/// <summary>
/// 验证appId是否被允许
/// </summary>
/// <param name="appId"></param>
/// <returns></returns>
private static AllowCacheApp VerifyAppId(string appId)
{
AllowCacheApp allowCacheApp = new AllowCacheApp();
if (string.IsNullOrEmpty(appId))
{
return(allowCacheApp);
}
YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper();
List <AllowCacheApp> list = yuebonCacheHelper.Get("AllowAppId").ToJson().ToList <AllowCacheApp>();
if (list.Count > 0)
{
allowCacheApp = list.Where(s => s.AppId == appId).FirstOrDefault();
}
return(allowCacheApp);
}
/// <summary>
/// 全局过滤器验证签名
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
public static CommonResult CheckSign(HttpContext httpContext)
{
CommonResult result = new CommonResult();
//从http请求的头里面获取参数
var request = httpContext.Request;
var appId = ""; //客户端应用唯一标识
string nonce = ""; //随机字符串
var signature = ""; //参数签名,去除空参数,按字母倒序排序进行Md5签名 为了提高传参过程中,防止参数被恶意修改,在请求接口的时候加上sign可以有效防止参数被篡改
long timeStamp; //时间戳, 校验5分钟内有效
try
{
appId = request.Headers["appId"].SingleOrDefault();
nonce = request.Headers["nonce"].SingleOrDefault();
timeStamp = Convert.ToInt64(request.Headers["timeStamp"].SingleOrDefault());
signature = request.Headers["signature"].SingleOrDefault();
}
catch (Exception ex)
{
result.ErrCode = "40004";
result.ErrMsg = "签名参数异常:" + ex.Message;
return(result);
}
//appId是否为可用的
AllowCacheApp allowCacheApp = VerifyAppId(appId);
if (allowCacheApp == null)
{
result.ErrCode = "40004";
result.ErrMsg = "AppId不被允许访问:" + appId;
return(result);
}
//判断timespan是否有效,请求是否超时
DateTime tonow = timeStamp.UnixTimeToDateTime();
var expires_minute = tonow.Minute - DateTime.Now.Minute;
if (expires_minute > 5 || expires_minute < -5)
{
result.ErrCode = "40004";
result.ErrMsg = "接口请求超时";
return(result);
}
//根据请求类型拼接参数
NameValueCollection form = HttpUtility.ParseQueryString(request.QueryString.ToString());
var data = string.Empty;
if (form.Count > 0)
{
data = GetQueryString(form);
}
else
{
//request.EnableBuffering();
request.Body.Seek(0, SeekOrigin.Begin);
Stream stream = request.Body;
StreamReader streamReader = new StreamReader(stream);
data = streamReader.ReadToEndAsync().Result;
request.Body.Seek(0, SeekOrigin.Begin);
}
YuebonCacheHelper yuebonCacheHelper = new YuebonCacheHelper();
object reqtimeStampCache = yuebonCacheHelper.Get("request_" + timeStamp + nonce);
if (reqtimeStampCache != null)
{
result.ErrCode = "40004";
result.ErrMsg = "无效签名";
return(result);
}
TimeSpan expiresSliding = DateTime.Now.AddMinutes(120) - DateTime.Now;
yuebonCacheHelper.Add("request_" + timeStamp + nonce, timeStamp + nonce, expiresSliding);
bool blValidate = Validate(timeStamp.ToString(), nonce, allowCacheApp.AppSecret, data, signature);
if (!blValidate)
{
result.ErrCode = "40004";
result.ErrMsg = "无效签名";
return(result);
}
else
{
result.ErrCode = "0";
result.Success = true;
return(result);
}
}
