(エッセンス)2020年6月29日C#クラスライブラリインタフェース署名検査
20213 ワード
using Coldairarrow.Business.Base_Manage;
using Coldairarrow.Util;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.Caching.Distributed;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using System;
using System.Threading.Tasks;
namespace Core.Api
{
/*
==== ====
, header
| header | | |
| appId | string | Id |
| time | string | , :2020-06-29 23:00:00 |
| guid | string | GUID , , |
| sign| string | , |
:
:
appId=xxx
appSecret=xxx
time=2017-01-01 23:00:00
guid=d0595245-60db-495d-9c0e-fea931b8d69a
body={"aaa":"aaa"}
1: appId+time+guid+body+appSecret xxx2017-01-01 23:00:00d0595245-60db-495d-9c0e-fea931b8d69a{"aaa":"aaa"}xxx
2: MD5(32 )
sign=MD5(xxx2017-01-01 23:00:00d0595245-60db-495d-9c0e-fea931b8d69a{"aaa":"aaa"}xxx)
=4e30f1eca521485c208f642a7d927ff0
3: header appId、time、guid、sign
*/
///
/// 、
/// 、 、
///
public class CheckSignAttribute : BaseActionFilterAsync
{
///
/// Action
///
///
public async override Task OnActionExecuting(ActionExecutingContext filterContext)
{
//
if (filterContext.ContainsFilter<IgnoreSignAttribute>())
return;
var request = filterContext.HttpContext.Request;
IServiceProvider serviceProvider = filterContext.HttpContext.RequestServices;
IBase_AppSecretBusiness appSecretBus = serviceProvider.GetService<IBase_AppSecretBusiness>();
ILogger logger = serviceProvider.GetService<ILogger<CheckSignAttribute>>();
var cache = serviceProvider.GetService<IDistributedCache>();
string appId = request.Headers["appId"].ToString();
if (appId.IsNullOrEmpty())
{
ReturnError(" header:appId");
return;
}
string time = request.Headers["time"].ToString();
if (time.IsNullOrEmpty())
{
ReturnError(" header:time");
return;
}
if (time.ToDateTime() < DateTime.Now.AddMinutes(-5) || time.ToDateTime() > DateTime.Now.AddMinutes(5))
{
ReturnError("time ");
return;
}
string guid = request.Headers["guid"].ToString();
if (guid.IsNullOrEmpty())
{
ReturnError(" header:guid");
return;
}
string guidKey = $"ApiGuid_{guid}";
if (cache.GetString(guidKey).IsNullOrEmpty())
cache.SetString(guidKey, "1", new DistributedCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(10)
});
else
{
ReturnError(" !");
return;
}
request.EnableBuffering();
string body = await request.Body.ReadToStringAsync();
string sign = request.Headers["sign"].ToString();
if (sign.IsNullOrEmpty())
{
ReturnError(" header:sign");
return;
}
string appSecret = await appSecretBus.GetAppSecretAsync(appId);
if (appSecret.IsNullOrEmpty())
{
ReturnError("header:appId ");
return;
}
string newSign = HttpHelper.BuildApiSign(appId, appSecret, guid, time.ToDateTime(), body);
if (sign != newSign)
{
string log =
$@"sign !
headers:{request.Headers.ToJson()}
body:{body}
sign:{newSign}
";
logger.LogWarning(log);
ReturnError("header:sign ");
return;
}
void ReturnError(string msg)
{
filterContext.Result = Error(msg);
}
}
}
}
namespace Core.Api
{
///
///
///
public class IgnoreSignAttribute : BaseActionFilterAsync
{
}
}