mirror of
https://gitee.com/fudiwei/DotNetCore.SKIT.FlurlHttpClient.Wechat.git
synced 2025-09-18 17:48:12 +08:00
feat(work): 基于 ErroredResult 改造验签相关扩展方法
This commit is contained in:
Fu Diwei
@@ -3,6 +3,8 @@ using System.Xml.Linq;
|
|||||||
|
|
||||||
namespace SKIT.FlurlHttpClient.Wechat.Work
|
namespace SKIT.FlurlHttpClient.Wechat.Work
|
||||||
{
|
{
|
||||||
|
using SKIT.FlurlHttpClient.Primitives;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// 为 <see cref="WechatWorkClient"/> 提供回调通知事件的扩展方法。
|
/// 为 <see cref="WechatWorkClient"/> 提供回调通知事件的扩展方法。
|
||||||
/// </summary>
|
/// </summary>
|
||||||
@@ -171,13 +173,15 @@ namespace SKIT.FlurlHttpClient.Wechat.Work
|
|||||||
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
||||||
/// <param name="replyEcho"></param>
|
/// <param name="replyEcho"></param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public static bool VerifyEventSignatureForEcho(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookEcho, string webhookSignature, out string? replyEcho)
|
public static ErroredResult VerifyEventSignatureForEcho(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookEcho, string webhookSignature, out string? replyEcho)
|
||||||
{
|
{
|
||||||
if (client is null) throw new ArgumentNullException(nameof(client));
|
if (client is null) throw new ArgumentNullException(nameof(client));
|
||||||
|
|
||||||
|
ErroredResult result;
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
bool ret = Utilities.WxMsgCryptor.VerifySignature(
|
bool valid = Utilities.WxMsgCryptor.VerifySignature(
|
||||||
sToken: client.Credentials.PushToken!,
|
sToken: client.Credentials.PushToken!,
|
||||||
sTimestamp: webhookTimestamp,
|
sTimestamp: webhookTimestamp,
|
||||||
sNonce: webhookNonce,
|
sNonce: webhookNonce,
|
||||||
@@ -185,16 +189,24 @@ namespace SKIT.FlurlHttpClient.Wechat.Work
|
|||||||
sMsgSign: webhookSignature
|
sMsgSign: webhookSignature
|
||||||
);
|
);
|
||||||
|
|
||||||
if (ret)
|
if (valid)
|
||||||
{
|
{
|
||||||
replyEcho = Utilities.WxMsgCryptor.AESDecrypt(cipherText: webhookEcho, encodingAESKey: client.Credentials.PushEncodingAESKey!, out _);
|
replyEcho = Utilities.WxMsgCryptor.AESDecrypt(cipherText: webhookEcho, encodingAESKey: client.Credentials.PushEncodingAESKey!, out _);
|
||||||
return true;
|
result = ErroredResult.Ok();
|
||||||
}
|
}
|
||||||
}
|
else
|
||||||
catch { }
|
{
|
||||||
|
|
||||||
replyEcho = null;
|
replyEcho = null;
|
||||||
return false;
|
result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature."));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
replyEcho = null;
|
||||||
|
result = ErroredResult.Fail(ex);
|
||||||
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@@ -209,25 +221,34 @@ namespace SKIT.FlurlHttpClient.Wechat.Work
|
|||||||
/// <param name="webhookJson">微信回调通知中请求正文(JSON 格式)。</param>
|
/// <param name="webhookJson">微信回调通知中请求正文(JSON 格式)。</param>
|
||||||
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public static bool VerifyEventSignatureFromJson(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookJson, string webhookSignature)
|
public static ErroredResult VerifyEventSignatureFromJson(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookJson, string webhookSignature)
|
||||||
{
|
{
|
||||||
if (client is null) throw new ArgumentNullException(nameof(client));
|
if (client is null) throw new ArgumentNullException(nameof(client));
|
||||||
|
|
||||||
|
ErroredResult result;
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
var encryptedEvent = client.JsonSerializer.Deserialize<InnerEncryptedEvent>(webhookJson);
|
InnerEncryptedEvent encryptedEvent = client.JsonSerializer.Deserialize<InnerEncryptedEvent>(webhookJson);
|
||||||
return Utilities.WxMsgCryptor.VerifySignature(
|
bool valid = Utilities.WxMsgCryptor.VerifySignature(
|
||||||
sToken: client.Credentials.PushToken!,
|
sToken: client.Credentials.PushToken!,
|
||||||
sTimestamp: webhookTimestamp,
|
sTimestamp: webhookTimestamp,
|
||||||
sNonce: webhookNonce,
|
sNonce: webhookNonce,
|
||||||
sMsgEncrypt: encryptedEvent.EncryptedData,
|
sMsgEncrypt: encryptedEvent.EncryptedData,
|
||||||
sMsgSign: webhookSignature
|
sMsgSign: webhookSignature
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if (valid)
|
||||||
|
result = ErroredResult.Ok();
|
||||||
|
else
|
||||||
|
result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature."));
|
||||||
}
|
}
|
||||||
catch
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
return false;
|
result = ErroredResult.Fail(ex);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@@ -242,27 +263,36 @@ namespace SKIT.FlurlHttpClient.Wechat.Work
|
|||||||
/// <param name="webhookXml">微信回调通知中请求正文(XML 格式)。</param>
|
/// <param name="webhookXml">微信回调通知中请求正文(XML 格式)。</param>
|
||||||
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
/// <param name="webhookSignature">微信回调通知中的 "msg_signature" 查询参数。</param>
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public static bool VerifyEventSignatureFromXml(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookXml, string webhookSignature)
|
public static ErroredResult VerifyEventSignatureFromXml(this WechatWorkClient client, string webhookTimestamp, string webhookNonce, string webhookXml, string webhookSignature)
|
||||||
{
|
{
|
||||||
if (client is null) throw new ArgumentNullException(nameof(client));
|
if (client is null) throw new ArgumentNullException(nameof(client));
|
||||||
|
|
||||||
|
ErroredResult result;
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
XDocument xDoc = XDocument.Parse(webhookXml);
|
XDocument xDoc = XDocument.Parse(webhookXml);
|
||||||
string? msgEncrypt = xDoc.Root?.Element("Encrypt")?.Value;
|
string? msgEncrypt = xDoc.Root?.Element("Encrypt")?.Value;
|
||||||
|
|
||||||
return Utilities.WxMsgCryptor.VerifySignature(
|
bool valid = Utilities.WxMsgCryptor.VerifySignature(
|
||||||
sToken: client.Credentials.PushToken!,
|
sToken: client.Credentials.PushToken!,
|
||||||
sTimestamp: webhookTimestamp,
|
sTimestamp: webhookTimestamp,
|
||||||
sNonce: webhookNonce,
|
sNonce: webhookNonce,
|
||||||
sMsgEncrypt: msgEncrypt!,
|
sMsgEncrypt: msgEncrypt!,
|
||||||
sMsgSign: webhookSignature
|
sMsgSign: webhookSignature
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if (valid)
|
||||||
|
result = ErroredResult.Ok();
|
||||||
|
else
|
||||||
|
result = ErroredResult.Fail(new Exception($"Signature does not match. Maybe \"{webhookSignature}\" is an illegal signature."));
|
||||||
}
|
}
|
||||||
catch
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
return false;
|
result = ErroredResult.Fail(ex);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user