public void VerifyWhenMaskingFieldAsPayloadFails_ValueIsSetToDefaultMaskingFailureValue()
{
var apiLog = new ApiLog();
var filter = new StreamLogMaskingFilter(new List <JsonPayloadMaskingRule>
{
new JsonPayloadMaskingRule("jsonfield", new PayloadFieldMaskingRule []
{
new PayloadFieldMaskingRule {
Path = "param1", Mask = new FuncMask(new Func <string, string>((string value) => { throw new Exception("MaskingFailed"); }))
}
})
});
var json = string.Format(@"{{
""PARAM1"": "" aa ""
}}");
apiLog.TrySetValue("jsonField", new Payload(json));
var masked = filter.Apply(apiLog);
var fields = masked.GetFields();
var maskedJsonField = fields.First(x => x.Key == "jsonField").Value.ToString();
Assert.Equal(KeyStore.Masking.MaskingFailed, maskedJsonField);
Assert.True(Boolean.Parse(fields.First(x => x.Key == KeyStore.Masking.MaskingFailedKey).Value.ToString()));
}
public void VerifyQueryStringFieldsAreMaskedCorrectly()
{
var apiLog = new ApiLog();
var cc = "4111111111111111";
var maskedCC = "411111******1111";
var query = "PARAM1= aa ¶mCC= " + cc + " ¶m2= aaa ¶m3= aaaaa ";
var filter = new TextLogMaskingFilter(new QueryStringMaskingRule("queryField", new TextMaskingRule[]
{
new TextMaskingRule {
Field = "param1", Mask = Masks.DefaultMask
},
new TextMaskingRule {
Field = "paramcc", Mask = Masks.CreditCardMask
}
}));
apiLog.TrySetValue("queryField", query);
apiLog.TrySetValue("queryFieldNotToBeMasked", query);
var masked = filter.Apply(apiLog);
var fields = masked.GetFields();
var maskedQueryField = fields.First(x => x.Key == "queryField").Value;
var maskedQueryFieldNoToBeMasked = fields.First(x => x.Key == "queryFieldNotToBeMasked").Value;
Assert.Equal("PARAM1=**¶mCC=" + maskedCC + "¶m2= aaa ¶m3= aaaaa ", maskedQueryField);
Assert.Equal(query, maskedQueryFieldNoToBeMasked);
}
public void VerifyWhenCustomMaskSpecified_FieldsAreMaskedCorrectly()
{
var apiLog = new ApiLog();
var filter = new DelegateFilter((ILog log) =>
{
var copy = new List <KeyValuePair <string, object> >();
var fields = log.GetFields();
foreach (var field in fields)
{
if (field.Key == "fieldToMask")
{
copy.Add(new KeyValuePair <string, object>(field.Key, Masks.DefaultMask.Mask(field.Value.ToString())));
}
else if (field.Key == "fieldNotToMask")
{
copy.Add(field);
}
}
return(new SimpleLog(log.Id, log.LogTime, copy));
});
apiLog.TrySetValue("fieldToMask", "ValueToMask");
apiLog.TrySetValue("fieldNotToMask", "ValueNotToMask");
var masked = filter.Apply(apiLog);
var maskedFields = masked.GetFields();
var maskedField = maskedFields.First(x => x.Key == "fieldToMask").Value;
var notMaskedField = maskedFields.First(x => x.Key == "fieldNotToMask").Value;
Assert.Equal(maskedField, "V*********k");
Assert.Equal(notMaskedField, "ValueNotToMask");
}
protected override async Task <ApiLog> GetLog(HttpContext httpContext)
{
//var responseBodyStream = new MemoryStream();
//httpContext.Response.Body = responseBodyStream;
var urlMapping = GetRouteMapping(httpContext.Request.Path);
var log = new ApiLog
{
ApplicationName = "Test Application",
Api = urlMapping.Item1,
Verb = urlMapping.Item2,
Url = $"{httpContext.Request.Scheme}://{httpContext.Request.Host.Value}{httpContext.Request.Path.Value}",
IsSuccessful = httpContext.Response?.StatusCode == 200,
Request = new Payload(await GetRequestPayload(httpContext)),
Response = new Payload(await GetResponsePayload(httpContext))
//CorrelationId = BaseContext.Current?.CorrelationId,
//StackId = BaseContext.Current?.StackId,
//ApplicationTransactionId = BaseContext.Current?.TransactionId
};
foreach (var header in httpContext.Request.Headers)
{
log.RequestHeaders[header.Key] = string.Join(", ", header.Value);
}
foreach (var header in httpContext.Response.Headers)
{
log.ResponseHeaders[header.Key] = string.Join(", ", header.Value);
}
return(log);
}
//<summary>Se ejecuta cuando se produce una excepcion, esta lee los datos de la excepcion y genera un log en la base de datos.</summary>
