From 0464969366317154fdbb51e106ca778b855bdd08 Mon Sep 17 00:00:00 2001
From: wxw <Administrator@DESKTOP-5BIMHQ3>
Date: 星期六, 17 八月 2024 15:45:28 +0800
Subject: [PATCH] Merge branch 'master' into wxw
---
Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs | 104 +++++++++++++++++++++++++++++++++++++--------------
1 files changed, 75 insertions(+), 29 deletions(-)
diff --git a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
index 8d156f0..511d68d 100644
--- a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
+++ b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
@@ -1,5 +1,7 @@
锘縰sing Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
+using Newtonsoft.Json.Linq;
+using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
@@ -7,6 +9,8 @@
using System.Threading.Tasks;
using Utility.Tools;
using static System.Net.Mime.MediaTypeNames;
+using Utility.Entity;
+using Microsoft.AspNetCore.Http;
namespace Utility
{
@@ -16,11 +20,11 @@
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
public class VerificationAttribute : ActionFilterAttribute
{
- private static readonly string appKey = SignConfig.AppKey;
+ private string appKey;
private static readonly double Minutes = SignConfig.Minutes;//鏃堕棿鎴冲繀椤�5鍒嗛挓鍐呯殑锛屽惁鍒欎笉閫氳繃
public VerificationAttribute()
{
-
+
}
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
@@ -28,9 +32,30 @@
var request = context.HttpContext.Request;
// 鑾峰彇璇锋眰涓殑鏃堕棿鎴冲拰绛惧悕
+ var system = request.Headers["System"].FirstOrDefault();
var timestamp = request.Headers["Timestamp"].FirstOrDefault();
var signature = request.Headers["Signature"].FirstOrDefault();
-
+ //var timestamp = "1718873584";
+ //var signature = "1718873584";
+ switch (system)
+ {
+ case "ERP":
+ appKey = SignConfig.ERPAppKey;
+ break;
+ case "MES":
+ appKey = SignConfig.MESAppKey;
+ break;
+ case "LIMS":
+ appKey = SignConfig.LIMSAppKey;
+ break;
+ case "FuMa":
+ appKey = SignConfig.FuMaAppKey;
+ break;
+ default:
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
if (string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(signature))
{
context.Result = new UnauthorizedResult();
@@ -41,6 +66,17 @@
if (!IsTimestampValid(timestamp))
{
context.Result = new UnauthorizedResult();
+ var apiResponse = new ApiResponse<object>(
+ 401,
+ "error",
+ "鏃堕棿澶辨晥"
+ );
+
+ var json = JsonConvert.SerializeObject(apiResponse);
+ context.HttpContext.Response.ContentType = "application/json";
+ context.HttpContext.Response.ContentLength = Encoding.UTF8.GetByteCount(json);
+ await context.HttpContext.Response.WriteAsync(json);
+ await base.OnActionExecutionAsync(context, next);
return;
}
@@ -48,13 +84,36 @@
string jsonParams;
using (var reader = new System.IO.StreamReader(request.Body, Encoding.UTF8, true, 1024, true))
{
- char[] buffer = new char[500];
- int bytesRead = await reader.ReadAsync(buffer, 0, buffer.Length);
- jsonParams = new string(buffer, 0, bytesRead);
+ // 灏嗚姹備綋娴佷綅缃噸缃埌璧峰浣嶇疆
+ request.Body.Seek(0, System.IO.SeekOrigin.Begin);
+ jsonParams = await reader.ReadToEndAsync();
}
+ // 鍙嶅簭鍒楀寲 JSON 鍙傛暟涓� JObject
+ JObject jObject = null;
+ Dictionary<string, string> filteredProperties = new Dictionary<string, string>();
+ if (jsonParams != null)
+ {
+ try
+ {
+ jObject = JObject.Parse(jsonParams);
+ // 杩囨护鎺夋暟缁勭被鍨嬬殑灞炴��
+ filteredProperties = jObject.Properties()
+ .Where(p => p.Value.Type != JTokenType.Array)
+ .ToDictionary(p => p.Name, p => p.Value.ToString());
+ }
+ catch (JsonReaderException)
+ {
+ // JSON 鏍煎紡閿欒锛岃繑鍥炴湭缁忔巿鏉�
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+ }
+ filteredProperties.Add("timestamp", timestamp);
+ filteredProperties.Add("appKey", appKey);
+
// 鏋勫缓寰呯鍚嶅瓧绗︿覆
- var signatureBaseString = appKey + jsonParams + timestamp;
+ var signatureBaseString = string.Join("&", filteredProperties.OrderBy(p => p.Key).Select(p => p.Key + "=" + p.Value));
// 璁$畻 MD5 鍊�
var computedSignature = Md5Tools.CalcMd5(Encoding.UTF8.GetBytes(signatureBaseString));
@@ -65,7 +124,6 @@
context.Result = new UnauthorizedResult();
return;
}
-
await base.OnActionExecutionAsync(context, next);
}
@@ -73,23 +131,9 @@
{
//var logs = long.Parse(timestamp);
//var logs2 = int.Parse(timestamp);
- ////if (long.TryParse(timestamp, out var timestampSeconds))
- ////{
- // var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(logs);
- // var currentDateTime = DateTimeOffset.UtcNow;
-
- // // 璁$畻鏃堕棿宸�
- // var timeDifference = currentDateTime - requestDateTime;
-
- // // 姣旇緝鏃堕棿宸槸鍚﹀湪鍏佽鐨勮寖鍥村唴
- // return timeDifference.TotalMinutes <= Minutes;
-
- ////}
- //return false;
-
- try
+ if (long.TryParse(timestamp, out var timestampSeconds))
{
- var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(long.Parse(timestamp));
+ var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(timestampSeconds);
var currentDateTime = DateTimeOffset.UtcNow;
// 璁$畻鏃堕棿宸�
@@ -97,16 +141,18 @@
// 姣旇緝鏃堕棿宸槸鍚﹀湪鍏佽鐨勮寖鍥村唴
return timeDifference.TotalMinutes <= Minutes;
+
}
- catch (Exception)
- {
- return false;
- }
+ return false;
+
}
}
public class SignConfig
{
- public static string AppKey { get; set; }
+ public static string ERPAppKey { get; set; }
+ public static string MESAppKey { get; set; }
+ public static string LIMSAppKey { get; set; }
+ public static string FuMaAppKey { get; set; }
public static double Minutes { get; set; }
}
--
Gitblit v1.8.0