Patrick
/
wechat_hitxy
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
175 Commits
1 Branch
9.4MB
Struktur: 3ec2a2bd8e
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „3ec2a2bd8e“
${ noResults }
wechat_hitxy/server.go

288 Zeilen
7.3KB
Originalformat Blame Verlauf 

  1. package main

  2. 

  3. import (

  4. 	"crypto/sha1"

  5. 	"fmt"

  6. 	"io"

  7. 	"io/ioutil"

  8. 	"log"

  9. 	"net/http"

  10. 	"net/http/httputil"

  11. 	"net/url"

  12. 	"os"

  13. 	"reflect"

  14. 	"sort"

  15. 	"strings"

  16. 	"time"

  17. )

  18. 

  19. //apiV1Main  version 1 main entry for all wechat callbacks

  20. //

  21. func apiV1Main(w http.ResponseWriter, r *http.Request) {

  22. 	logRequestDebug(httputil.DumpRequest(r, true))

  23. 	if checkSignature(r) == false {

  24. 		log.Println("signature of URL incorrect")

  25. 		w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  26. 		w.WriteHeader(http.StatusUnauthorized)

  27. 		fmt.Fprintf(w, "") //empty string

  28. 		return

  29. 	}

  30. 

  31. 	switch r.Method {

  32. 	case "POST":

  33. 		//answerWechatPostEcho(w, r)

  34. 		answerWechatPost(w, r)

  35. 	case "GET":

  36. 		answerInitialAuth(w, r)

  37. 	default:

  38. 		log.Println(fmt.Sprintf("FATAL: Unhandled HTTP %s", r.Method))

  39. 		response404Handler(w)

  40. 		//fmt.Fprintf(w, "Protocol Error: Expect GET or POST only")

  41. 	}

  42. }

  43. 

  44. //

  45. //answerInitialAuth,  when wechat first verify our URL for API hooks

  46. //

  47. func answerInitialAuth(w http.ResponseWriter, r *http.Request) {

  48. 	rq := r.URL.RawQuery

  49. 	m, _ := url.ParseQuery(rq)

  50. 

  51. 	echostr, eok := m["echostr"]

  52. 	if checkSignature(r) && eok {

  53. 		fmt.Fprintf(w, echostr[0])

  54. 	} else {

  55. 		fmt.Fprintf(w, "wtf is wrong with the Internet")

  56. 	}

  57. }

  58. 

  59. //

  60. //InWechatMsg  what we received currently from wechat

  61. type InWechatMsg struct {

  62. 	header CommonHeader

  63. 	body   interface{} //dynamic type

  64. }

  65. 

  66. //

  67. //answerWechatPost  distribute PostRequest according to xml body info

  68. func answerWechatPost(w http.ResponseWriter, r *http.Request) {

  69. 	in, valid := readWechatInput(r)

  70. 	//reply := "" //nothing

  71. 	if !valid {

  72. 		log.Println("Error:  Invalid Input ")

  73. 	}

  74. 	openID := in.header.FromUserName

  75. 	if openID == "" {

  76. 		log.Println("nothing")

  77. 	}

  78. 	time.Sleep(5 * time.Second)

  79. 	v := reflect.ValueOf(answerWechatPost)

  80. 	log.Printf("Current Pointer: %d", v.Pointer())

  81. 	//debug.PrintStack()

  82. 

  83. 	//load session into memory

  84. 	// session := startSession(openID, in, w, r) //who , input what?

  85. 	// session.ProcessInput()

  86. 	// //put session back to disk

  87. 	// session.Save()

  88. }

  89. 

  90. // func (session) ProcessInput(w, r) {

  91. // 	//are we in an existing procedure

  92. // 	inProc, state := isInProc(openID) //if inside a procedure, resume last saved state

  93. // 	if inProc {

  94. // 		state = serveProc(state, in) //transit to new state

  95. // 		reply = state.response       //xml response

  96. // 	} else {

  97. // 		state, processed := serveCommand(openID, in) //menu or txt command e.g. search

  98. // 		if !processed {                              // transfer to Customer Service (kf)

  99. // 			reply = buildKfForwardMsg(openID, "")

  100. // 			kfSendTxt(openID, "未识别的命令,已转接校友会理事会,稍后答复您")

  101. // 		} else {

  102. // 			reply = state.response

  103. // 		}

  104. // 	}

  105. // 	log.Println(reply) //instant reply, answering user's request

  106. // 	w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  107. // 	fmt.Fprint(w, reply)

  108. 