/// <param name="actionExecutedContext">Contexto de ejecucion.</param>
public override void OnException(HttpActionExecutedContext actionExecutedContext)
{
using (IUnitOfWork unitOfWork = new UnitOfWork())
{
IRepository <ApiLog> repository = new Repository <ApiLog>(unitOfWork);
apiLogService = new ApiLogService(repository);
string requestUuid = actionExecutedContext.Request.GetCorrelationId().ToString();
//unitOfWork.BeginTransaction();
try
{
ApiLog requestLog = apiLogService.FindBy(x => x.Uuid == requestUuid).FirstOrDefault();
if (requestLog != null)
{
requestLog.Exception = actionExecutedContext.Exception.GetExceptionDetails();
apiLogService.Update(requestLog);
}
//unitOfWork.Commit();
}
catch (Exception e)
{
//unitOfWork.Rollback();
}
base.OnException(actionExecutedContext);
}
}
public GenericResponse GetMyProducts(string userId)
{
try
{
User user = db.Users.Where(u => u.Id == userId).FirstOrDefault();
List <Product> products = db.Products.Where(l => l.User.Id == user.Id && l.IsDeleted != true).ToList();
UserProductListDto dto = new UserProductListDto();
dto.userName = user.Name;
foreach (var item in products)
{
ProductDto product = new ProductDto(item);
dto.products.Add(product);
}
GenericResponse response = new GenericResponse();
response.entity = dto;
return(response);
}
catch (Exception ex)
{
ApiLog log = new ApiLog();
log.Request = "";
log.MethodName = "GetMyProducts";
log.Exception = ex.ToString();
log.UserId = userId;
db.ApiLog.Add(log);
db.SaveChanges();
return(new GenericResponse(ex));
}
}
public GenericResponse RemoveProduct(RemoveProduct request, string userId)
{
try
{
Product product = db.Products.Where(p => p.Id == request.productId).FirstOrDefault();
product.IsDeleted = true;
db.SaveChanges();
return(new GenericResponse());
}
catch (Exception ex)
{
ApiLog log = new ApiLog();
log.Request = request.ToString();
log.MethodName = "RemoveProduct";
log.Exception = ex.ToString();
log.UserId = userId;
db.ApiLog.Add(log);
db.SaveChanges();
return(new GenericResponse(ex));
}
}
public void InsertAPILog(ApiLog apiLog)
{
try
{
using (var sqlConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["APILoggingConnection"].ConnectionString))
{
sqlConnection.Open();
var cmd =
new SqlCommand("FTSP_APILogging", connection: sqlConnection)
{
CommandType = CommandType.StoredProcedure
};
cmd.Parameters.AddWithValue("@Host", apiLog.Host);
cmd.Parameters.AddWithValue("@Headers", apiLog.Headers);
cmd.Parameters.AddWithValue("@StatusCode", apiLog.StatusCode);
cmd.Parameters.AddWithValue("@RequestBody", apiLog.RequestBody);
cmd.Parameters.AddWithValue("@RequestedMethod", apiLog.RequestedMethod);
cmd.Parameters.AddWithValue("@UserHostAddress", apiLog.UserHostAddress);
cmd.Parameters.AddWithValue("@Useragent", apiLog.Useragent);
cmd.Parameters.AddWithValue("@AbsoluteUri", apiLog.AbsoluteUri);
cmd.Parameters.AddWithValue("@RequestType", apiLog.RequestType);
cmd.ExecuteNonQuery();
}
}
catch (Exception)
{
throw;
}
}
public void OutgoingMessageAsync(ApiLog apiLog)
{
apiLog.RequestType = "Response";
var sqlLogging = new SqlLogging();
sqlLogging.InsertAPILog(apiLog);
}
public void IncomingMessageAsync(ApiLog apiLog)
{
apiLog.RequestType = "Request";
var sqlLogging = new SqlLogging();
sqlLogging.InsertAPILog(apiLog);
}
////----------正式参数---------------
//public string organization = "1000000438";//机构号
//public string password = "******";//密码
//public string skey = "oiszFLRc";//DES密钥
////-----------测试参数----------------
//public string organization = "1000000286";//机构号
//public string password = "******";//密码
//public string skey = "vSK5eIRC";//des密钥
#region 发送电子票
internal string Add_Order(ApiService mapiservice, Api_yg_addorder_input minput)
{
StringBuilder builderOrder = new StringBuilder();
builderOrder.Append(@"<?xml version=""1.0"" encoding=""utf-8"" ?>");
