/// <summary>Creates a message representation as follows: /// HTTP method\n + /// Content-MD5\n + /// Response content type (accept header)\n + /// Canonicalized URI\n /// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n /// Public-Key /// </summary> public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp, bool queryStringDecode = false) { if (context == null || !context.IsValid) { return(null); } var url = context.Url; if (queryStringDecode) { var uri = new Uri(url); if (uri.Query != null && uri.Query.Length > 0) { url = string.Concat(uri.GetLeftPart(UriPartial.Path), HttpUtility.UrlDecode(uri.Query)); } } var result = string.Join(_delimiterRepresentation, context.HttpMethod.ToLower(), contentMd5Hash ?? "", context.HttpAcceptType.ToLower(), url.ToLower(), timestamp, context.PublicKey.ToLower() ); return(result); }
/// <summary> /// 更新用户信息 /// </summary> /// <param name="cer"></param> //public static ResultMsg UpdateCertificate(CertificateDto cer) //{ // CertificateDto dto = AuthToken.CurrentUser; // string jsonData = "{sessionKey:'" + dto.sessionKey + "'," // + "Id:'" + dto.Id + "'," // + "UserName:'******'," // + "NickName:'" + cer.NickName + "'," // + "Phone:'" + cer.Phone + "'," // + "Email:'" + cer.Email + "'," // + "QQ:'" + cer.QQ + "'," // + "Address:'" + cer.Address + "'," // + "UserPwd:'" + cer.UserPwd + "'," // + "NewPwd:'" + cer.NewPwd + "'," // + "Sex:'" + cer.Sex + "'}"; // string result = HttpCrossDomain.Post(getUpdateCertificateUrl, jsonData); // ResultMsg msg = JsonMapper.ToObject<ResultMsg>(result); // if (msg.success) // GetCertificate(dto.sessionKey); // return msg; //} private static string CallTheApi(string url, string content, string publicKey, string secretKey, string httpMethod, Action <ApiConsumer, WebApiConsumerResponse> action = null, bool AcceptJson = true) { var context = new WebApiRequestContext() { PublicKey = publicKey, SecretKey = secretKey, Url = url, HttpMethod = httpMethod, HttpAcceptType = (AcceptJson ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType) }; if (!context.IsValid) { return(""); } var apiConsumer = new ApiConsumer(); var requestContent = new StringBuilder(); var response = new WebApiConsumerResponse(); var sb = new StringBuilder(); var webRequest = apiConsumer.StartRequest(context, content, requestContent); var requestStr = requestContent.ToString(); bool result = apiConsumer.ProcessResponse(webRequest, response); var responseStr = "Response: " + response.Status; sb.Append(response.Headers); //if (result) //{ // var customers = apiConsumer.TryParseCustomers(response); // if (customers != null) // { // sb.AppendLine(string.Format("Parsed {0} customer(s):", customers.Count)); // foreach (var customer in customers) // sb.AppendLine(customer.ToString()); // sb.Append("\r\n"); // } //} if (result) { if (action != null) { action(apiConsumer, response); } } sb.Append(response.Content); return(response.Content); }
private static string CallTheApi(string url, string query, string content, string publicKey, string secretKey, string httpMethod, Action <ApiConsumer, WebApiConsumerResponse> action = null, bool AcceptJson = true) { //if (!url.EndsWith("/")) //{ // url = url + "/"; //} var context = new WebApiRequestContext() { PublicKey = publicKey, SecretKey = secretKey, Url = url, HttpMethod = httpMethod, HttpAcceptType = (AcceptJson ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType) }; if (!string.IsNullOrWhiteSpace(query)) { context.Url = string.Format("{0}?{1}", context.Url, query); } if (!context.IsValid) { return(""); } var apiConsumer = new ApiConsumer(); var requestContent = new StringBuilder(); var response = new WebApiConsumerResponse(); var sb = new StringBuilder(); var webRequest = apiConsumer.StartRequest(context, content, requestContent); var requestStr = requestContent.ToString(); bool result = apiConsumer.ProcessResponse(webRequest, response); var responseStr = "Response: " + response.Status; sb.Append(response.Headers); if (result) { if (action != null) { action(apiConsumer, response); } } sb.Append(response.Content); return(response.Content); }
