public HttpResponseMessage GetToken(string appkey, string appsecret)
{
BaseJson <Token_Preview> resultMsg = new BaseJson <Token_Preview> {
Status = (int)JsonObjectStatus.Error, Message = "服务器未知错误。", Data = null
};
Logger(typeof(OAuthController), "", "根据AppKey获取Token-GetToken", () =>
{
//判断参数是否合法
if (string.IsNullOrEmpty(appkey) && string.IsNullOrEmpty(appsecret))
{
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.ParameterError,
Message = JsonObjectStatus.ParameterError.GetEnumText(),
Data = null
};
}
else
{
string exp = GlobalStaticConstant.REGRXP_APP_KEY;
bool validate = StringHelper.QuickValidate(exp, appkey);
if (!validate)
{
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.ParameterError,
Data = null,
Message = JsonObjectStatus.ParameterError.GetEnumText(),
BackUrl = ""
};
}
else
{
//TODO 核对是否存在appkey以及校验appsecret是否正确
AppKeyEntity appKeyEntity = _appKeyBll.GetEntity(a => a.AppKey.Equals(appkey));
if (appKeyEntity != null)
{
//比对密钥
if (appKeyEntity.AppSecret.Equals(appsecret))
{
//获取缓存Token信息
Token_Preview token = CacheFactory.Cache().GetCache <Token_Preview>(appkey);
if (token == null)
{
//过期时间
DateTime time = DateTimeHelper.Now.AddHours(GlobalStaticConstant.TOKEN_EXPIRE_TIME);
string accessToken = GetSignToken(appkey);
token = new Token_Preview
{
AppKey = appkey,
AccessToken = accessToken,
ExpireTime = time.ToString("yyyy-MM-dd HH:mm:ss")
};
//插入缓存
CacheFactory.Cache().WriteCache(token, token.AppKey, time);
}
//返回token信息
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.Success,
Message = JsonObjectStatus.Success.GetEnumText(),
Data = token
};
}
else
{
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.Fail,
Message = "AppSecret无效。",
Data = null
};
}
}
else
{
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.Fail,
Message = "AppKey不存在。",
Data = null
};
}
}
}
}, e =>
{
resultMsg = new BaseJson <Token_Preview>
{
Status = (int)JsonObjectStatus.Exception,
Message = JsonObjectStatus.Exception.GetEnumText() + ",异常信息:" + e.Message,
Data = null
};
}, null, ErrorHandel.Continue);
return(resultMsg.ToJson().ToHttpResponseMessage());
}
/// <summary>
/// 正在请求时
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
string isInterfaceSignature = ConfigHelper.GetValue("IsInterfaceSignature");
if (isInterfaceSignature == "false")
{
base.OnActionExecuting(actionContext);
return;
}
BaseJson <string> resultMsg = null;
//操作上下文请求信息
HttpRequestMessage request = actionContext.Request;
//请求方法
//string method = request.Method.Method;
string appkey = string.Empty, timestamp = string.Empty, nonce = string.Empty, access_token = string.Empty;
//string authority = request.RequestUri.Authority;
//string host = request.RequestUri.Host;
//string port = request.RequestUri.Port.ToString();
//if (request.IsLocal())
//{
//}
//参数列表
//Dictionary<string, object> dictionary = actionContext.ActionArguments;
//if (dictionary.ContainsKey("arg"))
//{
//}
//用户编号
if (request.Headers.Contains("AppKey"))
{
appkey = HttpUtility.UrlDecode(request.Headers.GetValues("AppKey").FirstOrDefault());
}
//时间戳
if (request.Headers.Contains("TimeStamp"))
{
timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("TimeStamp").FirstOrDefault());
}
//随机数
if (request.Headers.Contains("Nonce"))
{
nonce = HttpUtility.UrlDecode(request.Headers.GetValues("Nonce").FirstOrDefault());
}
//数字签名数据
if (request.Headers.Contains("Authorization"))
{
access_token = HttpUtility.UrlDecode(request.Headers.GetValues("Authorization").FirstOrDefault());
}
//接受客户端预请求
if (actionContext.Request.Method == HttpMethod.Options)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted);
base.OnActionExecuting(actionContext);
return;
}
//GetToken和Login方法不需要进行签名验证
string[] exceptRequest = GlobalStaticConstant.NOT_NEED_DIGITAL_SIGNATURE;
if (exceptRequest.Contains(actionContext.ActionDescriptor.ActionName))
{
if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce))
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.ParameterError,
Message = JsonObjectStatus.ParameterError.GetEnumText(),
Data = ""
};
actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
base.OnActionExecuting(actionContext);
return;
}
else
{
base.OnActionExecuting(actionContext);
return;
}
//base.OnActionExecuting(actionContext);
//return;
}
//判断请求头是否包含以下参数
if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(access_token))
//if (string.IsNullOrEmpty(access_token) || string.IsNullOrEmpty(appkey))
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.ParameterError,
Message = JsonObjectStatus.ParameterError.GetEnumText(),
Data = ""
};
actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
base.OnActionExecuting(actionContext);
return;
}
//判断当前时间戳是否有效
long now = (DateTime.Now.ToUniversalTime().Ticks - 621355968000000000) / 10000000;
//客户端传入得时间戳
bool timespanvalidate = long.TryParse(timestamp, out long qeruest);
//当前时间必与请求时间差应在1分钟以内才算有效时间戳,防止伪造时间戳
bool falg = (now - qeruest) < 1 * 60;
//如果时间差大于1分钟或者时间戳转换失败则视为无效时间戳
if (!falg || !timespanvalidate)