builderOrder.Append(@"<business_trans version=""1.0"">");
builderOrder.AppendFormat("<request_type>{0}</request_type>", "add_order");
builderOrder.AppendFormat("<organization>{0}</organization>", mapiservice.Organization); //<!-机构号-->
builderOrder.AppendFormat("<password>{0}</password>", mapiservice.Password); //<!-- 接口使用密码 y-->
builderOrder.AppendFormat("<req_seq>{0}</req_seq>", minput.req_seq); //<!--请求流水号 y-->
builderOrder.AppendFormat("<order>"); //<!--订单信息-->
builderOrder.AppendFormat("<product_num>{0}</product_num>", minput.product_num); //<!--产品编码 y-->
builderOrder.AppendFormat("<num>{0}</num>", minput.num); //<!--购买数量 y-->
builderOrder.AppendFormat("<mobile>{0}</mobile>", minput.mobile); //<!-- 手机号码 y-->
builderOrder.AppendFormat("<use_date>{0}</use_date>", minput.use_date); //<!-- 使用时间 -->
builderOrder.AppendFormat("<real_name_type>{0}</real_name_type>", minput.real_name_type); //<!-- 实名制类型:0无需实名 1一张一人,2一单一人,3一单一人+身份证-->
builderOrder.AppendFormat("<real_name>{0}</real_name>", minput.real_name); //<!--真是姓名 ,隔开 最多3个名字 <=3 -->
builderOrder.AppendFormat("<id_card>{0}</id_card>", minput.id_card); //<!--证件号码 -->
builderOrder.AppendFormat("<card_type>{0}</card_type>", minput.card_type); //<!--证件类型0身份证;1其他证件 -->
builderOrder.AppendFormat("</order>");
builderOrder.AppendFormat("</business_trans>");
string bstr = "";
try
{
ITicketService its10 = new ITicketService();
string en = EncryptionHelper.DESEnCode(builderOrder.ToString(), mapiservice.Deskey);
string retxmls = its10.getEleInterface(mapiservice.Organization, en);
bstr = EncryptionHelper.DESDeCode(retxmls, mapiservice.Deskey);
}
catch (Exception e)
{
bstr = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<business_trans>" +
"<response_type>add_order</response_type>" +
"<req_seq>" + minput.req_seq + "</req_seq>" +
"<result>" +
"<id></id>" +
"<comment>" + e.Message + "</comment>" +
" </result>" +
"</business_trans>";
}
//录入交互日志
ApiLog mapilog = new ApiLog
{
Id = 0,
request_type = "add_order",
Serviceid = 1,
Str = builderOrder.ToString().Trim(),
Subdate = DateTime.Now,
ReturnStr = bstr,
ReturnSubdate = DateTime.Now,
Errmsg = "",
};
int ins = new ApiLogData().EditLog(mapilog);
return(bstr);
}
/// <summary>
/// Logs info/Error to Log file
/// </summary>
/// <param name="record"></param>
private void log(TraceRecord record, ApiLog apiLog, Exception exception, string message)
{
//var message = new StringBuilder();
LogEventInfo logDetailInfo = new LogEventInfo(LogLevel.FromString(record.Level.ToString()), "BilisimHRWebApiLogger", message);
logDetailInfo.Exception = exception;
if (apiLog != null)
{
logDetailInfo.Properties["APPLICATION"] = apiLog.Application;
logDetailInfo.Properties["USER_ID"] = apiLog.UserId;
logDetailInfo.Properties["USERNAME"] = apiLog.Username;
logDetailInfo.Properties["MACHINE"] = apiLog.Machine;
logDetailInfo.Properties["CONTROLLER"] = apiLog.Controller;
logDetailInfo.Properties["ACTION"] = apiLog.Action;
logDetailInfo.Properties["REQUEST_IP_ADDRESS"] = apiLog.RequestIpAddress;
logDetailInfo.Properties["REQUEST_CONTENT_TYPE"] = apiLog.RequestContentType;
logDetailInfo.Properties["REQUEST_CONTENT_BODY"] = apiLog.RequestContentBody;
logDetailInfo.Properties["REQUEST_URI"] = apiLog.RequestUri;
logDetailInfo.Properties["REQUEST_METHOD"] = apiLog.RequestMethod;
logDetailInfo.Properties["REQUEST_ROUTE_TEMPLATE"] = apiLog.RequestRouteTemplate;
logDetailInfo.Properties["REQUEST_ROUTE_DATA"] = apiLog.RequestRouteData;
logDetailInfo.Properties["REQUEST_HEADERS"] = apiLog.RequestHeaders;
logDetailInfo.Properties["REQUEST_TIMESTAMP"] = (apiLog.RequestTimestamp.HasValue ? apiLog.RequestTimestamp.Value.ToString("dd'/'MM'/'yyyy HH:mm:ss") : string.Empty);
logDetailInfo.Properties["RESPONSE_CONTENT_TYPE"] = apiLog.ResponseContentType;
// Response Content Body veri tabanında büyük alana karşılık geldiğinden eklenmesi kapatılmıştır.
