geral2 · yuseok-kim-edushare · Feb 14, 2025 · Feb 14, 2025 · Mar 13, 2025 · Mar 13, 2025
diff --git a/.gitignore b/.gitignore
@@ -15,3 +15,9 @@
 /API_Consumer/debug/
 /API_Consumer/bin/
 /API_Consumer/obj/
+/API_Consumer/obj
+/API_Consumer/bin
+/.vs
+*.user
+/API_Consumer/Merged
+/API_Consumer/packages
diff --git a/API_Consumer/Consumers/APIConsumer.cs b/API_Consumer/Consumers/APIConsumer.cs
diff --git a/API_Consumer/Consumers/Helper.cs b/API_Consumer/Consumers/Helper.cs
@@ -14,6 +14,14 @@ namespace SQLAPI_Consumer
     /// </summary>
     public  static class Helper
     {
+        private static readonly JsonSerializerSettings _serializerSettings = new JsonSerializerSettings
+        {
+            // https://github.com/advisories/GHSA-5crp-9r3c-p9vr related codes
+            MaxDepth = 128, // Recommended depth limit
+            CheckAdditionalContent = true,
+            DateFormatHandling = DateFormatHandling.IsoDateFormat
+        };
+
         /// <summary>
         /// Static method used to Send multiple columns as result set thought Lists of string.
         /// </summary>
@@ -91,29 +99,31 @@ public static void SendResultValue(string ColumnName, string Value)
         public static void SendResultValue(ExtendedResult extResult)
         {
             var Header = new SqlMetaData[]
-            {
-                     new SqlMetaData(nameof(extResult.Result), SqlDbType.VarChar,SqlMetaData.Max),
-                     new SqlMetaData(nameof(extResult.ContentType), SqlDbType.VarChar,100),
-                     new SqlMetaData(nameof(extResult.Server), SqlDbType.VarChar,100),
+            {
+                     new SqlMetaData(nameof(extResult.Result), SqlDbType.VarChar,SqlMetaData.Max),
+                     new SqlMetaData(nameof(extResult.ContentType), SqlDbType.VarChar,100),
+                     new SqlMetaData(nameof(extResult.Server), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.StatusCode), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.StatusDescription), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.headers), SqlDbType.VarChar,SqlMetaData.Max)
-            };
-
+            };
+
             SqlDataRecord Record = new SqlDataRecord(Header);
 
             if (!SqlContext.Pipe.IsSendingResults)
                 SqlContext.Pipe.SendResultsStart(Record);
 
             if (SqlContext.Pipe.IsSendingResults)
             {
-                Record.SetValues(
-                                 extResult.Result
-                                , extResult.ContentType
-                                , extResult.Server
-                                , extResult.StatusCode
-                                , extResult.StatusDescription
-                                , JsonConvert.SerializeObject(extResult.headers)
+                string headersJson = JsonConvert.SerializeObject(extResult.headers, _serializerSettings);
+
+                Record.SetValues(
+                                 extResult.Result
+                                , extResult.ContentType
+                                , extResult.Server
+                                , extResult.StatusCode
+                                , extResult.StatusDescription
+                                , headersJson
                                 );
 
                 SqlContext.Pipe.SendResultsRow(Record);
@@ -160,44 +170,42 @@ public static void SendEmptyResult(SqlMetaData[] Header)
             }
         }
 