  109. // 	if !isEndingState(state) {

  110. // 		err := saveChatState(openID, state.Procedure, state)

  111. // 		if err != nil {

  112. // 			log.Println("Error Cannot Save chat sate")

  113. // 			log.Println(err)

  114. // 			log.Println(state)

  115. // 		}

  116. // 	} else { //state ending

  117. // 		cleanProcedure(openID, state.Procedure)

  118. // 	}

  119. // 	return

  120. // }

  121. 

  122. func readWechatInput(r *http.Request) (result InWechatMsg, valid bool) {

  123. 	body, err := ioutil.ReadAll(r.Body)

  124. 	if err != nil {

  125. 		log.Println(err)

  126. 		valid = false

  127. 		return

  128. 	}

  129. 	d := decryptToXML(string(body))

  130. 	if d == "" {

  131. 		log.Println("Cannot decode Message : \r\n" + string(body))

  132. 		valid = false

  133. 		return

  134. 	}

  135. 	valid = true

  136. 	fmt.Printf("decrypt as: %s\n", d)

  137. 	result.header = ReadCommonHeader(d)

  138. 	switch result.header.MsgType {

  139. 	case "text":

  140. 		result.body = ReadTextMsg(d)

  141. 	case "image":

  142. 		result.body = ReadPicMsg(d)

  143. 	case "voice":

  144. 		result.body = ReadVoiceMsg(d)

  145. 	case "video":

  146. 		result.body = ReadVideoMsg(d)

  147. 	case "shortvideo":

  148. 		result.body = ReadShortVideoMsg(d)

  149. 	case "location":

  150. 		result.body = ReadLocationMsg(d)

  151. 	case "link":

  152. 		result.body = ReadLinkMsg(d)

  153. 	case "event":

  154. 		result.body = ReadEventMsg(d)

  155. 	default:

  156. 		log.Println("Fatal: unknown incoming message type" + result.header.MsgType)

  157. 		valid = false

  158. 	}

  159. 	return

  160. }

  161. 

  162. func answerWechatPostEcho(w http.ResponseWriter, r *http.Request) {

  163. 	body, _ := ioutil.ReadAll(r.Body)

  164. 	//fmt.Printf("get body: %s", string(body))

  165. 	s := ReadEncryptedMsg(string(body))

  166. 	//fmt.Printf("to decrypt %s", s.Encrypt)

  167. 	d := Decode(s.Encrypt)

  168. 	fmt.Printf("echo as: \r\n%s", d)

  169. 

  170. 	e := strings.Replace(d, "ToUserName", "FDDD20170506xyzunique", 2)

  171. 	f := strings.Replace(e, "FromUserName", "ToUserName", 2)

  172. 	g := strings.Replace(f, "FDDD20170506xyzunique", "FromUserName", 2)

  173. 	fmt.Fprint(w, g)

  174. }

  175. 

  176. //

  177. func checkSignature(r *http.Request) bool {

  178. 	rq := r.URL.RawQuery

  179. 	m, _ := url.ParseQuery(rq)

  180. 

  181. 	signature, sok := m["signature"]

  182. 	timestamp, tok := m["timestamp"]

  183. 	nonce, nok := m["nonce"]

  184. 	token := APIConfig.Token

  185. 	if sok && tok && nok {

  186. 		//sort token, timestamp, nonce  and join them

  187. 		strs := []string{token, timestamp[0], nonce[0]}

  188. 		sort.Strings(strs)

  189. 		s := strings.Join(strs, "")

  190. 

