/// <summary>Creates a message representation as follows:
/// HTTP method\n +
/// Content-MD5\n +
/// Response content type (accept header)\n +
/// Canonicalized URI\n
/// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n
/// Public-Key
/// </summary>
public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp, bool queryStringDecode = false)
{
if (context == null || !context.IsValid)
{
return(null);
}
var url = context.Url;
if (queryStringDecode)
{
var uri = new Uri(url);
if (uri.Query != null && uri.Query.Length > 0)
{
url = string.Concat(uri.GetLeftPart(UriPartial.Path), HttpUtility.UrlDecode(uri.Query));
}
}
var result = string.Join(_delimiterRepresentation,
context.HttpMethod.ToLower(),
contentMd5Hash ?? "",
context.HttpAcceptType.ToLower(),
url.ToLower(),
timestamp,
context.PublicKey.ToLower()
);
return(result);
}
/// <summary>
/// 更新用户信息
/// </summary>
/// <param name="cer"></param>
//public static ResultMsg UpdateCertificate(CertificateDto cer)
//{
// CertificateDto dto = AuthToken.CurrentUser;
// string jsonData = "{sessionKey:'" + dto.sessionKey + "',"
// + "Id:'" + dto.Id + "',"
// + "UserName:'******',"
// + "NickName:'" + cer.NickName + "',"
// + "Phone:'" + cer.Phone + "',"
// + "Email:'" + cer.Email + "',"
// + "QQ:'" + cer.QQ + "',"
// + "Address:'" + cer.Address + "',"
// + "UserPwd:'" + cer.UserPwd + "',"
// + "NewPwd:'" + cer.NewPwd + "',"
// + "Sex:'" + cer.Sex + "'}";
// string result = HttpCrossDomain.Post(getUpdateCertificateUrl, jsonData);
// ResultMsg msg = JsonMapper.ToObject<ResultMsg>(result);
// if (msg.success)
// GetCertificate(dto.sessionKey);
// return msg;
//}
private static string CallTheApi(string url, string content, string publicKey, string secretKey, string httpMethod, Action <ApiConsumer, WebApiConsumerResponse> action = null, bool AcceptJson = true)
{
var context = new WebApiRequestContext()
{
PublicKey = publicKey,
SecretKey = secretKey,
Url = url,
HttpMethod = httpMethod,
HttpAcceptType = (AcceptJson ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType)
};
if (!context.IsValid)
{
return("");
}
var apiConsumer = new ApiConsumer();
var requestContent = new StringBuilder();
var response = new WebApiConsumerResponse();
var sb = new StringBuilder();
var webRequest = apiConsumer.StartRequest(context, content, requestContent);
var requestStr = requestContent.ToString();
bool result = apiConsumer.ProcessResponse(webRequest, response);
var responseStr = "Response: " + response.Status;
sb.Append(response.Headers);
//if (result)
//{
// var customers = apiConsumer.TryParseCustomers(response);
// if (customers != null)
// {
// sb.AppendLine(string.Format("Parsed {0} customer(s):", customers.Count));
// foreach (var customer in customers)
// sb.AppendLine(customer.ToString());
// sb.Append("\r\n");
// }
//}
if (result)
{
if (action != null)
{
action(apiConsumer, response);
}
}
sb.Append(response.Content);
return(response.Content);
}
private static string CallTheApi(string url, string query, string content, string publicKey, string secretKey, string httpMethod, Action <ApiConsumer, WebApiConsumerResponse> action = null, bool AcceptJson = true)
{
//if (!url.EndsWith("/"))
//{
// url = url + "/";
//}
var context = new WebApiRequestContext()
{
PublicKey = publicKey,
SecretKey = secretKey,
Url = url,
HttpMethod = httpMethod,
HttpAcceptType = (AcceptJson ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType)
};
if (!string.IsNullOrWhiteSpace(query))
{
context.Url = string.Format("{0}?{1}", context.Url, query);
}
if (!context.IsValid)
{
return("");
}
var apiConsumer = new ApiConsumer();
var requestContent = new StringBuilder();
var response = new WebApiConsumerResponse();
var sb = new StringBuilder();
var webRequest = apiConsumer.StartRequest(context, content, requestContent);
var requestStr = requestContent.ToString();
