From 082199dc2630bedceca23e51cb0fc3ecc3e8873a Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Mon, 5 Feb 2024 13:34:19 +0800 Subject: [PATCH] =?UTF-8?q?feat(work):=20=E5=9F=BA=E4=BA=8E=20ErroredResul?= =?UTF-8?q?t=20=E6=94=B9=E9=80=A0=E9=AA=8C=E7=AD=BE=E7=9B=B8=E5=85=B3?= =?UTF-8?q?=E6=89=A9=E5=B1=95=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../WechatWorkClientEventExtensions.cs | 62 ++++++++++++++----- 1 file changed, 46 insertions(+), 16 deletions(-) diff --git a/src/SKIT.FlurlHttpClient.Wechat.Work/Extensions/WechatWorkClientEventExtensions.cs b/src/SKIT.FlurlHttpClient.Wechat.Work/Extensions/WechatWorkClientEventExtensions.cs index 787d0c2b..cdd15ede 100644 --- a/src/SKIT.FlurlHttpClient.Wechat.Work/Extensions/WechatWorkClientEventExtensions.cs +++ b/src/SKIT.FlurlHttpClient.Wechat.Work/Extensions/WechatWorkClientEventExtensions.cs @@ -3,6 +3,8 @@ using System.Xml.Linq; namespace SKIT.FlurlHttpClient.Wechat.Work { + using SKIT.FlurlHttpClient.Primitives; + /// /// 为 提供回调通知事件的扩展方法。 /// @@ -171,13 +173,15 @@ namespace SKIT.FlurlHttpClient.Wechat.Work /// 微信回调通知中的 "msg_signature" 查询参数。 /// /// - public static bool VerifyEventSignatureForEcho(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookEcho, string webhookSignature, out string? replyEcho) + public static ErroredResult VerifyEventSignatureForEcho(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookEcho, string webhookSignature, out string? replyEcho) { if (client is null) throw new ArgumentNullException(nameof(client)); + ErroredResult result; + try { - bool ret = Utilities.WxMsgCryptor.VerifySignature( + bool valid = Utilities.WxMsgCryptor.VerifySignature( sToken: client.Credentials.PushToken!, sTimestamp: webhookTimestamp, sNonce: webhookNonce, @@ -185,16 +189,24 @@ namespace SKIT.FlurlHttpClient.Wechat.Work sMsgSign: webhookSignature ); - if (ret) + if (valid) { replyEcho = Utilities.WxMsgCryptor.AESDecrypt(cipherText: webhookEcho, encodingAESKey: client.Credentials.PushEncodingAESKey!, out _); - return true; + result = ErroredResult.Ok(); + } + else + { + replyEcho = null; + result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature.")); } } - catch { } + catch (Exception ex) + { + replyEcho = null; + result = ErroredResult.Fail(ex); + } - replyEcho = null; - return false; + return result; } /// @@ -209,25 +221,34 @@ namespace SKIT.FlurlHttpClient.Wechat.Work /// 微信回调通知中请求正文(JSON 格式)。 /// 微信回调通知中的 "msg_signature" 查询参数。 /// - public static bool VerifyEventSignatureFromJson(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookJson, string webhookSignature) + public static ErroredResult VerifyEventSignatureFromJson(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookJson, string webhookSignature) { if (client is null) throw new ArgumentNullException(nameof(client)); + ErroredResult result; + try { - var encryptedEvent = client.JsonSerializer.Deserialize(webhookJson); - return Utilities.WxMsgCryptor.VerifySignature( + InnerEncryptedEvent encryptedEvent = client.JsonSerializer.Deserialize(webhookJson); + bool valid = Utilities.WxMsgCryptor.VerifySignature( sToken: client.Credentials.PushToken!, sTimestamp: webhookTimestamp, sNonce: webhookNonce, sMsgEncrypt: encryptedEvent.EncryptedData, sMsgSign: webhookSignature ); + + if (valid) + result = ErroredResult.Ok(); + else + result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature.")); } - catch + catch (Exception ex) { - return false; + result = ErroredResult.Fail(ex); } + + return result; } /// @@ -242,27 +263,36 @@ namespace SKIT.FlurlHttpClient.Wechat.Work /// 微信回调通知中请求正文(XML 格式)。 /// 微信回调通知中的 "msg_signature" 查询参数。 /// - public static bool VerifyEventSignatureFromXml(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookXml, string webhookSignature) + public static ErroredResult VerifyEventSignatureFromXml(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookXml, string webhookSignature) { if (client is null) throw new ArgumentNullException(nameof(client)); + ErroredResult result; + try { XDocument xDoc = XDocument.Parse(webhookXml); string? msgEncrypt = xDoc.Root?.Element("Encrypt")?.Value; - return Utilities.WxMsgCryptor.VerifySignature( + bool valid = Utilities.WxMsgCryptor.VerifySignature( sToken: client.Credentials.PushToken!, sTimestamp: webhookTimestamp, sNonce: webhookNonce, sMsgEncrypt: msgEncrypt!, sMsgSign: webhookSignature ); + + if (valid) + result = ErroredResult.Ok(); + else + result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature.")); } - catch + catch (Exception ex) { - return false; + result = ErroredResult.Fail(ex); } + + return result; } }