#region
|
using System;
|
using System.Collections.Generic;
|
using System.Collections.Specialized;
|
using System.Data.SqlClient;
|
using System.IO;
|
using System.Linq;
|
using System.Net;
|
using System.Net.Http;
|
using System.Text;
|
using System.Web;
|
using System.Web.Caching;
|
using System.Web.Http;
|
using System.Web.Http.Controllers;
|
using Newtonsoft.Json;
|
using Rattan.Basic.Utility;
|
using Rattan.BasicInfo.Data;
|
using Rattan.BasicInfo.DomainModel;
|
using Rattan.Core.DomainModel;
|
using Rattan.Sys.Data;
|
#endregion
|
|
namespace iWareSda_QQJF.WEBAPI.TestPost
|
{
|
/// <summary>
|
/// 权限验证
|
/// </summary>
|
public class ApiCheckAuthAttribute : AuthorizeAttribute
|
{
|
#region
|
/// <summary>
|
/// 身份验证特性类
|
/// </summary>
|
/// <param name="actionContext"></param>
|
public override void OnAuthorization(HttpActionContext actionContext)
|
{
|
var request = actionContext.Request;
|
var apitype = "api";
|
if (request.Headers.Contains("apiType"))
|
{
|
apitype = request.Headers.GetValues("apiType").FirstOrDefault();
|
}
|
if (apitype.ToLower() == "app")
|
{
|
AppAuth(actionContext);
|
}
|
else if (apitype.ToLower() == "consignor")
|
{
|
ConsignorAuth(actionContext);
|
}
|
else
|
{
|
ApiAuth(actionContext);
|
}
|
}
|
#endregion
|
|
#region ApiAuth
|
/// <summary>
|
/// 内部API接口
|
/// </summary>
|
/// <param name="actionContext"></param>
|
private void ApiAuth(HttpActionContext actionContext)
|
{
|
//GetToken方法不需要进行签名验证
|
if ("GetValidateCode,GetToken,Login,LoginUser".SplitEx().Contains(actionContext.ActionDescriptor.ActionName))
|
{
|
return;
|
}
|
|
var actionName = actionContext.ActionDescriptor.ActionName;
|
var type = actionContext.ActionDescriptor.ControllerDescriptor.ControllerType;
|
var m = type.GetMethod(actionName);
|
var attrs = m.GetCustomAttributes(false);
|
var noCheckAuth = false;
|
attrs.All(obj =>
|
{
|
Attribute attr = (System.Attribute)obj;
|
string name = attr.GetType().Name;
|
if (name == "NoCheckAuthAttribute")
|
{
|
noCheckAuth = true;
|
}
|
return true;
|
});
|
if (noCheckAuth) return;
|
|
ResultMsg resultMsg = null;
|
var request = actionContext.Request;
|
string guid = String.Empty, timestamp = string.Empty, nonce = string.Empty,
|
signature = string.Empty, AccessToken = string.Empty;
|
string method = request.Method.Method;
|
if (request.Method == HttpMethod.Options)
|
{
|
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted);
|
return;
|
}
|
if (request.Headers.Contains("guid"))
|
{
|
guid = HttpUtility.UrlDecode(request.Headers.GetValues("guid").FirstOrDefault());
|
}
|
|
var accessTokenKey = "AccessToken_" + guid;
|
var signTokenKey = "Token_" + guid;
|
if (request.Headers.Contains("AccessToken"))
|
{
|
//客户端授权Token
|
AccessToken = HttpUtility.UrlDecode(request.Headers.GetValues("AccessToken").FirstOrDefault());
|
if (AccessToken.IsNullOrEmpty())
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端未获取到授权";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
var _AccessTokenServer = RedisHelper.Cache.Read<LoginInfo>(accessTokenKey, 2);// HttpRuntime.Cache[accessTokenKey];
|
//如果缓存没有,在去访问日志里获取
|
if (_AccessTokenServer == null)
|
{
|
var where = "GUID=@GUID";
|
var paramList = new List<SqlParameter>();
|
paramList.Add(new SqlParameter("@GUID", guid));
|
var log = Sys_User_LogRepository.Instance.Get(where, "Log_Id DESC", paramList.ToArray());
|
if (log != null && log.LoginInfo.IsNotNullOrEmpty())
|
{
|
if (log.LoginInfo.IsNotNullOrEmpty())
|
{
|
_AccessTokenServer = JsonHelper.ConvertJson<LoginInfo>(log.LoginInfo);
|
RedisHelper.Cache.Write(accessTokenKey, _AccessTokenServer, DateTime.Now.AddDays(30), 2);
|
// HttpRuntime.Cache.Insert(accessTokenKey, _AccessTokenServer, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(20));
|
}
|
|
if (log.SignTokenInfo.IsNotNullOrEmpty())
|
{
|
var signTokenInfo = JsonHelper.ConvertJson<Token>(log.SignTokenInfo);
|
RedisHelper.Cache.Write(signTokenKey, signTokenInfo, DateTime.Now.AddDays(30), 2);
|
//HttpRuntime.Cache.Insert(signTokenKey, signTokenInfo, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(20));
|
}
|
}
|
}
|
|
if (_AccessTokenServer != null)
|
{
|