bool result = apiConsumer.ProcessResponse(webRequest, response);
var responseStr = "Response: " + response.Status;
sb.Append(response.Headers);
if (result)
{
if (action != null)
{
action(apiConsumer, response);
}
}
sb.Append(response.Content);
return(response.Content);
}
/// <summary>Creates a message representation as follows:
/// HTTP method\n +
/// Content-MD5\n +
/// Response content type (accept header)\n +
/// Canonicalized URI\n
/// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n
/// Public-Key
/// </summary>
public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp)
{
if (context == null || !context.IsValid)
return null;
string result = string.Join(_delimiterRepresentation,
context.HttpMethod.ToLower(),
contentMd5Hash ?? "",
context.HttpAcceptType.ToLower(),
context.Url.ToLower(),
timestamp,
context.PublicKey.ToLower()
);
return result;
}
/// <summary>Creates a message representation as follows:
/// HTTP method\n +
/// Content-MD5\n +
/// Response content type (accept header)\n +
/// Canonicalized URI\n
/// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n
/// Public-Key
/// </summary>
public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp)
{
if (context == null || !context.IsValid)
{
return(null);
}
string result = string.Join(_delimiterRepresentation,
context.HttpMethod.ToLower(),
contentMd5Hash ?? "",
context.HttpAcceptType.ToLower(),
context.Url.ToLower(),
timestamp,
context.PublicKey.ToLower()
);
return(result);
}
private void CallTheApi()
{
if (txtUrl.Text.HasValue() && !txtUrl.Text.EndsWith("/"))
{
txtUrl.Text = txtUrl.Text + "/";
}
if (cboPath.Text.HasValue() && !cboPath.Text.StartsWith("/"))
{
cboPath.Text = "/" + cboPath.Text;
}
var context = new WebApiRequestContext
{
PublicKey = txtPublicKey.Text,
SecretKey = txtSecretKey.Text,
Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text,
HttpMethod = cboMethod.Text,
HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType)
};
if (cboQuery.Text.HasValue())
{
context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text);
}
if (!context.IsValid)
{
"Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
Debug.WriteLine(context.ToString());
return;
}
var apiConsumer = new ApiConsumer();
var response = new WebApiConsumerResponse();
var sb = new StringBuilder();
StringBuilder requestContent = null;
Dictionary <string, object> multiPartData = null;
lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url;
lblRequest.Refresh();
if (radioApi.Checked && txtFile.Text.HasValue())
{
var id1 = txtIdentfier1.Text.ToInt();
var id2 = txtIdentfier2.Text;
var keyForId1 = "Id";
var keyForId2 = "";
multiPartData = new Dictionary <string, object>();
if (cboPath.Text.StartsWith("/Uploads/ProductImages"))
{
// only one identifier required: product id, sku or gtin
keyForId2 = "Sku";
}
else if (cboPath.Text.StartsWith("/Uploads/ImportFiles"))
{
// only one identifier required: import profile id or profile name
keyForId2 = "Name";
// to delete existing import files:
//multiPartData.Add("deleteExisting", true);
}
if (id1 != 0)
{
multiPartData.Add(keyForId1, id1);
}
if (id2.HasValue())
{
multiPartData.Add(keyForId2, id2);
}
apiConsumer.AddApiFileParameter(multiPartData, txtFile.Text);
}
var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent);
txtRequest.Text = requestContent.ToString();
var result = apiConsumer.ProcessResponse(webRequest, response);
lblResponse.Text = "Response: " + response.Status;
sb.Append(response.Headers);
if (result && radioJson.Checked && radioOdata.Checked)
{
var customers = response.TryParseCustomers();
if (customers != null)
{
sb.AppendLine("Parsed {0} customer(s):".FormatInvariant(customers.Count));
customers.ForEach(x => sb.AppendLine(x.ToString()));
sb.Append("\r\n");
}
}
sb.Append(response.Content);