/// <summary>Creates a message representation as follows: /// HTTP method\n + /// Content-MD5\n + /// Response content type (accept header)\n + /// Canonicalized URI\n /// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n /// Public-Key /// </summary> public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp) { if (context == null || !context.IsValid) return null; string result = string.Join(_delimiterRepresentation, context.HttpMethod.ToLower(), contentMd5Hash ?? "", context.HttpAcceptType.ToLower(), context.Url.ToLower(), timestamp, context.PublicKey.ToLower() ); return result; }
/// <summary>Creates a message representation as follows: /// HTTP method\n + /// Content-MD5\n + /// Response content type (accept header)\n + /// Canonicalized URI\n /// ISO-8601 UTC timestamp including milliseconds (e.g. 2013-09-23T09:24:43.5395441Z)\n /// Public-Key /// </summary> public string CreateMessageRepresentation(WebApiRequestContext context, string contentMd5Hash, string timestamp) { if (context == null || !context.IsValid) { return(null); } string result = string.Join(_delimiterRepresentation, context.HttpMethod.ToLower(), contentMd5Hash ?? "", context.HttpAcceptType.ToLower(), context.Url.ToLower(), timestamp, context.PublicKey.ToLower() ); return(result); }
private void CallTheApi() { if (txtUrl.Text.HasValue() && !txtUrl.Text.EndsWith("/")) { txtUrl.Text = txtUrl.Text + "/"; } if (cboPath.Text.HasValue() && !cboPath.Text.StartsWith("/")) { cboPath.Text = "/" + cboPath.Text; } var context = new WebApiRequestContext { PublicKey = txtPublicKey.Text, SecretKey = txtSecretKey.Text, Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text, HttpMethod = cboMethod.Text, HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType) }; if (cboQuery.Text.HasValue()) { context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text); } if (!context.IsValid) { "Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation); Debug.WriteLine(context.ToString()); return; } var apiConsumer = new ApiConsumer(); var response = new WebApiConsumerResponse(); var sb = new StringBuilder(); StringBuilder requestContent = null; Dictionary <string, object> multiPartData = null; lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url; lblRequest.Refresh(); if (radioApi.Checked && txtFile.Text.HasValue()) { var id1 = txtIdentfier1.Text.ToInt(); var id2 = txtIdentfier2.Text; var keyForId1 = "Id"; var keyForId2 = ""; multiPartData = new Dictionary <string, object>(); if (cboPath.Text.StartsWith("/Uploads/ProductImages")) { // only one identifier required: product id, sku or gtin keyForId2 = "Sku"; } else if (cboPath.Text.StartsWith("/Uploads/ImportFiles")) { // only one identifier required: import profile id or profile name keyForId2 = "Name"; // to delete existing import files: //multiPartData.Add("deleteExisting", true); } if (id1 != 0) { multiPartData.Add(keyForId1, id1); } if (id2.HasValue()) { multiPartData.Add(keyForId2, id2); } apiConsumer.AddApiFileParameter(multiPartData, txtFile.Text); } var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent); txtRequest.Text = requestContent.ToString(); var result = apiConsumer.ProcessResponse(webRequest, response); lblResponse.Text = "Response: " + response.Status; sb.Append(response.Headers); if (result && radioJson.Checked && radioOdata.Checked) { var customers = response.TryParseCustomers(); if (customers != null) { sb.AppendLine("Parsed {0} customer(s):".FormatInvariant(customers.Count)); customers.ForEach(x => sb.AppendLine(x.ToString())); sb.Append("\r\n"); } } sb.Append(response.Content); txtResponse.Text = sb.ToString(); cboPath.InsertRolled(cboPath.Text, 64); cboQuery.InsertRolled(cboQuery.Text, 64); cboContent.InsertRolled(cboContent.Text, 64); }
