
|
|
|
|
|
- {
|
|
|
|
|
- if (env.IsDevelopment())
|
|
|
|
|
- {
|
|
|
|
|
- app.UseDeveloperExceptionPage();
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- app.UseRouting();
|
|
|
|
|
- //以下需要按照順序載入中間件 如果应用调用 UseStaticFiles,请将 UseStaticFiles 置于 UseRouting之前。
|
|
|
|
|
- app.UseStaticFiles();
|
|
|
|
|
- app.UseSpaStaticFiles();
|
|
|
|
|
- app.UseCors(MyAllowSpecificOrigins); //使用跨域設定
|
|
|
|
|
- app.UseHttpsRedirection(); //開發中暫時關掉
|
|
|
|
|
- //如果应用使用身份验证/授权功能(如 AuthorizePage 或 [Authorize]),请将对 UseAuthentication 和 UseAuthorization的
|
|
|
|
|
- //调用放在之后、UseRouting 和 UseCors,但在 UseEndpoints之前
|
|
|
|
|
- app.UseAuthentication();
|
|
|
|
|
- app.UseAuthorization();
|
|
|
|
|
- app.UseEndpoints(endpoints =>
|
|
|
|
|
- {
|
|
|
|
|
- endpoints.MapControllers();
|
|
|
|
|
- endpoints.MapServerSentEvents("/service/sse", new ServerSentEventsOptions
|
|
|
|
|
- {
|
|
|
|
|
- //Authorization = ServerSentEventsAuthorization.Default,
|
|
|
|
|
- OnPrepareAccept = response =>
|
|
|
|
|
- {
|
|
|
|
|
- response.Headers.Append("Cache-Control", "no-cache");
|
|
|
|
|
- response.Headers.Append("X-Accel-Buffering", "no");
|
|
|
|
|
- }
|
|
|
|
|
- });
|
|
|
|
|
-#if DEBUG
|
|
|
|
|
- endpoints.MapToVueCliProxy(
|
|
|
|
|
- "{*path}",
|
|
|
|
|
- new SpaOptions { SourcePath = "ClientApp" },
|
|
|
|
|
- npmScript: (System.Diagnostics.Debugger.IsAttached) ? "serve" : null,
|
|
|
|
|
- // regex: "Compiled successfully",
|
|
|
|
|
- forceKill: true
|
|
|
|
|
- );
|
|
|
|
|
-#else
|
|
|
|
|
- endpoints.MapFallbackToFile("index.html");
|
|
|
|
|
-#endif
|
|
|
|
|
-
|
|
|
|
|
- });
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
- }
|
|
|
|
|
- }
|
|
|
|
|
-}
|
|
|
CrazyIter_Bin