txtResponse.Text = sb.ToString();
cboPath.InsertRolled(cboPath.Text, 64);
cboQuery.InsertRolled(cboQuery.Text, 64);
cboContent.InsertRolled(cboContent.Text, 64);
}
protected virtual HmacResult IsAuthenticated(HttpActionContext actionContext, DateTime now, WebApiControllingCacheData cacheControllingData, out Customer customer)
{
customer = null;
var request = HttpContext.Current.Request;
DateTime headDateTime;
if (request == null)
{
return(HmacResult.FailedForUnknownReason);
}
if (cacheControllingData.ApiUnavailable)
{
return(HmacResult.ApiUnavailable);
}
string headContentMd5 = request.Headers["Content-Md5"] ?? request.Headers["Content-MD5"];
string headTimestamp = request.Headers[WebApiGlobal.Header.Date];
string headPublicKey = request.Headers[WebApiGlobal.Header.PublicKey];
string scheme = actionContext.Request.Headers.Authorization.Scheme;
string signatureConsumer = actionContext.Request.Headers.Authorization.Parameter;
if (string.IsNullOrWhiteSpace(headPublicKey))
{
return(HmacResult.UserInvalid);
}
if (!_hmac.IsAuthorizationHeaderValid(scheme, signatureConsumer))
{
return(HmacResult.InvalidAuthorizationHeader);
}
if (!_hmac.ParseTimestamp(headTimestamp, out headDateTime))
{
return(HmacResult.InvalidTimestamp);
}
int maxMinutes = (cacheControllingData.ValidMinutePeriod <= 0 ? WebApiGlobal.DefaultTimePeriodMinutes : cacheControllingData.ValidMinutePeriod);
if (Math.Abs((headDateTime - now).TotalMinutes) > maxMinutes)
{
return(HmacResult.TimestampOutOfPeriod);
}
var cacheUserData = WebApiCachingUserData.Data();
var apiUser = cacheUserData.FirstOrDefault(x => x.PublicKey == headPublicKey);
if (apiUser == null)
{
return(HmacResult.UserUnknown);
}
if (!apiUser.Enabled)
{
return(HmacResult.UserDisabled);
}
if (!cacheControllingData.NoRequestTimestampValidation && apiUser.LastRequest.HasValue && headDateTime <= apiUser.LastRequest.Value)
{
return(HmacResult.TimestampOlderThanLastRequest);
}
var context = new WebApiRequestContext
{
HttpMethod = request.HttpMethod,
HttpAcceptType = request.Headers["Accept"],
PublicKey = headPublicKey,
SecretKey = apiUser.SecretKey,
Url = HttpUtility.UrlDecode(request.Url.AbsoluteUri.ToLower())
};
string contentMd5 = CreateContentMd5Hash(actionContext.Request);
if (headContentMd5.HasValue() && headContentMd5 != contentMd5)
{
return(HmacResult.ContentMd5NotMatching);
}
string messageRepresentation = _hmac.CreateMessageRepresentation(context, contentMd5, headTimestamp);
if (string.IsNullOrEmpty(messageRepresentation))
{
return(HmacResult.MissingMessageRepresentationParameter);
}
string signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation);
if (signatureProvider != signatureConsumer)
{
if (cacheControllingData.AllowEmptyMd5Hash)
{
messageRepresentation = _hmac.CreateMessageRepresentation(context, null, headTimestamp);
signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation);
if (signatureProvider != signatureConsumer)
{
return(HmacResult.InvalidSignature);
}
}
else
{
return(HmacResult.InvalidSignature);
}
}
customer = GetCustomer(apiUser.CustomerId);
if (customer == null)
{
return(HmacResult.UserUnknown);
}
if (!customer.Active || customer.Deleted)
{
return(HmacResult.UserIsInactive);
}
if (!HasPermission(actionContext, customer))
{
return(HmacResult.UserHasNoPermission);
}
//var headers = HttpContext.Current.Response.Headers;
//headers.Add(ApiHeaderName.LastRequest, apiUser.LastRequest.HasValue ? apiUser.LastRequest.Value.ToString("o") : "");
apiUser.LastRequest = headDateTime;
return(HmacResult.Success);
}
protected virtual HmacResult IsAuthenticated(HttpActionContext actionContext, DateTime now, WebApiControllingCacheData cacheControllingData, out Customer customer)
{
customer = null;
var request = HttpContext.Current.Request;
DateTime headDateTime;
if (request == null)
return HmacResult.FailedForUnknownReason;
