Merge pull request #415 from colinin/4.4.2

feat(open-api): 注释白名单校验

aspnet-core/modules/open-api/LINGYUN.Abp.OpenApi.Authorization/LINGYUN/Abp/OpenApi/Authorization/OpenApiAuthorizationService.cs

@@ -46,17 +46,18 @@ namespace LINGYUN.Abp.OpenApi.Authorization
                 return true;
             }
 
-            if (_currentClient.IsAuthenticated && 
-                _openApiOptions.HasWhiteClient(_currentClient.Id))
-            {
-                return true;
-            }
-
-            if (!string.IsNullOrWhiteSpace(_clientInfoProvider.ClientIpAddress) &&
-                _openApiOptions.HasWhiteIpAddress(_clientInfoProvider.ClientIpAddress))
-            {
-                return true;
-            }
+            // TODO: 不够优雅，应该用接口来实现
+            //if (_currentClient.IsAuthenticated && 
+            //    _openApiOptions.HasWhiteClient(_currentClient.Id))
+            //{
+            //    return true;
+            //}
+
+            //if (!string.IsNullOrWhiteSpace(_clientInfoProvider.ClientIpAddress) &&
+            //    _openApiOptions.HasWhiteIpAddress(_clientInfoProvider.ClientIpAddress))
+            //{
+            //    return true;
+            //}
 
             BusinessException exception;
             if (!httpContext.Request.QueryString.HasValue)

aspnet-core/modules/open-api/LINGYUN.Abp.OpenApi/LINGYUN/Abp/OpenApi/AbpOpenApiModule.cs

@@ -1,4 +1,5 @@
-using LINGYUN.Abp.OpenApi.Localization;
+using LINGYUN.Abp.OpenApi.ConfigurationStore;
+using LINGYUN.Abp.OpenApi.Localization;
 using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.Localization;
 using Volo.Abp.Localization.ExceptionHandling;
@@ -18,6 +19,7 @@ namespace LINGYUN.Abp.OpenApi
             var configuration = context.Services.GetConfiguration();
 
             Configure<AbpOpenApiOptions>(configuration.GetSection("OpenApi"));
+            Configure<AbpDefaultAppKeyStoreOptions>(configuration);
 
             Configure<AbpVirtualFileSystemOptions>(options =>
             {

aspnet-core/modules/open-api/LINGYUN.Abp.OpenApi/LINGYUN/Abp/OpenApi/AbpOpenApiOptions.cs

@@ -1,34 +1,11 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-
-namespace LINGYUN.Abp.OpenApi
+namespace LINGYUN.Abp.OpenApi
 {
     public class AbpOpenApiOptions
     {
         public bool IsEnabled { get; set; }
-        public string[] WhiteIpAddress { get; set; }
-        public string[] WhiteClient { get; set; }
         public AbpOpenApiOptions()
         {
             IsEnabled = true;
-            WhiteIpAddress = new string[0];
-            WhiteClient = new string[0];
-        }
-
-        public bool HasWhiteIpAddress(string ipAddress)
-        {
-            return WhiteIpAddress?.Contains(ipAddress) == true;
-        }
-
-        public bool HasWhiteClient(string clientId)
-        {
-            if (clientId.IsNullOrWhiteSpace())
-            {
-                return false;
-            }
-            return WhiteClient?.Contains(clientId) == true;
         }
     }
 }

aspnet-core/modules/open-api/LINGYUN.Abp.OpenApi/LINGYUN/Abp/OpenApi/ConfigurationStore/AbpDefaultAppKeyStoreOptions.cs

@@ -2,11 +2,11 @@
 {
     public class AbpDefaultAppKeyStoreOptions
     {
-        public AppDescriptor[] Apps { get; set; }
+        public AppDescriptor[] AppDescriptors { get; set; }
 
         public AbpDefaultAppKeyStoreOptions()
         {
-            Apps = new AppDescriptor[0];
+            AppDescriptors = new AppDescriptor[0];
         }
     }
 }

aspnet-core/modules/open-api/LINGYUN.Abp.OpenApi/LINGYUN/Abp/OpenApi/ConfigurationStore/DefaultAppKeyStore.cs

@@ -22,7 +22,7 @@ namespace LINGYUN.Abp.OpenApi.ConfigurationStore
 
         public AppDescriptor Find(string appKey)
         {
-            return _options.Apps?.FirstOrDefault(t => t.AppKey == appKey);
+            return _options.AppDescriptors?.FirstOrDefault(t => t.AppKey == appKey);
         }
     }
 }