2回答

青春有我

据我所知，验证 WOPI 证明密钥的实施起来相当复杂，而从文档中的解释中提取编程逻辑则具有挑战性。不幸的是，我不是 PHP 开发人员。不过，我想分享我的生产 C# 代码，以防有帮助。private async Task<bool> ValidateWopiProof(HttpContext context){    // Make sure the request has the correct headers    if (!context.Request.Headers.ContainsKey(WopiRequestHeader.PROOF) ||        !context.Request.Headers.ContainsKey(WopiRequestHeader.TIME_STAMP))        return false;    // TimestampOlderThan20Min    var timeStamp = long.Parse(context.Request.Headers[WopiRequestHeader.TIME_STAMP].ToString());    var timeStampDateTime = new DateTime(timeStamp, DateTimeKind.Utc);    if ((DateTime.UtcNow - timeStampDateTime).TotalMinutes > 20)        return false;    // Set the requested proof values    var requestProof = context.Request.Headers[WopiRequestHeader.PROOF];    var requestProofOld = String.Empty;    if (context.Request.Headers.ContainsKey(WopiRequestHeader.PROOF_OLD))        requestProofOld = context.Request.Headers[WopiRequestHeader.PROOF_OLD];    // Get the WOPI proof info from Wopi discovery    var wopiProofPublicKey = await _wopiDiscovery.GetWopiProof();    // Encode the values into bytes    var accessTokenBytes = Encoding.UTF8.GetBytes(context.Request.Query["access_token"].ToString());    var hostUrl = GetAbsolouteUrl(context);    var hostUrlBytes = Encoding.UTF8.GetBytes(hostUrl.ToUpperInvariant());    var timeStampBytes = BitConverter.GetBytes(Convert.ToInt64(context.Request.Headers[WopiRequestHeader.TIME_STAMP])).Reverse().ToArray();    // Build expected proof    List<byte> expected = new List<byte>(        4 + accessTokenBytes.Length +        4 + hostUrlBytes.Length +        4 + timeStampBytes.Length);    // Add the values to the expected variable    expected.AddRange(BitConverter.GetBytes(accessTokenBytes.Length).Reverse().ToArray());    expected.AddRange(accessTokenBytes);    expected.AddRange(BitConverter.GetBytes(hostUrlBytes.Length).Reverse().ToArray());    expected.AddRange(hostUrlBytes);    expected.AddRange(BitConverter.GetBytes(timeStampBytes.Length).Reverse().ToArray());    expected.AddRange(timeStampBytes);    byte[] expectedBytes = expected.ToArray();    return (VerifyProofKeys(expectedBytes, requestProof, wopiProofPublicKey.Value) ||        VerifyProofKeys(expectedBytes, requestProofOld, wopiProofPublicKey.Value) ||        VerifyProofKeys(expectedBytes, requestProof, wopiProofPublicKey.OldValue));}private string GetAbsolouteUrl(HttpContext context){    var url = $"{_wopiUrlService.ApiAddress.TrimEnd('/')}{context.Request.Path}{context.Request.QueryString}";    return url.Replace(":44300", "").Replace(":443", "");}private bool VerifyProofKeys(byte[] expectedProof, string proofFromRequest, string discoPublicKey){    using (RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider())    {        try        {            rsaProvider.ImportCspBlob(Convert.FromBase64String(discoPublicKey));            return rsaProvider.VerifyData(expectedProof, "SHA256", Convert.FromBase64String(proofFromRequest));        }        catch (FormatException)        {            return false;        }        catch (CryptographicException)        {            return false;        }    }}此实现遵循文档规范。至于方法_wopiDiscovery.GetWopiProof()，我只是从Wopi Discoveryproof-key得到了部分。

0 0

0

慕妹3146593

您可以在这个包中找到 PHP 中的 WOPI 证明验证器： https:&nbsp;//github.com/Champs-Libres/wopi-lib/该软件包是在 PHP 应用程序中集成 WOPI 协议的帮助程序。它包含您可以开箱即用的 WOPI 证明验证器服务。

0 0

0