if (cacheControllingData.ApiUnavailable)
return HmacResult.ApiUnavailable;
string headContentMd5 = request.Headers["Content-Md5"] ?? request.Headers["Content-MD5"];
string headTimestamp = request.Headers[WebApiGlobal.Header.Date];
string headPublicKey = request.Headers[WebApiGlobal.Header.PublicKey];
string scheme = actionContext.Request.Headers.Authorization.Scheme;
string signatureConsumer = actionContext.Request.Headers.Authorization.Parameter;
if (string.IsNullOrWhiteSpace(headPublicKey))
return HmacResult.UserInvalid;
if (!_hmac.IsAuthorizationHeaderValid(scheme, signatureConsumer))
return HmacResult.InvalidAuthorizationHeader;
if (!_hmac.ParseTimestamp(headTimestamp, out headDateTime))
return HmacResult.InvalidTimestamp;
int maxMinutes = (cacheControllingData.ValidMinutePeriod <= 0 ? WebApiGlobal.DefaultTimePeriodMinutes : cacheControllingData.ValidMinutePeriod);
if (Math.Abs((headDateTime - now).TotalMinutes) > maxMinutes)
return HmacResult.TimestampOutOfPeriod;
var cacheUserData = WebApiCachingUserData.Data();
var apiUser = cacheUserData.FirstOrDefault(x => x.PublicKey == headPublicKey);
if (apiUser == null)
return HmacResult.UserUnknown;
if (!apiUser.Enabled)
return HmacResult.UserDisabled;
if (apiUser.LastRequest.HasValue && headDateTime <= apiUser.LastRequest.Value)
return HmacResult.TimestampOlderThanLastRequest;
var context = new WebApiRequestContext()
{
HttpMethod = request.HttpMethod,
HttpAcceptType = request.Headers["Accept"],
PublicKey = headPublicKey,
SecretKey = apiUser.SecretKey,
Url = HttpUtility.UrlDecode(request.Url.AbsoluteUri.ToLower())
};
string contentMd5 = CreateContentMd5Hash(actionContext.Request);
if (headContentMd5.HasValue() && headContentMd5 != contentMd5)
return HmacResult.ContentMd5NotMatching;
string messageRepresentation = _hmac.CreateMessageRepresentation(context, contentMd5, headTimestamp);
if (string.IsNullOrEmpty(messageRepresentation))
return HmacResult.MissingMessageRepresentationParameter;
string signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation);
if (signatureProvider != signatureConsumer)
return HmacResult.InvalidSignature;
customer = GetCustomer(apiUser.CustomerId);
if (customer == null)
return HmacResult.UserUnknown;
if (!HasPermission(actionContext, customer))
return HmacResult.UserHasNoPermission;
//var headers = HttpContext.Current.Response.Headers;
//headers.Add(ApiHeaderName.LastRequest, apiUser.LastRequest.HasValue ? apiUser.LastRequest.Value.ToString("o") : "");
apiUser.LastRequest = now;
return HmacResult.Success;
}
private void CallTheApi()
{
if (!string.IsNullOrWhiteSpace(txtUrl.Text) && !txtUrl.Text.EndsWith("/"))
{
txtUrl.Text = txtUrl.Text + "/";
}
if (!string.IsNullOrWhiteSpace(cboPath.Text) && !cboPath.Text.StartsWith("/"))
{
cboPath.Text = "/" + cboPath.Text;
}
var context = new WebApiRequestContext
{
PublicKey = txtPublicKey.Text,
SecretKey = txtSecretKey.Text,
Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text,
HttpMethod = cboMethod.Text,
HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType)
};
if (!string.IsNullOrWhiteSpace(cboQuery.Text))
{
context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text);
}
if (!context.IsValid)
{
"Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
Debug.WriteLine(context.ToString());
return;
}
var apiConsumer = new ApiConsumer();
var response = new WebApiConsumerResponse();
var sb = new StringBuilder();
StringBuilder requestContent = null;
Dictionary <string, object> multiPartData = null;
lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url;
lblRequest.Refresh();
if (radioApi.Checked && !string.IsNullOrEmpty(txtFile.Text) && cboPath.Text.StartsWith("/Upload"))
{
multiPartData = apiConsumer.CreateProductImageMultipartData(txtFile.Text, txtProductId.Text.ToInt(), txtProductSku.Text);
}