// logDetailInfo.Properties["RESPONSE_CONTENT_BODY"] = apiLog.ResponseContentBody;
logDetailInfo.Properties["RESPONSE_STATUS_CODE"] = (apiLog.ResponseStatusCode.HasValue ? apiLog.ResponseStatusCode.Value.ToJSON() : string.Empty);
logDetailInfo.Properties["RESPONSE_HEADERS"] = apiLog.ResponseHeaders;
logDetailInfo.Properties["RESPONSE_TIMESTAMP"] = (apiLog.ResponseTimestamp.HasValue ? apiLog.ResponseTimestamp.Value.ToString("dd'/'MM'/'yyyy HH:mm:ss") : string.Empty);
logDetailInfo.Properties["TOTAL_EXECUTION_SECONDS"] = apiLog.TotalExecutionSeconds.ToString();
// _logger[record.Level](logDetailInfo);
_classLogger.Log(logDetailInfo);
}
}
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request,
CancellationToken cancellationToken)
{
var requestedMethod = request.Method;
var userHostAddress = "";//HttpContext.Current != null ? HttpContext.Current.Request.UserHostAddress : "0.0.0.0";
var useragent = request.Headers.UserAgent.ToString();
var requestMessage = await request.Content.ReadAsByteArrayAsync();
var uriAccessed = request.RequestUri.AbsoluteUri;
var responseHeadersString = new StringBuilder();
foreach (var header in request.Headers)
{
responseHeadersString.Append($"{header.Key}: {String.Join(", ", header.Value)}{Environment.NewLine}");
}
var messageLoggingHandler = new MessageLogging();
var requestLog = new ApiLog()
{
Headers = responseHeadersString.ToString(),
AbsoluteUri = uriAccessed,
Host = userHostAddress,
RequestBody = Encoding.UTF8.GetString(requestMessage),
UserHostAddress = userHostAddress,
Useragent = useragent,
RequestedMethod = requestedMethod.ToString(),
StatusCode = string.Empty
};
messageLoggingHandler.IncomingMessageAsync(requestLog);
var response = await base.SendAsync(request, cancellationToken);
byte[] responseMessage;
if (response.IsSuccessStatusCode)
{
responseMessage = await response.Content.ReadAsByteArrayAsync();
}
else
{
responseMessage = Encoding.UTF8.GetBytes(response.ReasonPhrase);
}
var responseLog = new ApiLog()
{
Headers = responseHeadersString.ToString(),
AbsoluteUri = uriAccessed,
Host = userHostAddress,
RequestBody = Encoding.UTF8.GetString(responseMessage),
UserHostAddress = userHostAddress,
Useragent = useragent,
RequestedMethod = requestedMethod.ToString(),
StatusCode = string.Empty
};
messageLoggingHandler.OutgoingMessageAsync(responseLog);
return(response);
}
public int EditLog(ApiLog m)
{
using (var sql = new SqlHelper())
{
return(new InternalApiLog(sql).EditLog(m));
}
}
/// <summary>
/// Implementation of TraceWriter to trace the logs.
/// </summary>
/// <param name="request"></param>
/// <param name="category"></param>
/// <param name="level"></param>
/// <param name="traceAction"></param>
public void Trace(HttpRequestMessage request, string module, TraceLevel level, Action <TraceRecord> traceAction)
{
if (!module.StartsWith("bilisimHR"))
{
return;
}
string message = string.Empty;
//JToken Jtoken = JObject.Parse(traceAction.Target.ToJSON());
JToken Jtoken = JObject.Parse(JsonConvert.SerializeObject(traceAction.Target));
JToken subToken = Jtoken.SelectToken("messageArguments");
JToken exceptionObj = Jtoken.SelectToken("exception");
if (subToken == null)
{
return;
}
object jsonObj = subToken.First.ToObject(typeof(ApiLog));
if (level != TraceLevel.Off && jsonObj.GetType() == typeof(ApiLog))
{
ApiLog apiLog = (ApiLog)jsonObj;
if (traceAction != null && traceAction.Target != null)
{
apiLog.Application = module;
message = "Application : " + apiLog.Application +
Environment.NewLine + "UserId : " + apiLog.UserId +
Environment.NewLine + "Username : "******"Machine : " + apiLog.Machine +
Environment.NewLine + "Controller : " + apiLog.Controller +
Environment.NewLine + "Action : " + apiLog.Action +
Environment.NewLine + "RequestIpAddress : " + apiLog.RequestIpAddress +
