web api 签名验证

 

        protected bool Vertify(string JsonData, BaseResponseModel resultEntity)
        {
			
            if (ValidateRequest(JsonData, resultEntity)) //签名验证
            {
				if (ModelVerification())
                {
                    return true;
                }
                resultEntity._StatusCode = Common.StatusCode.VIOLATION_FAIL;
                resultEntity._StatusCode.Description = ValidateFailMessage();
                return false;
            }
            resultEntity._StatusCode = Common.StatusCode.SIGN_EXCEPTION;
            return false;
        }

　　

protected bool ValidateRequest(string JsonData, BaseResponseModel resultEntity)
        {
            if (ConfigHelper.GetInstance().SignVerificationInd == "N")
            {
                return true;
            }
            var dicParams = new Dictionary<string, object>();
            dicParams = ConvertHelper.ToDictionary(JsonData);

            return Vertify(dicParams, resultEntity);
        }

　　

        protected bool Vertify(Dictionary<string, object> dicParams, BaseResponseModel resultEntity)
        {
            var result = true;

            if (dicParams == null || dicParams.Count == 0)
            {
                result = false;
                resultEntity._StatusCode = Common.StatusCode.SYSTEM_EXCEPTION;
            }
            else
            {
                var sortedDicParams = new SortedDictionary<string, string>();
                var sign = string.Empty;
                foreach (var key in dicParams.Keys)
                {
                    if (key != "sign")
                    {
                        if ((dicParams[key].ToString2() != string.Empty) &&
                            (dicParams[key].ToString2() != "0001-01-01T00:00:00"))
                        {
                            sortedDicParams.Add(key, dicParams[key].ToString2());
                        }
                    }
                    else
                    {
                        sign = dicParams[key].ToString2();
                    }
                }

                var linkString = string.Empty;
                var localSign = Sign.GetSign(sortedDicParams, ref linkString);
                if (localSign != sign.ToUpper())
                {
                    //验签失败
                    result = false;
                    //resultEntity.ReturnCode = "SIGN ERROR";
                    //resultEntity.ReturnMsg = "签名错误！";

                    //resultEntity._StatusCode = TopOne.Web.APIs.EnterpriseAdmin.Common.StatusCode.SIGN_EXCEPTION;
                }
            }

            return result;
        }

        public static string GetSign(SortedDictionary<string, string> dicArray, ref string linkString)
        {
            linkString = string.Empty;

            linkString = CreateLinkString(dicArray);

            var vendorsecret = ConfigurationManager.AppSettings["secret"];
            var linkStringKey = string.Format("{0}{1}{0}", vendorsecret, linkString);

            //参数中bool类型的转换
            linkStringKey = linkStringKey.Replace("True", "true");
            linkStringKey = linkStringKey.Replace("False", "false");


            return ToponeMD5.GetUpper(linkStringKey);
        }

        private static string CreateLinkString(SortedDictionary<string, string> dicArray)
        {
            var prestr = new StringBuilder();
            foreach (var temp in dicArray)
            {
                if (temp.Key.ToLower() != "sign")
                {
                    prestr.Append(temp.Key);
                    prestr.Append(temp.Value);
                }
            }
            return prestr.ToString();
        }