1

61769241 · 吴春 · 9778b549 · 61769241 · 61769241
Commit 61769241 authored Dec 13, 2024 by 吴春
Hide whitespace changes
Inline Side-by-side

Showing with 51 additions and 12 deletions

WXBizMsgCrypt.cs Mall.Common/Pay/WeChatPat/Msg/WXBizMsgCrypt.cs +29 -0

WeChatNotifyController.cs ...WebApi/Controllers/AppletWeChat/WeChatNotifyController.cs +22 -12

No files found.
--- a/Mall.Common/Pay/WeChatPat/Msg/WXBizMsgCrypt.cs
+++ b/Mall.Common/Pay/WeChatPat/Msg/WXBizMsgCrypt.cs
@@ -291,5 +291,34 @@ namespace Mall.Common.Pay.WeChatPat
            }
            return wx;
        }
+        /// <summary>
+        /// 验证微信签名
+        /// * 将token、timestamp、nonce三个参数进行字典序排序
+        /// * 将三个参数字符串拼接成一个字符串进行sha1加密
+        /// * 开发者获得加密后的字符串可与signature对比，标识该请求来源于微信。
+        /// </summary>
+        /// <param name="signature"></param>
+        /// <param name="timestamp"></param>
+        /// <param name="nonce"></param>
+        /// <param name="_token"></param>
+        /// <returns></returns>
+        [Obsolete]
+        public static bool CheckSignature(string signature, string timestamp, string nonce, string _token)
+        {
+            return false;
+            //var vs = new[] { timestamp, nonce, _token }.OrderBy(s => s);
+            //var str = string.Join("", vs);
+            //var tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(str, "SHA1");
+            //tmpStr = tmpStr.ToLower();
+            //Plugin.LogHelper.Write("tmpStr：" + tmpStr + ",_token:" + _token);
+            //if (tmpStr == null)
+            //{
+            //    return false;
+            //}
+            //return tmpStr.Equals(signature, StringComparison.CurrentCultureIgnoreCase);
+        }
    }
 }
--- a/Mall.WebApi/Controllers/AppletWeChat/WeChatNotifyController.cs
+++ b/Mall.WebApi/Controllers/AppletWeChat/WeChatNotifyController.cs
@@ -539,10 +539,13 @@ namespace Mall.WebApi.Controllers.AppletWeChat
        /// <returns></returns>
        [HttpPost]
        [HttpGet]
-        public void EventMessageCall(int MallBaseId, int TenantId, string signature, string echostr, string timestamp, string nonce, string openid, string encrypt_type, string msg_signature)
+        public string EventMessageCall(int MallBaseId, int TenantId, string signature, string echostr, string timestamp, string nonce, string openid, string encrypt_type, string msg_signature)
        {
+            LogHelper.WriteInfo("我进来了参数如下[MallBaseId:" + MallBaseId+ "，TenantId："+ TenantId + "，TenantId：" + signature + "，signature：" + signature + "，echostr：" + echostr + "，timestamp：" + timestamp + "，nonce：" + nonce + "，openid：" + openid + "，encrypt_type：" + encrypt_type + "，msg_signature：" + msg_signature);
+            var req = new RequestHandler();
            try
            {
                int qrCodeType = 0;
                int userId = 0;
                string textpl = "";
@@ -551,35 +554,42 @@ namespace Mall.WebApi.Controllers.AppletWeChat
                string sAppID = "wxaeb077c07ed6f30d";
                string sEncodingAESKey = "9FgR0wMXxe6wXBB5hwgpn2mZM6sQMi3E3Vk5sxrXEAL";
                var request = _accessor.HttpContext.Request;
+                LogHelper.Write("我是回调方法：EventMessageCall" + "请求方式：" + request.Method);
+                if (request.Method == "GET")
+                {
+                    //WXBizMsgCrypt.CheckSignature(signature, timestamp, nonce, sToken);
+                }
                // var inputStream = request.Body;
                var str = new StreamReader(request.Body);
                string postStr = str.ReadToEnd();
                LogHelper.Write("我是返回信息：" + postStr);
                lock (_lock)
                {
-                    WechatMessage wx = WXBizMsgCrypt.GetWxMessage(postStr, timestamp, nonce, signature, encrypt_type, msg_signature, openid);
+                    if (!string.IsNullOrWhiteSpace(postStr))
-                    if (!string.IsNullOrWhiteSpace(wx.EventKey))// 用户未关注时，进行关注后的事件推送;事件KEY值，qrscene_为前缀，后面为二维码的参数值
                    {
-                        textpl = ReceivedText(wx.FromUserName, wx.ToUserName, content);
+                        WechatMessage wx = WXBizMsgCrypt.GetWxMessage(postStr, timestamp, nonce, signature, encrypt_type, msg_signature, openid);
-                        if (encrypt_type.ToLower() == "aes".ToLower())//加密模式需要先解密
+                        if (!string.IsNullOrWhiteSpace(wx.MsgType))// 用户未关注时，进行关注后的事件推送;事件KEY值，qrscene_为前缀，后面为二维码的参数值
                        {
-                            var ret = new WXBizMsgCrypt(sToken, sEncodingAESKey, sAppID);
+                            textpl = ReceivedText(wx.FromUserName, wx.ToUserName, content);
-                            int r = ret.EncryptMsg(textpl, timestamp, nonce, ref textpl);
+                            if (encrypt_type.ToLower() == "aes".ToLower())//加密模式需要先解密
-                            if (r != 0)
                            {
-                                LogHelper.WriteInfo("GetWxMessage_消息加密失败：");
+                                var ret = new WXBizMsgCrypt(sToken, sEncodingAESKey, sAppID);
-                                textpl = "";
+                                int r = ret.EncryptMsg(textpl, timestamp, nonce, ref textpl);
+                                if (r != 0)
+                                {
+                                    LogHelper.WriteInfo("GetWxMessage_消息加密失败：");
+                                    textpl = "";
+                                }
                            }
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                LogHelper.Write(ex.ToString());
            }
+            return echostr ?? "echostr is null";
        }
        /// <summary>