var platUserInfo = _AccessTokenServer as LoginInfo;
|
if (platUserInfo == null || platUserInfo.AccessToken != AccessToken)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端授权不正确";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
actionContext.Response.StatusCode = HttpStatusCode.Unauthorized;
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
else
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-服务器授权不存在";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
actionContext.Response.StatusCode = HttpStatusCode.Unauthorized;
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
else
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端未获取到授权";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
if (request.Headers.Contains("timestamp"))
|
{
|
timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("timestamp").FirstOrDefault());
|
}
|
if (request.Headers.Contains("nonce"))
|
{
|
nonce = HttpUtility.UrlDecode(request.Headers.GetValues("nonce").FirstOrDefault());
|
}
|
|
if (request.Headers.Contains("signature"))
|
{
|
signature = HttpUtility.UrlDecode(request.Headers.GetValues("signature").FirstOrDefault());
|
}
|
|
//判断请求头是否包含以下参数
|
if (string.IsNullOrEmpty(guid) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(signature))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.ParameterError;
|
resultMsg.Msg = StatusCodeEnum.ParameterError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
//判断timespan是否有效
|
double ts1 = 0;
|
double ts2 = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0)).TotalMilliseconds;
|
bool timespanvalidate = double.TryParse(timestamp, out ts1);
|
double ts = ts2 - ts1;
|
bool falg = ts > 8 * 60 * 1000; //2小时有效
|
if (falg || (!timespanvalidate))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.URLExpireError;
|
resultMsg.Msg = StatusCodeEnum.URLExpireError.GetEnumText();
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
|
//判断token是否有效
|
string cacheKey = "Token_" + guid;
|
Token token = RedisHelper.Cache.Read<Token>(cacheKey, 2); // (Token)HttpRuntime.Cache.Get(cacheKey);
|
string signtoken = string.Empty;
|
if (token == null)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.TokenInvalid;
|
resultMsg.Msg = StatusCodeEnum.TokenInvalid.GetEnumText();
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
actionContext.Response.StatusCode = HttpStatusCode.Forbidden;
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
else
|
{
|
signtoken = token.SignToken.ToString();
|
}
|
|
//根据请求类型拼接参数
|
NameValueCollection queryString = HttpContext.Current.Request.QueryString;
|
string data = string.Empty;
|
switch (method)
|
{
|
case "POST":
|
Stream stream = HttpContext.Current.Request.InputStream;
|
string responseJson = string.Empty;
|
StreamReader streamReader = new StreamReader(stream);
|
data = streamReader.ReadToEnd();
|
break;
|
case "GET":
|
//第一步:取出所有get参数
|
IDictionary<string, string> parameters = new Dictionary<string, string>();
|
for (int f = 0; f < queryString.Count; f++)
|
{
|
string key = queryString.Keys[f];
|
parameters.Add(key, queryString[key]);
|
}
|
|
// 第二步:把字典按Key的字母顺序排序
|
IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parameters);
|
IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator();
|
|
// 第三步:把所有参数名和参数值串在一起
|
StringBuilder query = new StringBuilder();
|
while (dem.MoveNext())
|
{
|
string key = dem.Current.Key;
|
string value = dem.Current.Value;
|
if (!string.IsNullOrEmpty(key))
|
{
|
query.Append(key).Append(value);
|
}
|
}
|
data = query.ToString();
|
break;
|
default:
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpMehtodError;
|
resultMsg.Msg = StatusCodeEnum.HttpMehtodError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
//转义常规字符
|
//data = HttpContext.Current.Server.UrlDecode(data);
|
var dataJson = JsonHelper.ConvertJson(data);
|
var _data = data;
|
// 数据不参数签名计算
|
if (dataJson.noDataSign==true)
|
{
|
_data = "";
|
}
|
bool result = SignExtension.Validate(timestamp, nonce, guid, signtoken, _data, signature);
|
if (!result)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpRequestError;
|
resultMsg.Msg = StatusCodeEnum.HttpRequestError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
