Web_AUTS_Server_Prod/AUTS_Server/Service/EncryptionService.cs

using Microsoft.AspNetCore.Mvc;
using OtpNet;
using System.Text;
using XSystem.Security.Cryptography;

namespace AUTS_Server.Service
{
    public class EncryptionService : IEncryptionService
    {
        public string BuildTotpUri(string secret, string user, string issuer)
        {
            var issuerParameter = string.IsNullOrEmpty(issuer) ? "" : $"&issuer={Uri.EscapeDataString(issuer)}";
            return $"otpauth://totp/{Uri.EscapeDataString(user)}?secret={secret}{issuerParameter}&algorithm=SHA1&digits=6&period=30";
        }

        public string Encrypt(string str)
        {
            MD5CryptoServiceProvider md5CryptoServiceProvider = new MD5CryptoServiceProvider();
            byte[] array = md5CryptoServiceProvider.ComputeHash(Encoding.Default.GetBytes(str));
            StringBuilder stringBuilder = new StringBuilder();
            foreach (byte b in array)
            {
                stringBuilder.Append(b.ToString("x2"));
            }
            return stringBuilder.ToString().ToUpper();
        }

        public GenerateKeyinfo GenerateKey()
        {
            GenerateKeyinfo generateKeyinfo = new GenerateKeyinfo();
            var key = KeyGeneration.GenerateRandomKey(20);
            string base32Secret = Base32Encoding.ToString(key);
            var issuer = "AUTS";
            var userAccount = "new.uts-data.com";
            string totpSetupUrl = BuildTotpUri(base32Secret, userAccount, issuer);
            generateKeyinfo.SecretKey = base32Secret;
            generateKeyinfo.QrCodeSetupUrl = totpSetupUrl;
            return generateKeyinfo;
            // 返回密钥和二维码URL
            //return Ok(new { SecretKey = base32Secret, QrCodeSetupUrl = totpSetupUrl });
        }

        public bool VerifyTOTP(VerifyTOTPRequest request)
        {
            var key = Base32Encoding.ToBytes(request.SecretKey);
            long timeStepMatched;
            var totp = new Totp(key);
            var TotpCode = "";
            bool isValid = totp.VerifyTotp(TotpCode, out timeStepMatched, new VerificationWindow(2, 2));

            if (isValid)
            {
                // 验证成功
                return true;
            }
            else
            {
                // 验证失;
                return false;
            }
        }
    }
    public class GenerateKeyinfo
    {
        public string SecretKey { get; set; }
        public string QrCodeSetupUrl { get; set; }
    }
}