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.UrlExpireError,
Message = JsonObjectStatus.UrlExpireError.GetEnumText(),
Data = ""
};
actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
base.OnActionExecuting(actionContext);
return;
}
//判断token是否有效
Token_Preview token = CacheFactory.Cache().GetCache <Token_Preview>(appkey);
string serveraccesstoken = "AccessToken ";
if (token == null)
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.TokenInvalid,
Message = JsonObjectStatus.TokenInvalid.GetEnumText(),
Data = ""
};
actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
base.OnActionExecuting(actionContext);
return;
}
else
{
serveraccesstoken += token.AccessToken;
}
#region 请求参数签名,GET请求即参数不带?、&、=符号,如id1nametest;POST请求将数据序列化成Json字符串
//请求参数签名,GET请求即参数不带?、&、=符号,如id1nametest;POST请求将数据序列化成Json字符串
//string data;
//switch (method)//根据请求类型拼接参数
//{
// case "POST":
// Stream stream = HttpContext.Current.Request.InputStream;
// StreamReader streamReader = new StreamReader(stream);
// data = streamReader.ReadToEnd();
// break;
// case "GET":
// NameValueCollection form = HttpContext.Current.Request.QueryString;
// //第一步:取出所有get参数
// IDictionary<string, string> parameters = new Dictionary<string, string>();
// for (int f = 0; f < form.Count; f++)
// {
// string key = form.Keys[f];
// parameters.Add(key, form[key]);
// }
// // 第二步:把字典按Key的字母顺序排序
// IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parameters);
// // ReSharper disable once GenericEnumeratorNotDisposed
// IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator();
// // 第三步:把所有参数名和参数值串在一起
// StringBuilder query = new StringBuilder();
// while (dem.MoveNext())
// {
// string key = dem.Current.Key;
// string value = dem.Current.Value;
// if (!string.IsNullOrEmpty(key))
// {
// query.Append(key).Append(value);
// }
// }
// data = query.ToString();
// break;
// default:
// resultMsg = new BaseJson<string>
// {
// Status = (int)JsonObjectStatus.HttpMehtodError,
// Message = JsonObjectStatus.HttpMehtodError.GetEnumText(),
// Data = ""
// };
// actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
// base.OnActionExecuting(actionContext);
// return;
//}
#endregion
//校验签名信息
bool result = SignExtension.ValidateSign(appkey, nonce, timestamp, serveraccesstoken, access_token);
if (!result)
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.HttpRequestError,
Message = JsonObjectStatus.HttpRequestError.GetEnumText(),
Data = ""
};
actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage();
base.OnActionExecuting(actionContext);
}
else
{
base.OnActionExecuting(actionContext);
}
}
public HttpResponseMessage SaveAdvertisement(SaveAdvertisementArgEntity arg)
{
BaseJson <string> resultMsg = new BaseJson <string> {
Status = (int)JsonObjectStatus.Error, Message = "服务器未知错误。", Data = null
};
Logger(typeof(AdvertisementController), arg.TryToJson(), "保存广告-SaveAdvertisement", () =>
{
if (!string.IsNullOrEmpty(arg.t) && !string.IsNullOrEmpty(arg.Appkey) && !string.IsNullOrEmpty(arg.AccessToken))
{
if (arg.t.CheckTimeStamp())
{
//获取缓存Token信息
Token_Preview token = CacheFactory.Cache().GetCache <Token_Preview>(arg.Appkey);
if (token != null)
{
//校验授权码
string tokenStr = token.AccessToken;
if (!string.IsNullOrEmpty(tokenStr) && tokenStr.Equals(arg.AccessToken))
{
AdvertisementEntity entity = new AdvertisementEntity
{
Title = arg.Title,
Category = arg.Which == "0" ? "主站" : arg.Which == "1" ? "开奖网" : arg.Which == "2" ? "手机站" : "",
CategoryId = arg.Which,
Position = arg.Position,
Href = arg.Href,
TermOfValidity = arg.OverTime
};
if (!string.IsNullOrEmpty(arg.Id))
{
entity.IsEnable = true;
advertisementBll.SaveForm(arg.Id, entity);
}
else
{
AdvertisementEntity temp = advertisementBll.GetEntity(a => a.CategoryId.Equals(arg.Which) && a.Position == arg.Position);
if (temp != null)
{
entity.IsEnable = true;
advertisementBll.SaveForm(temp.ID, entity);
}
}
//清理缓存
Cache.Factory.CacheFactory.Cache().RemoveCache("Advertisement_Html_" + arg.Which);
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.Success,
Data = null,
Message = JsonObjectStatus.Success.GetEnumText(),
BackUrl = null
};
}
else
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.TokenInvalid,
Data = null,
Message = JsonObjectStatus.TokenInvalid.GetEnumText(),
BackUrl = null
};
}
}
else
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.TokenInvalid,
Data = null,
Message = JsonObjectStatus.TokenInvalid.GetEnumText(),
BackUrl = null
};
}
}
else
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.Fail,
Data = null,
Message = JsonObjectStatus.Fail.GetEnumText() + ",无效参数。",
BackUrl = null
};
}
}
else
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.Fail,
Data = null,
Message = JsonObjectStatus.Fail.GetEnumText() + ",请求参数为空。",
BackUrl = null
};
}
}, e =>
{
resultMsg = new BaseJson <string>
{
Status = (int)JsonObjectStatus.Exception,
Data = null,
Message = JsonObjectStatus.Exception.GetEnumText() + ",异常信息:" + e.Message,
BackUrl = null
};
});
return(resultMsg.TryToJson().ToHttpResponseMessage());
}
