测试修改验签问题

Demo

2024-06-21 ecd2829ad660d8ac75a002b10255d29c2b8c5d1d

测试修改验签问题

 Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs

@@ -9,6 +9,8 @@
using System.Threading.Tasks;
using Utility.Tools;
using static System.Net.Mime.MediaTypeNames;
using Utility.Entity;
using Microsoft.AspNetCore.Http;

namespace Utility
{
@@ -18,11 +20,11 @@
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
    public class VerificationAttribute : ActionFilterAttribute
    {
        private static readonly string appKey = SignConfig.AppKey;
        private string appKey;
        private static readonly double Minutes = SignConfig.Minutes;//时间戳必须5分钟内的，否则不通过
        public VerificationAttribute()
        {

            
        }

        public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
@@ -30,11 +32,30 @@
            var request = context.HttpContext.Request;

            // 获取请求中的时间戳和签名
            var system = request.Headers["System"].FirstOrDefault();
            var timestamp = request.Headers["Timestamp"].FirstOrDefault();
            var signature = request.Headers["Signature"].FirstOrDefault();
            //var timestamp = "1718873584";
            //var signature = "1718873584";

            switch (system)
            {
                case "ERP":
                    appKey = SignConfig.ERPAppKey;
                    break;
                case "MES":
                    appKey = SignConfig.MESAppKey;
                    break;
                case "LIMS":
                    appKey = SignConfig.LIMSAppKey;
                    break;
                case "FuMa":
                    appKey = SignConfig.FuMaAppKey;
                    break;
                default:
                    context.Result = new UnauthorizedResult();
                    return;
            }
            
            if (string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(signature))
            {
                context.Result = new UnauthorizedResult();
@@ -45,6 +66,17 @@
            if (!IsTimestampValid(timestamp))
            {
                context.Result = new UnauthorizedResult();
                var apiResponse = new ApiResponse<object>(
                    401,
                    "error",
                    "时间失效"
                );

                var json = JsonConvert.SerializeObject(apiResponse);
                context.HttpContext.Response.ContentType = "application/json";
                context.HttpContext.Response.ContentLength = Encoding.UTF8.GetByteCount(json);
                await context.HttpContext.Response.WriteAsync(json);
                await base.OnActionExecutionAsync(context, next);
                return;
            }

@@ -88,7 +120,6 @@
                context.Result = new UnauthorizedResult();
                return;
            }

            await base.OnActionExecutionAsync(context, next);
        }

@@ -114,7 +145,10 @@
    }
    public class SignConfig
    {
        public static string AppKey { get; set; }
        public static string ERPAppKey { get; set; }
        public static string MESAppKey { get; set; }
        public static string LIMSAppKey { get; set; }
        public static string FuMaAppKey { get; set; }
        public static double Minutes { get; set; }
    }


 Wms/Wms/Controllers/UpApiController.cs

@@ -20,6 +20,7 @@
using System.Linq;
using System.Text;
using Newtonsoft.Json.Linq;
using System.Runtime.CompilerServices;

namespace Wms.Controllers
{
@@ -447,6 +448,7 @@
        /// 测试验签加密
        /// </summary>
        /// <returns></returns>
        [ServiceFilter(typeof(ApiResponseActionFilter))]
        [Verification]
        [HttpPost]
        public IActionResult Demo2(IdVm model)
@@ -468,11 +470,12 @@
            }
        }

        [HttpGet]
        [HttpPost]
        [ServiceFilter(typeof(ApiResponseActionFilter))]
        public string Demo3()
        [UnitOfWork]
        public string Demo3(IdVm model)
        {
            string jsonParams = "{\"param1\": \"value1\", \"param2\": \"value2\"}";
            string jsonParams = JsonConvert.SerializeObject(model);

            // 生成时间戳（Unix 时间戳）
            var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString();
@@ -487,7 +490,7 @@

        private static string GenerateSignature(string jsonParams)
        {
            var appKey = "90170307d4184844ac2a26b431f79980";
            var appKey = "90170307d4184844ac2a26b431f79981";
            // 将 JSON 字符串转换为 JObject
            JObject jObject = JObject.Parse(jsonParams);


 Wms/Wms/Startup.cs

@@ -114,7 +114,10 @@
            //数据库配置
            BaseDbConfig.ConnectionString = Configuration.GetSection("AppSettings:ConnectionString").Value;
            //验签配置文件
            SignConfig.AppKey = Configuration.GetSection("SignConfig:AppKey").Value;  
            SignConfig.ERPAppKey = Configuration.GetSection("SignConfig:ERPAppKey").Value;  
            SignConfig.MESAppKey = Configuration.GetSection("SignConfig:MESAppKey").Value;  
            SignConfig.LIMSAppKey = Configuration.GetSection("SignConfig:LIMSAppKey").Value;  
            SignConfig.FuMaAppKey = Configuration.GetSection("SignConfig:FuMaAppKey").Value;
            SignConfig.Minutes = double.Parse(Configuration.GetSection("SignConfig:Minutes").Value);



 Wms/Wms/appsettings.json

@@ -38,7 +38,10 @@

  },
  "SignConfig": {
    "AppKey": "90170307d4184844ac2a26b431f79980", //验签
    "ERPAppKey": "90170307d4184844ac2a26b431f79980", //ERP验签
    "MESAppKey": "90170307d4184844ac2a26b431f79981", //MES验签
    "LIMSAppKey": "90170307d4184844ac2a26b431f79982", //LIMS验签
    "FuMaAppKey": "90170307d4184844ac2a26b431f79983", //FuMa验签
    "Minutes": 5 //验签时间 5分钟
  },
  "Quartz": {