#endregion
|
|
#region AppAuth
|
/// <summary>
|
/// 外部API接口
|
/// </summary>
|
/// <param name="actionContext"></param>
|
private void AppAuth(HttpActionContext actionContext)
|
{
|
//GetToken方法不需要进行签名验证
|
if ("GetValidateCode,GetToken,Login,LoginUser".SplitEx().Contains(actionContext.ActionDescriptor.ActionName))
|
{
|
return;
|
}
|
|
var actionName = actionContext.ActionDescriptor.ActionName;
|
var type = actionContext.ActionDescriptor.ControllerDescriptor.ControllerType;
|
var m = type.GetMethod(actionName);
|
var attrs = m.GetCustomAttributes(false);
|
var noCheckAuth = false;
|
attrs.All(obj =>
|
{
|
Attribute attr = (System.Attribute)obj;
|
string name = attr.GetType().Name;
|
if (name == "NoCheckAuthAttribute")
|
{
|
noCheckAuth = true;
|
}
|
return true;
|
});
|
if (noCheckAuth) return;
|
|
ResultMsg resultMsg = null;
|
var request = actionContext.Request;
|
string guid = String.Empty, timestamp = string.Empty, nonce = string.Empty,
|
signature = string.Empty, accessToken = string.Empty, appSecret = string.Empty, appKey = string.Empty;
|
string method = request.Method.Method;
|
if (request.Method == HttpMethod.Options)
|
{
|
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted);
|
return;
|
}
|
if (request.Headers.Contains("guid"))
|
{
|
guid = HttpUtility.UrlDecode(request.Headers.GetValues("guid").FirstOrDefault());
|
}
|
|
var accessTokenKey = "AccessToken_" + guid;
|
var signTokenKey = "Token_" + guid;
|
if (request.Headers.Contains("AccessToken"))
|
{
|
//客户端授权Token
|
accessToken = HttpUtility.UrlDecode(request.Headers.GetValues("AccessToken").FirstOrDefault());
|
if (accessToken.IsNullOrEmpty())
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端未获取到授权";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
var _AccessTokenServer = RedisHelper.Cache.Read<LoginInfo>(accessTokenKey, 2);// HttpRuntime.Cache[accessTokenKey];
|
//如果缓存没有,在去访问日志里获取
|
if (_AccessTokenServer == null)
|
{
|
var where = "GUID=@GUID";
|
var paramList = new List<SqlParameter>();
|
paramList.Add(new SqlParameter("@GUID", guid));
|
var log = Sys_User_LogRepository.Instance.Get(where, "Log_Id DESC", paramList.ToArray());
|
if (log != null && log.LoginInfo.IsNotNullOrEmpty())
|
{
|
if (log.LoginInfo.IsNotNullOrEmpty())
|
{
|
_AccessTokenServer = JsonHelper.ConvertJson<LoginInfo>(log.LoginInfo);
|
RedisHelper.Cache.Write(accessTokenKey, _AccessTokenServer, DateTime.Now.AddDays(30), 2);
|
//HttpRuntime.Cache.Insert(accessTokenKey, _AccessTokenServer, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(20));
|
}
|
|
if (log.SignTokenInfo.IsNotNullOrEmpty())
|
{
|
var signTokenInfo = JsonHelper.ConvertJson<Token>(log.SignTokenInfo);
|
RedisHelper.Cache.Write(signTokenKey, signTokenInfo, DateTime.Now.AddDays(30), 2);
|
//HttpRuntime.Cache.Insert(signTokenKey, signTokenInfo, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(20));
|
}
|
}
|
}
|
|
if (_AccessTokenServer != null)
|
{
|
var platUserInfo = _AccessTokenServer as LoginInfo;
|
if (platUserInfo == null || platUserInfo.AccessToken != accessToken)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端授权不正确";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
actionContext.Response.StatusCode = HttpStatusCode.Unauthorized;
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
else
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-服务器授权不存在";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
actionContext.Response.StatusCode = HttpStatusCode.Unauthorized;
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
else
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.Unauthorized;
|
resultMsg.Msg = StatusCodeEnum.Unauthorized.GetEnumText() + "-客户端未获取到授权";
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
if (request.Headers.Contains("timestamp"))
|
{
|
timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("timestamp").FirstOrDefault());
|
}
|
if (request.Headers.Contains("nonce"))
|
{
|
nonce = HttpUtility.UrlDecode(request.Headers.GetValues("nonce").FirstOrDefault());
|
}
|
|
if (request.Headers.Contains("appSecret"))
|
{
|
appSecret = HttpUtility.UrlDecode(request.Headers.GetValues("appSecret").FirstOrDefault());
