private static readonly bool Enable = false; // bool.Parse(System.Configuration.ConfigurationManager.AppSettings["Md5VerificationEnable"]); //private static IAPP_WhiteListDomainService WhiteListDomainService => IoC.Resolve<IAPP_WhiteListDomainService>(); //private static IAPP_SysLogDomainService app_SysLogDomainService => IoC.Resolve<IAPP_SysLogDomainService>(); //public class Singleton //{ // private static T_SYS_InvokeLog _Singleton = null; // private static object InvokeLog_Lock = new object(); // public static T_SYS_InvokeLog CreateInstance() // { // if (_Singleton == null) //双if +lock // { // lock (InvokeLog_Lock) // { // if (_Singleton == null) // { // _Singleton = new T_SYS_InvokeLog(); // } // } // } // return _Singleton; // } //} ///// <summary> ///// api身份验证执行 ///// </summary> ///// <param name="context"></param> //public override void OnActionExecuting(ActionExecutingContext context) //{ // //秘钥校验 // var heads = context.HttpContext.Request.Headers; // string sign = ""; // foreach (var item in heads) // { // switch (item.Key.ToUpper()) // { // case "SIGN": // sign = item.Value; // break; // default: // break; // } // } // //string path = new ConfigurationHelper().config["RedisPath"]; // ApiAuthorize apiAuth = new ConfigurationHelper().GetAppSettings<ApiAuthorize>("ApiAuthorize"); // var key = apiAuth.Appid + apiAuth.AppSecret; // string md5str = HttpContextUtils.Md5Encrypt(key).ToUpper(); // _Log4Net.Info(string.Format("api获取的签名参数:{0},加密后{1}------>", key, md5str)); // _Log4Net.Info(string.Format("前端加密sign:{0}", sign)); // if (sign != md5str) // { // _Log4Net.Info(string.Format("sign加密验证失败 前端:{0}api:{1}------>", sign, md5str)); // ReturnError(context, "sign加密验证失败"); // } // base.OnActionExecuting(context); //} /// <summary> /// 校验秘钥签名 /// </summary> /// <param name="context"></param> private void CheckAppSign(ActionExecutingContext context) { //秘钥校验 var heads = context.HttpContext.Request.Headers; string sign = ""; foreach (var item in heads) { switch (item.Key.ToUpper()) { case "SIGN": sign = item.Value; break; default: break; } } //string path = new ConfigurationHelper().config["RedisPath"]; ApiAuthorize apiAuth = new ConfigurationHelper().GetAppSettings <ApiAuthorize>("ApiAuthorize"); var key = apiAuth.Appid + apiAuth.AppSecret; string md5str = HttpContextUtils.Md5Encrypt(key).ToUpper(); _Log4Net.Info(string.Format("api获取的签名参数:{0},加密后{1}------>", key, md5str)); _Log4Net.Info(string.Format("前端加密sign:{0}", sign)); if (sign != md5str) { _Log4Net.Info(string.Format("sign加密验证失败 前端:{0}api:{1}------>", sign, md5str)); ReturnError(context, "sign加密验证失败"); } }
public bool register(AuthClientDetails clientDetails) { // 客户端的名称和回调地址不能为空 if (!string.IsNullOrEmpty(clientDetails.getClientName()) && !string.IsNullOrEmpty(clientDetails.getRedirectUri())) { // 生成24位随机的clientId string clientId = EncryptUtils.getRandomStr1(24); AuthClientDetails savedClientDetails = authClientDetailsMapper.selectByClientId(clientId); //生成的clientId必须是唯一的 for (int i = 0; i < 10; i++) { if (savedClientDetails == null) { break; } else { clientId = EncryptUtils.getRandomStr1(24); savedClientDetails = authClientDetailsMapper.selectByClientId(clientId); } } // 生成32位随机的clientSecret string clientSecret = EncryptUtils.getRandomStr1(32); DateTime current = new DateTime(); HttpSessionState session = HttpContextUtils.getSession(); User user = (User)session[Constants.SESSION_USER]; // continuing... } }
