public static bool CheckOrderSign(dynamic obj, ILogger log)
{
Dictionary <string, string> dict = new Dictionary <string, string>();
dict.Add("userlogin", obj.userlogin + "");
dict.Add("detailurl", obj.detailurl + "");
dict.Add("cardtype", obj.cardtype + "");
dict.Add("payway", obj.payway + "");
dict.Add("prodname", obj.prodname + "");
dict.Add("notifyurl", obj.notifyurl + "");
dict.Add("mobile", obj.mobile + "");
dict.Add("account", obj.account + "");
dict.Add("productid", obj.productid + "");
dict.Add("money", obj.money + "");
dict.Add("price", obj.price + "");
dict.Add("couponprice", obj.couponprice + "");
dict.Add("couponid", obj.couponid + "");
dict.Add("couponch", obj.couponch + "");
dict.Add("ordertime", obj.ordertime + "");
dict.Add("userip", obj.userip + "");
string origin_str = CreateSignStr(dict);
if (!SecurityCore.VerifyFromBase64(origin_str, pub_key, obj.sign, "SHA256withRSA", "utf-8"))
{
log.Info(string.Format("签名失败,签名原串:{0}", origin_str));
return(false);
}
return(true);
}
public void Start()
{
var builder = new ContainerBuilder();
_core = AppCoreBuilder.Create(builder)
.AddModule <NCoreFileStorageModule>()
.AddModule(new NHibernatePostgreModule()
{
AssemblyMapper = Assembly.GetExecutingAssembly(),
ConnectionStringKey = "ncore-test-base",
AfterConfigure = e => {
FileStorageCore.Configure(e);
SecurityCore.Configure(e);
}
})
.AddModule(new NCoreSecurityNHibernateModule())
.Configure(c => {
c.RegisterType <TestService>().As <ITestService>();
c.RegisterType <TestRepository>().As <ITestRepository>();
})
.Build();
var service = _core.Resolve <ITestService>();
service.AddTestRecord();
}
private void DoUploadBiz()
{
long uploadTime = TopUtils.GetCurrentTimeMillis() + FlushInterval;
while (true)
{
try
{
Thread.Sleep(SleepTime);
IDictionary <string, Counter> appUserCounterMap = SecurityCounter.GetUserCounter(topClient.appKey);
if (TopUtils.GetCurrentTimeMillis() >= uploadTime || (appUserCounterMap.Count * 4 > 65536))
{
StringBuilder counterBuilder = new StringBuilder();
IDictionary <string, Counter> cloneAppUserCounter = SecurityCounter.CloneUserCounter(topClient.appKey);
SecurityCounter.CleanUserCounter(topClient.appKey);
int count = 0;
foreach (KeyValuePair <string, Counter> currentPair in cloneAppUserCounter)
{
Counter counter = currentPair.Value;
if (counterBuilder.Length > 0)
{
counterBuilder.Append(";");
}
counterBuilder.Append(currentPair.Key);
GenerateCounter(counterBuilder, counter);
if ((++count) % 100 == 0)
{
DoUpload(counterBuilder.ToString(), AppUserSecretType);
counterBuilder = new StringBuilder();
}
}
if (counterBuilder.Length > 0)
{
DoUpload(counterBuilder.ToString(), AppUserSecretType);
counterBuilder = new StringBuilder();
}
Counter appCounter = SecurityCounter.GetAppCounter(topClient.appKey);
counterBuilder.Append(SecurityCore.GetAppUserSecretCache().Count);
GenerateCounter(counterBuilder, appCounter);
appCounter.Reset();
long uploadInterval = DoUpload(counterBuilder.ToString(), AppSecretType);
uploadTime = TopUtils.GetCurrentTimeMillis() + uploadInterval;
}
}
catch (Exception e)
{
Log.Error(string.Format("flushSecretApiReporter error: {0}", e.Message));
}
}
}
public void ProcessRequest(HttpContext context)
{
try
{
context.Response.ContentType = "text/plain";
logger.Info("------------------Esalse退款开始------------------------");
logger.Info("请求参数:" + context.Request.RawUrl);
string channelNo = context.Request["cid"];
string orderNo = context.Request["oid"];
string orderFace = context.Request["fm"];
string sucFace = context.Request["rm"];
string tsp = context.Request["tsp"];
string signStr = context.Request["sign"];
//校验参数
if (string.IsNullOrEmpty(channelNo) || string.IsNullOrEmpty(orderNo) ||
