Exemplo n.º 1
0
        /// <summary>
        /// (1)接口参数加密(基础加密)
        /// 通过签名匹配校验
        /// </summary>
        /// <returns></returns>
        public HttpResponseMessage GetUserBySign(string mobile, string appKey, string sign)
        {
            var dic = new SortedList <string, string>();

            dic.Add("mobile", mobile);
            dic.Add("appKey", appKey);
            var currentSign = SecurifyHelper.CreateSign(dic, appKey);

            if (currentSign != sign)
            {
                return(ObjectExtends.ToHttpRspMsgError("非法调用"));
            }

            var user = GetUserObj();

            return(user.ToHttpRspMsgSuccess());
        }
Exemplo n.º 2
0
        public HttpResponseMessage GetSecretToken([FromBody] string appKey, long timestamp, string sign)
        {
            var dic = new SortedList <string, string>();

            dic.Add("timestamp", timestamp.ToString());
            dic.Add("appKey", appKey);
            var chkResult = SecretHelper.CheckSign(dic, sign);

            if (!chkResult.Status)
            {
                return(ObjectExtends.ToHttpRspMsgError(chkResult.Msg));
            }
            //生成临时接口校验token
            var secretToken = SecretHelper.GetSecretTokenByKey(appKey);

            return(new { secretToken = "" }.ToHttpRspMsgSuccess());
        }
Exemplo n.º 3
0
        /// <summary>
        /// (3)通过以上方式+私钥
        /// </summary>
        /// <param name="mobile"></param>
        /// <param name="timestamp"></param>
        /// <param name="appKey"></param>
        /// <param name="sign"></param>
        /// <returns></returns>
        public HttpResponseMessage GetUserBySecretKey(string token, long timestamp, string appKey, string sign)
        {
            var dic = new SortedList <string, string>();

            dic.Add("token", token);
            dic.Add("timestamp", timestamp.ToString());
            dic.Add("appKey", appKey);
            var chkResult = SecretHelper.CheckSign(dic, sign);

            if (!chkResult.Status)
            {
                return(ObjectExtends.ToHttpRspMsgError(chkResult.Msg));
            }

            var user = GetUserObj();

            return(user.ToHttpRspMsgSuccess());
        }
Exemplo n.º 4
0
        /// <summary>
        /// (2)通过以上方式+时效性
        /// </summary>
        /// <param name="mobile"></param>
        /// <param name="timestamp"></param>
        /// <param name="appKey"></param>
        /// <param name="sign"></param>
        /// <returns></returns>
        public HttpResponseMessage GetUserBytimestamp(string mobile, long timestamp, string appKey, string sign)
        {
            var dic = new SortedList <string, string>();

            dic.Add("mobile", mobile);
            dic.Add("timestamp", timestamp.ToString());
            dic.Add("appKey", appKey);
            var currentSign = SecurifyHelper.CreateSign(dic, appKey);

            //判断签名是否一致
            if (currentSign != sign)
            {
                return(ObjectExtends.ToHttpRspMsgError("非法请求"));
            }
            //判断是否过期,30s有效期
            if (new DateTime(timestamp).AddSeconds(30) < DateTime.Now)
            {
                return(ObjectExtends.ToHttpRspMsgError("无效请求"));
            }

            var user = GetUserObj();

            return(user.ToHttpRspMsgSuccess());
        }