[英]How could I Encrypt OData Request Payload at Client Side(DataServiceContext) and Decrypting Request at ServerSide?
I have an Windows Application consuming OData v4
WebAPI using DataServiceContext
. 我有一个Windows应用程序,它使用DataServiceContext
来使用OData v4
WebAPI。 WebApi is over SSL but still I think anyone can trap request using Web Debugging Tools like fiddler (on the Windows Application Host Machine) and can re-issue the request by altering Request Body. WebApi是基于SSL的,但是我仍然认为任何人都可以使用诸如Fiddler之类的Web调试工具(在Windows应用程序主机上)来捕获请求,并可以通过更改请求主体来重新发出请求。
So I was just thinking what if I could encrypt RequestBody
of outgoing Request in Windows Application using Public/Private Key in Production Environment. 所以我只是在想如果可以在生产环境中使用公钥/私钥对Windows应用程序中的传出请求的RequestBody
进行加密。 If yes how could I? 如果可以,我该怎么办?
Do I need to create custom DataServiceClientRequestMessage
or need to hook encryption process somewhere in DataServiceContext
. 我需要创建自定义DataServiceClientRequestMessage
还是需要在DataServiceContext
中的某个地方挂接加密过程。
The Request would be decrypted using MessageHandler
. 该请求将使用MessageHandler
解密。
Yes, I think you can write your custom DataServiceClientRequestMessage
, and overwrite GetStream()
to encrypt the output stream. 是的,我认为您可以编写自定义DataServiceClientRequestMessage
并覆盖GetStream()
来加密输出流。 Then, set the new message to DataServiceContext with DataServiceContext.Configurations.RequestPipeline.OnMessageCreating = new CustomRequestMessage()
. 然后,使用DataServiceContext.Configurations.RequestPipeline.OnMessageCreating = new CustomRequestMessage()
将新消息设置为DataServiceContext。
You can refer a custom DataServiceClientRequestMessage
example at OData github repository. 您可以在OData github存储库中引用自定义DataServiceClientRequestMessage
示例。 TestDataServiceClientRequestMessage.cs and DataServiceContextWithCustomTransportLayer.cs TestDataServiceClientRequestMessage.cs和DataServiceContextWithCustomTransportLayer.cs
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.