nelson.kai
/
ShowEasy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
465 Commits
2 Branches
0 Tags
492 MiB
Tree: 74c4392cb1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '74c4392cb1'
${ noResults }
ShowEasy/EuroTran/EasyBL/WebApi/Common/SignExtension.cs

102 lines
3.8 KiB
Raw Normal View History

Dev版本
2 years ago
  1. using EasyBL.WebApi.WebApi;
  2. using EasyNet;
  3. using Entity.Sugar;
  4. using SqlSugar.Base;
  5. using System;
  6. using System.Linq;
  7. using System.Text;
  8. using System.Web;
  10. namespace EasyBL.WebApi.Common
  11. {
  12. public class SignExtension
  13. {
  14. /// <summary>
  15. /// 驗證身份
  16. /// </summary>
  17. /// <param name="c">todo: describe c parameter on VerifyIdentity</param>
  18. /// <param name="header">todo: describe header parameter on VerifyIdentity</param>
  19. /// <returns></returns>
  20. public static bool VerifyIdentity(HttpContext c, APISoapHeader header)
  21. {
  22. var bValid = true;
  23. try
  24. {
  25. if (header == null)
  26. {
  27. var sOrgid = c.Request.Headers["orgid"];
  28. var sUserid = c.Request.Headers["userid"];
  29. var sToken = c.Request.Headers["token"];
  30. var sSignature = c.Request.Headers["signature"];
  32. if (string.IsNullOrWhiteSpace(sSignature))
  33. {
  34. var oTicket = (OTB_SYS_TicketAuth)HttpRuntimeCache.Get(sOrgid + sUserid);
  35. if (oTicket == null)
  36. {
  37. var db = SugarBase.GetIntance();
  38. oTicket = db.Queryable<OTB_SYS_TicketAuth>().Single(it => it.Token == sToken);
  39. }
  40. if (oTicket == null || oTicket.Token != sToken || (oTicket.IsVerify == "Y" && oTicket.ExpireTime < DateTime.Now))
  41. {
  42. bValid = false;
  43. }
  44. }
  45. else
  46. {
  47. if (string.IsNullOrWhiteSpace(sSignature))
  48. {
  49. bValid = false;
  50. }
  51. else
  52. {
  53. var sTimestamp = c.Request.Headers["timestamp"];
  54. var sNonce = c.Request.Headers["nonce"];
  55. bValid = SignExtension.TokenVerify(sTimestamp, sNonce, sToken, sSignature);
  56. }
  57. }
  58. }
  59. return bValid;
  60. }
  61. catch (Exception)
  62. {
  63. return false;
  64. }
  65. }
  67. /// <summary>
  68. /// 验证加密签名
  69. /// </summary>
  70. /// <param name="timeStamp">todo: describe timeStamp parameter on TokenVerify</param>
  71. /// <param name="nonce">todo: describe nonce parameter on TokenVerify</param>
  72. /// <param name="token">todo: describe token parameter on TokenVerify</param>
  73. /// <param name="signature">todo: describe signature parameter on TokenVerify</param>
  74. /// <returns></returns>
  75. public static bool TokenVerify(string timeStamp, string nonce, string token, string signature)
  76. {
  77. var hash = System.Security.Cryptography.MD5.Create();
  78. //拼接簽名數據
  79. var signStr = token + timeStamp + nonce;
  80. //將字符串中字符按升序排序
  81. var sortStr = string.Concat(signStr.OrderBy(c => c));
  82. var bytes = Encoding.UTF8.GetBytes(sortStr);
  83. //使用MD5加密
  84. var md5Val = hash.ComputeHash(bytes);
  85. //把二進制轉化為大寫的十六進制的
  86. var result = new StringBuilder();
  87. foreach (var c in md5Val)
  88. {
  89. result.Append(c.ToString("X2"));
  90. }
  92. return result.ToString().ToUpper() == signature;
  93. }
  95. // like Ivj6eZRx40MTx2ZvnG8nA
  96. public static string CreateToken()
  97. {
  98. var token = Guid.NewGuid().ToString();
  99. token = SecurityUtil.SHA256(token);
  100. return token;
  101. }
  102. }
  103. }