码迷,mamicode.com
首页 > Windows程序 > 详细

C#调用接口接收结果【Get,Post通用】

时间:2017-06-09 12:32:19      阅读:506      评论:0      收藏:0      [点我收藏+]

标签:head   提交   charset   split   nat   start   manage   ase   pwd   

1.首先,客户端调用接口的实例

  1.1 先定义接收接口结果类

 

public class ResultMsg
    {
        public bool title { get; set; }
        public string message { get; set; }
        public string other { get; set; }
    }

 1.2 以用户登陆为例,登陆时请求接口输入参数用户名密码判断是否正确

public static ResultMsg CheckLogin(string account,string pwd)
        {
           // Tools.Common1.WriteLog("checklogin", "checklogin", "account:" + account + "----pwd:" + pwd);
            WebApiResult msg = WebApiHelper.GetWebApi(new { UserName = account, PassWord = pwd }, "/UserAccounts/Login/");
            if (msg.Success)
            {
                return msg.result;
            }
            else
            {
                return new ResultMsg() { title = false, message = "请求接口失败,"+msg.result.message };
            }
        }

调用接口处,在header里添加访问的账号密码来提升接口的安全度

private const string pwd = "abc_2015?";
       private const string account = "webaccount";
       #region 请求webapi
       
       /// <summary>
       /// 请求webapi
       /// </summary>
       /// <param name="model"></param>
       /// <param name="page"></param>
       /// <returns></returns>
       public static WebApiResult GetWebApi(object model, string path)
       {
           WebClient wc = new WebClient();
           wc.Headers.Add(HttpRequestHeader.Accept, "application/json");
           wc.Headers.Add(HttpRequestHeader.ContentType, "application/json; charset=utf-8");
           string auth = AuthorizationHelper.GetAuthorization1(account, path, pwd);
           wc.Headers.Add(HttpRequestHeader.Authorization,auth);
           byte[] postData = System.Text.Encoding.UTF8.GetBytes(new JavaScriptSerializer().Serialize(model));
           try
           {
               byte[] text = wc.UploadData(domain + path, "post", postData);
               string str = System.Text.Encoding.UTF8.GetString(text);
               return new JavaScriptSerializer().Deserialize<WebApiResult>(str);
           }
           catch(Exception ex){
               return new WebApiResult() { Success = false, result = new ResultMsg() { title = false, message = ex.Message } };
           }
       }
       #endregion

    }

1.3接口在另一个项目中,实例如下:

在接口项目的app_start文件夹下,新建类LoginAttribute来判别header里传输的账号密码是否正确

    //标示该特性能用于类、方法,特性不能被重复放置在同一个程序实体前多次
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
    public class LoginAttribute : ActionFilterAttribute
    {
       /// <summary>
        /// 在action执行前
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //过滤器上下文为空,抛出异常
            if (filterContext == null)
            {
                throw new ArgumentException("filterContext");
            }
            //获取访问路径、账号、时间戳、密文
            var path = filterContext.HttpContext.Request.Path.ToString();
            var authorization = filterContext.HttpContext.Request.Headers["Authorization"];
            if (!string.IsNullOrEmpty(authorization))
            {
                //分割验证字符串, account,mac,salt
                string[] strs = authorization.Split(,);
                if (strs.Length == 3)
                {
                    string account = strs[0].Replace("account=", "");
                    var mac = strs[1].Replace("mac=", "");
                    var salt = strs[2].Replace("salt=", "");
                    if (!string.IsNullOrEmpty(account))
                    {
                        try
                        {
                            var pwd = System.Configuration.ConfigurationManager.AppSettings[account].ToString();
                            string ciphertext = Uri.EscapeDataString(PISCenter.Common.Utility.GetCiphertext(account, path, salt, pwd));
                            if (ciphertext.Equals(mac))
                            {
                                base.OnActionExecuting(filterContext);
                            }
                        }
                        catch
                        {
                            filterContext.Result = new JsonResult { Data = new { title = false, message = "认证错误,拒绝访问" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet };
                        }
                    }
                    else
                    {
                        filterContext.Result = new JsonResult { Data = new { title = false, message = "认证错误,拒绝访问" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet };
                    }
                }
                else
                {
                    filterContext.Result = new JsonResult { Data = new { title = false, message = "认证错误,拒绝访问" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet };
                }
            }
            else {
                filterContext.Result = new JsonResult { Data = new { title = false, message = "认证错误,拒绝访问" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet };                
            }
            
        }
    }

1.4 登陆的方法体

        [HttpPost]
        public JsonResult Login(CheckLoginInput model)
        {
            if (model == null||string.IsNullOrEmpty(model.PassWord)||(string.IsNullOrEmpty(model.UserName)&&string.IsNullOrEmpty(model.MobilePhone)))
            {
                return Fail("提交参数不正确");
            }
            CheckLoginOutPut ua=_useraccountsAppService.CheckLogin(model);
            if (ua!=null&&ua.Id>0)
            {
                return Success(Newtonsoft.Json.JsonConvert.SerializeObject(ua));
            }
            else {
                return Fail("登录失败,账号或密码错误");
            }
        }

整个流程结束

附:项目里

public static string GetAuthorization1(string account, string path,string password)
      {
          StringBuilder sb = new StringBuilder();
          string date=Uri.EscapeDataString(GetTimeStamp());
          sb.AppendFormat("account={0},mac={1},salt={2}", Uri.EscapeDataString(account), Uri.EscapeDataString(GetCiphertext(account, path, date,password)), date);
          return sb.ToString();
      }

接口项目里:

/// <summary>
      /// 对访问者进行SHA-1加密,返回加密的密文
      /// </summary>
      /// <param name="account">账号</param>
      /// <param name="path">访问路径 /开头,/结尾</param>
      /// <param name="date">时间戳</param>
      /// <param name="password">密码</param>
      /// <returns></returns>
      public static string GetCiphertext(string account, string path, string date, string password)
      {
          string ciphertext = account + "\n" + date + "\n" + path.ToLower() + "\n" + password + "\n";
          System.Security.Cryptography.HMACSHA1 hmacsha1 = new System.Security.Cryptography.HMACSHA1();
          hmacsha1.Key = Encoding.UTF8.GetBytes(password);
          byte[] dataBuffer = Encoding.UTF8.GetBytes(ciphertext);
          byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer);
          ciphertext = Convert.ToBase64String(hashBytes);
          return ciphertext;
      }

 

C#调用接口接收结果【Get,Post通用】

标签:head   提交   charset   split   nat   start   manage   ase   pwd   

原文地址:http://www.cnblogs.com/Wbely/p/6971310.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!