Environment.NewLine + "RequestContentType : " + apiLog.RequestContentType +
Environment.NewLine + "RequestContentBody : " + apiLog.RequestContentBody +
Environment.NewLine + "RequestUri : " + apiLog.RequestUri +
Environment.NewLine + "RequestMethod : " + apiLog.RequestMethod +
Environment.NewLine + "RequestRouteTemplate : " + apiLog.RequestRouteTemplate +
Environment.NewLine + "RequestRouteData : " + apiLog.RequestRouteData +
Environment.NewLine + "RequestHeaders : " + apiLog.RequestHeaders +
Environment.NewLine + "RequestTimestamp : " + (apiLog.RequestTimestamp.HasValue ? apiLog.RequestTimestamp.Value.ToString("dd'/'MM'/'yyyy HH:mm:ss") : string.Empty) +
Environment.NewLine + "ResponseContentType : " + apiLog.ResponseContentType +
Environment.NewLine + "ResponseContentBody : " + apiLog.ResponseContentBody +
Environment.NewLine + "ResponseStatusCode : " + (apiLog.ResponseStatusCode.HasValue ? apiLog.ResponseStatusCode.Value.ToJSON() : string.Empty) +
Environment.NewLine + "ResponseHeaders : " + apiLog.ResponseHeaders +
Environment.NewLine + "ResponseTimestamp : " + (apiLog.ResponseTimestamp.HasValue ? apiLog.ResponseTimestamp.Value.ToString("dd'/'MM'/'yyyy HH:mm:ss") : string.Empty) +
Environment.NewLine + "TotalExecutionTime: " + apiLog.TotalExecutionSeconds.ToString() +
Environment.NewLine + "-----------------------------------------------------------------------------";
}
var record = new TraceRecord(request, module, level);
if (traceAction != null)
{
traceAction(record);
}
log(record, apiLog, (exceptionObj != null ? ((Exception)exceptionObj.ToObject(typeof(Exception))) : null), message);
}
}
public async Task Invoke(HttpContext httpContext, IApiLogRepository apiLogRepository)
{
Stopwatch watch = new Stopwatch();
var now = _clock.UtcNow.UtcDateTime;
watch.Start();
await _next(httpContext);
watch.Stop();
var user = httpContext.User.ParseAllClaims();
var log = new ApiLog();
log.DurationMs = (int)watch.ElapsedMilliseconds;
log.Route = httpContext.GetRouteData().Values["controller"] + "." + httpContext.GetRouteData().Values["action"];
log.StartedAt = now;
log.UserId = user != null ? (int?)user.User.Id : null;
log.Verb = httpContext.Request.Method;
log.ResponseCode = httpContext.Response.StatusCode;
log.QueryString = httpContext.Request.QueryString.ToString();
try
{
await apiLogRepository.InsertApiLog(log);
}
catch (Exception ex)
{
}
}
public void VerifyTextFieldsAreMaskedCorrectly()
{
var apiLog = new ApiLog();
var cc = "4111111111111111";
var maskedCC = "411111******1111";
var filter = new TextLogMaskingFilter(new List <TextMaskingRule> {
new TextMaskingRule {
Field = "textField", Mask = Masks.DefaultMask
},
new TextMaskingRule {
Field = "textFieldCC", Mask = Masks.CreditCardMask
}
});
apiLog.TrySetValue("textField", "textFieldValue");
apiLog.TrySetValue("textFieldCC", cc);
apiLog.TrySetValue("textFieldNotToBeMasked", "textFieldNotToBeMaskedValue");
var masked = filter.Apply(apiLog);
var fields = masked.GetFields();
var maskedTextField = fields.First(x => x.Key == "textField").Value;
var maskedTextFieldCC = fields.First(x => x.Key == "textFieldCC").Value;
var maskedTextFieldNoToBeMasked = fields.First(x => x.Key == "textFieldNotToBeMasked").Value;
Assert.Equal("t************e", maskedTextField);
Assert.Equal(maskedCC, maskedTextFieldCC);
Assert.Equal("textFieldNotToBeMaskedValue", maskedTextFieldNoToBeMasked);
}
public bool Add(ApiLog log)
{
if (log == null)
{
return(false);
}
using (MySqlConnection conn = new MySqlConnection(connStr))
{
try
{
conn.Open();
MySqlCommand cmd = new MySqlCommand("insert into apilog(openid, nickname, ip, endpoint, client, createdAt) values(@openid, @nickname, @ip, @endpoint, @client, now())", conn);
cmd.Parameters.Add(new MySqlParameter("openid", log.openId));
cmd.Parameters.Add(new MySqlParameter("nickname", log.nickName));
