public static bool CheckOrderSign(dynamic obj, ILogger log) { Dictionary <string, string> dict = new Dictionary <string, string>(); dict.Add("userlogin", obj.userlogin + ""); dict.Add("detailurl", obj.detailurl + ""); dict.Add("cardtype", obj.cardtype + ""); dict.Add("payway", obj.payway + ""); dict.Add("prodname", obj.prodname + ""); dict.Add("notifyurl", obj.notifyurl + ""); dict.Add("mobile", obj.mobile + ""); dict.Add("account", obj.account + ""); dict.Add("productid", obj.productid + ""); dict.Add("money", obj.money + ""); dict.Add("price", obj.price + ""); dict.Add("couponprice", obj.couponprice + ""); dict.Add("couponid", obj.couponid + ""); dict.Add("couponch", obj.couponch + ""); dict.Add("ordertime", obj.ordertime + ""); dict.Add("userip", obj.userip + ""); string origin_str = CreateSignStr(dict); if (!SecurityCore.VerifyFromBase64(origin_str, pub_key, obj.sign, "SHA256withRSA", "utf-8")) { log.Info(string.Format("签名失败,签名原串:{0}", origin_str)); return(false); } return(true); }
public void Start() { var builder = new ContainerBuilder(); _core = AppCoreBuilder.Create(builder) .AddModule <NCoreFileStorageModule>() .AddModule(new NHibernatePostgreModule() { AssemblyMapper = Assembly.GetExecutingAssembly(), ConnectionStringKey = "ncore-test-base", AfterConfigure = e => { FileStorageCore.Configure(e); SecurityCore.Configure(e); } }) .AddModule(new NCoreSecurityNHibernateModule()) .Configure(c => { c.RegisterType <TestService>().As <ITestService>(); c.RegisterType <TestRepository>().As <ITestRepository>(); }) .Build(); var service = _core.Resolve <ITestService>(); service.AddTestRecord(); }
private void DoUploadBiz() { long uploadTime = TopUtils.GetCurrentTimeMillis() + FlushInterval; while (true) { try { Thread.Sleep(SleepTime); IDictionary <string, Counter> appUserCounterMap = SecurityCounter.GetUserCounter(topClient.appKey); if (TopUtils.GetCurrentTimeMillis() >= uploadTime || (appUserCounterMap.Count * 4 > 65536)) { StringBuilder counterBuilder = new StringBuilder(); IDictionary <string, Counter> cloneAppUserCounter = SecurityCounter.CloneUserCounter(topClient.appKey); SecurityCounter.CleanUserCounter(topClient.appKey); int count = 0; foreach (KeyValuePair <string, Counter> currentPair in cloneAppUserCounter) { Counter counter = currentPair.Value; if (counterBuilder.Length > 0) { counterBuilder.Append(";"); } counterBuilder.Append(currentPair.Key); GenerateCounter(counterBuilder, counter); if ((++count) % 100 == 0) { DoUpload(counterBuilder.ToString(), AppUserSecretType); counterBuilder = new StringBuilder(); } } if (counterBuilder.Length > 0) { DoUpload(counterBuilder.ToString(), AppUserSecretType); counterBuilder = new StringBuilder(); } Counter appCounter = SecurityCounter.GetAppCounter(topClient.appKey); counterBuilder.Append(SecurityCore.GetAppUserSecretCache().Count); GenerateCounter(counterBuilder, appCounter); appCounter.Reset(); long uploadInterval = DoUpload(counterBuilder.ToString(), AppSecretType); uploadTime = TopUtils.GetCurrentTimeMillis() + uploadInterval; } } catch (Exception e) { Log.Error(string.Format("flushSecretApiReporter error: {0}", e.Message)); } } }
public void ProcessRequest(HttpContext context) { try { context.Response.ContentType = "text/plain"; logger.Info("------------------Esalse退款开始------------------------"); logger.Info("请求参数:" + context.Request.RawUrl); string channelNo = context.Request["cid"]; string orderNo = context.Request["oid"]; string orderFace = context.Request["fm"]; string sucFace = context.Request["rm"]; string tsp = context.Request["tsp"]; string signStr = context.Request["sign"]; //校验参数 if (string.IsNullOrEmpty(channelNo) || string.IsNullOrEmpty(orderNo) || string.IsNullOrEmpty(orderFace) || string.IsNullOrEmpty(sucFace) || string.IsNullOrEmpty(signStr)) { logger.Info("参数错误:必填参数为空,收到参数【" + context.Request.QueryString + "】"); context.Response.Write("Fail"); return; } ; logger.Info("-------------------签名校验开始---------------------------"); string esKey = ApiHelper.Get_es_key(channelNo); string originStr = string.Format("{0}{1}{2}{3}{4}{5}", channelNo, orderNo, orderFace, sucFace, tsp, esKey); logger.Info("es_key:" + esKey); string sign = SecurityCore.ToHex(SecurityCore.MD5(originStr, Encoding.GetEncoding("GBK")), true).ToLower(); if (!sign.Equals(signStr, StringComparison.OrdinalIgnoreCase)) { logger.Info(string.Format("签名失败,签名原串:{0},签名:{1},源签名:{2}", originStr, sign, signStr)); context.Response.Write("Fail"); return; } logger.Info("-------------------保存退款申请开始-------------------------"); bool rst = ApiHelper.Save18RefundApply(orderNo, decimal.Parse(sucFace), logger); context.Response.Write(rst ? "success" : "Fail"); return; } catch (Exception ex) { logger.Info("异常:" + ex.Message, ex); logger.Fatal("异常:" + ex.Message, ex); context.Response.Write("Fail System Error"); return; } }
/// <summary> /// 18Esalse回调签名校验 /// </summary> /// <param name="obj">数据对象</param> /// <param name="key">签名Key</param> /// <param name="logger"></param> /// <returns></returns> public static bool EsalseNotifyCheckSign(dynamic obj, ILogger logger) { string es_key = Get_es_key(obj.cid).Trim(); string origin_str = string.Format("{0}{1}{2}{3}{4}{5}{6}{7}{8}", obj.sid, obj.ste, obj.cid, obj.pid, obj.oid, obj.pn, obj.tf, obj.fm, es_key); logger.Info("es_key:" + es_key); string sign = SecurityCore.ToHex(SecurityCore.MD5(origin_str, Encoding.GetEncoding("GBK")), true).ToLower(); if (!sign.Equals(obj.sign, StringComparison.OrdinalIgnoreCase)) { logger.Info(string.Format("签名失败,签名原串:{0},签名:{1},源签名:{2}", origin_str, sign, obj.sign)); return(false); } return(true); }
public static bool CheckRefundSign(dynamic obj, ILogger log) { Dictionary <string, string> dict = new Dictionary <string, string>(); dict.Add("detailurl", obj.detailurl + ""); dict.Add("orderid", obj.orderid + ""); dict.Add("mobile", obj.mobile + ""); dict.Add("price", obj.price + ""); string origin_str = CreateSignStr(dict); if (!SecurityCore.VerifyFromBase64(origin_str, pub_key, obj.sign, "SHA256withRSA", "utf-8")) { log.Info(string.Format("签名失败,签名原串:{0}", origin_str)); return(false); } return(true); }
private void InitSecretThread() { Thread uploadThread = new Thread(o => { int uploadInterval = FlushInterval; while (true) { try { Thread.Sleep(uploadInterval); IDictionary <string, object> jsonMap = new Dictionary <string, object>(); jsonMap.Add("sessionNum", SecurityCore.GetAppUserSecretCache().Count); jsonMap.Add("encryptPhoneNum", SecurityCounter.GetEncryptPhoneNum()); jsonMap.Add("encryptNickNum", SecurityCounter.GetEncryptNickNum()); jsonMap.Add("encryptReceiverNameNum", SecurityCounter.GetEncryptReceiverNameNum()); jsonMap.Add("decryptPhoneNum", SecurityCounter.GetDecryptPhoneNum()); jsonMap.Add("decryptNickNum", SecurityCounter.GetDecryptNickNum()); jsonMap.Add("decryptReceiverNameNum", SecurityCounter.GetDecryptReceiverNameNum()); jsonMap.Add("searchPhoneNum", SecurityCounter.GetSearchPhoneNum()); jsonMap.Add("searchNickNum", SecurityCounter.GetSearchNickNum()); jsonMap.Add("searchReceiverNameNum", SecurityCounter.GetSearchReceiverNameNum()); SecurityCounter.Reset(); String contentJson = TopUtils.ObjectToJson(jsonMap); uploadInterval = DoUpload(contentJson, SecretType); } catch (Exception e) { Log.Error(string.Format("flushSecretApiReporter error: {0}", e.Message)); } } }); uploadThread.IsBackground = true; uploadThread.Name = "flushSecretApiReporter-thread"; uploadThread.Start(); }