From c6a38ae7dd63aaaff159f8ece1c7ec8788a6acdf Mon Sep 17 00:00:00 2001 From: je45 <23151789+je45@users.noreply.github.com> Date: Fri, 29 Nov 2024 16:29:37 +0800 Subject: [PATCH] =?UTF-8?q?:art:=20#3288=E3=80=90=E5=BE=AE=E4=BF=A1?= =?UTF-8?q?=E6=94=AF=E4=BB=98=E3=80=91=E4=BF=AE=E5=A4=8D=E7=94=B1=E4=BA=8E?= =?UTF-8?q?=E5=BE=AE=E4=BF=A1=E7=AD=BE=E5=90=8D=E6=8E=A2=E6=B5=8B=E5=AF=BC?= =?UTF-8?q?=E8=87=B4=E7=9A=84=E9=AA=8C=E7=AD=BE=E9=94=99=E8=AF=AF=E7=9A=84?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../wxpay/exception/WxSignTestException.java | 31 +++++++++++++++++++ .../service/impl/BaseWxPayServiceImpl.java | 7 ++++- .../service/impl/PayScoreServiceImpl.java | 7 ++++- 3 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 weixin-java-pay/src/main/java/com/github/binarywang/wxpay/exception/WxSignTestException.java diff --git a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/exception/WxSignTestException.java b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/exception/WxSignTestException.java new file mode 100644 index 000000000..97a0182ad --- /dev/null +++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/exception/WxSignTestException.java @@ -0,0 +1,31 @@ +package com.github.binarywang.wxpay.exception; + +/** + * 
+ *   微信支付签名探测异常类
+ *
+ * @author je45 + * @date 2024/11/27 9:35 + */ +public class WxSignTestException extends WxPayException { + private static final long serialVersionUID = -303371909244098058L; + + /** + * Instantiates a new Wx pay exception. + * + * @param customErrorMsg the custom error msg + */ + public WxSignTestException(String customErrorMsg) { + super(customErrorMsg); + } + + /** + * Instantiates a new Wx pay exception. + * + * @param customErrorMsg the custom error msg + * @param tr the tr + */ + public WxSignTestException(String customErrorMsg, Throwable tr) { + super(customErrorMsg, tr); + } +} diff --git a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java index 851040dd1..c9fc1e7bd 100644 --- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java +++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java @@ -17,6 +17,7 @@ import com.github.binarywang.wxpay.constant.WxPayConstants; import com.github.binarywang.wxpay.constant.WxPayConstants.SignType; import com.github.binarywang.wxpay.constant.WxPayConstants.TradeType; import com.github.binarywang.wxpay.exception.WxPayException; +import com.github.binarywang.wxpay.exception.WxSignTestException; import com.github.binarywang.wxpay.service.*; import com.github.binarywang.wxpay.util.SignUtils; import com.github.binarywang.wxpay.util.XmlConfig; @@ -343,7 +344,11 @@ public abstract class BaseWxPayServiceImpl implements WxPayService { * @param data 通知数据 * @return true:校验通过 false:校验不通过 */ - private boolean verifyNotifySign(SignatureHeader header, String data) { + private boolean verifyNotifySign(SignatureHeader header, String data) throws WxSignTestException { + String wxPaySign = header.getSignature(); + if(wxPaySign.startsWith("WECHATPAY/SIGNTEST/")){ + throw new WxSignTestException("微信支付签名探测流量"); + } String beforeSign = String.format("%s\n%s\n%s\n", header.getTimeStamp(), header.getNonce(), diff --git a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/PayScoreServiceImpl.java b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/PayScoreServiceImpl.java index ed36bd7f0..249cfa3f5 100644 --- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/PayScoreServiceImpl.java +++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/PayScoreServiceImpl.java @@ -7,6 +7,7 @@ import com.github.binarywang.wxpay.bean.payscore.WxPayScoreRequest; import com.github.binarywang.wxpay.bean.payscore.WxPayScoreResult; import com.github.binarywang.wxpay.config.WxPayConfig; import com.github.binarywang.wxpay.exception.WxPayException; +import com.github.binarywang.wxpay.exception.WxSignTestException; import com.github.binarywang.wxpay.service.PayScoreService; import com.github.binarywang.wxpay.service.WxPayService; import com.github.binarywang.wxpay.v3.util.AesUtils; @@ -327,7 +328,11 @@ public class PayScoreServiceImpl implements PayScoreService { * @param data 通知数据 * @return true:校验通过 false:校验不通过 */ - private boolean verifyNotifySign(SignatureHeader header, String data) { + private boolean verifyNotifySign(SignatureHeader header, String data) throws WxSignTestException { + String wxPaySign = header.getSigned(); + if(wxPaySign.startsWith("WECHATPAY/SIGNTEST/")){ + throw new WxSignTestException("微信支付签名探测流量"); + } String beforeSign = String.format("%s\n%s\n%s\n", header.getTimeStamp(), header.getNonce(), data); return payService.getConfig().getVerifier().verify(header.getSerialNo(), beforeSign.getBytes(StandardCharsets.UTF_8), header.getSigned());