From f35ed2abf368ab524f6c8c2fe2b5b648be22b530 Mon Sep 17 00:00:00 2001
From: Fu Diwei <fudiwei@sina.com>
Date: Mon, 2 Aug 2021 16:15:00 +0800
Subject: [PATCH] =?UTF-8?q?feat(wxapi):=20=E6=96=B0=E5=A2=9E=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81=E5=BE=AE=E4=BF=A1=E5=9B=9E=E8=B0=83=E9=80=9A=E7=9F=A5?=
 =?UTF-8?q?=E4=BA=8B=E4=BB=B6=E7=AD=BE=E5=90=8D=E7=9A=84=E6=89=A9=E5=B1=95?=
 =?UTF-8?q?=E6=96=B9=E6=B3=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...hatApiClientEventVerificationExtensions.cs | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 src/SKIT.FlurlHttpClient.Wechat.Api/Extensions/WechatApiClientEventVerificationExtensions.cs

diff --git a/src/SKIT.FlurlHttpClient.Wechat.Api/Extensions/WechatApiClientEventVerificationExtensions.cs b/src/SKIT.FlurlHttpClient.Wechat.Api/Extensions/WechatApiClientEventVerificationExtensions.cs
new file mode 100644
index 00000000..c2403cdf
--- /dev/null
+++ b/src/SKIT.FlurlHttpClient.Wechat.Api/Extensions/WechatApiClientEventVerificationExtensions.cs
@@ -0,0 +1,40 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Reflection;
+using System.Text;
+using System.Text.RegularExpressions;
+
+namespace SKIT.FlurlHttpClient.Wechat.Api
+{
+    /// <summary>
+    /// 为 <see cref="WechatApiClient"/> 提供回调通知事件验证的扩展方法。
+    /// </summary>
+    public static class WechatApiClientEventVerificationExtensions
+    {
+        /// <summary>
+        /// <para>验证回调通知事件签名。</para>
+        /// <para>REF: https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html </para>
+        /// </summary>
+        /// <param name="client"></param>
+        /// <param name="callbackTimestamp">微信回调通知中的 timestamp 字段。</param>
+        /// <param name="callbackNonce">微信回调通知中的 nonce 字段。</param>
+        /// <param name="callbackSignature">微信回调通知中的 signature 字段。</param>
+        /// <returns></returns>
+        public static bool VerifyEventSignature(
+            this WechatApiClient client,
+            string callbackTimestamp,
+            string callbackNonce,
+            string callbackSignature)
+        {
+            if (client == null) throw new ArgumentNullException(nameof(client));
+            if (callbackTimestamp == null) throw new ArgumentNullException(nameof(callbackTimestamp));
+            if (callbackNonce == null) throw new ArgumentNullException(nameof(callbackNonce));
+            if (callbackSignature == null) throw new ArgumentNullException(nameof(callbackSignature));
+
+            ISet<string> set = new SortedSet<string>() { client.Credentials.PushToken!, callbackTimestamp, callbackNonce };
+            string sign = Security.SHA1Utility.Hash(string.Concat(set));
+            return string.Equals(sign, callbackSignature, StringComparison.InvariantCultureIgnoreCase);
+        }
+    }
+}