From 2f53ca83fa03c317fb5db3f6ffdadbafbd78dda6 Mon Sep 17 00:00:00 2001
From: wtt <1985833171@qq.com>
Date: 星期三, 06 五月 2026 08:40:19 +0800
Subject: [PATCH] 1

---
 WebAPI/Service/SignatureVerifyAttribute.cs |   31 ++++++++++++++++++++++++-------
 1 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/WebAPI/Service/SignatureVerifyAttribute.cs b/WebAPI/Service/SignatureVerifyAttribute.cs
index 12e8ea2..1c9583a 100644
--- a/WebAPI/Service/SignatureVerifyAttribute.cs
+++ b/WebAPI/Service/SignatureVerifyAttribute.cs
@@ -6,6 +6,7 @@
 using System.Web.Http;
 using System.Web.Http.Controllers;
 using System.Web.Http.Filters;
+using WebAPI;
 using WebAPI.Service;
 
 namespace project.Filter
@@ -53,7 +54,6 @@
             }
             var currentTs = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds;
             var diff = Math.Abs(currentTs - ts);
-
             if (diff > 300) // 300绉� = 5鍒嗛挓
             {
                 actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.BadRequest,
@@ -69,26 +69,43 @@
                 if (!string.IsNullOrEmpty(query) && query.StartsWith("?"))
                 {
                     rawData = query.Substring(1); 
+
                 }
             }
             else
             {
+
+                var originalContentType = actionContext.Request.Content.Headers.ContentType;
+
+
                 var bodyBytes = await actionContext.Request.Content.ReadAsByteArrayAsync();
                 rawData = Encoding.UTF8.GetString(bodyBytes);
 
+
                 actionContext.Request.Content = new ByteArrayContent(bodyBytes);
-                if (actionContext.Request.Content.Headers.ContentType != null)
+                if (originalContentType != null)
                 {
-                    actionContext.Request.Content.Headers.ContentType =
-                        new System.Net.Http.Headers.MediaTypeHeaderValue(
-                            actionContext.Request.Content.Headers.ContentType.MediaType);
+                    actionContext.Request.Content.Headers.ContentType = originalContentType;
                 }
             }
-            var signStr = rawData + "&timestamp=" + timestamp + "&nonce=" + nonce + "&key=" + SecretKey;
+            //else
+            //{
+            //    var bodyBytes = await actionContext.Request.Content.ReadAsByteArrayAsync();
+            //    rawData = Encoding.UTF8.GetString(bodyBytes);
 
+            //    actionContext.Request.Content = new ByteArrayContent(bodyBytes);
+            //    if (actionContext.Request.Content.Headers.ContentType != null)
+            //    {
+            //        actionContext.Request.Content.Headers.ContentType =
+            //            new System.Net.Http.Headers.MediaTypeHeaderValue(
+            //                actionContext.Request.Content.Headers.ContentType.MediaType);
+            //    }
+            //}
+            rawData = rawData.Replace("'", "%27");
+            var signStr = rawData + "&timestamp=" + timestamp + "&nonce=" + nonce + "&key=" + SecretKey;
             var serverSign = ComputeHmacSha256(signStr, SecretKey);
 
-
+            
             if (serverSign != clientSign.ToUpper())
             {
                 actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized,

--
Gitblit v1.9.1