From 158a01ee5fa6903111790c52bfb778f93f797028 Mon Sep 17 00:00:00 2001
From: hwh <332078369@qq.com>
Date: 星期五, 21 六月 2024 11:02:57 +0800
Subject: [PATCH] 验签调整
---
Wms/Wms/Controllers/UpApiController.cs | 60 +++++++++++++++++++++--------
Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs | 51 ++++++++++++++-----------
2 files changed, 72 insertions(+), 39 deletions(-)
diff --git a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
index ba2007f..286c3bb 100644
--- a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
+++ b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
@@ -1,5 +1,7 @@
锘縰sing Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
+using Newtonsoft.Json.Linq;
+using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
@@ -28,9 +30,10 @@
var request = context.HttpContext.Request;
// 鑾峰彇璇锋眰涓殑鏃堕棿鎴冲拰绛惧悕
- //var timestamp = request.Headers["Timestamp"].FirstOrDefault();
- var timestamp = "1718873584";
- var signature = "1718873584";
+ var timestamp = request.Headers["Timestamp"].FirstOrDefault();
+ var signature = request.Headers["Signature"].FirstOrDefault();
+ //var timestamp = "1718873584";
+ //var signature = "1718873584";
if (string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(signature))
{
@@ -49,13 +52,32 @@
string jsonParams;
using (var reader = new System.IO.StreamReader(request.Body, Encoding.UTF8, true, 1024, true))
{
- char[] buffer = new char[500];
- int bytesRead = await reader.ReadAsync(buffer, 0, buffer.Length);
- jsonParams = new string(buffer, 0, bytesRead);
+ // 灏嗚姹備綋娴佷綅缃噸缃埌璧峰浣嶇疆
+ request.Body.Seek(0, System.IO.SeekOrigin.Begin);
+ jsonParams = await reader.ReadToEndAsync();
}
+ // 鍙嶅簭鍒楀寲 JSON 鍙傛暟涓� JObject
+ JObject jObject = null;
+ try
+ {
+ jObject = JObject.Parse(jsonParams);
+ }
+ catch (JsonReaderException)
+ {
+ // JSON 鏍煎紡閿欒锛岃繑鍥炴湭缁忔巿鏉�
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+ // 杩囨护鎺夋暟缁勭被鍨嬬殑灞炴��
+ var filteredProperties = jObject.Properties()
+ .Where(p => p.Value.Type != JTokenType.Array)
+ .ToDictionary(p => p.Name, p => p.Value.ToString());
+ filteredProperties.Add("timestamp", timestamp);
+ filteredProperties.Add("appKey", appKey);
+
// 鏋勫缓寰呯鍚嶅瓧绗︿覆
- var signatureBaseString = appKey + jsonParams + timestamp;
+ var signatureBaseString = string.Join("&", filteredProperties.OrderBy(p => p.Key).Select(p => p.Key + "=" + p.Value));
// 璁$畻 MD5 鍊�
var computedSignature = Md5Tools.CalcMd5(Encoding.UTF8.GetBytes(signatureBaseString));
@@ -88,21 +110,6 @@
}
return false;
- //try
- //{
- // var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(long.Parse(timestamp));
- // var currentDateTime = DateTimeOffset.UtcNow;
-
- // // 璁$畻鏃堕棿宸�
- // var timeDifference = currentDateTime - requestDateTime;
-
- // // 姣旇緝鏃堕棿宸槸鍚﹀湪鍏佽鐨勮寖鍥村唴
- // return timeDifference.TotalMinutes <= Minutes;
- //}
- //catch (Exception)
- //{
- // return false;
- //}
}
}
public class SignConfig
diff --git a/Wms/Wms/Controllers/UpApiController.cs b/Wms/Wms/Controllers/UpApiController.cs
index e201dcd..4929f8e 100644
--- a/Wms/Wms/Controllers/UpApiController.cs
+++ b/Wms/Wms/Controllers/UpApiController.cs
@@ -15,6 +15,11 @@
using WMS.DAL;
using Microsoft.AspNetCore.Authorization;
using Utility;
+using System.Collections.Generic;