protected virtual HmacResult IsAuthenticated(HttpActionContext actionContext, DateTime now, WebApiControllingCacheData cacheControllingData, out Customer customer) { customer = null; var request = HttpContext.Current.Request; DateTime headDateTime; if (request == null) { return(HmacResult.FailedForUnknownReason); } if (cacheControllingData.ApiUnavailable) { return(HmacResult.ApiUnavailable); } string headContentMd5 = request.Headers["Content-Md5"] ?? request.Headers["Content-MD5"]; string headTimestamp = request.Headers[WebApiGlobal.Header.Date]; string headPublicKey = request.Headers[WebApiGlobal.Header.PublicKey]; string scheme = actionContext.Request.Headers.Authorization.Scheme; string signatureConsumer = actionContext.Request.Headers.Authorization.Parameter; if (string.IsNullOrWhiteSpace(headPublicKey)) { return(HmacResult.UserInvalid); } if (!_hmac.IsAuthorizationHeaderValid(scheme, signatureConsumer)) { return(HmacResult.InvalidAuthorizationHeader); } if (!_hmac.ParseTimestamp(headTimestamp, out headDateTime)) { return(HmacResult.InvalidTimestamp); } int maxMinutes = (cacheControllingData.ValidMinutePeriod <= 0 ? WebApiGlobal.DefaultTimePeriodMinutes : cacheControllingData.ValidMinutePeriod); if (Math.Abs((headDateTime - now).TotalMinutes) > maxMinutes) { return(HmacResult.TimestampOutOfPeriod); } var cacheUserData = WebApiCachingUserData.Data(); var apiUser = cacheUserData.FirstOrDefault(x => x.PublicKey == headPublicKey); if (apiUser == null) { return(HmacResult.UserUnknown); } if (!apiUser.Enabled) { return(HmacResult.UserDisabled); } if (!cacheControllingData.NoRequestTimestampValidation && apiUser.LastRequest.HasValue && headDateTime <= apiUser.LastRequest.Value) { return(HmacResult.TimestampOlderThanLastRequest); } var context = new WebApiRequestContext { HttpMethod = request.HttpMethod, HttpAcceptType = request.Headers["Accept"], PublicKey = headPublicKey, SecretKey = apiUser.SecretKey, Url = HttpUtility.UrlDecode(request.Url.AbsoluteUri.ToLower()) }; string contentMd5 = CreateContentMd5Hash(actionContext.Request); if (headContentMd5.HasValue() && headContentMd5 != contentMd5) { return(HmacResult.ContentMd5NotMatching); } string messageRepresentation = _hmac.CreateMessageRepresentation(context, contentMd5, headTimestamp); if (string.IsNullOrEmpty(messageRepresentation)) { return(HmacResult.MissingMessageRepresentationParameter); } string signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation); if (signatureProvider != signatureConsumer) { if (cacheControllingData.AllowEmptyMd5Hash) { messageRepresentation = _hmac.CreateMessageRepresentation(context, null, headTimestamp); signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation); if (signatureProvider != signatureConsumer) { return(HmacResult.InvalidSignature); } } else { return(HmacResult.InvalidSignature); } } customer = GetCustomer(apiUser.CustomerId); if (customer == null) { return(HmacResult.UserUnknown); } if (!customer.Active || customer.Deleted) { return(HmacResult.UserIsInactive); } if (!HasPermission(actionContext, customer)) { return(HmacResult.UserHasNoPermission); } //var headers = HttpContext.Current.Response.Headers; //headers.Add(ApiHeaderName.LastRequest, apiUser.LastRequest.HasValue ? apiUser.LastRequest.Value.ToString("o") : ""); apiUser.LastRequest = headDateTime; return(HmacResult.Success); }
