Web API ÊÇÒ»ÖÖÓ¦Óýӿڿò¼Ü£¬ËüÄܹ»¹¹½¨HTTP·þÎñÒÔÖ§³Å¸ü¹ã·ºµÄ¿Í»§¶Ë£¨°üÀ¨ä¯ÀÀÆ÷£¬ÊÖ»úºÍƽ°åµçÄÔµÈÒÆ¶¯É豸£©µÄ¿ò¼Ü£¬
ASP.NET Web API ÊÇÒ»ÖÖÓÃÓÚÔÚ .NET Framework ÉϹ¹½¨ RESTful Ó¦ÓóÌÐòµÄÀíÏëÆ½Ì¨¡£±¾ÎÄÖ÷ÒªÒÔASP.NET
Web API µÄ¿ò¼ÜʵÏÖÀ´½éÉÜÕû¸öWeb APIÓ¦Óüܹ¹Éè¼Æ£¬µ«²»¾ÖÏÞÓÚ.NETµÄ¼¼Êõ¡£
1¡¢Web APIµÄºËÐIJãÉè¼Æ
ÔÚĿǰ·¢´ïµÄÓ¦Óó¡¾°Ï£¬ÎÒÃÇÍùÍùÐèÒª½ÓÈëWinform¿Í»§¶Ë¡¢APP³ÌÐò¡¢ÍøÕ¾³ÌÐò¡¢ÒÔ¼°Ä¿Ç°ÈÈ»ð³¯ÌìµÄ΢ÐÅÓ¦Óõȣ¬ÕâЩÊý¾ÝÓ¦¸Ã¿ÉÒÔÓÉͬһ¸ö·þÎñÌṩ£¬Õâ¸ö¾ÍÊÇÎÒÃÇËùÐèÒª¹¹½¨µÄWeb
APIƽ̨£¬»ùÓÚÉÏÊöµÄÐèÇ󣬺ܶàÆóÒµµÄÐèÇó¶¼ÊÇÒÔWeb APIÓÅÏȵÄÀíÄîÀ´Éè¼ÆÕû¸öÆóÒµÓ¦ÓÃÌåϵµÄ¡£Web
API×÷ΪÕû¸öŦ´øµÄºËÐÄ£¬ÔÚÕû¸öºËÐIJãÐèÒª¿¼Âǵ½Í³Ò»ÐÔ¡¢Îȶ¨ÐÔ¡¢ÒÔ¼°°²È«ÐԵȷ½ÃæÒòËØ¡£

´ÓÉÏͼÎÒÃÇ¿ÉÒÔ¿´µ½£¬Õû¸öÍâΧµÄÓ¦Óó¡¾°Î§ÈÆ×ÅWeb APIºËÐIJ㹹½¨£¬Èç¹ûÎÒÃǰÑËü»»Ò»ÖÖ·½Ê½±í´ï£¬ÄÇôҲ¾ÍÊÇÏÂÃæµÄÉè¼ÆÍ¼Ê¾£¬ÎÒÃǰÑ΢ÐÅÓ¦Óá¢APPÓ¦Óá¢WebÓ¦Óá¢WinformÓ¦Óã¬×÷ΪWeb
API½Ó¿Ú²ãÉÏÃæµÄÒ»¸ö½çÃæÓ¦ÓòãÀ´´¦Àí£¬ÕâÑù¾ÍÊÇ»ùÓÚÒ»¸öAPI½Ó¿Ú²ã£¬½ÓÈë¶à¸ö»ò¶àÖÖ·½Ê½µÄ½çÃæÓ¦Óò㣬´Ó¶ø¹¹½¨ÆóÒµ·á¸»µÄÊý¾Ý·þÎñÓ¦Óá£
ÓÉÓÚWeb API²ã×÷Ϊһ¸ö¹«¹²µÄ½Ó¿Ú²ã£¬ÎÒÃǾͺܺñ£Ö¤Á˸÷¸ö½çÃæÓ¦ÓòãµÄÊý¾ÝÒ»ÖÂÐÔ£¬Èç¹û¿¼Âǵ½ÏìӦʽµÄ¼¯³É´¦Àí£¬ÎÒÃÇÉõÖÁ¿ÉÒÔ°Ñ΢ÐÅÓ¦Óá¢APPÓ¦Óá¢WebÓ¦ÓÃ×ö²ãÒ»Ì×Web³ÌÐò£¬¼´Ê¹ÎªÁËÀûÓø÷×ÔÓ¦ÓõÄÌØÊâÐÔ£¬Ò²¿ÉÒÔ°ÑÕâЩӦÓÃ×öµÄºÜÏàËÆ£¬ÕâÑù¾Í¸øÓû§ÌṩÁËÒ»¸öͳһµÄ½çÃæ±íʾ·½Ê½£¬¼«´óÌá¸ß¿Í»§Ê¹ÓõĽçÃæÌåÑéЧ¹û£¬Óû§¼¸ºõ²»ÐèÒª¶îÍâµÄ½çÃæÑ§Ï°£¬¾Í¿ÉÒÔÊìϤÕû¸öÓ¦ÓÃÌåϵµÄ¸÷¸öÄ£¿éʹÓá£

ÔÚÕû¸öWebAPIÏÂÃæ¿ÉÒÔͨ¹ýÒµÎñÂß¼²ãÕûºÏÊý¾Ý´æ´¢ºÍÍⲿ½Ó¿Ú·ÃÎÊÁ½²¿·Ö¹¤×÷£¬Ò²¾ÍÊÇÊý¾Ý·ÃÎʲ㡢Íⲿ½Ó¿Ú²ãÕâÑùµÄ·Ö²ã¸ÅÄÈç¹ûÀ©Õ¹¿ªÀ´£¬ÎÒÃÇ»¹¿ÉÒÔÌṩ¸ø¿Í»§Ò»Ð©Îļþ¡¢Í¼Æ¬¡¢ÊÓÆµµÈ×ÊÁϵÄÎļþ´æ´¢£¬ÀàËÆÎ¢ÐŵĶàýÌåAPI½Ó¿ÚÒ»Ñù£¬ÕâÑùÕû¸öWeb
APIµÄ½Ó¿Ú²ã¾ÍÄÜΪËùÓнÓÈëµÄ¿Í»§¶ËÌṩ·á¸»µÄÊý¾Ý½Ó¿Ú£¬´Ó¶øÊµÏÖÇ¿´óµÄ¡¢Áé»îµÄ½ÓÈë¡£
ÉÏÃæÌáµ½ÁËÈç¹û¿¼Âǵ½ÏìӦʽµÄ¼¯³É´¦Àí£¬ÎÒÃÇÉõÖÁ¿ÉÒÔ°Ñ΢ÐÅÓ¦Óá¢APPÓ¦Óá¢WebÓ¦ÓÃ×ö²ãÒ»Ì×Web³ÌÐò£¬ÆäʵAPPÓ¦Óò㣬¿ÉÒÔ·ÖΪÁ½ÖÖÀàÐÍ£¬Ò»ÖÖÊÇÔÉúµÄAPPÀàÐÍ£¬²ÉÓÃÔÉúÓïÑÔÈçObject