cmd.Parameters.Add(new MySqlParameter("ip", log.ip));
cmd.Parameters.Add(new MySqlParameter("endpoint", log.endpoint));
cmd.Parameters.Add(new MySqlParameter("client", log.client));
cmd.ExecuteNonQuery();
return(true);
}
finally
{
conn.Close();
}
}
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
try
{
ApiLog log = new ApiLog();
if (request.Headers.Contains("openid"))
{
log.openId = request.Headers.GetValues("openid").FirstOrDefault();
}
if (request.Headers.Contains("nickname"))
{
log.nickName = request.Headers.GetValues("nickname").FirstOrDefault();
}
log.endpoint = request.RequestUri.ToString();
log.ip = GetClientIpAddress(request);
log.client = request.Headers.UserAgent.ToString();
var dao = new ApiLogDao(ConfigurationManager.AppSettings["mysqlConnStr"]);
dao.Add(log);
}
catch (Exception ex) {
logger.Error(ex.Message);
}
return(base.SendAsync(request, cancellationToken));
}
public ActionResult DeleteConfirmed(int id)
{
ApiLog apiLog = db.ApiLogs.Find(id);
db.ApiLogs.Remove(apiLog);
db.SaveChanges();
return(RedirectToAction("Index"));
}
public string query_order(string req_seq_sel)
{
ApiService mapiservice = new ApiServiceData().GetApiservice(1);
string req_seq = mapiservice.Organization + DateTime.Now.ToString("yyyyMMddhhssmm") + CommonFunc.CreateNum(6);//请求流水号
StringBuilder builderOrder = new StringBuilder();
builderOrder.Append(@"<?xml version=""1.0"" encoding=""utf-8""?>");
builderOrder.Append(@"<business_trans version=""1.0"">");
builderOrder.Append("<request_type>query_order</request_type>"); //<!--查询-->
builderOrder.AppendFormat("<organization>{0}</organization>", mapiservice.Organization); //<!--机构号-->
builderOrder.AppendFormat("<password>{0}</password>", mapiservice.Password); //<!-- 接口使用密码 -->
builderOrder.AppendFormat("<req_seq>{0}</req_seq>", req_seq); //<!--请求流水号-->
builderOrder.Append("<order>");
builderOrder.AppendFormat("<order_num>{0}</order_num>", req_seq_sel); //<!-- 订单号 y-->
builderOrder.Append("</order>");
builderOrder.Append("</business_trans>");
string bstr = "";
try
{
ITicketService its11 = new ITicketService();
string en = EncryptionHelper.DESEnCode(builderOrder.ToString(), mapiservice.Deskey);
string retxmls = its11.getEleInterface(mapiservice.Organization, en);
bstr = EncryptionHelper.DESDeCode(retxmls, mapiservice.Deskey);
}
catch (Exception e)
{
bstr = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<business_trans>" +
"<response_type>query_order</response_type>" +
"<req_seq>" + req_seq + "</req_seq>" +
"<result>" +
"<id></id>" +
"<comment>" + e.Message + "</comment>" +
" </result>" +
"</business_trans>";
}
//录入交互日志
ApiLog mapilog = new ApiLog
{
Id = 0,
request_type = "query_order",
Serviceid = 1,
Str = builderOrder.ToString().Trim(),
Subdate = DateTime.Now,
ReturnStr = bstr,
ReturnSubdate = DateTime.Now,
Errmsg = "",
};
int ins = new ApiLogData().EditLog(mapilog);
return(bstr);
}
internal int EditLog(ApiLog m)
{
if (m.Id > 0)
{
string sql = @"update [api_log]
set serviceid=@serviceid
,str=@str
,subdate=@subdate
,returnstr=@returnstr
,returndate=@returndate
,errmsg=@errmsg
,request_type=@request_type
where id=@id";
var cmd = sqlHelper.PrepareTextSqlCommand(sql);
cmd.AddParam("@serviceid", m.Serviceid);
cmd.AddParam("@str", m.Str);
cmd.AddParam("@subdate", m.Subdate);
cmd.AddParam("@returnstr", m.ReturnStr);
cmd.AddParam("@returndate", m.ReturnSubdate);
cmd.AddParam("@errmsg", m.Errmsg);
cmd.AddParam("@request_type", m.request_type);
cmd.AddParam("@id", m.Id);
cmd.ExecuteNonQuery();
return m.Id;
}
else
{
string sql = @"INSERT INTO [api_log]
([serviceid]
,[str]
,[subdate]
,[returnstr]
,[returndate]
,[errmsg]
,[request_type])
VALUES
(@serviceid
,@str
,@subdate
,@returnstr
,@returndate
,@errmsg
,@request_type);select @@identity;";
var cmd = sqlHelper.PrepareTextSqlCommand(sql);
