Beispiel #1
0
        /// <summary>
        /// 数据包验证
        /// </summary>
        /// <param name="content"></param>
        /// <param name="aesKey"></param>
        /// <returns></returns>

        public static bool ValidateAes(string content, string aesKey, out EncryptionDataModel model)
        {
            model = null;
            try
            {
                if (!string.IsNullOrEmpty(content))
                {
                    string rawContent = Encryptions.AesDecryption(content, aesKey);
                    if (!string.IsNullOrEmpty(rawContent))
                    {
                        model = JsonConvert.DeserializeObject <EncryptionDataModel>(rawContent);
                        return(true);
                    }
                }
            }
            catch
            {
            }
            return(false);
        }
Beispiel #2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="request"></param>
        /// <param name="cancellationToken"></param>
        /// <returns></returns>
        protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            //判断请求头
            bool isValidRequest       = request.Headers.Contains("");
            EncryptionDataModel model = null;

            if (isValidRequest)
            {
                #region 白名单验证
                if (!ValidateHelper.ValidateWhiteIp(whiteIp))
                {
                    return(await SetResponse(request, ApiStatusCodeEnum.MisMatchedSignature, "Ip受限"));
                }
                #endregion

                #region 验证签名
                //加密数据
                string requestContent = await request.Content.ReadAsStringAsync();

                //api 请求头签名部分
                if (!ValidateHelper.ValidateSignatureHeader(request, requestContent, secretKey))
                {
                    //异步方法必须返回类型,不能返回Task<HttpResponseMessage>
                    return(await SetResponse(request, ApiStatusCodeEnum.MisMatchedSignature, "签名错误"));
                }
                //api 请求data验证签名部分
                if (!ValidateHelper.ValidateAes(requestContent, aesKey, out model))
                {
                    return(await SetResponse(request, ApiStatusCodeEnum.MisMatchedSignature, "数据包签名错误"));
                }
                #endregion

                #region 时间验证
                if (!ValidateHelper.ValidateTimeStamp(model.UnixTime, 3))
                {
                    return(await SetResponse(request, ApiStatusCodeEnum.TimeOut, "超时"));
                }

                #endregion
            }
            //记录日志用
            string controller = request.GetRouteData().Values["controller"].ToString();
            string action     = request.GetRouteData().Values["action"].ToString();

            //请求构造
            request.Content = new StringContent(model.AdditionInfo);
            request.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/json");
            HttpResponseMessage httpResponseMessage = await base.SendAsync(request, cancellationToken);

            if (!httpResponseMessage.IsSuccessStatusCode)
            {
                HttpError httpError = null;
                if (httpResponseMessage.TryGetContentValue(out httpError))
                {
                    //记录日志
                }
                var response = new ResponseModel(ApiStatusCodeEnum.InternalError, httpResponseMessage.ReasonPhrase);
                httpResponseMessage.Content = new ObjectContent <ResponseModel>(response, new System.Net.Http.Formatting.JsonMediaTypeFormatter());
            }

            return(httpResponseMessage);
        }