From 43c7bfcb1d683cfcefe15c07aea99921e2aa18e6 Mon Sep 17 00:00:00 2001
From: hwh <332078369@qq.com>
Date: 星期三, 19 六月 2024 16:52:02 +0800
Subject: [PATCH] 验签
---
Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs | 89 ++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 89 insertions(+), 0 deletions(-)
diff --git a/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
new file mode 100644
index 0000000..dc85ffb
--- /dev/null
+++ b/Wms/Utility/Filter/ApiSignatureVerificationAttribute.cs
@@ -0,0 +1,89 @@
+锘縰sing Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Utility.Tools;
+using static System.Net.Mime.MediaTypeNames;
+
+namespace Utility
+{
+ /// <summary>
+ /// 楠岀
+ /// </summary>
+ [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
+ public class VerificationAttribute : ActionFilterAttribute
+ {
+ private static readonly string appKey = "signature";//鍚庨潰鏀规垚鎷块厤缃枃浠剁殑
+ private static readonly double Minutes = 5;//鏃堕棿鎴冲繀椤�5鍒嗛挓鍐呯殑锛屽惁鍒欎笉閫氳繃
+ public VerificationAttribute()
+ {
+
+ }
+
+ public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
+ {
+ var request = context.HttpContext.Request;
+
+ // 鑾峰彇璇锋眰涓殑鏃堕棿鎴冲拰绛惧悕
+ var timestamp = request.Headers["Timestamp"].FirstOrDefault();
+ var signature = request.Headers["Signature"].FirstOrDefault();
+
+ if (string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(signature))
+ {
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
+ // 楠岃瘉鏃堕棿鎴虫槸鍚﹀湪鍏佽鐨勬椂闂磋寖鍥村唴
+ if (!IsTimestampValid(timestamp))
+ {
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
+ // 璇诲彇璇锋眰浣撲腑鐨� JSON 鍙傛暟
+ string jsonParams;
+ using (var reader = new System.IO.StreamReader(request.Body, Encoding.UTF8, true, 1024, true))
+ {
+ char[] buffer = new char[500];
+ int bytesRead = await reader.ReadAsync(buffer, 0, buffer.Length);
+ jsonParams = new string(buffer, 0, bytesRead);
+ }
+
+ // 鏋勫缓寰呯鍚嶅瓧绗︿覆
+ var signatureBaseString = appKey + jsonParams + timestamp;
+
+ // 璁$畻 MD5 鍊�
+ var computedSignature = Md5Tools.CalcMd5(Encoding.UTF8.GetBytes(signatureBaseString));
+
+ // 楠岃瘉绛惧悕
+ if (computedSignature != signature)
+ {
+ context.Result = new UnauthorizedResult();
+ return;
+ }
+
+ await base.OnActionExecutionAsync(context, next);
+ }
+
+ private bool IsTimestampValid(string timestamp)
+ {
+ if (long.TryParse(timestamp, out var timestampSeconds))
+ {
+ var requestDateTime = DateTimeOffset.FromUnixTimeSeconds(timestampSeconds);
+ var currentDateTime = DateTimeOffset.UtcNow;
+
+ // 璁$畻鏃堕棿宸�
+ var timeDifference = currentDateTime - requestDateTime;
+
+ // 姣旇緝鏃堕棿宸槸鍚﹀湪鍏佽鐨勮寖鍥村唴
+ return timeDifference.TotalMinutes <= 5;
+ }
+
+ return false;
+ }
+ }
+}
--
Gitblit v1.8.0