public override void OnActionExecuting(ActionExecutingContext context) { var descriptor = (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor; var attributeController = (IgnoreSignAttribute)descriptor.ControllerTypeInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).FirstOrDefault(); if (attributeController != null) { goto gotoNext; } var attribute = (IgnoreSignAttribute)descriptor.MethodInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).FirstOrDefault(); if (attribute != null) { goto gotoNext; } if (!GetSignValue(context.HttpContext.Request)) { SignCommon.BuildErrorJson(context); return; } else { goto gotoNext; } gotoNext: base.OnActionExecuting(context); }
public IActionResult CreateSign() { var query = HttpUtility.ParseQueryString(string.Empty); query["appid"] = "sadfsdf"; //必传 应用id var sign = SignCommon.CreateSign("sadfsdf", query: query, body: new { a = 1, b = "1" }); query.Add("sign", sign); return(Ok(sign)); }
public IActionResult CreateSign() { Dictionary <string, string> queryDic = new Dictionary <string, string>(); queryDic.Add("appid", "111"); queryDic.Add("c", "1"); queryDic.Add("d", "1"); var sign = SignCommon.CreateSign("sadfsdf", queryDic: queryDic, body: new { a = 1, b = "1" }); queryDic.Add("sign", sign); return(Ok(sign)); }
public IActionResult ValidSign() { var query = HttpUtility.ParseQueryString(string.Empty); query["serverid"] = "1"; var sign = SignCommon.CreateSign("secret", query: query, body: new { a = 1, b = "1" }); query.Add("sign", sign); return(Ok(new ResponseResult { Result = sign })); }
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { IServiceProvider serviceProvider = context.HttpContext.RequestServices; var _logger = serviceProvider.GetRequiredService <ILogger <VerifySignAttribute> >(); var _configuration = serviceProvider.GetRequiredService <IConfiguration>(); var _verifySignCommon = serviceProvider.GetService <IOperationFilter>(); var _verifySignOption = serviceProvider.GetService <VerifySignOption>(); if (!_verifySignOption?.Enabled ?? true) { goto gotoNext; } var descriptor = (Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor)context.ActionDescriptor; var attributeController = (IgnoreSignAttribute)descriptor.ControllerTypeInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).FirstOrDefault(); if (attributeController != null) { goto gotoNext; } var attribute = (IgnoreSignAttribute)descriptor.MethodInfo.GetCustomAttributes(typeof(IgnoreSignAttribute), true).FirstOrDefault(); if (attribute != null) { goto gotoNext; } var result = await GetSignValue(context.HttpContext, _logger, _verifySignOption, _verifySignCommon); if (_verifySignOption.IsForce && !result.Item1) { SignCommon.BuildErrorJson(context); await Task.CompletedTask; return; } else { goto gotoNext; } gotoNext: await next(); }
private async Task <Tuple <bool, string> > GetSignValue(HttpContext request, ILogger <VerifySignAttribute> _logger, VerifySignOption _verifySignOption, IOperationFilter _verifySignCommon) { try { var convertedDictionatry = request.Request.Query.ToDictionary(s => s.Key, s => s.Value); var queryDic = new Dictionary <string, string>(); foreach (var item in convertedDictionatry) { queryDic.Add(item.Key.ToLower(), item.Value); } var encryptEnum = EncryptEnum.Default; var commonParameters = _verifySignOption.CommonParameters; if (!queryDic.ContainsKey(commonParameters.TimestampName) || !queryDic.ContainsKey(commonParameters.AppIdName) || !queryDic.ContainsKey(commonParameters.SignName)) { _logger.LogWarning("url参数中未找到签名所需参数[timestamp];[appid];[EncryptFlag]或[sign]"); return(Tuple.Create <bool, string>(false, "签名参数缺失")); } if (queryDic.ContainsKey(commonParameters.EncryptFlag) && int.TryParse(queryDic[commonParameters.EncryptFlag].ToString(), out int encryptint)) { encryptEnum = (EncryptEnum)encryptint; } var timestampStr = queryDic[commonParameters.TimestampName]; if (!long.TryParse(timestampStr, out long timestamp) || !CheckTime(timestamp, _verifySignOption)) { _logger.LogWarning($"{timestampStr}时间戳已过期"); return(Tuple.Create <bool, string>(false, "请校准客户端时间后再试")); } var appIdString = queryDic[commonParameters.AppIdName].ToString(); if (string.IsNullOrEmpty(appIdString)) { _logger.LogWarning(@"The request parameter is missing the Ak/Sk appID parameter VerifySign:{ AppSecret:{ [AppId]:[Secret] }}"); return(Tuple.Create <bool, string>(false, "服务异常,AppIdName未配置")); } var signvalue = queryDic[commonParameters.SignName].ToString(); queryDic.Remove(commonParameters.SignName); var bodyValue = await SignCommon.ReadAsStringAsync(request); if (!string.IsNullOrEmpty(bodyValue) && !"null".Equals(bodyValue)) { bodyValue = Regex.Replace(bodyValue, @"\s(?