CÀ´¿ª·¢IOSÓ¦Ó㬲ÉÓÃjavaÀ´¿ª·¢°²×¿µÄÔÉúÓ¦ÓÃÒ»Ñù£»»¹ÓÐÒ»ÖÖÊÇ·â×°Ò»¸öÈë¿ÚµÄÔÉú¿ò¼Ü+ºǫ́ÏìӦʽWebÒ³Ãæ£¬ÈçÏÂͼËùʾ¡£

¶Ô±ÈÔÉúÓ¦Ó㬲ÉÓÃÈë¿Ú¿ò¼Ü+ÏìÓ¦Ê½Ò³ÃæµÄ·½Ê½£¬¿ª·¢Ð§Âʷdz£¿ì¡¢Éý¼¶Î¬»¤³É±¾Ò²¿ÉÒÔ½µµÍºÜ¶à£¬±È½ÏWeb¿ª·¢×ܱÈʹÓÃÔʼAPP¿ª·¢¿ì½ÝµÃ¶à¡£
´ÓÉÏÃæµÄ¼Ü¹¹·ÖÎöÀ´¿´£¬ÎÒÃǵÄWeb API×÷ΪºËÐIJ㣬¿ÉÒÔÔÚÉÏÃæ¿ª·¢ÎÒÃǸ÷ÖÖÆóÒµÒµÎñÓ¦Óã¬

ÔÚĿǰ±È½ÏÈÈÃŵĻáÔ±¹ÜÀí¡¢¿Í»§¹ÜÀíµÈ·½Ã棬½áºÏ΢ÐŵÄÓ¦Óô߻¯¼Á£¬¾Í¿ÉÒÔ×öµÄ¸ü¼Ó·ûºÏÒÆ¶¯µÄ³±Á÷£¬´Ó¶øÊµÏÖÎÒÃÇ¡°»¥ÁªÍø+¡±µÄÓ¦ÓÃÂ䵨¡£
2¡¢Web API²ãÔÚWinform»ìºÏ¿ò¼ÜÖеÄÓ¦ÓÃ
ͬÑù£¬ÔÚWinform½çÃæÀïÃæ£¬ÎÒÃdzýÁË¿ÉÒÔÀûÓÃÖ±½Ó·ÃÎÊÊý¾Ý¿â·½Ê½£¬ÒÔ¼°²ÉÓ÷ÃÎÊ·Ö²¼Ê½WCF·þÎñµÄ·½Ê½½ÓÈ룬»¹¿ÉÒÔʹµÃËüÄܹ»·ÃÎÊWeb
APIµÄÊý¾Ý·þÎñ£¬´Ó¶ø¹¹½¨³ÉÒ»¸öÊÊÓ¦ÐÔ¸ü¼Ó¹ã·º¡¢¹¦Äܸü¼ÓÇ¿´óµÄ»ìºÏʽ¿ª·¢¿ò¼Üģʽ¡£
°²È«ÐÔ·½±ã£¬Ö±½Ó·ÃÎÊÊý¾Ý¿â·½Ê½£¬Ã»ÓÐÔÚÍøÂçÉϹ«¿ª½Ó¿Ú£¬ËüÃÇÖ»ÊÇÔÚµ¥»ú»òÕß¾ÖÓòÍø°²È«µÄ»·¾³ÔËÐУ¬Òò´ËÖ»ÐèҪȷ±£Êý¾Ý¿âµÄ°²È«¼´¿É£¬Ò»°ã¿ÉÒÔͨ¹ý¼ÓÃÜÁ¬½Ó×Ö·û´®·½Ê½ÊµÏÖÒ»¶¨µÄÏÞÖÆ¼´¿É¡£
WCF·þÎñµÄ°²È«ÐÔ£¬¿ÉÒÔͨ¹ýX509Ö¤Ê鷽ʽʵÏÖУÑ飬Ҳ»¹¿ÉÒÔÀûÓÃ×Ô¶¨ÒåµÄÓû§Ãû¡¢ÃÜÂëÑéÖ¤·½Ê½½øÐмì²éµÈµÈ¡£
¶ÔÓÚWeb API£¬ÓÉÓÚËüÌṩµÄÊÇÒ»ÖÖÎÞ״̬µÄ½Ó¿Ú·ÃÎÊ£¬¶øÇÒÍùÍùWeb APIÒ»°ãΪÁ˶àÖÖ¿Í»§¶Ë½ÓÈëµÄÐèÒª£¬¿ÉÄÜÐèÒª·¢²¼ÔÚ¹«ÍøÉϽøÐзÃÎÊ£¬Òò´ËÎÒÃÇÐèÒª¸ü¼Ó×¢ÖØWeb
API½Ó¿Ú²ãµÄ°²È«ÐÔ£¬Õâ·½ÃæÎÒÃǺóÃæÏêϸ½éÉÜ¡£
Ò²¾ÍÊÇÐÂÐ͵ĻìºÏʽ¿ª·¢¿ò¼Ü£¬³ýÁËÖ±Á¬Êý¾Ý¿â·ÃÎʵĴ«Í³Ä£Ê½£¬WCF·Ö²¼Ê½·ÃÎʵÄWCF·þÎñ·ÃÎÊģʽ£¬»¹¿ÉÒÔ½ÓÈëAPI·Ö²¼Ê½·ÃÎʵÄWeb
API½Ó¿Úģʽ£¬ËûÃǵĹØÏµ¹¹³ÉÁËÒ»¸öÍêÕûµÄWinformÓ¦ÓÃÌåϵ£¬ÈçÏÂͼËùʾ¡£

ÏÂÃæÍ¼Ê¾ÊÇÎҵĻùÓÚ´«Í³·ÃÎÊÊý¾Ý¿â·½Ê½ºÍ·Ö²¼Ê½WCFÊý¾Ý·þÎñ·ÃÎÊ·½Ê½µÄÒ»¸öÄ£¿é·ÖÎöͼ£¬Î§ÈÆ×Å»ìºÏÐÍ¿ò¼ÜµÄºËÐÄ£¬ÎÒÃÇ¿ÉÒÔ¹¹½¨ºÜ¶àËÉÉ¢ñîºÏµÄÄ£¿é£¬´Ó¶øÄܹ»ÎªÎÒÃÇWinformÓ¦ÓõĿª·¢¼¯³ÉÌṩ¸ü¸ßµÄ¿ª·¢Ð§ÂÊ¡£
