如何在RequestInterceptor(WCF REST入门工具包)中验证Content-MD5标头(根据实际内容)-REST Web服务
[英]How to validate the Content-MD5 header (from the actual content) in a RequestInterceptor (WCF REST Starter Kit) - REST web service
问题描述
I'm implementing REST web services by means of the WCF REST Starter Kit. 
我正在通过WCF REST入门套件来实现REST Web服务。
I get the request in a System.ServiceModel.Channels.RequestContext. 我在System.ServiceModel.Channels.RequestContext中收到请求。
Specifically: the interceptor starts this way: Public Overrides Sub ProcessRequest(ByRef requestContext As RequestContext) 具体来说:拦截器以这种方式启动:Public Overrides Sub ProcessRequest(ByRef requestContext As RequestContext)
If the request includes the Content-MD5 header, I must validate the provided hash against the actual content body, right? 如果请求中包含Content-MD5标头,则必须针对实际的内容主体验证提供的哈希,对吗? Because this does not happen 'automatically'. 因为这不会“自动”发生。 Nobody (IIS, or whoever) is verifying this for me, as I first thought it would happen. 没有人(IIS或任何人)为我验证这一点,因为我最初认为这会发生。
I thought doing this content verification would be easy. 我认为进行此内容验证会很容易。 I just have to get the request body as a string and compare the result of my GenerateChecksumForContent() with the hash included in the header. 我只需要获取请求主体作为字符串,并将我的GenerateChecksumForContent()的结果与标头中包含的哈希值进行比较即可。
How to compute the MD5 from the content: 如何根据内容计算MD5:
Public Shared Function GenerateChecksumForContent(ByVal content As String) As String
' Convert the input string to a byte array and compute the hash.
Dim hashed As Byte() = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(content))
' Convert the hash to a Base64 Encoded string and return it
Return Convert.ToBase64String(hashed)
End Function
How to get the Content-MD5 request Header value: 如何获取Content-MD5请求标头值:
Dim message As Message = requestContext.RequestMessage
Dim reqProp As HttpRequestMessageProperty = DirectCast(message.Properties(HttpRequestMessageProperty.Name), HttpRequestMessageProperty)
Dim contentMD5HeaderValue As String = reqProp.Headers("Content-MD5")
My problem is that I don't know how to do something so apparently simple as compute the Content-MD5 of the request's body. 我的问题是,我不知道如何做看起来很简单的事情,例如计算请求正文的Content-MD5。
I could not find any built-in property telling me this information (the content's MD5 current hash value). 我找不到任何内置属性可以告诉我此信息(内容的MD5当前哈希值)。
I've tried this, but it does not work: 我已经尝试过了,但是不起作用:
Dim content As String = requestContext.RequestMessage.GetBody(Of String)()
Dim computedMD5 As String = GenerateChecksumForContent(content)
In addition, what would happen after the RequestInterceptor run and the 'real' method process the content? 另外,在RequestInterceptor运行并且“真实”方法处理内容之后会发生什么? The content would be lost because it was already read? 内容会因为已经被读取而丢失?
Should I in addition do something like ".CreateBufferedCopy()" to keep the request body available for the post-RequestInterceptor processing? 我是否应该另外执行“ .CreateBufferedCopy()”之类的操作,以使请求主体可用于后RequestInterceptor处理?
I cannot understand why this is so complicated! 我不明白为什么这么复杂! It should be something trivial, but as you can see, I'm completely lost. 这应该是微不足道的,但是如您所见,我完全迷失了。
Please someone, help me... 请有人帮我...
Many thanks, 非常感谢,
Horacio.- 霍拉西奥-
1 个解决方案
解决方案1
0 2011-11-09 17:53:56
Here are two MSDN pages that give an answer to your question: 这是两个MSDN页面,可以为您的问题提供答案:
http://blogs.msdn.com/b/csharpfaq/archive/2006/10/09/how-do-i-calculate-a-md5-hash-from-a-string_3f00_.aspx
http://blogs.msdn.com/b/csharpfaq/archive/2006/10/09/how-do-i-calculate-a-md5-hash-from-a-string_3f00_.aspx http://msdn.microsoft.com/en-us/library/system.security.cryptography.md5.aspx
http://msdn.microsoft.com/zh-CN/library/system.security.cryptography.md5.aspx
Hopefully one of them will be sufficient. 希望其中之一就足够了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.