public override void OnActionExecuting(ActionExecutingContext context)
{
//将当前日志组件传递到其他中间件
this.HttpContext.Items.Add("__requestLogger", this.Logger);
string path = context.HttpContext.Request.Path.Value.ToLower();
if (!path.Contains("/test/") && !WhitelistActions.Contains(path))
{
WebParams webParams = new WebParams(context.HttpContext.Request);
#region 安全检查、passport验证
string passport = webParams["passport"];
if (string.IsNullOrEmpty(passport))
{
context.Result = this.FuncResult(new APIReturn(10009, "缺少passport参数"));
}
else if (passport != DC2Conf.Passport)
{
context.Result = this.FuncResult(new APIReturn(10750, "passport参数错误"));
}
#endregion
}
}
static void TestParams()
{
WebParams wp = new WebParams();
int count = wp["count1"].ToInt();
Console.WriteLine(count);
}
public IActionResult get_wx_order()
{
APIReturn apiReturn = null;
WebParams ciac = new WebParams(Request);
ciac.Add("action", "wxpayms_getordid");
CallResult cr = WebHttpClient.InvokeHttp("if2017", "dk", "wxpayms_getordid", HttpMethod.Get, ciac);
if ((cr.Code != 0) || string.IsNullOrEmpty(cr.Message))
{
return(this.FuncResult(new APIReturn(10000, cr.Message)));
}
string[] msgs = cr.Message.Split(',');
if ((int.Parse(msgs[0]) != 0) || (msgs.Length != 9))
{
return(this.FuncResult(new APIReturn(10000, string.Format($"{cr.Code}:{cr.Message}"))));
}
if (ciac["image"] == "image")
{
MemoryStream ms = new MemoryStream();
GetQRCode(msgs[8], ms);
ArraySegment <byte> data = new ArraySegment <byte>();
ms.TryGetBuffer(out data);
string str15 = Convert.ToBase64String(data.Array);
msgs[8] = str15;
}
Hashtable ht = new Hashtable();
ht["orderid"] = msgs[1];
ht["code"] = msgs[8];
apiReturn = new APIReturn(0, "", ht);
return(this.FuncResult(apiReturn));
}
public MondidoPage()
{
InitializeComponent();
WebParams data = new WebParams();
//Your account settings, fetch it from https://admin.mondido.com/en/settings#api
var merchantId = "233";
var secret = "$2a$10$gU.z.9QNc8VSGYqcJSOhv."; ///Shh, should be stored in your backend!
var paymentRef = Guid.NewGuid().ToString();
var customerRef = "123";
var amount = "10.00";
var currency = "eur";
//Find out what to send in the documentation
//https://doc.mondido.com/hosted#outgoing
data.Add("payment_ref", paymentRef);
data.Add("customer_ref", customerRef);
data.Add("amount", amount);
data.Add("currency", currency);
data.Add("merchant_id", merchantId);
data.Add("success_url", "https://api.mondido.com/success"); // need to be a working URL for IOS
data.Add("error_url", "https://api.mondido.com/fail"); // need to be a working URL for IOS
data.Add("test", "true");
data.Add("authorize", "false");
data.Add("store_card", "false");
var device = @"{model: '" + CrossDeviceInfo.Current.Model + "', platform: '" + CrossDeviceInfo.Current.Platform + "', version: '" + CrossDeviceInfo.Current.Version + "', id: '" + CrossDeviceInfo.Current.Id + "'}";
string metadataStr = @"{ customer: {name: 'Tester', email: '*****@*****.**'}, device: " + device + "}";
var metadata = JObject.Parse(metadataStr);
data.Add("metadata", System.Net.WebUtility.UrlEncode(metadata.ToString()));
string itemsStr = "[{artno: '" + Guid.NewGuid().ToString() + "', description: 'An item', amount: '10.00', vat: '25.00', qty: '1' }]";
var items = JArray.Parse(itemsStr);
data.Add("items", System.Net.WebUtility.UrlEncode(items.ToString()));
// The hash *should* be generated in your backend for security reasons.
