Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

ZY.HTTP.Core

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ZY.HTTP.Core

签名验证

nugetNuGet
Version
1.0.2.12
Version published
Maintainers
1
Created
Source

签名验证

nuget引用组件 :ZY.HTTP.Core

SignValidate方式验证

添加Startup

1、在ConfigureServices 添加代码

	 services.AddFramework();
	 //cache缓存
	 services.AddSingleton<IMemoryCache, MemoryCache>();
	 services.AddSingleton<ICacheService, MemoryCacheProvider>(); //内存 缓存
	 //services.AddSingleton<ICacheService, RedisCacheProvider>();  //redis 缓存

2、在Configure添加代码

	 app.UseHTTP();
	 
	 //application
	 app.UseApplication();

添加Application

1、在AppService中添加TokenLoadAppService类

    public class TokenLoadAppService
    {
        private readonly IServiceScopeFactory _serviceProvider; //用IServiceProvider 可能出现被释放无法访问对象情况

        public TokenLoadAppService(IServiceScopeFactory serviceProvider)
        {
            _serviceProvider = serviceProvider; 
        }

        public void Init()
        {
            SignValidateAttribute.OnGetToken += GetToken;
        }
        public Token GetToken(string tenant)
        {
            try
            {
                //根据tenant 获取对应 Key
                //用停车场id 在parking表中 获取 key字段
               using (var scope = _serviceProvider.CreateScope()) //不加域 部分项目 可能报错 Cannot access a disposed context instance. 
                {
                    var service = scope.ServiceProvider.GetService<IRepository>();
                    var park = service.FirstOrDefault<Parking>(s => s.Id == tenant);
                    if (park == null) return null;

                    return new Token
                    {
                        ExpireTime = DateTime.Now.AddDays(1),
                        SignToken = park.Key,
                        TenantId = park.Id
                    };
                }
            }
            catch (Exception ex)
            {
                _logger.LogError("获取停车场信息报错", ex);
                throw ex;
            }
        }
    }

2、在AppService下添加 ApplicationExtensions 类

    public static class ApplicationExtensions
    {
        public static IApplicationBuilder UseApplication(this IApplicationBuilder app)
        {
            app.ApplicationServices.GetService<ITokenLoadAppService>().Init();

            //或者
            SignValidateAttribute.OnGetToken += (s =>
            {
                var sub = app.ApplicationServices.CreateScope().ServiceProvider.GetService<IParkingService>().GetByIdAsync(s);
                return new Token { ExpireTime = DateTime.Now.AddDays(1), TenantId = s, SignToken = sub.Result.Data.Key };
            });
            return app;
        }
    }

调用

    [HttpPost]
    [SignValidate]
    public ApiResult CommitEntryRecord([FromBody] CarRecordDto value)
    {
        //接口处理
    }

FixedSignValidate 方式验证

添加Startup

1、在ConfigureServices 添加代码

	 services.AddFramework();

2、在Configure添加代码

	 app.UseHTTP();

使用

    [HttpPost]
    [FixedSignValidate("Signature", "TokenKey", true)]
    public ApiResult CommitEntryRecord([FromBody] CarRecordDto value)
    {
        //接口处理
    }

说明


//Signature 需要验证sign字段名
//TokenKey 密钥
[FixedSignValidate("Signature", "123456789012431243123")]

//Signature 需要验证sign字段名
//TokenKey 密钥 或配置密钥配置项名称
//true key将作为config配置名称,读取配置,false key直接作为密钥参数
[FixedSignValidate("Signature", "TokenKey", true)]

//多级密钥情况填写 
[FixedSignValidate("Signature", "Token:ArrearsTokenKey", true)]

配置


"TokenKey":  "123456789012431243123"

"Token":{
    "ArrearsTokenKey":  "123456789012431243123"
}

第三方调用

   var raw = KeyValueConverter.ToKeyValuePairString(input);
            var token = new Md5Validator(_option.Key).ComputeHashFromString(raw);
            _logger.LogInformation($"Token:{token},拼接结果:{raw}");
            input.Signature = token;

           return  await _http.PostAsync<ApiResult>("http://opentest.yun-kai.com/", "msparking/recovery/Arrears/Notification", input);

SingVerification 验证

添加Startup

1、在ConfigureServices 添加代码

	 services.AddHTTP();

2、在Configure添加代码

	 app.UseHTTP();

使用

    private readonly SingVerification _sign;

    public HttpTestController(SingVerification sign)
    {
        _sign = sign;
    }

    [HttpPost]
    public async Task<string> Pay()
    {
        var success= _sign.Verification("key密钥"); 
    }

第三方调用

    var raw = KeyValueConverter.ToKeyValuePairString(input);
    var token = new Md5Validator(_option.Key).ComputeHashFromString(raw);
    _logger.LogInformation($"Token:{token},拼接结果:{raw}");
    input.Signature = token;

    return  await _http.PostAsync<ApiResult>("http://opentest.yun-kai.com/", "msparking/recovery/Arrears/Notification", input);

Keywords

FAQs

Package last updated on 01 Aug 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Announcing Socket Fix 2.0

Product

Announcing Socket Fix 2.0

Socket Fix 2.0 brings targeted CVE remediation, smarter upgrade planning, and broader ecosystem support to help developers get to zero alerts.

By Martin Torp, John-David Dalton, Jeppe Fredsgaard Blaabjerg, Benjamin Barslev, Oskar Haarklou Veileborg  -  Sep 10, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.