var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent);
txtRequest.Text = requestContent.ToString();
bool result = apiConsumer.ProcessResponse(webRequest, response);
lblResponse.Text = "Response: " + response.Status;
sb.Append(response.Headers);
if (result && radioJson.Checked && radioOdata.Checked)
{
var customers = response.TryParseCustomers();
if (customers != null)
{
sb.AppendLine(string.Format("Parsed {0} customer(s):", customers.Count));
foreach (var customer in customers)
{
sb.AppendLine(customer.ToString());
}
sb.Append("\r\n");
}
}
sb.Append(response.Content);
txtResponse.Text = sb.ToString();
cboPath.InsertRolled(cboPath.Text, 64);
cboQuery.InsertRolled(cboQuery.Text, 64);
cboContent.InsertRolled(cboContent.Text, 64);
}
private void CallTheApi()
{
if (txtUrl.Text.HasValue() && !txtUrl.Text.EndsWith("/"))
{
txtUrl.Text = txtUrl.Text + "/";
}
if (cboPath.Text.HasValue() && !cboPath.Text.StartsWith("/"))
{
cboPath.Text = "/" + cboPath.Text;
}
var context = new WebApiRequestContext
{
PublicKey = txtPublicKey.Text,
SecretKey = txtSecretKey.Text,
Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text,
HttpMethod = cboMethod.Text,
HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType)
};
if (cboQuery.Text.HasValue())
{
context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text);
}
if (!context.IsValid)
{
"Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
Debug.WriteLine(context.ToString());
return;
}
var apiConsumer = new ApiConsumer();
var response = new WebApiConsumerResponse();
var sb = new StringBuilder();
StringBuilder requestContent = null;
Dictionary <string, object> multiPartData = null;
lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url;
lblRequest.Refresh();
if (radioApi.Checked && txtFile.Text.HasValue())
{
if (string.Compare(context.HttpMethod, "POST", StringComparison.OrdinalIgnoreCase) != 0)
{
"Please select POST method for image upload.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
return;
}
var id1 = txtIdentfier1.Text.ToInt();
var id2 = txtIdentfier2.Text;
var pictureId = txtPictureId.Text.ToInt();
var moreData = txtMoreData.Text.EmptyNull().Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
var keyForId1 = "Id";
var keyForId2 = "";
multiPartData = new Dictionary <string, object>();
if (cboPath.Text.StartsWith("/Uploads/ProductImages"))
{
// only one identifier required: product id, sku or gtin
keyForId2 = "Sku";
}
else if (cboPath.Text.StartsWith("/Uploads/ImportFiles"))
{
// only one identifier required: import profile id or profile name
keyForId2 = "Name";
}
if (id1 != 0)
{
multiPartData.Add(keyForId1, id1);
}
if (id2.HasValue())
{
multiPartData.Add(keyForId2, id2);
}
// To delete existing import files... deleteExisting:true
// To start import... startImport:true
foreach (var str in moreData)
{
var data = str.Split(new string[] { ":" }, StringSplitOptions.RemoveEmptyEntries);
if (data.Length == 2)
{
multiPartData.Add(data[0], data[1]);
}
}
apiConsumer.AddApiFileParameter(multiPartData, txtFile.Text, pictureId);
}
var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent);
txtRequest.Text = requestContent.ToString();
var result = apiConsumer.ProcessResponse(webRequest, response, folderBrowserDialog1);
lblResponse.Text = "Response: " + response.Status;
sb.Append(response.Headers);
if (result && response.Content.HasValue())
{
if (radioJson.Checked && radioOdata.Checked)
{
var customers = response.TryParseCustomers();
if (customers != null)
{
sb.AppendLine("Parsed {0} customer(s):".FormatInvariant(customers.Count));
customers.ForEach(x => sb.AppendLine(x.ToString()));
sb.Append("\r\n");
}
}
}
sb.Append(response.Content);
txtResponse.Text = sb.ToString();
cboPath.InsertRolled(cboPath.Text, 64);
cboQuery.InsertRolled(cboQuery.Text, 64);
cboContent.InsertRolled(cboContent.Text, 64);
}