»ìºÏÐÍ¿ò¼Ü¿ÉÒÔ¿´³ÉÊÇWinform¿ò¼Ü¸ß¼¶°æ±¾£¬³ýÁËËü±¾ÉíÊÇÒ»¸öÍêÕûµÄÒµÎñϵͳÍ⣬ËüÍâΧµÄËùÓи¨ÖúÐÔÄ£¿é¾ù£¨ÈçͨÓÃȨÏÞ¡¢Í¨ÓÃ×ֵ䡢ͨÓø½¼þ¹ÜÀí¡¢Í¨ÓÃÈËÔ±¹ÜÀí¡£¡£¡£¡££©¶¼ÊµÏÖÁËÕâÖÖ»ìºÏÐ͵Ŀò¼Ü£¬Òò´ËʹÓ÷dz£·½±ã£¬Õû¸ö¿ò¼ÜÈç¹û¼ò»¯À´¿´£¬¾ÍÊÇÔÚÔÓеÄWinform½çÃæ²ã£¬Óýӿڵ÷Ó÷½Ê½£¬±ÜÃâºÍÒµÎñÂß¼ÀàµÄ½ôñîºÏ¹ØÏµ¡£ÓÉÓÚËüÊÇͨ¹ý½Ó¿Ú·½Ê½µÄµ÷Ó÷½Ê½£¬Ëü±¾ÉíÓÖ¿ÉÒÔͨ¹ýÅäÖÃÖ¸¶¨Ö¸ÏòWCFµÄʵÏÖ£¬Òò´ËÒ²ÄÒÀ¨ÁËWCF¿ò¼ÜµÄÒ»ÇÐÌØµã¡£ÔÚÍê³ÉWeb
API²ãµÄ¿ª·¢ºó£¬»ùÓÚWeb API²ãµÄÕûºÏ¾ÍÊÇÎÒÏÂÒ»¸ö½×¶ÎµÄ¹¤×÷ÁË¡£

ÎÒÃǽøÒ»²½·ÖÎö»ìºÏʽ¿ò¼ÜµÄʵÏÖϸ½Ú£¬ÔÀ´¿¼ÂǵĴ«Í³Winform·ÃÎÊÊý¾Ý¿âºÍWCF·þÎñ·ÃÎÊ·½Ê½£¬¾ÍÊÇͨ¹ýÒ»¸öÅäÖÃÄ£¿é£¬È·¶¨ÊDzÉÓÃÖ±½Ó·ÃÎÊÊý¾Ý¿â·½Ê½£¬»¹ÊÇ·ÃÎÊWCF·þÎñµÄ·½Ê½£¬ËüÃÇÁ½ÕßÊÇͳһµ½Ò»¸öFacade½Ó¿ÚÃÅÃæ²ãÉÏ£¬Èç¹û¿¼Âǵ½Web
API²ã£¬»ùÓÚ»ìºÏʽµÄ¼Ü¹¹£¬Ò²¾ÍÊÇÔÚÕâ¸öFacade½Ó¿ÚÃÅÃæ²ãÉÏÔö¼Ó¶àÒ»¸öWeb APIµÄ½Ó¿ÚµÄ·â×°³É¼´¿É¡£¾ßÌåÕû¸ö¿ò¼ÜµÄ¼Ü¹¹Í¼ÈçÏÂËùʾ¡£

1¡¢Web APIµÄ½Ó¿Ú·ÃÎÊ·ÖÀà
Web API½Ó¿ÚµÄ·ÃÎÊ·½Ê½£¬´ó¸Å¿ÉÒÔ·ÖΪ¼¸Àࣺ
1£©Ò»¸öÊÇʹÓÃÓû§ÁîÅÆ£¬Í¨¹ýWeb API½Ó¿Ú½øÐÐÊý¾Ý·ÃÎÊ¡£ÕâÖÖ·½Ê½£¬¿ÉÒÔÓÐЧʶ±ðÓû§µÄÉí·Ý£¬ÎªÓû§½Ó¿Ú·µ»ØÓû§Ïà¹ØµÄÊý¾Ý£¬Èç°üÀ¨Óû§ÐÅϢά»¤¡¢ÃÜÂëÐ޸ġ¢»òÕßÓû§ÁªÏµÈ˵ÈÓëÓû§Éí·ÝÏà¹ØµÄÊý¾Ý¡£
2£©Ò»ÖÖÊÇʹÓð²È«Ç©Ãû½øÐÐÊý¾ÝÌá½»¡£ÕâÖÖ·½Ê½Ìá½»µÄÊý¾Ý£¬URLÁ¬½ÓµÄÇ©Ãû²ÎÊýÊǾ¹ý°²È«Ò»¶¨¹æÔòµÄ¼ÓÃܵ쬷þÎñÆ÷ÊÕµ½Êý¾ÝºóÒ²¾¹ýͬÑù¹æÔòµÄ°²È«¼ÓÃÜ£¬È·ÈÏÊý¾ÝûÓб»ÖÐ;´Û¸Äºó£¬ÔÙ½øÐÐÊý¾ÝÐ޸Ĵ¦Àí¡£Òò´ËÎÒÃÇ¿ÉÒÔΪ²»Í¬½ÓÈ뷽ʽ£¬ÈçWeb/APP/WinfromµÈ²»Í¬½ÓÈ뷽ʽָ¶¨²»Í¬µÄ¼ÓÃÜÃØÔ¿£¬µ«ÊÇÃØÔ¿ÊÇË«·½Ô¼¶¨µÄ£¬²¢²»ÔÚÍøÂçÁ¬½ÓÉÏ´«Ê䣬Á¬½Ó´«ÊäµÄÒ»°ãÊÇÕâ¸ö½ÓÈëµÄAppID£¬·þÎñÆ÷ͨ¹ýÕâ¸öAppIDÀ´½øÐÐÇ©Ãû²ÎÊýµÄ¼ÓÃܶԱȣ¬ÕâÖÖ·½Ê½£¬ÀàËÆÎ¢Ðźǫ́µÄ»Øµ÷´¦Àí»úÖÆ£¬ËüÃǾÍÊǾ¹ýÕâÑùµÄ´¦Àí¡£
3£©Ò»ÖÖ·½Ê½ÊÇÌṩ¹«¿ªµÄ½Ó¿Úµ÷Ó㬲»ÐèÒª´«ÈëÓû§ÁîÅÆ¡¢»òÕß¶Ô²ÎÊý½øÐмÓÃÜÇ©ÃûµÄ£¬ÕâÖÖ½Ó¿ÚÒ»°ã½ÏÉÙ£¬Ö»ÊÇÌṩһЩºÜ³£¹æµÄÊý¾ÝÏÔʾ¶øÒÑ¡£
ÏÂÃæÍ¼Ê¾¾ÍÊÇÕ⼸ÖÖ½ÓÈ뷽ʽµÄ˵Ã÷ºÍ´ó¸ÅÓ¦Óó¡¾°¡£

2¡¢Web APIʹÓð²È«Ç©ÃûµÄʵÏÖ
Ê×ÏÈÎÒÃÇΪÓû§×¢²áµÄʱºò£¬ÐèÒªÓÉÎÒÃÇÈϿɵÄÖÕ¶Ë·¢Æð£¬Ò²¾ÍÊÇËüÃÇÐèÒª½øÐа²È«Ç©Ãû£¬ºǫ́ȷÈÏÇ©ÃûÓÐЧÐÔ£¬²ÅÄÜÕý³£ÊµÏÖÓû§×¢²á£¬·ñÔòÔ⵽αÔìÊý¾Ý£¬ÏµÍ³¾ÍʧȥÔÓеÄÒâÒåÁË¡£
