/// <summary>
/// 检查请求签名合法性
/// </summary>
/// <param name="signature">加密签名字符串</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
/// <param name="appConfig">应用接入配置信息</param>
/// <returns>CheckResult</returns>
public CheckResult CheckRequestSignature(string signature, string timestamp, string nonce, AppConfig appConfig)
{
ValidateOperator.Begin()
.NotNullOrEmpty(signature, "加密签名字符串")
.NotNullOrEmpty(timestamp, "时间戳")
.NotNullOrEmpty(nonce, "随机数")
.NotNull(appConfig, "AppConfig");
var appSecret = appConfig.AppSecret;
var signatureExpired = appConfig.SignatureExpiredMinutes;
string[] data = { appSecret, timestamp, nonce };
Array.Sort(data);
var signatureText = string.Join("", data);
signatureText = Md5Encryptor.Encrypt(signatureText);
if (!signature.CompareIgnoreCase(signatureText) && CheckHelper.IsNumber(timestamp))
{
return(CheckResult.Success());
}
var timestampMillis =
UnixEpochHelper.DateTimeFromUnixTimestampMillis(timestamp.ToDoubleOrDefault());
var minutes = DateTime.UtcNow.Subtract(timestampMillis).TotalMinutes;
return(minutes > signatureExpired?CheckResult.Fail("签名时间戳失效") : CheckResult.Success());
}
private Tuple <bool, string> ValidateSignature(string signature, string timestamp, string nonce, string appSecret, int timspanExpiredMinutes)
{
Tuple <bool, string> _checkeResult = new Tuple <bool, string>(false, "数据完整性检查不通过");
string[] _arrayParamter = { appSecret, timestamp, nonce };
Array.Sort(_arrayParamter);
string _signatureString = string.Join("", _arrayParamter);
_signatureString = MD5Encryptor.Encrypt(_signatureString);
if (signature.CompareIgnoreCase(signature) && CheckHelper.IsNumber(timestamp))
{
DateTime _timestampMillis = UnixEpochHelper.DateTimeFromUnixTimestampMillis(timestamp.ToDoubleOrDefault(0f));
double _minutes = DateTime.UtcNow.Subtract(_timestampMillis).TotalMinutes;
if (_minutes > timspanExpiredMinutes)
{
_checkeResult = new Tuple <bool, string>(false, "签名时间戳失效");
}
else
{
_checkeResult = new Tuple <bool, string>(true, string.Empty);
}
}
return(_checkeResult);
}
public void DateTimeFromUnixTimestampMillisTest()
{
DateTime _actual = UnixEpochHelper.DateTimeFromUnixTimestampMillis(1422949956408);
DateTime _expected = new DateTime(2015, 02, 03, 7, 52, 36);
Assert.AreEqual(_expected.ToShortDateString(), _actual.ToShortDateString());
Assert.AreEqual(_expected.ToShortTimeString(), _actual.ToShortTimeString());
Assert.AreNotEqual(_expected, _actual);
}
/// <summary>
/// 验证WebApi签名
/// </summary>
/// <param name="signature">签名</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
/// <param name="appSecret">签名加密键</param>
/// <param name="signatureExpiredMinutes">签名过期分钟</param>
/// <returns>CheckResult</returns>
internal static CheckResult Validate(string signature, string timestamp, string nonce, string appSecret, int signatureExpiredMinutes)
{
string[] _arrayParamter = { appSecret, timestamp, nonce };
Array.Sort(_arrayParamter);
string _signatureString = string.Join("", _arrayParamter);
_signatureString = MD5Encryptor.Encrypt(_signatureString);
if (signature.CompareIgnoreCase(signature) && CheckHelper.IsNumber(timestamp))
{
DateTime _timestampMillis =
UnixEpochHelper.DateTimeFromUnixTimestampMillis(timestamp.ToDoubleOrDefault(0f));
double _minutes = DateTime.UtcNow.Subtract(_timestampMillis).TotalMinutes;
if (_minutes > signatureExpiredMinutes)
{
return(CheckResult.Fail("签名时间戳失效"));
}
}
return(CheckResult.Success());
}
