From 158a01ee5fa6903111790c52bfb778f93f797028 Mon Sep 17 00:00:00 2001
From: hwh <332078369@qq.com>
Date: 星期五, 21 六月 2024 11:02:57 +0800
Subject: [PATCH] 验签调整
---
Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs | 51 +++++++++++++++++++++++++++++----------------------
1 files changed, 29 insertions(+), 22 deletions(-)
diff --git a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
index ba2007f..286c3bb 100644
--- a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
+++ b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
@@ -1,5 +1,7 @@
锘縰sing Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
+using Newtonsoft.Json.Linq;
+using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
@@ -28,9 +30,10 @@
var request = context.HttpContext.Request;
// 鑾峰彇璇锋眰涓殑鏃堕棿鎴冲拰绛惧悕
- //var timestamp = request.Headers["Timestamp"].FirstOrDefault();
- var timestamp = "1718873584";
- var signature = "1718873584";
+ var timestamp = request.Headers["Timestamp"].FirstOrDefault();
+ var signature = request.Headers["Signature"].FirstOrDefault();
+ //var timestamp = "1718873584";
+ //var signature = "1718873584";
if (string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(signature))
{
@@ -49,13 +52,32 @@
string jsonParams;
using (var reader = new System.IO.StreamReader(request.Body, Encoding.UTF8, true, 1024, true))
{
- char[] buffer = new char[500];
- int bytesRead = await reader.ReadAsync(buffer, 0, buffer.Length);
- jsonParams = new string(buffer, 0, bytesRead);
+ // 灏嗚姹備綋娴佷綅缃噸缃埌璧峰浣嶇疆
+ request.Body.Seek(0, System.IO.SeekOrigin.Begin);
+ jsonParams = await reader.ReadToEndAsync();
}
+ // 鍙嶅簭鍒楀寲 JSON 鍙傛暟涓� JObject
+ JObject jObject = null;
+ try
+ {
+ jObject = JObject.Parse(jsonParams);
+ }
+ catch (JsonReaderException)
+ {
+ // JSON 鏍煎紡閿欒锛岃繑鍥炴湭缁忔巿鏉�
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+ // 杩囨护鎺夋暟缁勭被鍨嬬殑灞炴��
+ var filteredProperties = jObject.Properties()
+ .Where(p => p.Value.Type != JTokenType.Array)
+ .ToDictionary(p => p.Name, p => p.Value.ToString());
+ filteredProperties.Add("timestamp", timestamp);
+ filteredProperties.Add("appKey", appKey);
+
// 鏋勫缓寰呯鍚嶅瓧绗︿覆
- var signatureBaseString = appKey + jsonParams + timestamp;
+ var signatureBaseString = string.Join("&", filteredProperties.OrderBy(p => p.Key).Select(p => p.Key + "=" + p.Value));
// 璁$畻 MD5 鍊�
var computedSignature = Md5Tools.CalcMd5(Encoding.UTF8.GetBytes(signatureBaseString));
@@ -88,21 +110,6 @@
}
return false;
- //try
- //{
- // var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(long.Parse(timestamp));
- // var currentDateTime = DateTimeOffset.UtcNow;
-
- // // 璁$畻鏃堕棿宸�
- // var timeDifference = currentDateTime - requestDateTime;
-
- // // 姣旇緝鏃堕棿宸槸鍚﹀湪鍏佽鐨勮寖鍥村唴
- // return timeDifference.TotalMinutes <= Minutes;
- //}
- //catch (Exception)
- //{
- // return false;
- //}
}
}
public class SignConfig
--
Gitblit v1.8.0