/// <summary> /// ×¢²áÓû§ÐÅÏ¢½Ó¿Ú /// </summary> public interface IUserApi { /// <summary> /// ×¢²áÓû§´¦Àí£¬°üÀ¨Óû§Ãû£¬ÃÜÂ룬Éí·ÝÖ¤ºÅ£¬ÊÖ»úµÈÐÅÏ¢ /// </summary> /// <param name="json">×¢²áÓû§ÐÅÏ¢</param> /// <param name="signature">¼ÓÃÜÇ©Ãû×Ö·û´®</param> /// <param name="timestamp">ʱ¼ä´Á</param> /// <param name="nonce">Ëæ»úÊý</param> /// <param name="appid">Ó¦ÓýÓÈëID</param> /// <returns></returns> ResultData Add(UserJson json, string signature, string timestamp, string nonce, string appid); } |
ÆäʵÎÒÃÇ»ñµÃÓû§µÄÁîÅÆ£¬Ò²ÊÇÐèÒª½øÐÐÓû§°²È«Ç©ÃûÈÏÖ¤µÄ£¬ÕâÑùÎÒÃDzÅÓÐЧ±£Ö¤Óû§Éí·ÝÁîÅÆ»ñÈ¡µÄºÏ·¨ÐÔ¡£
/// <summary> /// ϵͳÈÏÖ¤µÈ»ù´¡½Ó¿Ú /// </summary> public interface IAuthApi { /// <summary> /// ×¢²áÓû§»ñÈ¡·ÃÎÊÁîÅÆ½Ó¿Ú /// </summary> /// <param name="username">Óû§µÇ¼Ãû³Æ</param> /// <param name="password">Óû§ÃÜÂë</param> /// <param name="signature">¼ÓÃÜÇ©Ãû×Ö·û´®</param> /// <param name="timestamp">ʱ¼ä´Á</param> /// <param name="nonce">Ëæ»úÊý</param> /// <param name="appid">Ó¦ÓýÓÈëID</param> /// <returns></returns> TokenResult GetAccessToken(string username, string password, string signature, string timestamp, string nonce, string appid); } |
ÉÏÃæ½éÉܵ½µÄ²ÎÊý£¬ÎÒÃÇÌá¼°Á˼¸¸ö²ÎÊý£¬Ò»¸öÊǼÓÃÜÇ©Ãû×Ö·û´®£¬Ò»¸öÊÇʱ¼ä´Á£¬Ò»¸öÊÇËæ»úÊý£¬Ò»¸öÊÇÓ¦ÓýÓÈëID£¬ÎÒÃÇÒ»°ãµÄ´¦Àí¹æÔòÈçÏÂËùʾ¡£
1£©Web API Ϊ¸÷ÖÖÓ¦ÓýÓÈ룬ÈçAPP¡¢Web¡¢WinformµÈ½ÓÈë¶Ë·ÖÅäÓ¦ÓÃAppIDÒÔ¼°Í¨ÐÅÃÜÔ¿AppSecret£¬Ë«·½¸÷×Ô´æ´¢¡£
2£©½ÓÈë¶ËÔÚÇëÇóWeb API½Ó¿ÚʱÐèЯ´øÒÔϲÎÊý£ºsignature¡¢ timestamp¡¢nonce¡¢appid£¬Ç©ÃûÊǸù¾Ý¼¸¸ö²ÎÊýºÍ¼ÓÃÜÃØÔ¿Éú³É¡£
3£© Web API ÊÕµ½½Ó¿Úµ÷ÓÃÇëÇóʱÐèÏȼì²é´«µÝµÄÇ©ÃûÊÇ·ñºÏ·¨£¬ÑéÖ¤ºó²Åµ÷ÓÃÏà¹Ø½Ó¿Ú¡£
¼ÓÃÜÇ©ÃûÔÚ·þÎñ¶Ë£¨Web API¶Ë£©µÄÑéÖ¤Á÷³Ì²Î¿¼Î¢ÐŵĽӿڵĴ¦Àí·½Ê½£¬´¦ÀíÂß¼ÈçÏÂËùʾ¡£
1£©¼ì²étimestamp Óëϵͳʱ¼äÊÇ·ñÏà²îÔÚºÏÀíʱ¼äÄÚ£¬Èç10·ÖÖÓ¡£
2£©½«appSecret¡¢timestamp¡¢nonceÈý¸ö²ÎÊý½øÐÐ×ÖµäÐòÅÅÐò
