将返回结果加密
声明 ActionFilter
用以指示后续的处理程序, 哪些Action结果是要密的; 如果需要加密输出, 则在 Response 的 Header 的 ContentType 里加上 encrypt 参数
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)] public class EncryptAttribute : ActionFilterAttribute { public bool Ignore { get; set; } public override async Task OnActionExecutedAsync(HttpActionExecutedContext actionExecutedContext, CancellationToken cancellationToken) { await base.OnActionExecutedAsync(actionExecutedContext, cancellationToken); if (!this.Ignore) { actionExecutedContext.Response.Content.Headers.ContentType.Parameters.Add(new System.Net.Http.Headers.NameValueHeaderValue("encrypt", "")); } } }
属性: Ignore , 如果值为 true , 则告诉处理程序, 结果不需要加密;
注意 AllowMutltiple 一定是 false, 避免 Controller 和 Action 上的 Filter 交叉.
使用 EncryptAttribute
[Encrypt] public class TestController : ApiController { public Test Get() { return new Test() { ID = 1, Name = "xling" }; } [Encrypt(Ignore = true)] public Test Post(Test test) { return test; } }
派生 DelegatingHandler
重写 SendAsync 方法
public class CryptoHandler : DelegatingHandler { ... ... protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var response = await base.SendAsync(request, cancellationToken); return await this.HandleResponse(request, response, cancellationToken); } ... ... private async Task<HttpResponseMessage> HandleResponse(HttpRequestMessage request, HttpResponseMessage response, CancellationToken cancellationToken) { if (response.Content != null && response.Content.Headers.ContentType.Parameters.Any(p => string.Equals(p.Name, "encrypt", StringComparison.OrdinalIgnoreCase))) { var inputBytes = await response.Content.ReadAsByteArrayAsync(); var encryptByte = AesHelper.Encrypt(inputBytes, KEY); var base64 = Convert.ToBase64String(encryptByte); var encryptedContent = new StringContent(base64); encryptedContent.Headers.Clear(); response.Content.Headers.CopyTo(encryptedContent.Headers); response.Content = encryptedContent; return response; } return response; } }
在 HandleResponse 方法里, 首先判断 Response Header 的 ContentType 里是否包含 encrypt 这个参数.
跟据生命周期, 这里的 encrypt 就是上面的 ActionFilter 写进来的.
紧接着就是把返回内容当作字符串加密,并转化为 Base64 格式, 写进 StringContent 里.
然后把原始的 Response Header 覆盖到新的 StringContent 里去.
使用 CryptoHandler
修改 Global 的 Application_Start 方法, 在最后面加上:
GlobalConfiguration.Configuration.MessageHandlers.Insert(0, new CryptoHandler());
看一下输出的 Response Header
加密输出 Response Header
解密收到的请求
对CryptoHandler扩展
上面的 CryptoHandler 只对 Response 做了处理. 这里我们要修改 SendAsync 方法, 使它能够将传入的加密数据还原成可以被 WebApi 的 ModelBinder 识别的数据.
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { request = await this.HandleRequest(request, cancellationToken); var response = await base.SendAsync(request, cancellationToken); return await this.HandleResponse(request, response, cancellationToken); } private async Task<HttpRequestMessage> HandleRequest(HttpRequestMessage request, CancellationToken cancellation) { if (request.Content?.Headers.ContentType?.Parameters?.Any(y => string.Equals(y.Name, "encrypt", StringComparison.OrdinalIgnoreCase)) == true) { var input = await request.Content.ReadAsStringAsync(); var inputBytes = Convert.FromBase64String(input); var decryptedBytes = AesHelper.Decrypt(inputBytes, KEY); //var str = Encoding.UTF8.GetString(decryptedBytes); var stm = new MemoryStream(decryptedBytes); var decryptedContent = new StreamContent(stm); request.Content.Headers.CopyTo(decryptedContent.Headers); request.Content = decryptedContent; return request; } return request; }
跟加密一样, 解密的第一步也是判断 ContentType 里是否包含参数 encrypt.
接着就是把请求的内容按 string 取出, 并用 base64 解码(因为上一步产生的结果, 我们用 base64 转义了.)
然后对结果解密, 并写入 StreamContent, 替换 request 的 Content.
在运行下去, 就到 Action 里去了.
看一下请求示例
加密提交 以 raw 方式提交数据
加密提交 Request Header
提交数据的时候, 必须告诉 Content-Type , 加密之前是什么格式的, 而且还要带上 encrypt .
上图示例, 我提交的数据在加密之前是 xml 数据.
其它
CryptoHandler.cs 完整代码
using XXX.Common;using System;using System.IO;using System.Linq;using System.Net.Http;using System.Net.Http.Extensions.Compression.Core.Extensions;using System.Text;using System.Threading;using System.Threading.Tasks;namespace XXX.XXX.XXX { public class CryptoHandler : DelegatingHandler { private static string KEY = "FF545E10-EDB8-4086-861C-AADFAED015C3"; public static void Init(string key) { if (string.IsNullOrWhiteSpace(key)) throw new ArgumentNullException(key); KEY = key; } protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { request = await this.HandleRequest(request, cancellationToken); var response = await base.SendAsync(request, cancellationToken); return await this.HandleResponse(request, response, cancellationToken); } private async Task<HttpRequestMessage> HandleRequest(HttpRequestMessage request, CancellationToken cancellation) { if (request.Content?.Headers.ContentType?.Parameters?.Any(y => string.Equals(y.Name, "encrypt", StringComparison.OrdinalIgnoreCase)) == true) { var input = await request.Content.ReadAsStringAsync(); var inputBytes = Convert.FromBase64String(input); var decryptedBytes = AesHelper.Decrypt(inputBytes, KEY); //var str = Encoding.UTF8.GetString(decryptedBytes); var stm = new MemoryStream(decryptedBytes); var decryptedContent = new StreamContent(stm); request.Content.Headers.CopyTo(decryptedContent.Headers); request.Content = decryptedContent; return request; } return request; } private async Task<HttpResponseMessage> HandleResponse(HttpRequestMessage request, HttpResponseMessage response, CancellationToken cancellationToken) { if (response.Content != null && response.Content.Headers.ContentType.Parameters.Any(p => string.Equals(p.Name, "encrypt", StringComparison.OrdinalIgnoreCase))) { var inputBytes = await response.Content.ReadAsByteArrayAsync(); var encryptByte = AesHelper.Encrypt(inputBytes, KEY); var base64 = Convert.ToBase64String(encryptByte); var encryptedContent = new StringContent(base64); encryptedContent.Headers.Clear(); response.Content.Headers.CopyTo(encryptedContent.Headers); response.Content = encryptedContent; return response; } return response; } } }
作者:gruan
链接:https://www.jianshu.com/p/45e46021c366
共同学习,写下你的评论
评论加载中...
作者其他优质文章