// Recipe: MD5(merchant_id + payment_ref + customer_ref + amount + currency + test + secret)
var hash = (merchantId + paymentRef + customerRef + amount + currency + "test" + secret);
data.Add("hash", hash.ToMD5());
//Init the payment object
payment = new Mondido.Base.Payment(
browser,
data,
OnSuccess,
OnFail
);
//execute the payment
payment.ExecuteHostedPayment();
}
/// <summary>
/// 获取路由数据
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public override RouteData GetRouteData(HttpContextBase httpContext)
{
RouteData data = new RouteData(this, new WebRouteHandler());
string url = httpContext.Request.RawUrl;
// 获取 controller 和 action
string[] paths = url.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
if (paths == null || paths.Length < 2)
{
// 转到默认页
return(null);
}
List <KeyValuePair <string, object> > args = null;
// 获取调用参数
if (httpContext.Request.HttpMethod.ToUpper() == "POST" || url.IndexOf('?') > 0)
{
WebParams wp = new WebParams();
args = new List <KeyValuePair <string, object> >(wp.Count);
foreach (string k in wp.Keys)
{
KeyValuePair <string, object> kv = new KeyValuePair <string, object>(k, wp[k]);
args.Add(kv);
}
}
else if (paths.Length > 2)
{
// 如果参数是以 / 线进行分隔进行传递
int len = paths.Length;
args = new List <KeyValuePair <string, object> >(len);
int index = 1;
for (int i = 2; i < len; i++)
{
KeyValuePair <string, object> kv = new KeyValuePair <string, object>(index.ToString(), paths[i]);
args.Add(kv);
index++;
}
}
// 创建调用路径
data.Values.Add("controller", paths[0]);
data.Values.Add("action", paths[1]);
data.Values.Add("args", args);
return(data);
}
public static string GetRequestID(HttpContext context)
{
if (context.Items.ContainsKey(RequestIDKey))
{
return(context.Items[RequestIDKey].ToString());
}
WebParams webParams = new WebParams(context.Request);
if (webParams.ContainsKey(RequestIDKey))
{
return(webParams[RequestIDKey]);
}
if (context.Request.Headers.ContainsKey(RequestIDKey))
{
return(context.Request.Headers[RequestIDKey].ToString());
}
string requestID = Guid.NewGuid().ToString("N");
context.Items.Add(RequestIDKey, requestID);
return(requestID);
}
public Task CreateValueProviderAsync(ValueProviderFactoryContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
var request = context.ActionContext.HttpContext.Request;
WebParams webParams = new WebParams(request);
string encryptKey = "__encryptdata";
string encryptData = request.Query.ContainsKey(encryptKey) ? request.Query[encryptKey].ToString() : string.Empty;
if (encryptData.IsNullOrEmpty() && request.HasFormContentType)
{
encryptData = request.Form[encryptKey];
}
bool isEncryptDatas = webParams.ContainsKey(encryptKey);
bool isDecryptSucceed = false;
Exception decryptException = null;
IDictionary <string, string> dicDecryptDatas = new Dictionary <string, string>();
if (encryptData.IsNotNullOrEmpty())
{
try
{
//生成密钥
//string rsaKey = RSAEncrypt.GenerateKey();
string rsaKey = IFConfigReader.RSAPrivateKey;
//通过密钥创建对象
RSAEncrypt privateRSA = new RSAEncrypt(rsaKey);
//解密
string decryptData = privateRSA.Decrypt(encryptData);
//导出公钥
//string publicKey = privateRSA.ExportParameters(false);
//通过公钥加密
//RSAEncrypt publicRSA = new RSAEncrypt(publicKey);
foreach (var item in decryptData.Split('&'))
{
string[] values = item.Split('=');
dicDecryptDatas.Add(values[0], values[1]);
}
isDecryptSucceed = true;
}
catch (Exception ex)
{
decryptException = ex;
isDecryptSucceed = false;
}
if (dicDecryptDatas.Count() > 0)
{
AddResultsToHttpContext(context, isEncryptDatas, isDecryptSucceed, decryptException, dicDecryptDatas);
return(AddValueProviderAsync(context, dicDecryptDatas));
}
}
AddResultsToHttpContext(context, isEncryptDatas, isDecryptSucceed, decryptException, dicDecryptDatas);
return(TaskCache.CompletedTask);
}
public IActionResult func_reg(RegModel regModel)
{
string acct = regModel.email;