|
}
|
if (request.Headers.Contains("appKey"))
|
{
|
appKey = HttpUtility.UrlDecode(request.Headers.GetValues("appKey").FirstOrDefault());
|
}
|
if (request.Headers.Contains("signature"))
|
{
|
signature = HttpUtility.UrlDecode(request.Headers.GetValues("signature").FirstOrDefault());
|
}
|
|
//判断请求头是否包含以下参数
|
if (string.IsNullOrEmpty(guid) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(signature))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.ParameterError;
|
resultMsg.Msg = StatusCodeEnum.ParameterError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
//判断timespan是否有效
|
double ts1 = 0;
|
double ts2 = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0)).TotalMilliseconds;
|
bool timespanvalidate = double.TryParse(timestamp, out ts1);
|
double ts = ts2 - ts1;
|
bool falg = ts > 8 * 60 * 1000; //2小时有效
|
if (falg || (!timespanvalidate))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.URLExpireError;
|
resultMsg.Msg = StatusCodeEnum.URLExpireError.GetEnumText();
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
|
//根据请求类型拼接参数
|
NameValueCollection queryString = HttpContext.Current.Request.QueryString;
|
string data = string.Empty;
|
switch (method)
|
{
|
case "POST":
|
Stream stream = HttpContext.Current.Request.InputStream;
|
string responseJson = string.Empty;
|
StreamReader streamReader = new StreamReader(stream);
|
data = streamReader.ReadToEnd();
|
break;
|
case "GET":
|
//第一步:取出所有get参数
|
IDictionary<string, string> parameters = new Dictionary<string, string>();
|
for (int f = 0; f < queryString.Count; f++)
|
{
|
string key = queryString.Keys[f];
|
parameters.Add(key, queryString[key]);
|
}
|
|
// 第二步:把字典按Key的字母顺序排序
|
IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parameters);
|
IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator();
|
|
// 第三步:把所有参数名和参数值串在一起
|
StringBuilder query = new StringBuilder();
|
while (dem.MoveNext())
|
{
|
string key = dem.Current.Key;
|
string value = dem.Current.Value;
|
if (!string.IsNullOrEmpty(key))
|
{
|
query.Append(key).Append(value);
|
}
|
}
|
data = query.ToString();
|
break;
|
default:
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpMehtodError;
|
resultMsg.Msg = StatusCodeEnum.HttpMehtodError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
//格式化JSON,去掉空格
|
data = JsonHelper.ConvertJsonStringNone(data);
|
bool result = SignExtension.ValidateApp(timestamp, nonce, appKey, appSecret, accessToken, data, signature);
|
if (!result)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpRequestError;
|
resultMsg.Msg = StatusCodeEnum.HttpRequestError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
#endregion
|
|
#region ConsignorAuth
|
/// <summary>
|
/// 货主调用API接口
|
/// </summary>
|
/// <param name="actionContext"></param>
|
private void ConsignorAuth(HttpActionContext actionContext)
|
{
|
var actionName = actionContext.ActionDescriptor.ActionName;
|
var type = actionContext.ActionDescriptor.ControllerDescriptor.ControllerType;
|
var m = type.GetMethod(actionName);
|
var attrs = m.GetCustomAttributes(false);
|
var noCheckAuth = false;
|
attrs.All(obj =>
|
{
|
Attribute attr = (System.Attribute)obj;
|
string name = attr.GetType().Name;
|
if (name == "NoCheckAuthAttribute")
|
{
|
noCheckAuth = true;
|
}
|
return true;
|
});
|
if (noCheckAuth) return;
|
|
ResultMsg resultMsg = null;
|
var request = actionContext.Request;
|
string token = string.Empty, timestamp = string.Empty, nonce = string.Empty,
|
signature = string.Empty, consignorCode = string.Empty;
|
string method = request.Method.Method;
|
if (request.Method == HttpMethod.Options)
|
{
|
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted);
|
return;
|
}
|
if (request.Headers.Contains("token"))
|
{
|
token = HttpUtility.UrlDecode(request.Headers.GetValues("token").FirstOrDefault());
|
}
|
|
if (request.Headers.Contains("timestamp"))
|
{
|
timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("timestamp").FirstOrDefault());
|
}
|
if (request.Headers.Contains("nonce"))
|
{
|
nonce = HttpUtility.UrlDecode(request.Headers.GetValues("nonce").FirstOrDefault());
|
}
|
if (request.Headers.Contains("consignorCode"))