3£©½«Èý¸ö²ÎÊý×Ö·û´®Æ´½Ó³ÉÒ»¸ö×Ö·û´®½øÐÐSHA1¼ÓÃÜ
4£©¼ÓÃܺóµÄ×Ö·û´®¿ÉÓësignature¶Ô±È£¬ÈôÆ¥ÅäÔò±êʶ¸Ã´ÎÇëÇóÀ´Ô´ÓÚijӦÓöˣ¬ÇëÇóÊǺϷ¨µÄ¡£
C#¶Ë´úÂëУÑéÈçÏÂËùʾ¡£
/// <summary> /// ¼ì²éÓ¦ÓýÓÈëµÄÊý¾ÝÍêÕûÐÔ /// </summary> /// <param name="signature">¼ÓÃÜÇ©ÃûÄÚÈÝ</param> /// <param name="timestamp">ʱ¼ä´Á</param> /// <param name="nonce">Ëæ»ú×Ö·û´®</param> /// <param name="appid">Ó¦ÓýÓÈëId</param> /// <returns></returns> public CheckResult ValidateSignature(string signature, string timestamp, string nonce, string appid) { CheckResult result = new CheckResult(); result.errmsg = "Êý¾ÝÍêÕûÐÔ¼ì²é²»Í¨¹ý";
//¸ù¾ÝAppid»ñÈ¡½ÓÈëÇþµÀµÄÏêϸÐÅÏ¢
AppInfo channelInfo = BLLFactory<App>.Instance.FindByAppId(appid);
if (channelInfo != null)
{
#region УÑéÇ©Ãû²ÎÊýµÄÀ´Ô´ÊÇ·ñÕýÈ·
string[] ArrTmp = { channelInfo.AppSecret, timestamp,
nonce };
Array.Sort(ArrTmp);
string tmpStr = string.Join("", ArrTmp);
tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr,
"SHA1");
tmpStr = tmpStr.ToLower();
if (tmpStr == signature && ValidateUtil.IsNumber(timestamp))
{
DateTime dtTime = timestamp.ToInt32().IntToDateTime();
double minutes = DateTime.Now.Subtract(dtTime).TotalMinutes;
if (minutes > timspanExpiredMinutes)
{
result.errmsg = "Ç©Ãûʱ¼ä´ÁʧЧ";
}
else
{
result.errmsg = "";
result.success = true;
result.channel = channelInfo.Channel;
}
}
#endregion
}
return result;
} |
Ò»µ©ÎÒÃÇÍê³É¶Ô°²È«Ç©Ãû½øÐгɹ¦ÈÏÖ¤£¬Ò²¾ÍÊÇÎÒÃǶÔÊý¾ÝÌá½»µÄÀ´Ô´ºÍÍêÕûÐÔ½øÐÐÁËÈ·ÈÏ£¬¾Í¿ÉÒÔ½øÐиü¶àºÍ°²È«ÐÔÏà¹ØµÄ²Ù×÷ÁË£¬Èç»ñÈ¡Óû§µÄ·ÃÎÊÁîÅÆÐÅÏ¢µÄ²Ù×÷ÈçÏÂËùʾ¡£
µÚÒ»²½ÊÇÑéÖ¤Óû§µÄÇ©ÃûÊÇ·ñ·ûºÏÒªÇ󣬷ûºÏÒªÇóºó½øÐÐÓû§ÐÅÏ¢µÄ±È¶Ô£¬²¢Éú³ÉÓû§·ÃÎÊÁîÅÆÊý¾ÝJSON£¬·µ»Ø¸øµ÷Óö˼´¿É¡£

3¡¢Web APIʹÓð²È«ÁîÅÆµÄʵÏÖ
