app check

3 years ago · 4c0d85ce14
3 changed files with 123 additions and 66 deletions
--- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js
+++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js
@ -6,11 +6,13 @@ const uuid = require('uuid');
 async function check (ctx) {
   try {
      const { models } = this.fs.dc;
-        const { appKey, appSecret } = this.request.body;
+      const { Authorization } = ctx.headers;
+      const { utils: { oauthParseAuthHeader, oauthParseBody } } = ctx.app.fs
+      const keySplit = await oauthParseAuthHeader(Authorization);
      const existRes = await models.Application.findOne({
         where: {
-                appKey: appKey,
-                appSecret: appSecret,
+            appKey: keySplit[0],
+            appSecret: keySplit[1],
         }
      })
      if (!existRes) {
--- a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js
+++ b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js
@ -5,6 +5,9 @@ const application = require('../../controllers/application');

 module.exports = function (app, router, opts) {

+   app.fs.api.logAttr['GET/application/check'] = { content: '检查应用状态', visible: false };
+   router.get('/application/check', application.check);
+
   // app.fs.api.logAttr['GET/application'] = { content: '获取应用信息', visible: false };
   // router.get('/application', application.get);

--- a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js
+++ b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js
@ -0,0 +1,52 @@
+module.exports = function (app, opts) {
+    async function oauthParseAuthHeader (auth) {
+        if (!auth) {
+            throw new Error('参数无效: 未包含Authorization头');
+        }
+
+        const authSplit = auth.split('Basic');
+        if (authSplit.length != 2) {
+            throw new Error('参数无效: Authorization头格式无效，请检查是否包含了"Basic "');
+        }
+
+        const authCode = authSplit[1];
+        const apikey = Buffer.from(authCode, 'base64').toString();
+
+        const keySplit = apikey.split(':');
+        if (keySplit.length != 2) {
+            throw new Error('参数无效：请检查Authorization头内容是否经过正确Base64编码');
+        }
+        
+        return keySplit;
+    }
+
+    async function oauthParseBody (body, type) {
+        let checked = true, token = '';
+        if (type == 'apply' && body['grant_type'] != 'client_credentials') {
+            checked = false;
+        } else if (type == 'refresh') {
+            if (body['grant_type'] != 'refresh_token' || body['token'] == null) {
+                checked = false;
+            } else {
+                token = body['token'];
+            }
+        } else if (type == 'invalidate') {
+            if (body['token'] == null) {
+                checked = false;
+            } else {
+                token = body['token'];
+            }
+        }
+
+        if (!checked) {
+            throw new Error('参数无效：请求正文中未包含正确的信息');
+        }
+
+        return token;
+    }
+
+    return {
+        oauthParseAuthHeader,
+        oauthParseBody
+    }
+}