我正在尝试使用证明密钥验证请求是否源自 Office 网页版我已经多次阅读此资源,但仍然不知道如何在 PHP 中实现它。我尝试了下面的代码似乎没有解决问题,我不知道下一步该怎么做。有人可以给我一个建议吗?$rsa = new Crypt_RSA();$modulus = new Math_BigInteger(base64_decode($modulus), 256);$exponent = new Math_BigInteger(base64_decode($exponent), 256);$rsa->loadKey(array('n' => $modulus, 'e' => $exponent));$rsa->setPublicKey();$publicKey = $rsa->getPublicKey();
2 回答
青春有我
TA贡献1784条经验 获得超8个赞
据我所知,验证 WOPI 证明密钥的实施起来相当复杂,而从文档中的解释中提取编程逻辑则具有挑战性。不幸的是,我不是 PHP 开发人员。不过,我想分享我的生产 C# 代码,以防有帮助。
private async Task<bool> ValidateWopiProof(HttpContext context)
{
// Make sure the request has the correct headers
if (!context.Request.Headers.ContainsKey(WopiRequestHeader.PROOF) ||
!context.Request.Headers.ContainsKey(WopiRequestHeader.TIME_STAMP))
return false;
// TimestampOlderThan20Min
var timeStamp = long.Parse(context.Request.Headers[WopiRequestHeader.TIME_STAMP].ToString());
var timeStampDateTime = new DateTime(timeStamp, DateTimeKind.Utc);
if ((DateTime.UtcNow - timeStampDateTime).TotalMinutes > 20)
return false;
// Set the requested proof values
var requestProof = context.Request.Headers[WopiRequestHeader.PROOF];
var requestProofOld = String.Empty;
if (context.Request.Headers.ContainsKey(WopiRequestHeader.PROOF_OLD))
requestProofOld = context.Request.Headers[WopiRequestHeader.PROOF_OLD];
// Get the WOPI proof info from Wopi discovery
var wopiProofPublicKey = await _wopiDiscovery.GetWopiProof();
// Encode the values into bytes
var accessTokenBytes = Encoding.UTF8.GetBytes(context.Request.Query["access_token"].ToString());
var hostUrl = GetAbsolouteUrl(context);
var hostUrlBytes = Encoding.UTF8.GetBytes(hostUrl.ToUpperInvariant());
var timeStampBytes = BitConverter.GetBytes(Convert.ToInt64(context.Request.Headers[WopiRequestHeader.TIME_STAMP])).Reverse().ToArray();
// Build expected proof
List<byte> expected = new List<byte>(
4 + accessTokenBytes.Length +
4 + hostUrlBytes.Length +
4 + timeStampBytes.Length);
// Add the values to the expected variable
expected.AddRange(BitConverter.GetBytes(accessTokenBytes.Length).Reverse().ToArray());
expected.AddRange(accessTokenBytes);
expected.AddRange(BitConverter.GetBytes(hostUrlBytes.Length).Reverse().ToArray());
expected.AddRange(hostUrlBytes);
expected.AddRange(BitConverter.GetBytes(timeStampBytes.Length).Reverse().ToArray());
expected.AddRange(timeStampBytes);
byte[] expectedBytes = expected.ToArray();
return (VerifyProofKeys(expectedBytes, requestProof, wopiProofPublicKey.Value) ||
VerifyProofKeys(expectedBytes, requestProofOld, wopiProofPublicKey.Value) ||
VerifyProofKeys(expectedBytes, requestProof, wopiProofPublicKey.OldValue));
}
private string GetAbsolouteUrl(HttpContext context)
{
var url = $"{_wopiUrlService.ApiAddress.TrimEnd('/')}{context.Request.Path}{context.Request.QueryString}";
return url.Replace(":44300", "").Replace(":443", "");
}
private bool VerifyProofKeys(byte[] expectedProof, string proofFromRequest, string discoPublicKey)
{
using (RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider())
{
try
{
rsaProvider.ImportCspBlob(Convert.FromBase64String(discoPublicKey));
return rsaProvider.VerifyData(expectedProof, "SHA256", Convert.FromBase64String(proofFromRequest));
}
catch (FormatException)
{
return false;
}
catch (CryptographicException)
{
return false;
}
}
}
此实现遵循文档规范。至于方法_wopiDiscovery.GetWopiProof(),我只是从Wopi Discoveryproof-key得到了部分。
慕妹3146593
TA贡献1820条经验 获得超9个赞
您可以在这个包中找到 PHP 中的 WOPI 证明验证器: https: //github.com/Champs-Libres/wopi-lib/
该软件包是在 PHP 应用程序中集成 WOPI 协议的帮助程序。
它包含您可以开箱即用的 WOPI 证明验证器服务。
- 2 回答
- 0 关注
- 321 浏览
添加回答
举报
0/150
提交
取消