Patrick Peng Sun
преди 8 години
променени са 1 файла, в които са добавени 23 реда и са изтрити 0 реда
+ 23
- 0
server.go
Целия файл
| "net/url" | "net/url" | ||||
| "os" | "os" | ||||
| "sort" | "sort" | ||||
| "strconv" | |||||
| "strings" | "strings" | ||||
| "time" | |||||
| ) | ) | ||||
| //apiV1Main version 1 main entry for all wechat callbacks | //apiV1Main version 1 main entry for all wechat callbacks | ||||
| } | } | ||||
| func verifySignature(signature, timestamp, nonce, token string) bool { | func verifySignature(signature, timestamp, nonce, token string) bool { | ||||
| if timestampTooOldStr(timestamp) { | |||||
| return false | |||||
| } | |||||
| //sort token, timestamp, nonce and join them | //sort token, timestamp, nonce and join them | ||||
| strs := []string{token, timestamp, nonce} | strs := []string{token, timestamp, nonce} | ||||
| sort.Strings(strs) | sort.Strings(strs) | ||||
| return signature == calculated | return signature == calculated | ||||
| } | } | ||||
| func timestampTooOldStr(timestamp string) bool { | |||||
| ts, err := strconv.Atoi(timestamp) | |||||
| if err != nil { | |||||
| return true | |||||
| } | |||||
| return timestampTooOld(int32(ts)) | |||||
| } | |||||
| func timestampTooOld(ts int32) bool { | |||||
| //diff > 3min from now | |||||
| now := int32(time.Now().Unix()) | |||||
| diff := now - ts | |||||
| if diff < 0 { | |||||
| diff = -diff | |||||
| } | |||||
| return diff > 180 //3 minutes, 180 seconds | |||||
| } | |||||
| // func checkSignature1() bool { | // func checkSignature1() bool { | ||||
| // s1 := "e39de9f2e28079c01ebb4b803dfc3442b819545c" | // s1 := "e39de9f2e28079c01ebb4b803dfc3442b819545c" | ||||
| // t1 := "1492970761" | // t1 := "1492970761" |
Loading…