using Aop.Api.Domain; using ApiTools.Core; using Furion.DataEncryption; using Furion.DynamicApiController; using Furion.FriendlyException; using MediatR; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; using Newtonsoft.Json; using Org.BouncyCastle.Ocsp; using System.Buffers.Binary; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; namespace ApiTools.Web.Entry.Controllers { [Route("api/common/wxmp")] public class WxmpController( WxmpUtils utils, IOptions options, IMediator mediator ) : ControllerBase { private readonly WxmpUtils utils = utils; private readonly IOptions options = options; private readonly IMediator mediator = mediator; [HttpGet("subscribMessageNotify/{code}")] [AllowAnonymous] [NonUnify] public IActionResult SubscribMessageNotify([FromRoute] string code, [FromQuery] WxmpSubscribMessageNotifyRequestQuery query) { var @params = new[] { options.Value.SubscribMessage.Token, query.timestamp, query.nonce } .OrderBy(p => p) .ToArray(); var text = string.Concat(@params); if (SHA1Encryption.Compare(text, query.signature, true)) { return Content(query.echostr); } else { return Unauthorized("验签失败"); } } [HttpPost("subscribMessageNotify/{code}")] [AllowAnonymous] [NonUnify] public async Task SubscribMessageNotify([FromRoute] string code, [FromQuery] WxmpSubscribMessageNotifyRequestQuery query, [FromBody] WxmpSubscribMessageNotifyRequestBody body) { var appId = options.Value.Items.FirstOrDefault(it => it.Code == code).AppId; Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(options.Value.SubscribMessage.Token, options.Value.SubscribMessage.EncodingAESKey, appId); var data = $""; var content = ""; var error = wxcpt.DecryptMsg(query.msg_signature, query.timestamp, query.nonce, data, ref content); if (error != 0) return Unauthorized("验签失败"); var command = content.JsonTo(); command.Code = code; command.OpenId = query.openid; await mediator.Send(command); return Content("success"); } } }