protected virtual HmacResult IsAuthenticated(HttpActionContext actionContext, DateTime now, WebApiControllingCacheData cacheControllingData, out Customer customer) { customer = null; var request = HttpContext.Current.Request; DateTime headDateTime; if (request == null) return HmacResult.FailedForUnknownReason; if (cacheControllingData.ApiUnavailable) return HmacResult.ApiUnavailable; string headContentMd5 = request.Headers["Content-Md5"] ?? request.Headers["Content-MD5"]; string headTimestamp = request.Headers[WebApiGlobal.Header.Date]; string headPublicKey = request.Headers[WebApiGlobal.Header.PublicKey]; string scheme = actionContext.Request.Headers.Authorization.Scheme; string signatureConsumer = actionContext.Request.Headers.Authorization.Parameter; if (string.IsNullOrWhiteSpace(headPublicKey)) return HmacResult.UserInvalid; if (!_hmac.IsAuthorizationHeaderValid(scheme, signatureConsumer)) return HmacResult.InvalidAuthorizationHeader; if (!_hmac.ParseTimestamp(headTimestamp, out headDateTime)) return HmacResult.InvalidTimestamp; int maxMinutes = (cacheControllingData.ValidMinutePeriod <= 0 ? WebApiGlobal.DefaultTimePeriodMinutes : cacheControllingData.ValidMinutePeriod); if (Math.Abs((headDateTime - now).TotalMinutes) > maxMinutes) return HmacResult.TimestampOutOfPeriod; var cacheUserData = WebApiCachingUserData.Data(); var apiUser = cacheUserData.FirstOrDefault(x => x.PublicKey == headPublicKey); if (apiUser == null) return HmacResult.UserUnknown; if (!apiUser.Enabled) return HmacResult.UserDisabled; if (apiUser.LastRequest.HasValue && headDateTime <= apiUser.LastRequest.Value) return HmacResult.TimestampOlderThanLastRequest; var context = new WebApiRequestContext() { HttpMethod = request.HttpMethod, HttpAcceptType = request.Headers["Accept"], PublicKey = headPublicKey, SecretKey = apiUser.SecretKey, Url = HttpUtility.UrlDecode(request.Url.AbsoluteUri.ToLower()) }; string contentMd5 = CreateContentMd5Hash(actionContext.Request); if (headContentMd5.HasValue() && headContentMd5 != contentMd5) return HmacResult.ContentMd5NotMatching; string messageRepresentation = _hmac.CreateMessageRepresentation(context, contentMd5, headTimestamp); if (string.IsNullOrEmpty(messageRepresentation)) return HmacResult.MissingMessageRepresentationParameter; string signatureProvider = _hmac.CreateSignature(apiUser.SecretKey, messageRepresentation); if (signatureProvider != signatureConsumer) return HmacResult.InvalidSignature; customer = GetCustomer(apiUser.CustomerId); if (customer == null) return HmacResult.UserUnknown; if (!HasPermission(actionContext, customer)) return HmacResult.UserHasNoPermission; //var headers = HttpContext.Current.Response.Headers; //headers.Add(ApiHeaderName.LastRequest, apiUser.LastRequest.HasValue ? apiUser.LastRequest.Value.ToString("o") : ""); apiUser.LastRequest = now; return HmacResult.Success; }
private void CallTheApi() { if (!string.IsNullOrWhiteSpace(txtUrl.Text) && !txtUrl.Text.EndsWith("/")) { txtUrl.Text = txtUrl.Text + "/"; } if (!string.IsNullOrWhiteSpace(cboPath.Text) && !cboPath.Text.StartsWith("/")) { cboPath.Text = "/" + cboPath.Text; } var context = new WebApiRequestContext { PublicKey = txtPublicKey.Text, SecretKey = txtSecretKey.Text, Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text, HttpMethod = cboMethod.Text, HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType) }; if (!string.IsNullOrWhiteSpace(cboQuery.Text)) { context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text); } if (!context.IsValid) { "Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation); Debug.WriteLine(context.ToString()); return; } var apiConsumer = new ApiConsumer(); var response = new WebApiConsumerResponse(); var sb = new StringBuilder(); StringBuilder requestContent = null; Dictionary <string, object> multiPartData = null; lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url; lblRequest.Refresh(); if (radioApi.Checked && !string.IsNullOrEmpty(txtFile.Text) && cboPath.Text.StartsWith("/Upload")) { multiPartData = apiConsumer.CreateProductImageMultipartData(txtFile.Text, txtProductId.Text.ToInt(), txtProductSku.Text); } var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent); txtRequest.Text = requestContent.ToString(); bool result = apiConsumer.ProcessResponse(webRequest, response); lblResponse.Text = "Response: " + response.Status; sb.Append(response.Headers); if (result && radioJson.Checked && radioOdata.Checked) { var customers = response.TryParseCustomers(); if (customers != null) { sb.AppendLine(string.Format("Parsed {0} customer(s):", customers.Count)); foreach (var customer in customers) { sb.AppendLine(customer.ToString()); } sb.Append("\r\n"); } } sb.Append(response.Content); txtResponse.Text = sb.ToString(); cboPath.InsertRolled(cboPath.Text, 64); cboQuery.InsertRolled(cboQuery.Text, 64); cboContent.InsertRolled(cboContent.Text, 64); }
private void CallTheApi() { if (txtUrl.Text.HasValue() && !txtUrl.Text.EndsWith("/")) { txtUrl.Text = txtUrl.Text + "/"; } if (cboPath.Text.HasValue() && !cboPath.Text.StartsWith("/")) { cboPath.Text = "/" + cboPath.Text; } var context = new WebApiRequestContext { PublicKey = txtPublicKey.Text, SecretKey = txtSecretKey.Text, Url = txtUrl.Text + (radioOdata.Checked ? "odata/" : "api/") + txtVersion.Text + cboPath.Text, HttpMethod = cboMethod.Text, HttpAcceptType = (radioJson.Checked ? ApiConsumer.JsonAcceptType : ApiConsumer.XmlAcceptType) }; if (cboQuery.Text.HasValue()) { context.Url = string.Format("{0}?{1}", context.Url, cboQuery.Text); } if (!context.IsValid) { "Please enter Public-Key, Secret-Key, URL and method.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation); Debug.WriteLine(context.ToString()); return; } var apiConsumer = new ApiConsumer(); var response = new WebApiConsumerResponse(); var sb = new StringBuilder(); StringBuilder requestContent = null; Dictionary <string, object> multiPartData = null; lblRequest.Text = "Request: " + context.HttpMethod + " " + context.Url; lblRequest.Refresh(); if (radioApi.Checked && txtFile.Text.HasValue()) { if (string.Compare(context.HttpMethod, "POST", StringComparison.OrdinalIgnoreCase) != 0) { "Please select POST method for image upload.".Box(MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } var id1 = txtIdentfier1.Text.ToInt(); var id2 = txtIdentfier2.Text; var pictureId = txtPictureId.Text.ToInt(); var moreData = txtMoreData.Text.EmptyNull().Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); var keyForId1 = "Id"; var keyForId2 = ""; multiPartData = new Dictionary <string, object>(); if (cboPath.Text.StartsWith("/Uploads/ProductImages")) { // only one identifier required: product id, sku or gtin keyForId2 = "Sku"; } else if (cboPath.Text.StartsWith("/Uploads/ImportFiles")) { // only one identifier required: import profile id or profile name keyForId2 = "Name"; } if (id1 != 0) { multiPartData.Add(keyForId1, id1); } if (id2.HasValue()) { multiPartData.Add(keyForId2, id2); } // To delete existing import files... deleteExisting:true // To start import... startImport:true foreach (var str in moreData) { var data = str.Split(new string[] { ":" }, StringSplitOptions.RemoveEmptyEntries); if (data.Length == 2) { multiPartData.Add(data[0], data[1]); } } apiConsumer.AddApiFileParameter(multiPartData, txtFile.Text, pictureId); } var webRequest = apiConsumer.StartRequest(context, cboContent.Text, multiPartData, out requestContent); txtRequest.Text = requestContent.ToString(); var result = apiConsumer.ProcessResponse(webRequest, response, folderBrowserDialog1); lblResponse.Text = "Response: " + response.Status; sb.Append(response.Headers); if (result && response.Content.HasValue()) { if (radioJson.Checked && radioOdata.Checked) { var customers = response.TryParseCustomers(); if (customers != null) { sb.AppendLine("Parsed {0} customer(s):".FormatInvariant(customers.Count)); customers.ForEach(x => sb.AppendLine(x.ToString())); sb.Append("\r\n"); } } } sb.Append(response.Content); txtResponse.Text = sb.ToString(); cboPath.InsertRolled(cboPath.Text, 64); cboQuery.InsertRolled(cboQuery.Text, 64); cboContent.InsertRolled(cboContent.Text, 64); }