2023年6月20日发(作者:)

api接⼝签名认证的⼀种⽅式请求⽅try { using (var client = new HttpClient()) { StringContent content = new StringContent(strParam);//参数序列化后,放⼊StringContent tType = new MediaTypeHeaderValue("application/json");//设置type            //放⼊head的名字可以随意设置(和接收⽅⼀直就可以),值需要单独⽣成,最主要就是auth_param ization = new AuthenticationHeaderValue("auth名称", auth_param); var response = ync(FlightQueryUrl, content).Result; if (essStatusCode) { string responseText = StringAsync().Result; if (OrEmpty(responseText)) { return null; } return responseText ; } return null; } } catch (Exception ex) { return null; }auth_param的计算⽅式,需要和接收⽅的⼀致://认证key private const string key = "认证key****#####$$$$$$@@@"; //认证秘钥 private const string secrect = "认证秘钥****#####$$$$$$@@@"; ///

/// 获取接⼝签名 /// /// 原始的请求参数 /// 请求地址 /// 请求Id,接⼊⽅⾃定义,最好⽤来区分每个请求 /// public static string GetFlightSign(string param,string url,string requestId) {

string timeStamp = GetTimeStamp();//获取时间戳 url = ode(r()); /* * {认证key}{原始请求参数}{调⽤⽅⾃定义requestId}{时间戳}{原始URL}{认证秘钥}(被调⽤⽅也是如此) * 替换掉字符串中的换⾏与空格(被调⽤⽅也是如此) */ string source = $"{key}{param}{requestId}{timeStamp}{url}{secrect}".Replace(e, ).Replace("n", "").Replace(" ", ""); string hmac = GetMd5(source); //auth_param ⾝份验证参数字符串 //{认证key}{}{调⽤⽅⾃定义requestId}{时间戳} 顺序需要更具被调⽤⽅设置 return $"{key}:{hmac}:{requestId}:{timeStamp}"; } ///

/// 字符串编码 /// /// /// private static string GetMd5(string str) { if (OrEmpty(str)) return str; var sb = new StringBuilder(32); var md5 = (); var output = eHash(es(str)); for (int i = 0; i < ; i++) (output[i].ToString("X").PadLeft(2, '0')); return ng(); } ///

/// 获取时间戳

///

///

private static string GetTimeStamp() { var initTime = new DateTime(1970, 1, 1, 0, 0, 0, 0); TimeSpan ts = - initTime; return 64(econds).ToString(); } 接收⽅public class ReqAuthorizeAttribute:izeAttribute{ ///

/// 进⾏验证 /// /// public override void OnAuthorization(tionContext actionContext) { if (ization != null) { //获取请求的 认证信息 string info = (ter).Decrypt();          //todo:采⽤上⾯的⽅式,再次进⾏获取,然后⽐较 //也可以再次做调⽤次数统计等 //判断认证信息是否正确 if ((info, secret)) { IsAuthorized(actionContext); } else { HandleUnauthorizedRequest(actionContext); } } else { HandleUnauthorizedRequest(actionContext); } } /// /// 验证不通过 返回401 /// /// protected override void HandleUnauthorizedRequest(tionContext actionContext) { var challengeMsg = new sponseMessage(orized); ("WWW-Authenticate", "Basic"); throw new sponseException(challengeMsg); }}

转载于:/ericli-ericli/p/

2023年6月20日发(作者:)

api接⼝签名认证的⼀种⽅式请求⽅try { using (var client = new HttpClient()) { StringContent content = new StringContent(strParam);//参数序列化后,放⼊StringContent tType = new MediaTypeHeaderValue("application/json");//设置type            //放⼊head的名字可以随意设置(和接收⽅⼀直就可以),值需要单独⽣成,最主要就是auth_param ization = new AuthenticationHeaderValue("auth名称", auth_param); var response = ync(FlightQueryUrl, content).Result; if (essStatusCode) { string responseText = StringAsync().Result; if (OrEmpty(responseText)) { return null; } return responseText ; } return null; } } catch (Exception ex) { return null; }auth_param的计算⽅式,需要和接收⽅的⼀致://认证key private const string key = "认证key****#####$$$$$$@@@"; //认证秘钥 private const string secrect = "认证秘钥****#####$$$$$$@@@"; ///

/// 获取接⼝签名 /// /// 原始的请求参数 /// 请求地址 /// 请求Id,接⼊⽅⾃定义,最好⽤来区分每个请求 /// public static string GetFlightSign(string param,string url,string requestId) {

string timeStamp = GetTimeStamp();//获取时间戳 url = ode(r()); /* * {认证key}{原始请求参数}{调⽤⽅⾃定义requestId}{时间戳}{原始URL}{认证秘钥}(被调⽤⽅也是如此) * 替换掉字符串中的换⾏与空格(被调⽤⽅也是如此) */ string source = $"{key}{param}{requestId}{timeStamp}{url}{secrect}".Replace(e, ).Replace("n", "").Replace(" ", ""); string hmac = GetMd5(source); //auth_param ⾝份验证参数字符串 //{认证key}{}{调⽤⽅⾃定义requestId}{时间戳} 顺序需要更具被调⽤⽅设置 return $"{key}:{hmac}:{requestId}:{timeStamp}"; } ///

/// 字符串编码 /// /// /// private static string GetMd5(string str) { if (OrEmpty(str)) return str; var sb = new StringBuilder(32); var md5 = (); var output = eHash(es(str)); for (int i = 0; i < ; i++) (output[i].ToString("X").PadLeft(2, '0')); return ng(); } ///

/// 获取时间戳

///

///

private static string GetTimeStamp() { var initTime = new DateTime(1970, 1, 1, 0, 0, 0, 0); TimeSpan ts = - initTime; return 64(econds).ToString(); } 接收⽅public class ReqAuthorizeAttribute:izeAttribute{ ///

/// 进⾏验证 /// /// public override void OnAuthorization(tionContext actionContext) { if (ization != null) { //获取请求的 认证信息 string info = (ter).Decrypt();          //todo:采⽤上⾯的⽅式,再次进⾏获取,然后⽐较 //也可以再次做调⽤次数统计等 //判断认证信息是否正确 if ((info, secret)) { IsAuthorized(actionContext); } else { HandleUnauthorizedRequest(actionContext); } } else { HandleUnauthorizedRequest(actionContext); } } /// /// 验证不通过 返回401 /// /// protected override void HandleUnauthorizedRequest(tionContext actionContext) { var challengeMsg = new sponseMessage(orized); ("WWW-Authenticate", "Basic"); throw new sponseException(challengeMsg); }}

转载于:/ericli-ericli/p/