|
{
|
consignorCode = HttpUtility.UrlDecode(request.Headers.GetValues("consignorCode").FirstOrDefault());
|
}
|
|
if (request.Headers.Contains("signature"))
|
{
|
signature = HttpUtility.UrlDecode(request.Headers.GetValues("signature").FirstOrDefault());
|
}
|
|
//判断请求头是否包含以下参数
|
if (string.IsNullOrEmpty(consignorCode) || string.IsNullOrEmpty(token) || string.IsNullOrEmpty(timestamp)
|
|| string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(signature))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.ParameterError;
|
resultMsg.Msg = StatusCodeEnum.ParameterError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
//判断timespan是否有效
|
double ts1 = 0;
|
double ts2 = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0)).TotalMilliseconds;
|
bool timespanvalidate = double.TryParse(timestamp, out ts1);
|
double ts = ts2 - ts1;
|
bool falg = ts > 8 * 60 * 1000; //2小时有效
|
if (falg || (!timespanvalidate))
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.URLExpireError;
|
resultMsg.Msg = StatusCodeEnum.URLExpireError.GetEnumText();
|
resultMsg.Data = null;
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
//根据请求类型拼接参数
|
NameValueCollection queryString = HttpContext.Current.Request.QueryString;
|
string data = string.Empty;
|
switch (method)
|
{
|
case "POST":
|
Stream stream = HttpContext.Current.Request.InputStream;
|
string responseJson = string.Empty;
|
StreamReader streamReader = new StreamReader(stream);
|
data = streamReader.ReadToEnd();
|
break;
|
case "GET":
|
//第一步:取出所有get参数
|
IDictionary<string, string> parameters = new Dictionary<string, string>();
|
for (int f = 0; f < queryString.Count; f++)
|
{
|
string key = queryString.Keys[f];
|
parameters.Add(key, queryString[key]);
|
}
|
|
// 第二步:把字典按Key的字母顺序排序
|
IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parameters);
|
IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator();
|
|
// 第三步:把所有参数名和参数值串在一起
|
StringBuilder query = new StringBuilder();
|
while (dem.MoveNext())
|
{
|
string key = dem.Current.Key;
|
string value = dem.Current.Value;
|
if (!string.IsNullOrEmpty(key))
|
{
|
query.Append(key).Append(value);
|
}
|
}
|
data = query.ToString();
|
break;
|
default:
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpMehtodError;
|
resultMsg.Msg = StatusCodeEnum.HttpMehtodError.GetEnumText();
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
//格式化JSON,去掉空格
|
data = JsonHelper.ConvertJsonStringNone(data);
|
bool result = SignExtension.ValidateConsignor(timestamp, nonce, consignorCode, token, data, signature);
|
if (!result)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.HttpRequestError;
|
resultMsg.Msg = "签名不合法";
|
resultMsg.Data = "";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
|
//验证账号是否正确
|
var where = "ConsignorCode=@ConsignorCode And Token=@Token";
|
var paramList = new SqlParameter[]
|
{
|
new SqlParameter("@ConsignorCode", consignorCode),
|
new SqlParameter("@Token", token),
|
};
|
var signTokenKey = "ConsignorToken_" + token;
|
var conInfo = RedisHelper.Cache.Read<Base_Consignor>(signTokenKey, 2); // (Base_Consignor)HttpRuntime.Cache[signTokenKey];
|
if (conInfo == null)
|
{
|
conInfo = Base_ConsignorRepository.Instance.Get(where, paramList);
|
if (conInfo != null)
|
{
|
RedisHelper.Cache.Write(signTokenKey, conInfo, DateTime.Now.AddDays(30), 2);
|
//HttpRuntime.Cache.Insert(signTokenKey, conInfo, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(20));
|
}
|
}
|
|
if (conInfo == null)
|
{
|
resultMsg = new ResultMsg();
|
resultMsg.StatusCode = (int)StatusCodeEnum.ConsignorError;
|
resultMsg.Msg = "货主账号不正确";
|
actionContext.Response = HttpResponseExtension.toJson(JsonConvert.SerializeObject(resultMsg));
|
base.OnAuthorization(actionContext);
|
return;
|
}
|
}
|
#endregion
|
|
#region HandleUnauthorizedRequest
|
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
|
{
|
var resp = actionContext.Response;
|
base.HandleUnauthorizedRequest(actionContext);
|
|
var response = actionContext.Response = actionContext.Response ?? new HttpResponseMessage();
|
response.StatusCode = resp.StatusCode;
|
response.Content = resp.Content;
|
}
|
#endregion
|
}
|
}
|
