From 467aa7ce2ea720e0bcd749aacb619c08978922a1 Mon Sep 17 00:00:00 2001 From: "gao.zhiyuan" Date: Thu, 11 Aug 2022 09:34:32 +0800 Subject: [PATCH 1/4] app check --- .../app/lib/controllers/application/index.js | 29 ++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js index 3e363ba..4295123 100644 --- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js @@ -3,6 +3,32 @@ const fs = require('fs'); const moment = require('moment') const uuid = require('uuid'); +async function check (ctx) { + try { + const { models } = this.fs.dc; + const { appKey, appSecret } = this.request.body; + const existRes = await models.Application.findOne({ + where: { + appKey: appKey, + appSecret: appSecret, + } + }) + if (!existRes) { + throw '应用不存在' + } else if (existRes.forbidden) { + throw '应用已被禁用' + } + ctx.status = 204; + } catch (error) { + ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); + ctx.status = 400; + ctx.body = + typeof error == 'string' ? { + message: error + } : error + } +} + async function edit (ctx, next) { let errMsg = '创建应用失败' const transaction = await ctx.fs.dc.orm.transaction(); @@ -21,7 +47,7 @@ async function edit (ctx, next) { transaction }) } else { - + // 添加 const storageData = Object.assign({}, data, { appKey: uuid.v4(), @@ -51,6 +77,7 @@ async function edit (ctx, next) { module.exports = { + check, edit, get, }; \ No newline at end of file From 1d228509e3c753585055c44c56ca378b653ce157 Mon Sep 17 00:00:00 2001 From: "gao.zhiyuan" Date: Thu, 11 Aug 2022 09:34:49 +0800 Subject: [PATCH 2/4] app check --- .../api/app/lib/controllers/application/index.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js index 4295123..074f847 100644 --- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js @@ -73,11 +73,7 @@ async function edit (ctx, next) { } - - - module.exports = { check, edit, - get, }; \ No newline at end of file From 4c0d85ce14a3902f2b2f03a6b6bd0028a4a44388 Mon Sep 17 00:00:00 2001 From: "gao.zhiyuan" Date: Thu, 11 Aug 2022 10:22:38 +0800 Subject: [PATCH 3/4] app check --- .../app/lib/controllers/application/index.js | 124 +++++++++--------- .../api/app/lib/routes/application/index.js | 13 +- .../api/app/lib/utils/oauth2.js | 52 ++++++++ 3 files changed, 123 insertions(+), 66 deletions(-) create mode 100644 code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js diff --git a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js index 074f847..770ccf9 100644 --- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js @@ -4,76 +4,78 @@ const moment = require('moment') const uuid = require('uuid'); async function check (ctx) { - try { - const { models } = this.fs.dc; - const { appKey, appSecret } = this.request.body; - const existRes = await models.Application.findOne({ - where: { - appKey: appKey, - appSecret: appSecret, - } - }) - if (!existRes) { - throw '应用不存在' - } else if (existRes.forbidden) { - throw '应用已被禁用' - } - ctx.status = 204; - } catch (error) { - ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); - ctx.status = 400; - ctx.body = - typeof error == 'string' ? { - message: error - } : error - } + try { + const { models } = this.fs.dc; + const { Authorization } = ctx.headers; + const { utils: { oauthParseAuthHeader, oauthParseBody } } = ctx.app.fs + const keySplit = await oauthParseAuthHeader(Authorization); + const existRes = await models.Application.findOne({ + where: { + appKey: keySplit[0], + appSecret: keySplit[1], + } + }) + if (!existRes) { + throw '应用不存在' + } else if (existRes.forbidden) { + throw '应用已被禁用' + } + ctx.status = 204; + } catch (error) { + ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); + ctx.status = 400; + ctx.body = + typeof error == 'string' ? { + message: error + } : error + } } async function edit (ctx, next) { - let errMsg = '创建应用失败' - const transaction = await ctx.fs.dc.orm.transaction(); - try { - const { models } = ctx.fs.dc; - const { userId } = ctx.fs.api - const data = ctx.request.body; + let errMsg = '创建应用失败' + const transaction = await ctx.fs.dc.orm.transaction(); + try { + const { models } = ctx.fs.dc; + const { userId } = ctx.fs.api + const data = ctx.request.body; - if (data.id) { - // 修改 - const storageData = Object.assign({}, data,) - await models.Application.update(storageData, { - where: { - id: data.id - }, - transaction - }) - } else { + if (data.id) { + // 修改 + const storageData = Object.assign({}, data,) + await models.Application.update(storageData, { + where: { + id: data.id + }, + transaction + }) + } else { - // 添加 - const storageData = Object.assign({}, data, { - appKey: uuid.v4(), - appSecret: uuid.v4(), - createUserId: userId, - createTime: moment().format(), - forbidden: true + // 添加 + const storageData = Object.assign({}, data, { + appKey: uuid.v4(), + appSecret: uuid.v4(), + createUserId: userId, + createTime: moment().format(), + forbidden: true - }) - await models.Application.create(storageData, { transaction }) - } + }) + await models.Application.create(storageData, { transaction }) + } - await transaction.commit(); - ctx.status = 204; - } catch (error) { - await transaction.rollback(); - ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); - ctx.status = 400; - ctx.body = { - message: errMsg - } - } + await transaction.commit(); + ctx.status = 204; + } catch (error) { + await transaction.rollback(); + ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); + ctx.status = 400; + ctx.body = { + message: errMsg + } + } } module.exports = { - check, - edit, + check, + edit, }; \ No newline at end of file diff --git a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js index 2f688b1..cdd1d63 100644 --- a/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/routes/application/index.js @@ -5,10 +5,13 @@ const application = require('../../controllers/application'); module.exports = function (app, router, opts) { - // app.fs.api.logAttr['GET/application'] = { content: '获取应用信息', visible: false }; - // router.get('/application', application.get); + app.fs.api.logAttr['GET/application/check'] = { content: '检查应用状态', visible: false }; + router.get('/application/check', application.check); + + // app.fs.api.logAttr['GET/application'] = { content: '获取应用信息', visible: false }; + // router.get('/application', application.get); + + app.fs.api.logAttr['POST/application'] = { content: '创建/修改应用', visible: false }; + router.post('/application', application.edit); - app.fs.api.logAttr['POST/application'] = { content: '创建/修改应用', visible: false }; - router.post('/application', application.edit); - }; diff --git a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js new file mode 100644 index 0000000..e844dad --- /dev/null +++ b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js @@ -0,0 +1,52 @@ +module.exports = function (app, opts) { + async function oauthParseAuthHeader (auth) { + if (!auth) { + throw new Error('参数无效: 未包含Authorization头'); + } + + const authSplit = auth.split('Basic'); + if (authSplit.length != 2) { + throw new Error('参数无效: Authorization头格式无效,请检查是否包含了"Basic "'); + } + + const authCode = authSplit[1]; + const apikey = Buffer.from(authCode, 'base64').toString(); + + const keySplit = apikey.split(':'); + if (keySplit.length != 2) { + throw new Error('参数无效:请检查Authorization头内容是否经过正确Base64编码'); + } + + return keySplit; + } + + async function oauthParseBody (body, type) { + let checked = true, token = ''; + if (type == 'apply' && body['grant_type'] != 'client_credentials') { + checked = false; + } else if (type == 'refresh') { + if (body['grant_type'] != 'refresh_token' || body['token'] == null) { + checked = false; + } else { + token = body['token']; + } + } else if (type == 'invalidate') { + if (body['token'] == null) { + checked = false; + } else { + token = body['token']; + } + } + + if (!checked) { + throw new Error('参数无效:请求正文中未包含正确的信息'); + } + + return token; + } + + return { + oauthParseAuthHeader, + oauthParseBody + } +} \ No newline at end of file From 3b4e90c91c426c952547c29c3221cfbe0dfa5891 Mon Sep 17 00:00:00 2001 From: "gao.zhiyuan" Date: Thu, 11 Aug 2022 13:41:05 +0800 Subject: [PATCH 4/4] OAuth2 --- .../api/app/lib/controllers/application/index.js | 15 ++++++--------- code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js | 2 ++ code/VideoAccess-VCMP/api/config.js | 1 + 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js index 770ccf9..0e0130f 100644 --- a/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js +++ b/code/VideoAccess-VCMP/api/app/lib/controllers/application/index.js @@ -5,10 +5,10 @@ const uuid = require('uuid'); async function check (ctx) { try { - const { models } = this.fs.dc; - const { Authorization } = ctx.headers; + const { models } = ctx.fs.dc; + const { authorization } = ctx.headers; const { utils: { oauthParseAuthHeader, oauthParseBody } } = ctx.app.fs - const keySplit = await oauthParseAuthHeader(Authorization); + const keySplit = await oauthParseAuthHeader(authorization); const existRes = await models.Application.findOne({ where: { appKey: keySplit[0], @@ -16,18 +16,15 @@ async function check (ctx) { } }) if (!existRes) { - throw '应用不存在' + throw new Error('应用不存在'); } else if (existRes.forbidden) { - throw '应用已被禁用' + throw new Error('应用已被禁用'); } ctx.status = 204; } catch (error) { ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`); ctx.status = 400; - ctx.body = - typeof error == 'string' ? { - message: error - } : error + ctx.body = error } } diff --git a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js index e844dad..88d6608 100644 --- a/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js +++ b/code/VideoAccess-VCMP/api/app/lib/utils/oauth2.js @@ -1,3 +1,5 @@ +const fs = require('fs'); + module.exports = function (app, opts) { async function oauthParseAuthHeader (auth) { if (!auth) { diff --git a/code/VideoAccess-VCMP/api/config.js b/code/VideoAccess-VCMP/api/config.js index 014e51c..1106420 100644 --- a/code/VideoAccess-VCMP/api/config.js +++ b/code/VideoAccess-VCMP/api/config.js @@ -93,6 +93,7 @@ const product = { dev, exclude: [ { p: '/camera', o: 'GET' }, // 暂时滴 + { p: '/application/check', o: 'GET' }, // 暂时滴 ], // 不做认证的路由,也可以使用 exclude: ["*"] 跳过所有路由 redis: { host: IOTA_REDIS_SERVER_HOST,