public ActionResult CheckWxOpenSignature(string code, string rawData, string signature)
{
try
{
var jsonResult = SnsApi.JsCode2Json(WxOpenAppId, WxOpenAppSecret, code);
var checkSuccess = EncryptHelper.CheckSignature(code, rawData, signature);
return(Json(new { success = checkSuccess, msg = checkSuccess ? "签名校验成功" : "签名校验失败" }));
}
catch (Exception ex)
{
return(Json(new { success = false, msg = ex.Message }));
}
}
public async Task <IActionResult> OnLogin(WxLoginRequest req)
{
var appId = _wxSettings.AppID;
var appSecret = _wxSettings.AppSecret;
string urlFormat = "/sns/jscode2session?appid={0}&secret={1}&js_code={2}&grant_type={3}";
var url = string.Format(urlFormat, appId, appSecret, req.code, "authorization_code");
var request = new HttpRequestMessage(HttpMethod.Get, url);
var client = _clientFactory.CreateClient("wx");
var response = await client.SendAsync(request);
if (!response.IsSuccessStatusCode)
{
DoLog($"{url}未响应", ActionLogTypesEnum.Exception);
return(BadRequest("系统繁忙"));
}
var json = response.Content.ReadAsStringAsync().Result;
var res = JsonConvert.DeserializeObject <JsCode2JsonResult>(json);
if (res.errcode != 0)
{
return(BadRequest(res.errcodeName));
}
var sessionKey = res.session_key;
if (!EncryptHelper.CheckSignature(sessionKey, req.rawData, req.signature))
{
return(BadRequest("签名校验失败"));
}
var openId = res.openid;
var user = CreateVM <LoginVM>().DoLogin(openId);
if (user != null)
{
var token = CreateJwtToken(user);
return(Ok(token));
}
var decodedUser = EncryptHelper.DecodeUserInfoBySessionKey(sessionKey, req.encryptedData, req.iv);
if (decodedUser != null && decodedUser.CheckWatermark(appId))
{
var wxUser = CreateVM <LoginVM>().DoAdd(decodedUser);
var token = CreateJwtToken(wxUser);
return(Ok(token));
}
return(BadRequest("水印验证不通过"));
}
public void CheckSignatureTest()
{
//储存Session
var sessionId = "7f3f7489cb904d20bd4b5e9443f1bcab";
var rawData = "{\"nickName\":\"苏震巍\",\"gender\":1,\"language\":\"zh_CN\",\"city\":\"Suzhou\",\"province\":\"Jiangsu\",\"country\":\"CN\",\"avatarUrl\":\"http://wx.qlogo.cn/mmopen/vi_32/PiajxSqBRaEKXyjX4N6I5Vx1aeiaBeJ2iaTLy15n0HgvjNbWEpKA3ZbdgXkOhWK7OH8iar3iaLxsZia5Ha4DnRPlMerw/0\"}";
var sessionKey = "lEIWEBVlmAj/Ng0t54iahA==";
var unionId = "";
SessionContainer.UpdateSession(sessionId, "openId", sessionKey, unionId);
var sessionBag = SessionContainer.GetSession(sessionId);
Assert.IsNotNull(sessionBag);
Assert.AreEqual(sessionKey, sessionBag.SessionKey);
var compareSignature = "1149a88c75125de3146040c90d7bcc4b2a564a34";
var result = EncryptHelper.CheckSignature(sessionId, rawData, compareSignature);
Assert.IsTrue(result);
}
public object Do_CheckSignature(object param)
{
CheckSignatureParam checkSignatureParam = JsonConvert.DeserializeObject <CheckSignatureParam>(param.ToString());
if (checkSignatureParam == null)
{
throw new ApiException(CodeMessage.InvalidParam, "InvalidParam");
}
var checkSuccess = EncryptHelper.CheckSignature(checkSignatureParam.token, checkSignatureParam.rawData, checkSignatureParam.signature);
if (checkSuccess)
{
return(new { check = checkSuccess });
}
else
{
throw new ApiException(CodeMessage.SenparcCode, "校验失败");
}
}
public async Task <IActionResult> CheckWxOpenSignature([FromBody] JObject param)
{
if (!await _authorizationService.AuthorizeAsync(User, MiniProgramPermission.WeCharMiniProgramAccess))
{
return(Unauthorized(new { success = false, msg = "未授权访问" }));
}
try
{
var sessionBag = await SessionContainer.GetSessionAsync(param["sessionId"].Value <string>());
if (sessionBag == null)
{
return(Json(new { success = false, msg = "请先登录!" }));
}
var checkSuccess = EncryptHelper.CheckSignature(sessionBag.Key, param["rawData"].Value <string>(), param["signature"].Value <string>());
return(Json(new { success = checkSuccess, msg = checkSuccess ? "签名校验成功" : "签名校验失败" }));
}
catch (Exception ex)
{
return(Json(new { success = false, msg = ex.Message }));
}
}
