Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conflicting method/path combination "POST wopi/Files/{id}" for actions #167

Open
qq312888991 opened this issue Aug 27, 2024 · 1 comment
Open

Conflicting method/path combination "POST wopi/Files/{id}" for actions #167

qq312888991 opened this issue Aug 27, 2024 · 1 comment
Labels
bug

Comments

@qq312888991
Copy link

version:3.0.0
image

This is my code:

using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using WopiHost.Abstractions;

namespace TestWOPI.Core.Wopi;

public class MyWopiSecurityHandler : IWopiSecurityHandler
{
    private readonly string _secretKey; // 用于生成和验证令牌的密钥  

    public MyWopiSecurityHandler(string secretKey)
    {
        _secretKey = secretKey;
    }

    public SecurityToken GenerateAccessToken(string user, string resourceId)
    {
        // 这里你可以根据需求自定义生成访问令牌的逻辑  
        var securityKey = new SymmetricSecurityKey(Convert.FromBase64String(_secretKey));
        var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);

        var claims = new[]
        {
            new Claim(ClaimTypes.Name, user),
            new Claim("resourceId", resourceId)
        };

        var token = new JwtSecurityToken(
            issuer: "your-issuer",
            audience: "your-audience",
            claims: claims,
            expires: DateTime.Now.AddHours(1),
            signingCredentials: credentials
        );

        return token;
    }

    public ClaimsPrincipal GetPrincipal(string token)
    {
        var handler = new JwtSecurityTokenHandler();
        var jwtToken = handler.ReadToken(token) as JwtSecurityToken;

        if (jwtToken == null)
        {
            return null; // 或者抛出异常  
        }

        var identity = new ClaimsIdentity(jwtToken.Claims, "Jwt");
        return new ClaimsPrincipal(identity);
    }

    public bool IsAuthorized(ClaimsPrincipal principal, string resourceId, WopiAuthorizationRequirement operation)
    {
        // 这里可以实现你自己的授权逻辑  
        // 例如,检查用户的角色、权限等  
        if (principal.Identity.IsAuthenticated)
        {
            // 简单示例:检查资源ID  
            // 实际逻辑可能会更复杂,可能需要从数据库或其他存储中验证用户权限  
            return true; // 或者根据实际情况返回 true/false  
        }

        return false;
    }

    public string WriteToken(SecurityToken token)
    {
        var handler = new JwtSecurityTokenHandler();
        return handler.WriteToken(token);
    }
}

Startup.cs

services.AddSingleton<IWopiSecurityHandler>(new MyWopiSecurityHandler("your-base64-secret-key"));
@petrsvihlik
Copy link
Owner

please provide the exact steps to reproduce

@github-staff github-staff deleted a comment from mayank785 Oct 23, 2024
@github-staff github-staff deleted a comment from mayank785 Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@qq312888991 @petrsvihlik and others