  191. 		//calculate sha1

  192. 		h := sha1.New()

  193. 		h.Write([]byte(s))

  194. 		calculated := fmt.Sprintf("%x", h.Sum(nil))

  195. 		return signature[0] == calculated

  196. 	}

  197. 	return false

  198. }

  199. 

  200. func checkSignature1() bool {

  201. 	s1 := "e39de9f2e28079c01ebb4b803dfc3442b819545c"

  202. 	t1 := "1492970761"

  203. 	n1 := "1850971833"

  204. 	token := APIConfig.Token

  205. 

  206. 	strs := []string{token, t1, n1}

  207. 	sort.Strings(strs)

  208. 	s := strings.Join(strs, "")

  209. 

  210. 	h := sha1.New()

  211. 	h.Write([]byte(s))

  212. 	us := fmt.Sprintf("%x", h.Sum(nil))

  213. 	return s1 == us

  214. }

  215. 

  216. //webrootHandler sending contents to client when request "/"

  217. //      essentially to prove the webserver is still alive

  218. //      echo query string to the client

  219. func webrootHandler(w http.ResponseWriter, r *http.Request) {

  220. 	fmt.Fprintf(w, "Hi there, I love %s!", r.URL.Path[1:])

  221. 	rq := r.URL.RawQuery

  222. 	m, _ := url.ParseQuery(rq)

  223. 	for index, element := range m {

  224. 		fmt.Fprintf(w, "\n%s => %s", index, element)

  225. 	}

  226. 	logRequestDebug(httputil.DumpRequest(r, true))

  227. 

  228. }

  229. 

  230. func logRequestDebug(data []byte, err error) {

  231. 	if err == nil {

  232. 		fmt.Printf("%s\n\n", string(data))

  233. 	} else {

  234. 		log.Fatalf("%s\n\n", err)

  235. 	}

  236. }

  237. 

  238. //save uploaded 'file' into temporary location

  239. func uploadHandler(w http.ResponseWriter, r *http.Request) {

  240. 	r.ParseMultipartForm(32 << 20)           //32MB memory

  241. 	file, handler, err := r.FormFile("file") //form-field 'file'

  242. 	if err != nil {

  243. 		fmt.Println(err)

  244. 		return

  245. 	}

  246. 	defer file.Close()

  247. 	fmt.Fprintf(w, "%v", handler.Header)

  248. 	f, err := os.OpenFile("/tmp/wechat_hitxy_"+handler.Filename, os.O_WRONLY|os.O_CREATE, 0666)

  249. 	if err != nil {

  250. 		fmt.Println(err)

  251. 		return

  252. 	}

  253. 	defer f.Close()

  254. 	io.Copy(f, file)

  255. }

  256. 

  257. //when user requst an attachment from our server, we get the file from CRM server and reply it back

  258. //in this way, user has no 'direct-access' to the CRM server.

  259. func crmAttachmentHandler(w http.ResponseWriter, r *http.Request) {

  260. 	fileID := getCrmFileID(r.URL.Path)

  261. 	saveAs := GlobalPath.CRMAttachment + "crm_attach_" + fileID //add prefix for easy deleting

  262. 	if isFileExist(saveAs) {

  263. 		http.ServeFile(w, r, saveAs)

  264. 		return

  265. 	}

  266. 	if fileID == "" {

  267. 		log.Println("invalid fileID")

  268. 		response404Handler(w)

  269. 		return

  270. 	}

  271. 	log.Printf("download %s => %s", fileID, saveAs)

  272. 	crmDownloadAttachmentAs(fileID, saveAs)

  273. 	if !isFileExist(saveAs) {

  274. 		response404Handler(w)

  275. 		return

  276. 	}

  277. 	http.ServeFile(w, r, saveAs)

  278. }

  279. 

  280. func getCrmFileID(urlPath string) string {

  281. 	return strings.TrimPrefix(urlPath, "/crmfiles/")

  282. }

  283. 

  284. func response404Handler(w http.ResponseWriter) {

  285. 	w.WriteHeader(http.StatusNotFound)

  286. 	fmt.Fprintf(w, "not found")

  287. }