+using System.Reflection.Emit;
+using System.Linq;
+using System.Text;
+using Newtonsoft.Json.Linq;
namespace Wms.Controllers
{
@@ -31,7 +36,7 @@
private readonly IArrivalNoticeServer _arrivalNoticeSvc;
private readonly IStockCheckServer _stockCheckSvc;//鐩樼偣鍗昐vc
private readonly IProcurePlanServer _procurePlanSvc;//閲囪喘鍗昐vs
- public UpApiController(IOptions<ApiUrlConfig> setting,IExportNoticeServer exNoticeSvc,IArrivalNoticeServer arrivalNoticeServer,IStockCheckServer stockCheckSvc, IProcurePlanServer procurePlanSvc)
+ public UpApiController(IOptions<ApiUrlConfig> setting, IExportNoticeServer exNoticeSvc, IArrivalNoticeServer arrivalNoticeServer, IStockCheckServer stockCheckSvc, IProcurePlanServer procurePlanSvc)
{
_config = setting.Value;
_exNoticeSvc = exNoticeSvc;
@@ -78,7 +83,7 @@
/// <param name="model">鍏ュ簱鍗曞彿</param>
/// <returns></returns>
[HttpPost]
- public IActionResult FinishAsn(IdVm model)
+ public IActionResult FinishAsn(IdVm model)
{
try
{
@@ -125,7 +130,7 @@
return Ok(new { code = 1, msg = "鏈幏鍙栧埌褰撳墠鎿嶄綔浜轰俊鎭�" });
}
- _arrivalNoticeSvc.ByPdaFinish(model.Code, model.Code.Substring(0,2) == "AS" ? _config.ErpHost + _config.AsnFinishUrl : _config.ErpHost + _config.SoFinishUrl, int.Parse(userId));
+ _arrivalNoticeSvc.ByPdaFinish(model.Code, model.Code.Substring(0, 2) == "AS" ? _config.ErpHost + _config.AsnFinishUrl : _config.ErpHost + _config.SoFinishUrl, int.Parse(userId));
return Ok(new { code = 0, count = 0, msg = "鍗曟嵁澶嶆牳骞朵笂浼犳垚鍔�" });
}
@@ -331,7 +336,7 @@
{
SoResInfo result = _exNoticeSvc.ErpAddExportNotice(model);
return Ok(result);
-
+
}
catch (Exception e)
{
@@ -464,24 +469,45 @@
}
[HttpGet]
- public IActionResult Demo3()
+ [ServiceFilter(typeof(ApiResponseActionFilter))]
+ public string Demo3()
{
- var result = new ErpModel { Success = -1, Message = "" };
- try
- {
- var time = DateTimeOffset.Now.ToUnixTimeSeconds();
- result = new ErpModel { Success = 0, Message = time.ToString() };
+ string jsonParams = "{\"param1\": \"value1\", \"param2\": \"value2\"}";
- return Ok(result);
- }
- catch (Exception e)
- {
- result.Message = e.Message;
- return Ok(result);
- }
+ // 鐢熸垚鏃堕棿鎴筹紙Unix 鏃堕棿鎴筹級
+ var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString();
+
+ // 鐢熸垚绛惧悕
+ var signature = GenerateSignature(jsonParams);
+
+ // 杈撳嚭绛惧悕
+ Console.WriteLine("Generated Signature: " + signature);
+ return signature;
}
+ private static string GenerateSignature(string jsonParams)
+ {
+ var appKey = "90170307d4184844ac2a26b431f79980";
+ // 灏� JSON 瀛楃涓茶浆鎹负 JObject
+ JObject jObject = JObject.Parse(jsonParams);
+ // 杩囨护鎺夋暟缁勭被鍨嬬殑灞炴��
+ var filteredProperties = jObject.Properties()
+ .Where(p => p.Value.Type != JTokenType.Array)
+ .ToDictionary(p => p.Name, p => p.Value.ToString());
+
+ // 娣诲姞鏃堕棿鎴筹紙Unix 鏃堕棿鎴筹級
+ var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString();
+ filteredProperties.Add("timestamp", timestamp);
+ filteredProperties.Add("appKey", appKey);
+
+ // 鏋勫缓寰呯鍚嶅瓧绗︿覆
+ var signatureBaseString = string.Join("&", filteredProperties.OrderBy(p => p.Key).Select(p => p.Key + "=" + p.Value));
+
+ // 璁$畻 MD5 鍊�
+ var computedSignature = Md5Tools.CalcMd5(signatureBaseString);
+ return computedSignature;
+ }
#endregion
}
}
--
Gitblit v1.8.0