/// <summary> /// http get invoke /// </summary> /// <param name="context"></param> /// <returns></returns> private async Task GetInvoke(HttpContext context) { var useHeader = context.Request.Headers.ContainsKey("Authorization"); if (useHeader) { } var pairs = context.Request.Query; if (pairs.ContainsKeys("timestamp nonce signature secret".Split(' '))) { if (pairs.ContainsKey("appid")) { var requestInfo = new ReqAppInfo { timestamp = pairs["timestamp"].ToString(), nonce = pairs["nonce"].ToString(), sinature = pairs["signature"].ToString(), appid = pairs["appid"].ToString(), secret = pairs["secret"].ToString(), }; await CheckApp(context, requestInfo); } else if (pairs.ContainsKey("userid")) { var requestInfo = new ReqUserInfo { timestamp = pairs["timestamp"].ToString(), nonce = pairs["nonce"].ToString(), sinature = pairs["signature"].ToString(), userid = pairs["userid"].ToString(), secret = pairs["secret"].ToString(), }; await CheckUser(context, requestInfo); } else { await ReturnNoAuthorized(context); } } else { await ReturnNoAuthorized(context); } }
/// <summary> /// the main check method - Sinature_HMACMD5 /// </summary> /// <param name="context"></param> /// <param name="req"></param> /// <returns></returns> private async Task CheckApp(HttpContext context, ReqAppInfo req) { string computeSinature = Req.Sinature_HMACMD5(req.appid, req.timestamp, req.nonce, options.SecretKey); if (computeSinature.Equals(req.sinature) && long.TryParse(req.timestamp, out long tmpTimestamp)) { if (CheckExpiredTime(tmpTimestamp, options.ExpiresIn)) { await ReturnTimeOut(context); } else { await CheckApp(context, req.appid, req.secret); } } else { await ReturnNoAuthorized(context); } }
/// <summary> /// http post invoke /// </summary> /// <param name="context"></param> /// <returns></returns> private async Task PostInvoke(HttpContext context) { var pairs = context.Request.Form; if (context.Request.HasFormContentType && pairs.ContainsKeys("timestamp nonce signature secret".Split(' '))) { if (pairs.ContainsKey("appid")) { var requestInfo = new ReqAppInfo { timestamp = pairs["timestamp"].ToString(), nonce = pairs["nonce"].ToString(), sinature = pairs["signature"].ToString(), appid = pairs["appid"].ToString(), secret = pairs["secret"].ToString(), }; await CheckApp(context, requestInfo); } else if (pairs.ContainsKey("userid")) { var requestInfo = new ReqUserInfo { timestamp = pairs["timestamp"].ToString(), nonce = pairs["nonce"].ToString(), sinature = pairs["signature"].ToString(), userid = pairs["userid"].ToString(), secret = pairs["secret"].ToString(), }; await CheckUser(context, requestInfo); } else { await ReturnNoAuthorized(context); } } else { await ReturnNoAuthorized(context); } }