/// <summary>
/// Action执行之前执行
/// </summary>
/// <param name="filterContext"></param>
public async override Task OnActionExecuting(ActionExecutingContext filterContext)
{
IBase_AppSecretBusiness appSecretBus = AutofacHelper.GetScopeService <IBase_AppSecretBusiness>();
ILogger logger = AutofacHelper.GetScopeService <ILogger>();
//若为本地测试,则不需要校验
if (GlobalSwitch.RunMode == RunMode.LocalTest)
{
return;
}
//判断是否需要签名
if (filterContext.ContainsFilter <IgnoreSignAttribute>())
{
return;
}
var request = filterContext.HttpContext.Request;
string appId = request.Headers["appId"].ToString();
if (appId.IsNullOrEmpty())
{
ReturnError("缺少header:appId");
return;
}
string time = request.Headers["time"].ToString();
if (time.IsNullOrEmpty())
{
ReturnError("缺少header:time");
return;
}
if (time.ToDateTime() < DateTime.Now.AddMinutes(-5) || time.ToDateTime() > DateTime.Now.AddMinutes(5))
{
ReturnError("time过期");
return;
}
string guid = request.Headers["guid"].ToString();
if (guid.IsNullOrEmpty())
{
ReturnError("缺少header:guid");
return;
}
string guidKey = $"{GlobalSwitch.ProjectName}_apiGuid_{guid}";
if (CacheHelper.Cache.GetCache(guidKey).IsNullOrEmpty())
{
CacheHelper.Cache.SetCache(guidKey, "1", new TimeSpan(0, 10, 0));
}
else
{
ReturnError("禁止重复调用!");
return;
}
string body = request.Body.ReadToString();
string sign = request.Headers["sign"].ToString();
if (sign.IsNullOrEmpty())
{
ReturnError("缺少header:sign");
return;
}
string appSecret = await appSecretBus.GetAppSecretAsync(appId);
if (appSecret.IsNullOrEmpty())
{
ReturnError("header:appId无效");
return;
}
string newSign = HttpHelper.BuildApiSign(appId, appSecret, guid, time.ToDateTime(), body);
if (sign != newSign)
{
string log =
$@"header:sign签名错误!
headers:{request.Headers.ToJson()}
body:{body}
正确sign:{newSign}
";
logger.Error(LogType.系统异常, log);
ReturnError("header:sign签名错误");
return;
}
void ReturnError(string msg)
{
filterContext.Result = Error(msg);
}
}
/// <summary>
/// Action执行之前执行
/// </summary>
/// <param name="filterContext"></param>
public async override Task OnActionExecuting(ActionExecutingContext filterContext)
{
//判断是否需要签名
if (filterContext.ContainsFilter <IgnoreSignAttribute>())
{
return;
}
var request = filterContext.HttpContext.Request;
IServiceProvider serviceProvider = filterContext.HttpContext.RequestServices;
IBase_AppSecretBusiness appSecretBus = serviceProvider.GetService <IBase_AppSecretBusiness>();
ILogger logger = serviceProvider.GetService <ILogger <CheckSignAttribute> >();
var cache = serviceProvider.GetService <IDistributedCache>();
string appId = request.Headers["appId"].ToString();
if (appId.IsNullOrEmpty())
{
ReturnError("缺少header:appId");
return;
}
string time = request.Headers["time"].ToString();
if (time.IsNullOrEmpty())
{
ReturnError("缺少header:time");
return;
}
if (time.ToDateTime() < DateTime.Now.AddMinutes(-5) || time.ToDateTime() > DateTime.Now.AddMinutes(5))
{
ReturnError("time过期");
return;
}
string guid = request.Headers["guid"].ToString();
if (guid.IsNullOrEmpty())
{
ReturnError("缺少header:guid");
return;
}
string guidKey = $"ApiGuid_{guid}";
if (cache.GetString(guidKey).IsNullOrEmpty())
{
cache.SetString(guidKey, "1", new DistributedCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(10)
});
}
else
{
ReturnError("禁止重复调用!");
return;
}
string body = request.Body.ReadToString();
string sign = request.Headers["sign"].ToString();
if (sign.IsNullOrEmpty())
{
ReturnError("缺少header:sign");
return;
}
string appSecret = await appSecretBus.GetAppSecretAsync(appId);
if (appSecret.IsNullOrEmpty())
{
ReturnError("header:appId无效");
return;
}
string newSign = HttpHelper.BuildApiSign(appId, appSecret, guid, time.ToDateTime(), body);
if (sign != newSign)
{
string log =
$@"sign签名错误!
headers:{request.Headers.ToJson()}
body:{body}
正确sign:{newSign}
";
logger.LogWarning(log);
ReturnError("header:sign签名错误");
return;
}
void ReturnError(string msg)
{
filterContext.Result = Error(msg);
}
}