lsm/DotNetCore.SKIT.FlurlHttpClient.Wechat
1
0
Fork 0
mirror of https://gitee.com/fudiwei/DotNetCore.SKIT.FlurlHttpClient.Wechat.git synced 2025-04-05 17:37:54 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(wxapi): 新增验证微信回调通知事件签名的扩展方法

Browse Source
This commit is contained in:
Fu Diwei 2021-08-02 16:15:00 +08:00
parent 74b2f618c5
commit f35ed2abf3
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/SKIT.FlurlHttpClient.Wechat.Api/Extensions/WechatApiClientEventVerificationExtensions.cs Normal file
View File

@ -0,0 +1,40 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Reflection;
using System.Text;
using System.Text.RegularExpressions;
namespace SKIT.FlurlHttpClient.Wechat.Api
{
/// <summary>
/// 为 <see cref="WechatApiClient"/> 提供回调通知事件验证的扩展方法。
/// </summary>
public static class WechatApiClientEventVerificationExtensions
{
/// <summary>
/// <para>验证回调通知事件签名。</para>
/// <para>REF: https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html </para>
/// </summary>
/// <param name="client"></param>
/// <param name="callbackTimestamp">微信回调通知中的 timestamp 字段。</param>
/// <param name="callbackNonce">微信回调通知中的 nonce 字段。</param>
/// <param name="callbackSignature">微信回调通知中的 signature 字段。</param>
/// <returns></returns>
public static bool VerifyEventSignature(
this WechatApiClient client,
string callbackTimestamp,
string callbackNonce,
string callbackSignature)
{
if (client == null) throw new ArgumentNullException(nameof(client));
if (callbackTimestamp == null) throw new ArgumentNullException(nameof(callbackTimestamp));
if (callbackNonce == null) throw new ArgumentNullException(nameof(callbackNonce));
if (callbackSignature == null) throw new ArgumentNullException(nameof(callbackSignature));
ISet<string> set = new SortedSet<string>() { client.Credentials.PushToken!, callbackTimestamp, callbackNonce };
string sign = Security.SHA1Utility.Hash(string.Concat(set));
return string.Equals(sign, callbackSignature, StringComparison.InvariantCultureIgnoreCase);
}
}
}