string pass = regModel.pass ?? string.Empty;
string encrypt = regModel.encrypt ?? string.Empty;
bool passisencrypt = regModel.encrypt == "True" || regModel.encrypt == "true";
string tname = regModel.tname ?? string.Empty;
string mobile = regModel.mobile ?? string.Empty;
string idcard = regModel.idcard ?? string.Empty;
string gatesrc = regModel.gatesrc ?? "urs";
string pstype = regModel.pstype ?? "game";
int qq = regModel.qq;
string ipstr = regModel.ip ?? string.Empty;
string regip = ipstr;
bool hasip = !string.IsNullOrWhiteSpace(ipstr) && ipstr.Length > 7;
int ip = ip2long(ipstr);
string ipkey = string.Format("check-reg-ip-{0}", ip);
object obj = UrsHelper.Cache_GetObj(ipkey);
List <DateTime> li_ipreglist = new List <DateTime>();
if (obj != null && obj is List <DateTime> )
{
li_ipreglist = (List <DateTime>)obj;
int regcount = 0;
for (int i = li_ipreglist.Count - 1; i >= 0; i--)
{
DateTime d = li_ipreglist[i];
if (Math.Abs((DateTime.Now - d).TotalSeconds) > 900)
{
li_ipreglist.RemoveAt(i);
}
else
{
regcount++;
}
}
if (regcount >= 101)//放得较宽,以防如3G网之类的可能有问题
{
this.FuncResult(new APIReturn(10320, "注册频繁"));
}
}
string vcode = regModel.vcode;
if (regModel.ismodenopass)
{
pass = "******";
passisencrypt = true;
}
string passmd5 = passisencrypt ? pass : UrsHelper.MD5(pass);
if (passmd5 == "0ab7dea79b1de3d0816f8b5cbbb36367")
{
//Operator.CHT_ExtData["ismodenopass"] = true;
regModel.ismodenopass = true;
}
WebParams webParans = new WebParams(this.Request);
var dicValues = webParans.Where(e => e.Key.StartsWith("extarg_")).ToDictionary(e => e.Key, e => e.Value);
Hashtable cht_args = new Hashtable(dicValues);
if (qq <= 0)
{
qq = 0;
}
string friendname = UrsHelper.Lib_Friend_GetName(acct);
if (friendname.Length > 0)
{
this.FuncResult(new APIReturn(10350, string.Format("{0}帐号不能在这里进行注册操作", friendname)));
}
string[] acctspt = acct.Split('@');
string domain = acctspt[1].ToLower();
if (domain.EndsWith("2980.com") && domain != "2980.com" ||
domain == "2925.com" ||
acct.ToLower().IndexOf("@henhaoji.com") != -1 ||
acct.ToLower().IndexOf("@duoyi.com") != -1)
{
this.FuncResult(new APIReturn(10355, "该类邮箱不支持注册,请选用其他邮箱"));
}
if (friendname != string.Empty)
{
this.FuncResult(new APIReturn(10326, string.Format("{0}帐号无需注册,可直接登录", friendname)));
}
if (!isemail(acct))
{
this.FuncResult(new APIReturn(10302, "帐号格式错误"));
}
if (!isvpass(pass, passisencrypt))
{
this.FuncResult(new APIReturn(10305, "密码格式错误"));
}
if (!string.IsNullOrWhiteSpace(idcard) && idcard.Length > 0 && !isidcard(idcard))
{
this.FuncResult(new APIReturn(10711, "身份证格式错误"));
}
if (!string.IsNullOrWhiteSpace(tname) && tname.Length > 0 && !isvname(tname))
{
this.FuncResult(new APIReturn(10720, "姓名格式错误"));
}
if (!string.IsNullOrWhiteSpace(mobile) && mobile.Length >= 1 && !IsMobile(mobile))
{
this.FuncResult(new APIReturn(10701, "手机号格式错误"));
}
if (regModel.qq.ToString().Length >= 5 && (qq <= 0))
{
this.FuncResult(new APIReturn(10730, "QQ号格式错误"));
}
if (passisencrypt)
{
if (pass.Length != 32)
{
this.FuncResult(new APIReturn(10000, $"参数错误pass={pass}"));
}
pass = UrsHelper.MD5(pass.Substring(7, 16)).Substring(3, 16);
}
return(func_exec_reg(regModel, false, ip, acct, pass, passisencrypt, tname, idcard, mobile, qq, gatesrc, pstype, cht_args.ToJson(), regip));
}
public IActionResult dk_proxy()
{
WebParams ciac = new WebParams(Request);
string runtest = ciac["runtest"];
string account = ciac["hd_account"];
string gate = ciac["hd_product"];
string gatetarget = ciac["gatetarget"];
int way = ciac["hd_way"].ToInt();
int port = ciac["hd_port"].ToInt();
string money = ciac["hd_money"];
int amount = ciac["hd_amount"].ToInt();
string ctype = ciac["hd_buy_type"];
int server = ciac["server"].ToInt();
int userid = ciac["userid"].ToInt();
int reason = ciac["reason"].ToInt();
string gateid = ciac["hd_gateid"];