cmd.AddParam("@serviceid", m.Serviceid);
cmd.AddParam("@str", m.Str);
cmd.AddParam("@subdate", m.Subdate);
cmd.AddParam("@returnstr", m.ReturnStr);
cmd.AddParam("@returndate", m.ReturnSubdate);
cmd.AddParam("@errmsg", m.Errmsg);
cmd.AddParam("@request_type", m.request_type);
object o = cmd.ExecuteScalar();
return int.Parse(o.ToString());
}
}
public void VerifyJSONFieldsAreMaskedCorrectly()
{
var apiLog = new ApiLog();
var cc = "4111111111111111";
var maskedCC = "411111******1111";
var filter = new StreamLogMaskingFilter(new List <JsonPayloadMaskingRule>
{
new JsonPayloadMaskingRule("jsonfield", new PayloadFieldMaskingRule []
{
new PayloadFieldMaskingRule {
Path = "param1"
},
new PayloadFieldMaskingRule {
Path = "param2"
},
new PayloadFieldMaskingRule {
Path = "param3"
},
new PayloadFieldMaskingRule {
Path = "param4.childParam"
},
new PayloadFieldMaskingRule {
Path = "param4.childParamCC", Mask = Masks.CreditCardMask
}
})
});
var json = string.Format(@"{{
""PARAM1"": "" aa "",
""param2"": "" aaaa "",
""param3"": "" aaaaa "",
""param4"": {{
""childParam"": ""ccccc"",
""childParamCC"": ""{0}""
}}
}}", cc);
apiLog.TrySetValue("jsonField", new Payload(json));
apiLog.TrySetValue("jsonFieldNotToBeMasked", new Payload(json));
var masked = filter.Apply(apiLog);
var fields = masked.GetFields();
var maskedJsonField = (fields.First(x => x.Key == "jsonField").Value as Payload).GetString();
var maskedJsonFieldNoToBeMasked = (fields.First(x => x.Key == "jsonFieldNotToBeMasked").Value as Payload).GetString();
Assert.Equal(string.Format(Regex.Replace(@"{{
""PARAM1"": ""**"",
""param2"": ""a***"",
""param3"": ""a***a"",
""param4"": {{
""childParam"": ""c***c"",
""childParamCC"": ""{0}""
}}
}}", @"\s|\t|\n|\r", ""), maskedCC), maskedJsonField);
Assert.Equal(json, maskedJsonFieldNoToBeMasked);
}
public void Save(ApiLog log)
{
Task.Run(() =>
{
using (var client = new Database(ApiConstants.ConnectionStringName))
{
client.Save(log);
}
});
}
public static string GetApiLog(RestCommand command, int apiLogID)
{
ApiLog apiLog = ApiLogs.GetApiLog(command.LoginUser, apiLogID);
if (apiLog.OrganizationID != command.Organization.OrganizationID)
{
throw new RestException(HttpStatusCode.Unauthorized);
}
return(apiLog.GetXml("ApiLog", true));
}
private string interurl = "http://outer.mjld.com.cn/Outer/Interface/";//正式接口url
#region 2.5、 提交订单(SubmitOrder)
public string SubmitOrder(ApiService mapiservice, Api_Mjld_SubmitOrder_input minput)
{
string xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
"<Body>" +
"<timeStamp>" + minput.timeStamp + "</timeStamp>" +
"<user>" + minput.user + "</user>" +
"<password>" + minput.password + "</password>" +
"<goodsId>" + minput.goodsId + "</goodsId>" +
"<num>" + minput.num + "</num>" + //<!—可以填多个,默认为1 -->
"<phone>" + minput.phone + "</phone>" +
"<batch>" + minput.batch + "</batch>" + //<!-值填1时一码一票,值填0或不填该字段是一码多票>
"<guest_name>" + minput.guest_name + "</guest_name>" +
"<identityno>" + minput.identityno + "</identityno>" +
"<order_note>" + minput.order_note + "</order_note>" +
"<forecasttime>" + minput.forecasttime + "</forecasttime>" + //【产品详情里IsReserve=True时,需传递该时间;IsReserve=False时,必须保留该值为空】
"<outOrderId>" + minput.orderId + "</outOrderId>" +
"<orderpost>" + //快递信息
"<consignee>" + minput.consignee + "</consignee>" +
"<address>" + minput.address + "</address>" +
"<zipcode>" + minput.zipcode + "</zipcode>" +
"</orderpost>" +
"</Body>";
string data = HttpUtility.UrlEncode(Mjld_TCodeServiceCrypt.Encrypt3DESToBase64(xml, mapiservice.Deskey));
string postData = string.Format("businessid={1}&content={0}", data, mapiservice.Organization);
string str = POST(interurl + "SubmitOrder", postData);
string bstr = "fail";
try
{
bstr = Mjld_TCodeServiceCrypt.Decrypt3DESFromBase64(str, mapiservice.Deskey);
}
catch
{
bstr += " " + str;
}