ͨ¹ýÉÏÃæµÄ½Ó¿Ú£¬ÎÒÃÇ»ñÈ¡µ½µÄÓû§·ÃÎÊÁîÅÆ£¬ÒÔºóºÍÓû§Ïà¹ØµÄÐÅÏ¢µ÷Óã¬ÎÒÃǾͿÉÒÔͨ¹ýÕâ¸öÁîÅÆ²ÎÊý½øÐд«µÝ¾Í¿ÉÒÔÁË£¬Õâ¸öÁîÅÆ´øÓÐÓû§µÄһЩ»ù´¡ÐÅÏ¢£¬ÈçÓû§ID£¬¹ýÆÚʱ¼äµÈµÈ£¬Õâ¸öTokenµÄÉè¼ÆË¼Â·À´Ô´ÓÚJSON
Web Token (JWT)£¬¾ßÌå¿ÉÒԲο¼http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html£¬ÒÔ¼°GitHubÉϵÄÏîÄ¿https://github.com/jwt-dotnet/jwt¡£
ÓÉÓÚWeb APIµÄµ÷Ó㬶¼ÊÇÒ»ÖÖÎÞ״̬·½Ê½µÄµ÷Ó÷½Ê½£¬ÎÒÃÇͨ¹ýtokenÀ´´«µÝÎÒÃǵÄÓû§ÐÅÏ¢£¬ÕâÑùÎÒÃÇÖ»ÐèÒªÑéÖ¤Token¾Í¿ÉÒÔÁË¡£
JWTµÄÁîÅÆÉú³ÉÂß¼ÈçÏÂËùʾ

ÁîÅÆÉú³Éºó£¬ÎÒÃÇÐèÒªÔÚWeb APIµ÷Óô¦Àíǰ£¬¶ÔÁîÅÆ½øÐÐУÑ飬ȷ±£ÁîÅÆÊÇÕýÈ·ÓÐЧµÄ¡£
¼ì²éµÄ´úÂ룬¾ÍÊǰÑÁîÅÆÉú³ÉµÄ¹ý³ÌÄæ·´¹ýÀ´£¬»ñÈ¡ÏàÓ¦µÄÐÅÏ¢£¬²¢ÇÒ¶ÔÁîÅÆÇ©·¢µÄʱ¼ä½øÐÐÓÐЧÐÔÅжϣ¬Ò»°ã¿ÉÒÔÔ¼¶¨Ò»¸öʧЧʱ¼ä£¬Èç1Ìì»òÕß7Ì죬Ҳ²»ÓÃÉèÖÃÌ«¶Ì¡£
/// <summary> /// ¼ì²éÓû§µÄTokenÓÐЧÐÔ /// </summary> /// <param name="token"></param> /// <returns></returns> public CheckResult ValidateToken(string token) { //·µ»ØµÄ½á¹û¶ÔÏó CheckResult result = new CheckResult(); result.errmsg = "ÁîÅÆ¼ì²é²»Í¨¹ý";
if (!string.IsNullOrEmpty(token))
{
try
{
string decodedJwt = JsonWebToken.Decode(token,
sharedKey);
if (!string.IsNullOrEmpty(decodedJwt))
{
#region ¼ì²éÁîÅÆ¶ÔÏóÄÚÈÝ
dynamic root = JObject.Parse(decodedJwt);
string username = root.name;
string userid = root.iss;
int jwtcreated = (int)root.iat;
//¼ì²éÁîÅÆµÄÓÐЧÆÚ£¬7ÌìÄÚÓÐЧ
TimeSpan t = (DateTime.UtcNow - new DateTime(1970,
1, 1));
int timestamp = (int)t.TotalDays;
if (timestamp - jwtcreated > expiredDays)
{
throw new ArgumentException("Óû§ÁîÅÆÊ§Ð§.");
}
//³É¹¦Ð£Ñé
result.success = true;
result.errmsg = "";
result.userid = userid;
#endregion
}
}
catch (Exception ex)
{
LogTextHelper.Error(ex);
}
}
return result;
} |
