feat: finalize core modules and gateway

src/Modules/TakeoutSaaS.Module.Sms/Services/TencentSmsSender.cs

@@ -0,0 +1,136 @@
+using System.Globalization;
+using System.Net.Http;
+using System.Security.Cryptography;
+using System.Text;
+using System.Text.Json;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using TakeoutSaaS.Module.Sms.Abstractions;
+using TakeoutSaaS.Module.Sms.Models;
+using TakeoutSaaS.Module.Sms.Options;
+
+namespace TakeoutSaaS.Module.Sms.Services;
+
+/// <summary>
+/// 腾讯云短信发送实现（TC3-HMAC 签名）。
+/// </summary>
+public sealed class TencentSmsSender(IHttpClientFactory httpClientFactory, IOptionsMonitor<SmsOptions> optionsMonitor, ILogger<TencentSmsSender> logger)
+    : ISmsSender
+{
+    private const string Service = "sms";
+    private const string Action = "SendSms";
+    private const string Version = "2021-01-11";
+
+    /// <inheritdoc />
+    public SmsProviderKind Provider => SmsProviderKind.Tencent;
+
+    /// <inheritdoc />
+    public async Task<SmsSendResult> SendAsync(SmsSendRequest request, CancellationToken cancellationToken = default)
+    {
+        var options = optionsMonitor.CurrentValue;
+        if (options.UseMock)
+        {
+            logger.LogInformation("Mock 发送短信到 {Phone}, Template:{Template}, Vars:{Vars}", request.PhoneNumber, request.TemplateCode, JsonSerializer.Serialize(request.Variables));
+            return new SmsSendResult { Success = true, Message = "Mocked" };
+        }
+
+        var tencent = options.Tencent;
+        var payload = BuildPayload(request, tencent);
+        var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
+        var date = DateTimeOffset.FromUnixTimeSeconds(timestamp).UtcDateTime.ToString("yyyy-MM-dd", CultureInfo.InvariantCulture);
+
+        var host = new Uri(tencent.Endpoint).Host;
+        var canonicalRequest = BuildCanonicalRequest(payload, host, tencent.Endpoint.StartsWith("https", StringComparison.OrdinalIgnoreCase));
+        var stringToSign = BuildStringToSign(canonicalRequest, timestamp, date);
+        var signature = Sign(stringToSign, tencent.SecretKey, date);
+
+        using var httpClient = httpClientFactory.CreateClient(nameof(TencentSmsSender));
+        using var httpRequest = new HttpRequestMessage(HttpMethod.Post, tencent.Endpoint)
+        {
+            Content = new StringContent(payload, Encoding.UTF8, "application/json")
+        };
+
+        httpRequest.Headers.Add("Host", host);
+        httpRequest.Headers.Add("X-TC-Action", Action);
+        httpRequest.Headers.Add("X-TC-Version", Version);
+        httpRequest.Headers.Add("X-TC-Timestamp", timestamp.ToString(CultureInfo.InvariantCulture));
+        httpRequest.Headers.Add("X-TC-Region", tencent.Region);
+        httpRequest.Headers.Add("Authorization",
+            $"TC3-HMAC-SHA256 Credential={tencent.SecretId}/{date}/{Service}/tc3_request, SignedHeaders=content-type;host, Signature={signature}");
+
+        var response = await httpClient.SendAsync(httpRequest, cancellationToken).ConfigureAwait(false);
+        var content = await response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
+
+        if (!response.IsSuccessStatusCode)
+        {
+            logger.LogWarning("腾讯云短信发送失败：{Status} {Content}", response.StatusCode, content);
+            return new SmsSendResult { Success = false, Message = content };
+        }
+
+        using var doc = JsonDocument.Parse(content);
+        var root = doc.RootElement.GetProperty("Response");
+        var status = root.GetProperty("SendStatusSet")[0];
+        var code = status.GetProperty("Code").GetString();
+        var message = status.GetProperty("Message").GetString();
+        var requestId = root.GetProperty("RequestId").GetString();
+
+        var success = string.Equals(code, "Ok", StringComparison.OrdinalIgnoreCase);
+        return new SmsSendResult
+        {
+            Success = success,
+            RequestId = requestId,
+            Message = message
+        };
+    }
+
+    private static string BuildPayload(SmsSendRequest request, TencentSmsOptions options)
+    {
+        var payload = new
+        {
+            PhoneNumberSet = new[] { request.PhoneNumber },
+            SmsSdkAppId = options.SdkAppId,
+            SignName = request.SignName ?? options.SignName,
+            TemplateId = request.TemplateCode,
+            TemplateParamSet = request.Variables.Values.ToArray()
+        };
+
+        return JsonSerializer.Serialize(payload);
+    }
+
+    private static string BuildCanonicalRequest(string payload, string host, bool useHttps)
+    {
+        _ = useHttps;
+        var hashedPayload = HashSha256(payload);
+        var canonicalHeaders = $"content-type:application/json\nhost:{host}\n";
+        return $"POST\n/\n\n{canonicalHeaders}\ncontent-type;host\n{hashedPayload}";
+    }
+
+    private static string BuildStringToSign(string canonicalRequest, long timestamp, string date)
+    {
+        var hashedRequest = HashSha256(canonicalRequest);
+        return $"TC3-HMAC-SHA256\n{timestamp}\n{date}/{Service}/tc3_request\n{hashedRequest}";
+    }
+
+    private static string Sign(string stringToSign, string secretKey, string date)
+    {
+        static byte[] HmacSha256(byte[] key, string msg) => new HMACSHA256(key).ComputeHash(Encoding.UTF8.GetBytes(msg));
+
+        var secretDate = HmacSha256(Encoding.UTF8.GetBytes($"TC3{secretKey}"), date);
+        var secretService = HmacSha256(secretDate, Service);
+        var secretSigning = HmacSha256(secretService, "tc3_request");
+        var signatureBytes = new HMACSHA256(secretSigning).ComputeHash(Encoding.UTF8.GetBytes(stringToSign));
+        return Convert.ToHexString(signatureBytes).ToLowerInvariant();
+    }
+
+    private static string HashSha256(string raw)
+    {
+        var bytes = SHA256.HashData(Encoding.UTF8.GetBytes(raw));
+        var builder = new StringBuilder(bytes.Length * 2);
+        foreach (var b in bytes)
+        {
+            builder.Append(b.ToString("x2", CultureInfo.InvariantCulture));
+        }
+
+        return builder.ToString();
+    }
+}