Cms.Core/Cms.External.WebApi/Controllers/BaseController.cs

using DG.Tool;
using Microsoft.AspNetCore.Mvc;
using System.ComponentModel.DataAnnotations;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;

namespace Cms.External.WebApi.Controllers
{
    [ApiController]
    [Route("Api/[controller]")]
    [Produces("application/json")]
    public class BaseController : ControllerBase
    {
        protected void CheckSign(object? obj = null)
        {
            if (obj == null)
            {
                obj = new Dictionary<string, object>();
            }
            var bodyJson = JsonHelper.ToJson(obj);
            var appId = InitConfiguration.GetSection("SignConfig:AppId").Value;
            Dictionary<bool, string> res = new Dictionary<bool, string>();
            var secret = InitConfiguration.GetSection("SignConfig:Secret").Value;
            if (string.IsNullOrWhiteSpace(appId) || string.IsNullOrWhiteSpace(secret))
            {
                throw new Exception("appId或secret没有配置");
            }
            var authorization = Request.Headers["authorization"].ToString();
            var timestamps = Request.Headers["timestamps"].ToString();
            var enStrList = new string[] { appId, bodyJson, secret, timestamps };
            Array.Sort(enStrList, string.CompareOrdinal);

            //拼接
            var enStr = string.Join("", enStrList);
            var md = _md5(enStr);
            if (authorization != $"{appId}:{md}")
            {
                throw new Exception("签名不合法");
            }
            else
            {
                var nowTime = GetTimeStamp();
                var diff = Convert.ToInt32(nowTime) - Convert.ToInt32(timestamps);
                if (diff > 1800)
                {
                    throw new Exception("签名已过期");
                }
            }
        }

        /// <summary>
        ///  计算 md5
        /// </summary>
        /// <param name="enCode"></param>
        /// <returns></returns>
        private string _md5(string enCode)
        {
            string res = "";
            byte[] data = Encoding.GetEncoding("utf-8").GetBytes(enCode);
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] bytes = md5.ComputeHash(data);
            for (int i = 0; i < bytes.Length; i++)
            {
                res += bytes[i].ToString("x2");
            }
            return res;
        }

        /// <summary>
        /// 获取时间戳
        /// </summary>
        /// <returns></returns>
        private string GetTimeStamp()
        {
            TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
            return Convert.ToInt64(ts.TotalSeconds).ToString();
        }
    }
}