-        private static readonly Encoding SignatureEncoding = Encoding.UTF8;
-
+        private static readonly Encoding SignatureEncoding = Encoding.UTF8;
+
         /// <summary>
         /// public method to return that return SHA256
         /// </summary>
         /// <param name="message">parameters in URL</param>
         /// <param name="secret">SK</param>
-        /// <returns>string SHA256</returns>
-        public static string CreateSignature(string message, string secret)
-        {
-
-            byte[] keyBytes = SignatureEncoding.GetBytes(secret);
-            byte[] messageBytes = SignatureEncoding.GetBytes(message);
-            HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
-
-            byte[] bytes = hmacsha256.ComputeHash(messageBytes);
-
-            return BitConverter.ToString(bytes).Replace("-", "").ToLower();
+        /// <returns>string SHA256</returns>
+        public static string CreateSignature(string message, string secret)
+        {
+            using (HMACSHA256 hmacsha256 = new HMACSHA256(SignatureEncoding.GetBytes(secret)))
+            {
+                byte[] messageBytes = SignatureEncoding.GetBytes(message);
+                byte[] bytes = hmacsha256.ComputeHash(messageBytes);
+                return BitConverter.ToString(bytes).Replace("-", "").ToLower();
+            }
         }
 
         /// <summary>
         /// Timestamp for signature
         /// </summary>
         /// <returns>string</returns>
-        public static string GetTimestamp()
+        public static string GetTimestamp()
         {
             var epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
             var timestamp  = (long)(DateTime.Now.ToUniversalTime() - epoch).TotalMilliseconds;
-            return timestamp.ToString();
-            //long milliseconds = System.DateTimeOffset.Now.ToUnixTimeMilliseconds();  
-            //return milliseconds.ToString();
+            return timestamp.ToString();
+            //long milliseconds = System.DateTimeOffset.Now.ToUnixTimeMilliseconds();  
+            //return milliseconds.ToString();
         }
 
         /// <summary>
         /// Get string's array of bytes 
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding(string _type, string _value)
+        public static string GetBytes_Encoding(string _type, string _value)
         {
             string byteArray;
 
@@ -217,21 +225,27 @@ public static string GetBytes_Encoding(string _type, string _value)
         /// Get string's array of bytes  Encoded ASCII
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding_ASCII(string _value)
+        public static string GetBytes_Encoding_ASCII(string _value)
         {
-            var byteArray = Encoding.ASCII.GetBytes(_value);
 
+            if (string.IsNullOrEmpty(_value))
+                return string.Empty;
+
+            var byteArray = Encoding.ASCII.GetBytes(_value);
             return Convert.ToBase64String(byteArray);
         }
 
         /// <summary>
         /// Get string's array of bytes Encoded UTF8
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding_UTF8(string _value)
+        public static string GetBytes_Encoding_UTF8(string _value)
         {
-            var byteArray = Encoding.UTF8.GetBytes(_value);
 
+            if (string.IsNullOrEmpty(_value))
+                return string.Empty;
+
+            var byteArray = Encoding.UTF8.GetBytes(_value);
             return Convert.ToBase64String(byteArray);
         }
     }

diff --git a/API_Consumer/Procedures/APICallerGeneric.cs b/API_Consumer/Procedures/APICallerGeneric.cs
@@ -82,7 +82,7 @@ public static SqlInt32 APICaller_Web_Extended(SqlString httpMethod, SqlString UR
 
             Helper.SendResultValue(ExtResult);
         }
-        catch (Exception ex)
+        catch (Exception)
         {
             Helper.SendResultValue(ExtResult);
 

diff --git a/API_Consumer/Procedures/APICaller_GET.cs b/API_Consumer/Procedures/APICaller_GET.cs
@@ -138,7 +138,7 @@ public static SqlInt32 APICaller_GET_Extended(SqlString URL,  SqlString JsonBody
             Helper.SendResultValue(ExtResult);
 
         }
-        catch (Exception ex)
+        catch (Exception)
         {
             Helper.SendResultValue(ExtResult);
             ExecutionResult = APIConsumer.FAILED_EXECUTION_RESULT;

diff --git a/API_Consumer/Procedures/APICaller_POST.cs b/API_Consumer/Procedures/APICaller_POST.cs
@@ -135,7 +135,7 @@ public static SqlInt32 APICaller_POST_Extended(SqlString URL, SqlString Headers,
             Helper.SendResultValue(ExtResult);
 
