/// <summary> /// 重写OnActionExecuting方法 在进入控制器之前验证 sign以及 参数合法性信息 add by caoheyang 20150318 /// </summary> /// <param name="actionContext"></param> public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { Stopwatch stop = new Stopwatch(); actionContext.Request.Properties[Key] = stop; stop.Start(); dynamic paramodel = actionContext.ActionArguments["paramodel"]; //当前请求的参数对象 lock (paramodel) { if (actionContext.ModelState.Count > 0 || paramodel == null) //参数错误,请求中止 { actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert (actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.ParaError, actionContext.ModelState.Keys)); return; } IGroupProvider groupProvider = new GroupProvider(); GroupApiConfigModel groupCofigInfo = groupProvider.GetGroupApiConfigByAppKey(paramodel.app_key, paramodel.v); LogHelper.LogWriter("groupCofigInfo", new { groupCofigInfo = groupCofigInfo }); if (groupCofigInfo != null && groupCofigInfo.IsValid == 1)//集团可用,且有appkey信息 { string signStr = groupCofigInfo.AppSecret + "app_key" + paramodel.app_key + "timestamp" + paramodel.timestamp + "v" + paramodel.v + groupCofigInfo.AppSecret; string sign = MD5.Encrypt(signStr); LogHelper.LogWriter("签名是否一致:", new { sign = sign, sign1 = paramodel.sign }); if (sign != paramodel.sign) //sign错误,请求中止 { actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert (actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.SignError)); return; } else { paramodel.group = ParseHelper.ToInt(groupCofigInfo.GroupId, 0); //设置集团 actionContext.ActionArguments["paramodel"] = paramodel; //更新参数实体 } } else { actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert (actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.SignError)); //sign错误,请求中止 return; } } }