/// <summary> /// 生成授权token /// </summary> /// <returns>授权token</returns> string BuildAuthToken(string appKey) { string nonce = NonceGenerator.GenerateString(), appSecret = GetAppSecret(appKey); long timestamp = DateTime.Now.ToTimestamp(); // Sh1加密 List <string> list = new List <string>() { nonce, appSecret, timestamp.ToString() }; // 字典排序 list.Sort(); ICryptor cryptor = new Sha1Cryptor(); string signature = cryptor.Encrypt(string.Join(string.Empty, list)); AuthParameterModel auth = new AuthParameterModel { AppKey = appKey, Nonce = nonce, Timestamp = timestamp, Signature = signature }; string authJson = auth.SerializeObject(), token = authJson.ToBase64(); return(token); }
public override void OnAuthorization(HttpActionContext actionContext) { base.OnAuthorization(actionContext); // 判断是否存在AllowAnonymousAttribute 特性 IList <AllowAnonymousAttribute> attributes = actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>(); if (attributes != null && attributes.Count > 0) { return; } // 开始验证授权 if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = CreateUnauthorizedMessage("缺失授权请求头"); return; } string scheme = actionContext.Request.Headers.Authorization.Scheme, parameter = actionContext.Request.Headers.Authorization.Parameter; // base64编码 if (!string.Equals(scheme, "Bearer", StringComparison.OrdinalIgnoreCase) || string.IsNullOrWhiteSpace(parameter)) { actionContext.Response = CreateUnauthorizedMessage("授权请求头格式错误!"); return; } AuthParameterModel model; try { // base64 解码 并序列化成对象 model = parameter.DeBase64().DeserializeObject <AuthParameterModel>(); } catch { actionContext.Response = CreateUnauthorizedMessage("授权参数格式错误!"); return; } if (model == null || string.IsNullOrWhiteSpace(model.AppKey) || string.IsNullOrWhiteSpace(model.Nonce) || string.IsNullOrWhiteSpace(model.Signature)) { actionContext.Response = CreateUnauthorizedMessage("缺少授权参数!"); return; } DateTime expires = model.Timestamp.AsDateTime(), beginTime = DateTime.Now.AddMinutes(-10), endTime = DateTime.Now.AddMinutes(10); if (expires < beginTime || expires > endTime) { actionContext.Response = CreateUnauthorizedMessage("授权参数已失效!"); return; } string internalAppSecret = GetAppSecret(model.AppKey); if (string.IsNullOrWhiteSpace(internalAppSecret)) { actionContext.Response = CreateUnauthorizedMessage(string.Format("不存在应用标识AppKey为:{0}的应用", model.AppKey)); return; } // Sh1加密 List <string> list = new List <string>() { internalAppSecret, model.Timestamp.ToString(), model.Nonce }; // 字典排序 list.Sort(); ICryptor cryptor = new Sha1Cryptor(); string internallSignature = cryptor.Encrypt(string.Join(string.Empty, list)); if (!string.Equals(model.Signature, internallSignature, StringComparison.OrdinalIgnoreCase)) { actionContext.Response = CreateUnauthorizedMessage("授权签名不正确"); } }