         }
-        catch (Exception ex)
+        catch (Exception)
         {
             Helper.SendResultValue(ExtResult);
             ExecutionResult = APIConsumer.FAILED_EXECUTION_RESULT;

diff --git a/API_Consumer/Properties/AssemblyInfo.cs b/API_Consumer/Properties/AssemblyInfo.cs
@@ -19,5 +19,5 @@
 //      Build Number
 //      Revision
 //
-[assembly: AssemblyVersion("2.3.6.1")]
-[assembly: AssemblyFileVersion("2.3.6.1")]
+[assembly: AssemblyVersion("2.3.7.0")]
+[assembly: AssemblyFileVersion("2.3.7.0")]
diff --git a/API_Consumer/SQL-APIConsumer.sqlproj b/API_Consumer/SQL-APIConsumer.sqlproj
@@ -16,18 +16,27 @@
     <AssemblyName>API_Consumer</AssemblyName>
     <ModelCollation>1033, CI</ModelCollation>
     <DefaultFileStructure>BySchemaAndSchemaType</DefaultFileStructure>
-    <DeployToDatabase>True</DeployToDatabase>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <DeployToDatabase>False</DeployToDatabase>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetLanguage>CS</TargetLanguage>
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <SqlServerVerification>False</SqlServerVerification>
     <IncludeCompositeObjects>True</IncludeCompositeObjects>
     <TargetDatabaseSet>True</TargetDatabaseSet>
-    <SignAssembly>False</SignAssembly>
-    <AssemblyOriginatorKeyFile>Key.pfx</AssemblyOriginatorKeyFile>
+    <SignAssembly>True</SignAssembly>
+    <AssemblyOriginatorKeyFile>public_key.snk</AssemblyOriginatorKeyFile>
+    <DelaySign>True</DelaySign>
     <PermissionSet>UNSAFE</PermissionSet>
     <TargetFrameworkProfile />
     <DacVersion>2.1.0.0</DacVersion>
+    <!-- Added property to skip SQL deployment -->
+    <GenerateSqlPackage>false</GenerateSqlPackage>
+    <BuildProjectOnDeploy>false</BuildProjectOnDeploy>
+    <!-- Added properties for ILRepack -->
+    <ILRepackPackage>ILRepack</ILRepackPackage>
+    <ILRepackVersion>2.0.40</ILRepackVersion>
+    <ILRepackOutputAssembly>$(OutputPath)Merged\$(AssemblyName).dll</ILRepackOutputAssembly>
+    <ILRepackKeyFile>$(ProjectDir)$(AssemblyOriginatorKeyFile)</ILRepackKeyFile>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <OutputPath>bin\Release\</OutputPath>
@@ -67,6 +76,8 @@
     <Folder Include="DTO" />
     <Folder Include="Procedures" />
     <Folder Include="Consumers" />
+    <Folder Include="clr_files" />
+    <Folder Include="dll" />
   </ItemGroup>
   <ItemGroup>
     <Compile Include="Procedures\APICaller_POST.cs" />
@@ -87,18 +98,73 @@
     <Reference Include="System.Data" />
     <Reference Include="System.Xml" />
     <Reference Include="System.Net.Http" />
+    <Reference Include="System.Runtime.Serialization" />
     <Reference Include="Newtonsoft.Json, Version=11.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed">
       <HintPath>dll\Newtonsoft.Json.dll</HintPath>
-      <SpecificVersion>True</SpecificVersion>
-      <GenerateSqlClrDdl>True</GenerateSqlClrDdl>
-      <SqlPermissionSet>UNSAFE</SqlPermissionSet>
     </Reference>
+    <Reference Include="System.Runtime" />
+    <Reference Include="System.Text.Encoding" />
+    <Reference Include="System.Threading.Tasks" />
+    <Reference Include="System.Net.Primitives" />
   </ItemGroup>
   <ItemGroup>
     <None Include="Key.pfx" />
+    <None Include="public_key.snk" />
+    <None Include="API_Consumer.dll" />
+    <None Include="Newtonsoft.Json.dll" />
+    <None Include="clr_files\API_Consumer.dll" />
+    <None Include="dll\APIConsumer.dll" />
+    <None Include="dll\Newtonsoft.Json.dll" />