//录入交互日志
ApiLog mapilog = new ApiLog
{
Id = 0,
request_type = "SubmitOrder",
Serviceid = 3,
Str = xml.Trim(),
Subdate = DateTime.Now,
ReturnStr = bstr,
ReturnSubdate = DateTime.Now,
Errmsg = "",
};
int ins = new ApiLogData().EditLog(mapilog);
return(bstr);
}
public ActionResult Create([Bind(Include = "Id,Method,URL,Request,Response,Status,StatusCode,CreatedOn")] ApiLog apiLog)
{
if (ModelState.IsValid)
{
db.ApiLogs.Add(apiLog);
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(apiLog));
}
public IHttpActionResult Login([FromBody] RequestModel req)//string data,string secret
{
try
{
//真实参数
var parameters = Common.AesDecryp.GetAesDecryp(req.data, req.secret);
LoginUser u = new LoginUser();
u.Mobile = parameters["Mobile"];
u.Pwd = parameters["Pwd"];
if (!string.IsNullOrEmpty(u.Mobile) && !string.IsNullOrEmpty(u.Pwd))
{
using (dbDataContext db = new dbDataContext())
{
string pwd = Common.MD5.Encrypt(u.Pwd, 32);
var list = db.Users.Where(x => x.Mobile == u.Mobile && x.Pwd == pwd).Select(x => new
{
x.ID,
x.Mobile,
x.Name,
x.RoleID,
x.Roles.RoleName,
x.Areas,
x.Grids,
x.Post,
x.AddTime,
}).FirstOrDefault();
if (list != null)
{
#region 添加登录日志
ApiLog log = new ApiLog();
log.AddTime = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
log.ClientType = 0;
log.Code = (int?)System.Net.HttpStatusCode.OK;
log.ErrMsg = "";
log.Parameters = Newtonsoft.Json.JsonConvert.SerializeObject(parameters.AllKeys.ToDictionary(k => k, k => parameters[k]));
log.RequestName = "/Users/Login";
log.UserID = list.ID;
db.ApiLog.InsertOnSubmit(log);
db.SubmitChanges();
#endregion
return(Json(new { data = list, state = 1, msg = "登录成功" }));
}
return(Json(new { state = 0, msg = "手机号或密码错误" }));
}
}
return(Json(new { state = 0, msg = "手机号或密码为空" }));
}
catch (Exception ex)
{
throw ex;
}
}
public ActionResult Edit([Bind(Include = "Id,Method,URL,Request,Response,Status,StatusCode,CreatedOn")] ApiLog apiLog)
{
if (ModelState.IsValid)
{
var t =
db.Entry(apiLog).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(apiLog));
}
public string cancel_order(ApiService mapiservice, Api_yg_cancelorder m_ygcancelorder)
{
StringBuilder buildOrder = new StringBuilder();
buildOrder.Append(@"<?xml version=""1.0"" encoding=""utf-8""?>");
buildOrder.Append(@"<business_trans version=""1.0"">");
buildOrder.Append("<request_type>cancel_order</request_type>"); //<!--撤销-->
buildOrder.AppendFormat("<organization>{0}</organization>", mapiservice.Organization); //<!--机构号-->
buildOrder.AppendFormat("<password>{0}</password>", mapiservice.Password); //<!-- 接口使用密码 -->
buildOrder.AppendFormat("<req_seq>{0}</req_seq>", m_ygcancelorder.req_seq); //<!--请求流水号-->
buildOrder.Append("<order>");
buildOrder.AppendFormat("<order_num>{0}</order_num>", m_ygcancelorder.ygorder_num); //<!-- 订单号 y-->
buildOrder.AppendFormat("<num>{0}</num>", m_ygcancelorder.num); //<!-- 张数 y-->
buildOrder.Append("</order>");
buildOrder.Append("</business_trans>");
string bstr = "";
try
{
ITicketService its12 = new ITicketService();
string en = EncryptionHelper.DESEnCode(buildOrder.ToString(), mapiservice.Deskey);
string retxmls = its12.getEleInterface(mapiservice.Organization, en);
bstr = EncryptionHelper.DESDeCode(retxmls, mapiservice.Deskey);
}
catch (Exception e)
{
bstr = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<business_trans>" +
"<response_type>cancel_order</response_type>" +
"<req_seq>" + m_ygcancelorder.req_seq + "</req_seq>" +
"<result>" +
"<id></id>" +
"<comment>" + e.Message + "</comment>" +
" </result>" +
"</business_trans>";
}
//录入交互日志
ApiLog mapilog = new ApiLog
{
Id = 0,
request_type = "cancel_order",
Serviceid = 1,
Str = buildOrder.ToString().Trim(),
Subdate = DateTime.Now,
ReturnStr = bstr,
ReturnSubdate = DateTime.Now,
Errmsg = "",
};
int ins = new ApiLogData().EditLog(mapilog);
return(bstr);
}