=([^""]*""[^""]*"")*[^""]*$)", string.Empty); bodyValue = bodyValue.Replace("\r\n", "").Replace(" : ", ":").Replace("\n ", "").Replace("\n", "").Replace(": ", ":").Replace(", ", ","); queryDic.Add("body", bodyValue); } var dicOrder = queryDic.OrderBy(s => s.Key, StringComparer.Ordinal).ToList(); StringBuilder requestStr = new StringBuilder(); for (int i = 0; i < dicOrder.Count(); i++) { if (i == dicOrder.Count() - 1) { requestStr.Append($"{dicOrder[i].Key}={dicOrder[i].Value}"); } else { requestStr.Append($"{dicOrder[i].Key}={dicOrder[i].Value}&"); } } var utf8Request = SignCommon.GetUtf8(requestStr.ToString()); var result = _verifySignCommon.GetSignhHash(utf8Request, _verifySignCommon.GetSignSecret(appIdString), encryptEnum); if (_verifySignOption.IsDebug) { _logger.LogInformation($"请求接口地址:{request.Request.Path}"); _logger.LogInformation($"拼装排序后的值{Convert.ToBase64String(Encoding.Default.GetBytes(utf8Request))}"); _logger.LogInformation($"摘要比对: {result}----{signvalue }"); } else if (signvalue != result) { _logger.LogWarning(@$ "摘要被篡改:[iphide]----{signvalue } 查看详情,请设置VerifySignOption节点的IsDebug为true"); } if (signvalue == result) { return(Tuple.Create <bool, string>(true, "签名通过")); } return(Tuple.Create <bool, string>(false, "签名异常,请求非法")); } catch (Exception ex) { _logger.LogError(ex, "签名异常"); return(Tuple.Create <bool, string>(false, "签名异常")); } }
private bool GetSignValue(HttpRequest request) { try { var queryDic = request.Query.ToDictionary(s => s.Key, s => s.Value); var commonParameters = _verifySignOption.CommonParameters; if (!queryDic.ContainsKey(commonParameters.TimestampName) || !queryDic.ContainsKey(commonParameters.AppIdName) || !queryDic.ContainsKey(commonParameters.SignName)) { _logger.LogError("url参数中未找到签名所需参数[timestamp];[appid]或[sign]"); return(false); } var timestampStr = queryDic[commonParameters.TimestampName]; if (!long.TryParse(timestampStr, out long timestamp) || !CheckTime(timestamp)) { _logger.LogError($"{timestampStr}时间戳已过期"); return(false); } var appIdString = queryDic[commonParameters.AppIdName].ToString(); if (string.IsNullOrEmpty(appIdString)) { _logger.LogError(@"The request parameter is missing the Ak/Sk appID parameter VerifySign:{ AppSecret:{ [AppId]:[Secret] }}"); return(false); } var signvalue = queryDic[commonParameters.SignName].ToString(); queryDic.Remove(commonParameters.SignName); var bodyValue = SignCommon.ReadAsString(request); if (!string.IsNullOrEmpty(bodyValue) && !"null".Equals(bodyValue)) { var dict = JsonSerializer.Deserialize <Dictionary <string, string> >(bodyValue); foreach (var item in dict) { queryDic.Add(item.Key, item.Value); if (_verifySignOption.IsDebug) { _logger.LogInformation($"字段:{item.Key}--值:{item.Value}"); } } } var dicOrder = queryDic.OrderBy(s => s.Key, StringComparer.Ordinal).ToList(); StringBuilder requestStr = new StringBuilder(); for (int i = 0; i < dicOrder.Count(); i++) { if (i == dicOrder.Count() - 1) { requestStr.Append($"{dicOrder[i].Key}={dicOrder[i].Value}"); } else { requestStr.Append($"{dicOrder[i].Key}={dicOrder[i].Value}&"); } } var utf8Request = SignCommon.GetUtf8(requestStr.ToString()); var result = _verifySignCommon.GetSignhHash(utf8Request, _verifySignCommon.GetSignSecret(appIdString)); if (_verifySignOption.IsDebug) { _logger.LogInformation($"拼装排序后的值{request.Path}"); _logger.LogInformation($"拼装排序后的值{requestStr}"); _logger.LogInformation($"摘要计算后的值:{result}"); _logger.LogInformation($"摘要比对: {result}----{signvalue }"); } else if (signvalue != result) { _logger.LogWarning(@$ "摘要被篡改:[iphide]----{signvalue } 查看详情,请设置VerifySignOption节点的IsDebug为true"); } return(signvalue == result); } catch (Exception ex) { _logger.LogError(ex, "签名异常"); return(false); } }