object[] args = new object[] { account, gate, way, port, money, ctype, server, userid, amount, reason, gatetarget };
string s = string.Format("account={0}&gate={1}&way={2}&port={3}&money={4}&ctype={5}&server={6}&userid={7}&amount={8}&reason={9}&gatetarget={10}", args);
string df_token = ciac["df_token"];
if (df_token.Length == 32)
{
string rolename = ciac["df_rname"];
string ursnumber = ciac["df_ursnumber"];
int payuser = ciac["df_payuser"].ToInt();
int showid = ciac["showid"].ToInt();
object[] objArray2 = new object[] { s, df_token, ursnumber, rolename, payuser, showid };
s = string.Format("{0}&df_token={1}&df_ursnumber={2}&df_rname={3}&df_payuser={4}&showid={5}", objArray2);
}
string urlbase64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(s));
string url = "http://pay.duoyi.com/";
switch (way)
{
case (int)EWAY.神州付:
url = string.Format("http://{1}/sales/ecard/szf/szfs2.aspx?args={0}", urlbase64, DKDomain);
break;
case (int)EWAY.支付宝:
url = string.Format("http://{1}/sales/ecard/alipay/alipays2.aspx?args={0}", urlbase64, DKDomain);
break;
case (int)EWAY.微信:
url = string.Format("http://{1}/sales/ecard/wxpayms/wxpays2.aspx?args={0}", urlbase64, DKDomain);
break;
}
if ((way == (int)EWAY.微信) && (runtest == "true"))
{
url = string.Format("http://{1}/sales/ecard/wxpayms/wxpays2.aspx?args={0}", urlbase64, "runtest.dk.duoyi.com");
}
if (way == (int)EWAY.银联)
{
url = string.Format("http://{2}/sales/ecard/cnpay/cnp_s2.aspx?gateid={1}&args={0}", urlbase64, gateid, DKDomain);
}
if (way == (int)EWAY.JCard)
{
url = string.Format("http://{1}/sales/ecard/jcard/jcard_s2.aspx?args={0}", urlbase64, DKDomain);
}
return(FuncResult(new APIReturn(0, url)));
}
public override void OnActionExecuting(ActionExecutingContext context)
{
ip = context.HttpContext.Request.Host.Host;
//将当前日志组件传递到其他中间件
this.HttpContext.Items.Add("__requestLogger", Logger);
HttpRequest request = context.HttpContext.Request;
WebParams webParams = new WebParams(request);
string path = request.Path.Value.ToLower();
if (!path.Contains("/test/") && !WhitelistActions.Contains(path))
{
#region 签名验证
if (context.Result == null)
{
string signKey = IFConfigReader.SignKey;
NameValueCollection param = new NameValueCollection();
foreach (var webParam in webParams)
{
param.Add(webParam.Key, webParam.Value.ToString());
}
string uriString = $"{request.Scheme}://{request.Host}{request.Path}";
Uri uri = new Uri(uriString);
if (!UrlValidator.ValidatorSign(uri, param, signKey))
{
APIReturn apiResult = new APIReturn(-93, "签名验证失败");
context.Result = this.FuncResult(apiResult);
}
}
#endregion
#region 时间戳验证
string stampKey = "timestamp";
if (context.Result == null && webParams.ContainsKey(stampKey))
{
long timeStamp = webParams[stampKey].ToLong();
DateTime urlTime = DateTimeHelper.StampToDateTime(timeStamp);
if (urlTime.AddMinutes(3) < DateTime.Now)
{
APIReturn apiResult = new APIReturn(-92, "URL已失效");
context.Result = this.FuncResult(apiResult);
}
}
#endregion
#region 加密验证
/* 暂不启用加密验证
*
* if (context.Result == null)
* {
* if (!this.ReqData.IsEncryptDatas || !this.ReqData.IsDecryptSucceed)
* {
* APIReturn apiResult = new APIReturn(-91, "解密参数失败" + (this.ReqData.DecryptException != null ? $"({this.ReqData.DecryptException.Message})" : string.Empty));
* context.Result = this.FuncResult(apiResult);
* }
* }
*
*/
#endregion
}
}
/// <summary>
/// Fail callback
/// </summary>
/// <param name="p">List of paramas comping from the URL</param>
void OnFail(WebParams p)
{
DisplayAlert("Failed", "Payment is failed!", "Ok");
payment.ExecuteHostedPayment(); //try again
}
/// <summary>
/// Success callback.
/// </summary>
/// <param name="p">List of paramas comping from the URL</param>
void OnSuccess(WebParams p)
{
browser.IsVisible = false;
DisplayAlert("Success", "Payment is done!", "Thanks");
//continue with your business here
}