Ò»°ãÀ´Ëµ£¬·ÃÎÊÁîÅÆ²»ÄÜÓÀ¾ÃÓÐЧ£¬¶ÔÓÚ·ÃÎÊÁîÅÆµÄÖØÐ¸üÐÂÎÊÌ⣬¿ÉÒÔÉèÖÃÒ»¸ö¹æÔò£¬Ö»ÔÊÐí×îеÄÁîÅÆÊ¹Ó㬲¢°ÑËü´æ´¢ÔÚ½Ó¿Ú»º´æÀïÃæ½øÐжԱȣ¬Ó¦ÓÃϵͳÍ˳öµÄʱºò£¬¾Í°ÑÄÚ´æÀïÃæµÄTokenÒÆ³ý¾Í¿ÉÒÔÁË¡£
4¡¢ASP.NET Web APIµÄ¿ª·¢
ÉÏÃæÎÒÃǶ¨ÒåÁËÒ»°ãµÄWeb API½Ó¿Ú£¬ÒÔ¼°ÊµÏÖÏàÓ¦µÄÒµÎñʵÏÖ£¬Èç¹ûÎÒÃÇÐèÒª´´½¨Web API²ã£¬»¹ÐèÒª¹¹½¨Ò»¸öWeb
APIÏîÄ¿µÄ¡£

´´½¨ºÃÏàÓ¦µÄÏîÄ¿ºó£¬¿ÉÒÔΪÏîÄ¿Ìí¼ÓÒ»¸öWeb API»ùÀ࣬·½±ã¿ØÖƹ²Í¬µÄ½Ó¿Ú¡£

È»ºóÎÒÃǾͿÉÒÔÔÚControllerĿ¼ÉÏ´´½¨¸ü¶àµÄÓ¦ÓÃAPI¿ØÖÆÆ÷ÁË¡£

×îºóÎÒÃÇΪÁËͳһËùÓеÄAPI½Ó¿Ú¶¼ÊÇ·µ»ØJSON·½Ê½£¬ÎÒÃÇÐèÒª¶ÔWebApiConfigÀïÃæµÄ´úÂë½øÐÐÉèÖÃÏ¡£
public static class WebApiConfig { public static void Register(HttpConfiguration config) { // Web API ÅäÖúͷþÎñ config.SetCorsPolicyProviderFactory(new CorsPolicyFactory()); config.EnableCors();
// Web API ·ÓÉ
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new { action = "post", id
= RouteParameter.Optional }
);
// Remove the JSON formatter
//config.Formatters.Remove(config.Formatters.JsonFormatter);
// Remove the XML formatter
config.Formatters.Remove(config.Formatters.XmlFormatter);
}
} |
5¡¢Web API ½Ó¿ÚµÄ²âÊÔ
½ÓÏÂÀ´ÎÒÃÇÒª×öµÄ¾ÍÊÇÐèÒªÔö¼ÓÒµÎñ½Ó¿Ú£¬ÒÔ±ã½øÐоßÌåµÄ²âÊÔÁË£¬½¨ÒéʹÓÃWinformÏîÄ¿£¬¶Ôÿ¸ö½Ó¿Ú½øÐÐÒ»¸ö²âÊÔ£¬»òÕßÒ²¿ÉÒÔ¿¼ÂÇʹÓõ¥Ôª²âÊԵķ½Ê½£¬¿´¸öÈËϲºÃ°É¡£
ÀýÈçÎÒÃÇÈç¹ûÒª²âÊÔÓû§µÇ½µÄ½Ó¿ÚµÄ»°£¬ÎÒÃǵIJâÊÔ´úÂëÈçÏÂËùʾ¡£
/// <summary> /// Éú³ÉÇ©Ãû×Ö·û´® /// </summary> /// <param name="appSecret">½ÓÈëÃØÔ¿</param> /// <param name="timestamp">ʱ¼ä´Á</param> /// <param name="nonce">Ëæ»úÊý</param> private string SignatureString(string appSecret, string timestamp, string nonce) { string[] ArrTmp = { appSecret, timestamp, nonce };
Array.Sort(ArrTmp);
string tmpStr = string.Join("", ArrTmp);
tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr,
"SHA1");
return tmpStr.ToLower();
}