public string AjaxGetEncryptStr([FromBody] AjaxAppParam ajaxApp) { string result = ""; string ajaxAppId = ajaxApp.ajaxAppId; try { string appId = apiAuthorize.Appid; string appSecret = apiAuthorize.AppSecret; if (ajaxAppId.ToUpper() == appId.ToUpper()) { var key = appId + appSecret; string md5str = HttpContextUtils.Md5Encrypt(key).ToUpper(); _Log4Net.Info(string.Format("api获取的签名参数:{0},加密后{1}------>", key, md5str)); result = md5str; } else { result = "appid不合法"; _Log4Net.Info("appid不合法"); } } catch (Exception ex) { //用log4net记录日志 _Log4Net.Error("AjaxGetEncryptStr", ex); result = "校验没通过"; } return(result); }
public HttpInfo() { Url = HttpContextUtils.GetCurrentUrl(); UrlHash = getUrlHash(); HttpContextCurrentId = HttpContextUtils.GetHttpContextCurrentId(); IsStaticFile = HttpContextUtils.IsStaticFile(); }
/// <summary> /// 白名单验证 /// </summary> /// <param name="context"></param> private void VerifyWhiteList(ActionExecutingContext context) { var whiteList = WhiteListDomainService.GetSysWhiteListAll(); var ipAddress = HttpContextUtils.GetClientIP(context.HttpContext); if (whiteList.All(p => p.Ip != ipAddress)) { LogInfo("VerifyWhiteList:", ipAddress + "访问IP不在白名单中"); ReturnError(context, ipAddress + "访问IP不在白名单中"); } }
private static bool isTempFile(string path) { if (string.IsNullOrWhiteSpace(path)) { return(false); } var aspnetTemporaryFilesFolder = HttpContextUtils.GetAspnetTemporaryFilesFolder(); return(!string.IsNullOrWhiteSpace(aspnetTemporaryFilesFolder) && path.StartsWith(aspnetTemporaryFilesFolder, StringComparison.OrdinalIgnoreCase)); }
public int Run(string[] args) { new WebHostBuilder() .UseKestrel() .UseUrls(DependencyContainer.Resolve <IApplicationConfiguration>()?.Urls ?? new string[] { "http://localhost:5000" }) .ConfigureServices(x => x.AddSingleton <IHttpContextAccessor, HttpContextAccessor>()) .Configure(x => { HttpContextUtils.Configure(x.ApplicationServices.GetRequiredService <IHttpContextAccessor>()); x.UseMiddleware <AspNetCoreAppInstance>(); }) .Build() .Run(); return(0); }
/// <summary> /// 头部参数和sign加密验证 /// </summary> /// <param name="context"></param> private void VerifyHeaderParametersAndSign(ActionExecutingContext context) { var heads = context.HttpContext.Request.Headers; string appId = "", transactionId = "", token = "", timestamp = "", sign = "", version = ""; foreach (var item in heads) { switch (item.Key.ToUpper()) { case "APPID": appId = item.Value; break; case "TRANSACTIONID": transactionId = item.Value; break; case "TOKEN": token = item.Value; break; case "TIMESTAMP": timestamp = item.Value; break; case "SIGN": sign = item.Value; break; case "VERSION": version = item.Value; break; default: break; } } if (string.IsNullOrEmpty(appId)) { ReturnError(context, "APPID不能为空"); } if (string.IsNullOrEmpty(token)) { ReturnError(context, "TOKEN不能为空"); } if (string.IsNullOrEmpty(sign)) { ReturnError(context, "SIGN不能为空"); } if (string.IsNullOrEmpty(version)) { ReturnError(context, "VERSION不能为空"); } if (string.IsNullOrEmpty(transactionId)) { ReturnError(context, "TransactionID不能为空"); } else { try { if (transactionId.Length != 21) { ReturnError(context, "TransactionID为21位数字"); } string datePart = transactionId.Substring(0, 17); IFormatProvider ifp = new CultureInfo("zh-CN", true); DateTime time; bool isDate = DateTime.TryParseExact(datePart, "yyyyMMddHHmmssfff", ifp, DateTimeStyles.None, out time); if (!isDate) { ReturnError(context, "TransactionID必须包含时间部分"); } string serialNo = transactionId.Substring(17); int number; bool isNumber = int.TryParse(serialNo, out number); if (!isNumber) { ReturnError(context, "TransactionID后4位必须为随机数字"); } } catch (Exception) { ReturnError(context, "TransactionID校验异常"); } } if (string.IsNullOrEmpty(timestamp)) { ReturnError(context, "Timestamp不能为空"); } else { try { if (timestamp.Length != 14) { ReturnError(context, "Timestamp为14位数字"); } IFormatProvider ifp = new CultureInfo("zh-CN", true); DateTime time; bool isSuccess = DateTime.TryParseExact(timestamp, "yyyyMMddHHmmss", ifp, DateTimeStyles.None, out time); if (!isSuccess) { ReturnError(context, "Timestamp必须为有效时间"); } } catch (Exception) { ReturnError(context, "Timestamp校验异常"); } } //验证Token string secrectKey = ""; string parameter = string.Format("appId:{0}token:{1}timestamp:{2}sign:{3}", appId, token, timestamp, sign); var resultInfo = TokenVerify(token); var convertResultInfo = JsonConvert.DeserializeObject <dynamic>(resultInfo); if ((string)convertResultInfo.Code == "0") { //secrectKey = convertResultInfo.resultinfo.secrect_key; secrectKey = convertResultInfo.Data.secrect_key; } if (string.IsNullOrEmpty(secrectKey)) { _Log4Net.Info(string.Format("token验证失败:{0}", parameter)); ReturnError(context, "token验证失败"); } var key = appId + timestamp + secrectKey; string md5str = HttpContextUtils.Md5Encrypt(key).ToUpper(); _Log4Net.Info(string.Format("api获取的签名参数:{0},加密后{1}------>", key, md5str)); _Log4Net.Info(string.Format("前端加密sign:{0}", sign)); if (sign != md5str) { _Log4Net.Info(string.Format("sign加密验证失败 前端:{0}api:{1}------>", sign, md5str)); ReturnError(context, "sign加密验证失败"); } }
public BaseResponse GetSsoUserInfo(UserInfoRequest request) { try { var loginId = request.LoginId; if (!string.IsNullOrWhiteSpace(request.LoginId)) { var md5Data = HttpContextUtils.Md5Encrypt($"{loginId}-{ConfigVal.RelyingName}-{ConfigVal.Signing}"); var jsonData = JsonConvert.SerializeObject(new { LoginId = loginId, ConfigVal.RelyingName, Sign = md5Data.ToUpper() }); var result = HttpUtils.PostHttps(ConfigVal.TokenUrl + "/AccountToken/Token", jsonData); #region 获取用户信息 _Log4Net.InfoFormat("Sso获取信息result:{0};AESKey: {1};AESIv: {2}", result, ConfigVal.AESKey, ConfigVal.AESIv); string ssoUserInfoJson = AESEncryption.DecryptString(result, ConfigVal.AESKey, ConfigVal.AESIv); if (ssoUserInfoJson.Contains("LoginId")) { _Log4Net.InfoFormat("Sso获取信息解密后数据:{0}", ssoUserInfoJson); var ssoUserInfo = JsonConvert.DeserializeObject <SsoUserInfo>(ssoUserInfoJson); var userInfoResponse = new UserInfoResponse { UserGuid = ssoUserInfo.UserDictionary.OnlyUserGuid, Name = ssoUserInfo.UserDictionary.OnlyDisplayName, Sex = ssoUserInfo.UserDictionary.OnlySex, LevelOneOrgName = ssoUserInfo.UserDictionary.OnlyLevelOneUserOrgName, OrganizationId = ssoUserInfo.UserDictionary.OnlyOrganizationId, Organization = ssoUserInfo.UserDictionary.OnlyOrganization, phone = ssoUserInfo.UserDictionary.OnlyMobile, Email = ssoUserInfo.UserDictionary.OnlyPersonalEmail, }; #endregion #region 获取 api access_token var tokenJsonData = JsonConvert.SerializeObject(new { client_id = ConfigVal.Appid, secret = ConfigVal.Secret, grant_type = ConfigVal.GrantType, scope = ConfigVal.Scope, refresh_token = "" }); var gwResult = HttpUtils.PostHttps(ConfigVal.GwUrl + "api/OAuth2Token/token", tokenJsonData); var gwResponse = JsonConvert.DeserializeObject <GatewayResponse>(gwResult); if (gwResponse.resultinfo != null) { userInfoResponse.AccessToken = gwResponse.resultinfo.access_token; userInfoResponse.Secrectkey = gwResponse.resultinfo.secrect_key; } else { return(ApiFailResult("获取token失败,请重新登录")); } #endregion #region 获取用户权限点 if (userInfoResponse != null) { userInfoResponse.PermissionPoints = permissionDomainService.GetByUserId(userInfoResponse.UserGuid).Select(p => p.PermissionsAttributes).ToList(); } #endregion return(ApiSuccessResult(userInfoResponse)); } else { return(ApiFailResult("登录超时,请重新登录")); } } else { return(ApiFailResult("登录超时,请重新登录")); } } catch (Exception ex) { _Log4Net.ErrorFormat("GetSsoUserInfo异常:{0}", ex.Message); return(ApiErrorResult(ex.Message)); } }