string.IsNullOrEmpty(orderFace) || string.IsNullOrEmpty(sucFace) ||
string.IsNullOrEmpty(signStr))
{
logger.Info("参数错误:必填参数为空,收到参数【" + context.Request.QueryString + "】");
context.Response.Write("Fail");
return;
}
;
logger.Info("-------------------签名校验开始---------------------------");
string esKey = ApiHelper.Get_es_key(channelNo);
string originStr = string.Format("{0}{1}{2}{3}{4}{5}", channelNo, orderNo, orderFace, sucFace, tsp, esKey);
logger.Info("es_key:" + esKey);
string sign = SecurityCore.ToHex(SecurityCore.MD5(originStr, Encoding.GetEncoding("GBK")), true).ToLower();
if (!sign.Equals(signStr, StringComparison.OrdinalIgnoreCase))
{
logger.Info(string.Format("签名失败,签名原串:{0},签名:{1},源签名:{2}", originStr, sign, signStr));
context.Response.Write("Fail");
return;
}
logger.Info("-------------------保存退款申请开始-------------------------");
bool rst = ApiHelper.Save18RefundApply(orderNo, decimal.Parse(sucFace), logger);
context.Response.Write(rst ? "success" : "Fail");
return;
}
catch (Exception ex)
{
logger.Info("异常:" + ex.Message, ex);
logger.Fatal("异常:" + ex.Message, ex);
context.Response.Write("Fail System Error");
return;
}
}
/// <summary>
/// 18Esalse回调签名校验
/// </summary>
/// <param name="obj">数据对象</param>
/// <param name="key">签名Key</param>
/// <param name="logger"></param>
/// <returns></returns>
public static bool EsalseNotifyCheckSign(dynamic obj, ILogger logger)
{
string es_key = Get_es_key(obj.cid).Trim();
string origin_str = string.Format("{0}{1}{2}{3}{4}{5}{6}{7}{8}", obj.sid, obj.ste, obj.cid, obj.pid, obj.oid, obj.pn, obj.tf, obj.fm, es_key);
logger.Info("es_key:" + es_key);
string sign = SecurityCore.ToHex(SecurityCore.MD5(origin_str, Encoding.GetEncoding("GBK")), true).ToLower();
if (!sign.Equals(obj.sign, StringComparison.OrdinalIgnoreCase))
{
logger.Info(string.Format("签名失败,签名原串:{0},签名:{1},源签名:{2}", origin_str, sign, obj.sign));
return(false);
}
return(true);
}
public static bool CheckRefundSign(dynamic obj, ILogger log)
{
Dictionary <string, string> dict = new Dictionary <string, string>();
dict.Add("detailurl", obj.detailurl + "");
dict.Add("orderid", obj.orderid + "");
dict.Add("mobile", obj.mobile + "");
dict.Add("price", obj.price + "");
string origin_str = CreateSignStr(dict);
if (!SecurityCore.VerifyFromBase64(origin_str, pub_key, obj.sign, "SHA256withRSA", "utf-8"))
{
log.Info(string.Format("签名失败,签名原串:{0}", origin_str));
return(false);
}
return(true);
}
private void InitSecretThread()
{
Thread uploadThread = new Thread(o =>
{
int uploadInterval = FlushInterval;
while (true)
{
try
{
Thread.Sleep(uploadInterval);
IDictionary <string, object> jsonMap = new Dictionary <string, object>();
jsonMap.Add("sessionNum", SecurityCore.GetAppUserSecretCache().Count);
jsonMap.Add("encryptPhoneNum", SecurityCounter.GetEncryptPhoneNum());
jsonMap.Add("encryptNickNum", SecurityCounter.GetEncryptNickNum());
jsonMap.Add("encryptReceiverNameNum", SecurityCounter.GetEncryptReceiverNameNum());
jsonMap.Add("decryptPhoneNum", SecurityCounter.GetDecryptPhoneNum());
jsonMap.Add("decryptNickNum", SecurityCounter.GetDecryptNickNum());
jsonMap.Add("decryptReceiverNameNum", SecurityCounter.GetDecryptReceiverNameNum());
jsonMap.Add("searchPhoneNum", SecurityCounter.GetSearchPhoneNum());
jsonMap.Add("searchNickNum", SecurityCounter.GetSearchNickNum());
jsonMap.Add("searchReceiverNameNum", SecurityCounter.GetSearchReceiverNameNum());
SecurityCounter.Reset();
String contentJson = TopUtils.ObjectToJson(jsonMap);
uploadInterval = DoUpload(contentJson, SecretType);
}
catch (Exception e)
{
Log.Error(string.Format("flushSecretApiReporter error: {0}", e.Message));
}
}
});
uploadThread.IsBackground = true;
uploadThread.Name = "flushSecretApiReporter-thread";
uploadThread.Start();
}