private TokenResult GetTokenResult()
{
string timestamp = DateTime.Now.DateTimeToInt().ToString();
string nonce = new Random().NextDouble().ToString();
string signature = SignatureString(appSecret,
timestamp, nonce);
string appended = string.Format("&signature={0}×tamp={1}&nonce={2}&appid={3}",
signature, timestamp, nonce, appId);
string queryUrl = url + "Auth/GetAccessToken?username=test&password=123456"
+ appended;
HttpHelper helper = new HttpHelper();
string token = helper.GetHtml(queryUrl);
Console.WriteLine(token);
TokenResult tokenResult = JsonConvert.DeserializeObject<TokenResult>(token);
return tokenResult;
} |
Èç¹ûÎÒÃÇÒѾ»ñµÃÁËÁîÅÆ£¬ÎÒÃǸù¾ÝÁîÅÆ´«µÝ²ÎÊý¸øÁ¬½Ó£¬²¢»ñÈ¡ÆäËûÊý¾ÝµÄ²âÊÔ´¦Àí´úÂëÈçÏÂËùʾ¡£
//»ñÈ¡·ÃÎÊÁîÅÆ TokenResult tokenResult = GetTokenResult();
string queryUrl = url + "/Contact/get?token="
+ tokenResult.access_token;
HttpHelper helper = new HttpHelper();
string result = helper.GetHtml(queryUrl);
Console.WriteLine(result); |
Èç¹ûÐèÒªPOSTÊý¾ÝµÄ»°£¬ÄÇôµ÷ÓôúÂëÈçÏÂËùʾ¡£
//ʹÓÃPOST·½Ê½ var data = new { name = "ÕÅÈý", certno = "123456789", }; var postData = data.ToJson();
queryUrl = url + "/Contact/Add?token="
+ tokenResult.access_token;
helper = new HttpHelper();
helper.ContentType = "application/json";
result = helper.GetHtml(queryUrl, postData, true);
Console.WriteLine(result); |
Web APIºǫ́£¬»á×Ô¶¯°ÑPOSTµÄJSONÊý¾Ýת»»Îª¶ÔÓ¦µÄ¶ÔÏóµÄ¡£
Èç¹ûÊÇGET·½Ê½£¬ÎÒÃÇ¿ÉÄÜ¿ÉÒÔÖ±½Óͨ¹ýä¯ÀÀÆ÷½øÐе÷ÊÔ£¬Èç¹ûÊÇPOST·½Ê½£¬ÎÒÃÇÐèҪʹÓÃһЩÐÖú¹¤¾ß£¬ÈçFiddlerµÈ´¦Àí¹¤¾ß£¬µ«ÊÇ×îºÃµÄ·½Ê½ÊÇ×Ô¼º¸ù¾ÝÐèҪŪһ¸ö²âÊÔ¹¤¾ß£¬·½±ã²âÊÔ¡£
ÒÔϾÍÊÇÎÒΪÁË×Ô¼ºWeb API ½Ó¿Ú¿ª·¢µÄÐèÒª£¬×¨ÃÅŪµÄÒ»¸öµ÷ÊÔ¹¤¾ß£¬¿ÉÒÔ×Ô¶¯×é×°Ïà¹ØµÄ²ÎÊý£¬°üÀ¨Ê¹Óð²È«Ç©ÃûµÄ²ÎÊý£¬»¹¿ÉÒÔ°ÑËùÓвÎÊýÊý¾Ý½øÐд洢¡£
|