Exemplo n.º 1
0
        /// <summary>
        /// 将返回的结果中的ciphertext进行AEAD_AES_256_GCM解反序列化为实体
        /// 签名规则见微信官方文档 https://pay.weixin.qq.com/wiki/doc/apiv3/apis/chapter3_1_5.shtml
        /// </summary>
        /// <param name="aes_key">这里需要传入apiv3秘钥进行AEAD_AES_256_GCM解密 可空</param>
        /// <param name="nonce">加密的随机串 可空</param>
        /// <param name="associated_data">附加数据包 可空</param>
        /// <returns></returns>
        // TODO: 本方法持续测试
        public async Task <T> AesGcmDecryptGetObjectAsync <T>(string aes_key = null, string nonce = null, string associated_data = null) where T : ReturnJsonBase, new()
        {
            aes_key ??= _tenpayV3Setting.TenPayV3_APIv3Key;
            nonce ??= NotifyRequest.resource.nonce;
            associated_data ??= NotifyRequest.resource.associated_data;

            var decrypted_string = SecurityHelper.AesGcmDecryptCiphertext(aes_key, nonce, associated_data, NotifyRequest.resource.ciphertext);

            T result = decrypted_string.GetObject <T>();

            //验证请求签名
            var wechatpayTimestamp = _httpContext.Request.Headers?["Wechatpay-Timestamp"];
            var wechatpayNonce     = _httpContext.Request.Headers?["Wechatpay-Nonce"];
            var wechatpaySignature = _httpContext.Request.Headers?["Wechatpay-Signature"];
            var wechatpaySerial    = _httpContext.Request.Headers?["Wechatpay-Serial"];

            result.VerifySignSuccess = await TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, Body, wechatpaySerial, this._tenpayV3Setting);

            result.ResultCode = new TenPayApiResultCode($"{_httpContext.Response.StatusCode} / {_httpContext.Request.Method}", "", "", "", result.VerifySignSuccess == true);

            return(result);
        }
Exemplo n.º 2
0
        /// <summary>
        /// 请求参数,获取结果
        /// </summary>
        /// <typeparam name="T"></typeparam>
        /// <param name="url"></param>
        /// <param name="data">如果为 GET 请求,此参数可为 null</param>
        /// <returns></returns>
        public async Task <T> RequestAsync <T>(string url, object data, int timeOut = Config.TIME_OUT, ApiRequestMethod requestMethod = ApiRequestMethod.POST, bool checkSign = true, Func <T> createDefaultInstance = null)
            where T : ReturnJsonBase/*, new()*/
        {
            T result = null;

            try
            {
                HttpResponseMessage responseMessage = await GetHttpResponseMessageAsync(url, data, timeOut, requestMethod);

                //获取响应结果
                string content = await responseMessage.Content.ReadAsStringAsync();//TODO:如果不正确也要返回详情

                //检查响应代码
                TenPayApiResultCode resutlCode = TenPayApiResultCode.TryGetCode(responseMessage.StatusCode, content);

                if (resutlCode.Success)
                {
                    //TODO:待测试
                    //验证微信签名
                    //result.Signed = VerifyTenpaySign(responseMessage.Headers, content);
                    var wechatpayTimestamp       = responseMessage.Headers.GetValues("Wechatpay-Timestamp").First();
                    var wechatpayNonce           = responseMessage.Headers.GetValues("Wechatpay-Nonce").First();
                    var wechatpaySignatureBase64 = responseMessage.Headers.GetValues("Wechatpay-Signature").First();//后续需要base64解码
                    var wechatpaySerial          = responseMessage.Headers.GetValues("Wechatpay-Serial").First();

                    result = content.GetObject <T>();

                    if (checkSign)
                    {
                        try
                        {
                            var pubKey = await TenPayV3InfoCollection.GetAPIv3PublicKeyAsync(this._tenpayV3Setting, wechatpaySerial);

                            result.VerifySignSuccess = TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignatureBase64, content, pubKey);
                        }
                        catch (Exception ex)
                        {
                            throw new TenpayApiRequestException("RequestAsync 签名验证失败:" + ex.Message, ex);
                        }
                    }
                }
                else
                {
                    result = createDefaultInstance?.Invoke() ?? GetInstance <T>(true);
                    resutlCode.Additional = content;
                }
                //T result = resutlCode.Success ? (await responseMessage.Content.ReadAsStringAsync()).GetObject<T>() : new T();
                result.ResultCode = resutlCode;

                return(result);
            }
            catch (Exception ex)
            {
                SenparcTrace.BaseExceptionLog(ex);
                result = createDefaultInstance?.Invoke() ?? GetInstance <T>(false);
                if (result != null)
                {
                    result.ResultCode = new() { ErrorMessage = ex.Message };
                }

                return(result);
            }
        }