/// <summary>
/// 校验数据签名
/// </summary>
/// <param name="value"></param>
/// <param name="appInfo"></param>
/// <returns></returns>
public static bool CheckSignData(this string value, SysAuthorizeInfo appInfo)
{
if (appInfo != null)
{
return(appInfo.CheckSign(value));
}
return(false);
}
public void TestMethod1()
{
string key = Guid.NewGuid().ToString().Replace("-",string.Empty);
SysAuthorizeInfo appInfo = new SysAuthorizeInfo();
appInfo.FromSignData("timespan=1434372013;appsource=1;appclient=1;token=SeBCjJYRkujxEsgv9XupyHY7aMkdQuQcqGMu0wQMbhw=;appversion=1.0;");
var newSignData = appInfo.ToSignData(key);
appInfo.FromSignData(newSignData);
var result = appInfo.CheckSign(key);
}
public static void SysAuth()
{
string key = Guid.NewGuid().ToString().Replace("-", string.Empty);
SysAuthorizeInfo appInfo = new SysAuthorizeInfo();
appInfo.FromSignData("timespan=1434372013;appsource=1;appclient=1;token=SeBCjJYRkujxEsgv9XupyHY7aMkdQuQcqGMu0wQMbhw=;appversion=1.0;");
var newSignData = appInfo.ToSignData(key);
appInfo.FromSignData(newSignData);
var result = appInfo.CheckSign(key);
}
public async Task Invoke(HttpContext context)
{
if (MemberShiper.AppAuthorize != null)
{
await _next.Invoke(context);
return;
}
SysAuthorizeInfo sysInfo = null;
// 这里是为了兼容App嵌套h5页面,使用App的授权信息
string auticketStr = context.Request.Headers[GlobalKeysUtil.AuthorizeTicketName];
if (!string.IsNullOrEmpty(auticketStr))
{
sysInfo = new SysAuthorizeInfo();
sysInfo.FromSignData(auticketStr);
var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource);
if (!secretKeyRes.IsSuccess())
{
await ResponseEnd(context, secretKeyRes);
return;
}
if (!sysInfo.CheckSign(secretKeyRes.data))
{
await ResponseEnd(context, new ResultMo(ResultTypes.ParaError, "签名验证失败!"));
return;
}
sysInfo.OriginAppSource = sysInfo.AppSource;
}
// 如果不是App访问,添加Web相关系统信息
if (sysInfo == null)
{
sysInfo = new SysAuthorizeInfo
{
Token = context.Request.Cookies[GlobalKeysUtil.UserCookieName],
DeviceId = "WEB"
};
// todo appclient
}
CompleteAuthInfo(sysInfo, context);
MemberShiper.SetAppAuthrizeInfo(sysInfo);
await _next.Invoke(context);
}
public async Task Invoke(HttpContext context)
{
if (MemberShiper.AppAuthorize != null)
{
await _next.Invoke(context);
return;
}
SysAuthorizeInfo sysInfo = null;
// 这里是为了兼容App嵌套h5页面,使用App的授权信息
string auticketStr = context.Request.Headers[authorizeTicket];
if (!string.IsNullOrEmpty(auticketStr))
{
sysInfo = new SysAuthorizeInfo();
sysInfo.FromSignData(auticketStr);
var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource);
if (!secretKeyRes.IsSuccess || !sysInfo.CheckSign(secretKeyRes.Data))
{
context.Response.Redirect(string.Concat("/un/error?msg=", "不正确的应用来源!"));
return;
}
sysInfo.OriginAppSource = sysInfo.AppSource;
}
// 如果不是App访问,添加Web相关系统信息
if (sysInfo == null)
{
sysInfo = new SysAuthorizeInfo();
sysInfo.Token = context.Request.Cookies["ct_id"];
// todo appclient
sysInfo.DeviceId = "WEB";
}
CompleteAuthInfo(sysInfo, context);
MemberShiper.SetAppAuthrizeInfo(sysInfo);
await _next.Invoke(context);
}
public async Task Invoke(HttpContext context)
{
string auticketStr = context.Request.Headers[GlobalKeysUtil.AuthorizeTicketName];
if (string.IsNullOrEmpty(auticketStr))
{
await ResponseEnd(context, new ResultMo(ResultTypes.UnKnowSource, "未知应用来源"));
return;
}
var sysInfo = new SysAuthorizeInfo();
sysInfo.FromSignData(auticketStr);
var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource);
if (!secretKeyRes.IsSuccess())
{
await ResponseEnd(context, secretKeyRes);
return;
}
if (!sysInfo.CheckSign(secretKeyRes.data))
{
await ResponseEnd(context, new ResultMo(ResultTypes.ParaError, "非法应用签名!"));
return;
}
if (string.IsNullOrEmpty(sysInfo.IpAddress))
{
sysInfo.IpAddress = GetIpAddress(context);
}
MemberShiper.SetAppAuthrizeInfo(sysInfo);
await _next.Invoke(context);
}
public async Task Invoke(HttpContext context)
{
string auticketStr = context.Request.Headers[authorizeTicket];
if (auticketStr == null)
{
await ResponseEnd(context, new ResultMo(ResultTypes.UnKnowSource, "未知应用来源"));
return;
}
var sysInfo = new SysAuthorizeInfo();
sysInfo.FromSignData(auticketStr);
var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource);
if (!secretKeyRes.IsSuccess)
{
await ResponseEnd(context, secretKeyRes);
return;
}
if (!sysInfo.CheckSign(secretKeyRes.Data))
{
await ResponseEnd(context, new ResultMo(ResultTypes.ParaNotMeet, "非法应用签名!"));
return;
}
CompleteAuthInfo(sysInfo, context);
MemberShiper.SetAppAuthrizeInfo(sysInfo);
await _next.Invoke(context);
}