+    <None Include="dll\System.Net.Http.dll" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="clr_files\register_assembly.sql" />
   </ItemGroup>
   <PropertyGroup>
     <PreBuildEvent>
     </PreBuildEvent>
+    <!-- ILRepack as post-build event - updated with reliable download and execution -->
+    <PostBuildEvent>
+      @echo ===== Starting ILRepack Merge Process =====
+
+      @echo Setting up working directory
+      cd "$(ProjectDir)"
+
+      @echo Creating packages directory if it doesn't exist
+      if not exist "$(ProjectDir)packages" mkdir "$(ProjectDir)packages"
+
+      @echo Creating merged output directory
+      if not exist "$(OutputPath)Merged" mkdir "$(OutputPath)Merged"
+
+      @echo Downloading NuGet if needed
+      if not exist "$(ProjectDir)packages\nuget.exe" powershell -Command "Invoke-WebRequest -Uri https://dist.nuget.org/win-x86-commandline/latest/nuget.exe -OutFile '$(ProjectDir)packages\nuget.exe'"
+
+      @echo Checking for ILRepack
+      if not exist "$(ProjectDir)packages\$(ILRepackPackage).$(ILRepackVersion)" (
+        @echo Installing ILRepack via NuGet
+        "$(ProjectDir)packages\nuget.exe" install $(ILRepackPackage) -Version $(ILRepackVersion) -OutputDirectory "$(ProjectDir)packages"
+      )
+
+      @echo Locating ILRepack executable
+      for /f "tokens=*" %%a in ('dir /b /s "$(ProjectDir)packages\$(ILRepackPackage).$(ILRepackVersion)\tools\ILRepack.exe"') do set ILREPACK_EXE=%%a
+
+      @echo Running ILRepack to merge assemblies
+      "%ILREPACK_EXE%" /target:library /targetplatform:v4 /keyfile:"$(ProjectDir)public_key.snk" /delaysign /out:"$(OutputPath)Merged\$(AssemblyName).dll" "$(OutputPath)$(AssemblyName).dll" "$(ProjectDir)dll\Newtonsoft.Json.dll" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Internals.dll" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.Net.Http.dll" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMDiagnostics.dll"
+
+      @echo Creating SQL registration script
+      @echo -- SQL script for registering merged assembly &gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo USE [master] &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo GO &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo -- Drop existing assembly if it exists &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo IF EXISTS (SELECT * FROM sys.assemblies WHERE name = 'API_Consumer') &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo BEGIN &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo     DROP ASSEMBLY [API_Consumer] &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo END &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo GO &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo CREATE ASSEMBLY [API_Consumer] FROM '$(OutputPath)Merged\$(AssemblyName).dll' WITH PERMISSION_SET = UNSAFE; &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+      @echo GO &gt;&gt; "$(OutputPath)Merged\RegisterAssembly.sql"
+
+      @echo ===== ILRepack Merge Process Completed =====
+    </PostBuildEvent>
   </PropertyGroup>
 </Project>
diff --git a/API_Consumer/SQL-APIConsumer.sqlproj.user b/API_Consumer/SQL-APIConsumer.sqlproj.user
diff --git a/API_Consumer/bin/Debug/API_Consumer.dacpac b/API_Consumer/bin/Debug/API_Consumer.dacpac
diff --git a/API_Consumer/bin/Debug/API_Consumer.dll b/API_Consumer/bin/Debug/API_Consumer.dll
diff --git a/API_Consumer/bin/Debug/API_Consumer.pdb b/API_Consumer/bin/Debug/API_Consumer.pdb