Patrick
/
wechat_hitxy
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
430 Commits
1 Branch
9.4MB
Struktur: abd9bb4bf8
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „abd9bb4bf8“
${ noResults }
wechat_hitxy/crmpixel.go

260 Zeilen
6.3KB
Originalformat Blame Verlauf 

  1. package main

  2. 

  3. import (

  4. 	"encoding/base64"

  5. 	"encoding/json"

  6. 	"errors"

  7. 	"fmt"

  8. 	"log"

  9. 	"math/rand"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"strconv"

  13. 	"strings"

  14. 	"time"

  15. )

  16. 

  17. var cookLeadID = "biukop_cl"

  18. 

  19. func crmpixelImage() (pixel []byte, err error) {

  20. 	b64pixel := "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4QcIBzEJ3JY/6wAAAAh0RVh0Q29tbWVudAD2zJa/AAAADUlEQVQI12NgYGBgAAAABQABXvMqOgAAAABJRU5ErkJggg=="

  21. 	pixel, err = base64.StdEncoding.DecodeString(b64pixel)

  22. 	return

  23. }

  24. 

  25. func crmpixel(w http.ResponseWriter, r *http.Request) {

  26. 	cookie := crmpixelCookie(r)

  27. 	http.SetCookie(w, &cookie)

  28. 

  29. 	//send out pixel 1x1 transparent png file

  30. 	pixel, err := crmpixelImage()

  31. 	if err == nil {

  32. 		w.Write(pixel)

  33. 	} else {

  34. 		fmt.Fprint(w, "decodig pixel image wrong")

  35. 	}

  36. }

  37. 

  38. func crmpixelCookie(r *http.Request) (ret http.Cookie) {

  39. 	cookie, leadok := r.Cookie(cookLeadID) //crm lead

  40. 

  41. 	if leadok != nil {

  42. 		ret, _ = createNewCookie(r)

  43. 		return

  44. 	}

  45. 

  46. 	valid := isValidCookieBiukopCL(cookie.Value)

  47. 	if !valid {

  48. 		ret, _ = createNewCookie(r)

  49. 		return

  50. 	}

  51. 

  52. 	//refresh expiration

  53. 	ret = *cookie

  54. 	ret.Expires = time.Now().Add(10 * 365 * 24 * time.Hour)

  55. 

  56. 	return

  57. }

  58. 

  59. func getLeadIDFromCookie(r *http.Request) (leadID string, ok bool) {

  60. 	return cookieVerifyAndGet(r, cookLeadID)

  61. }

  62. 

  63. func cookieVerifyAndGet(r *http.Request, name string) (value string, ok bool) {

  64. 	ok = false

  65. 	cookie, leadok := r.Cookie(name)

  66. 	if leadok != nil {

  67. 		return

  68. 	}

  69. 	valid := isValidCookieBiukopCL(cookie.Value)

  70. 	if !valid {

  71. 		return

  72. 	}

  73. 

  74. 	//correctly split string

  75. 	s := strings.Split(cookie.Value, "|")

  76. 	if len(s) != 4 || s[0] == "" {

  77. 		return

  78. 	}

  79. 	ok = true

  80. 	value = s[0]

  81. 	return

  82. 

  83. }

  84. 

  85. func createNewCookie(r *http.Request) (ret http.Cookie, info crmdLead) {

  86. 	info = crmCreateNewAnonymousLeadByHTTPRequest(r)

  87. 	ret = cookieFromLeadID(info.ID)

  88. 	return

  89. }

  90. 

  91. func cookieFromLeadID(leadID string) (ret http.Cookie) {

  92. 	return cookieCreateLongTerm(cookLeadID, leadID)

  93. }

  94. 

  95. func cookieCreateLongTerm(name, value string) (ret http.Cookie) {

  96. 	expiration := time.Now().Add(10 * 365 * 24 * time.Hour)

  97. 	signedValue := cookieSignValue(value)

  98. 	ret = http.Cookie{Name: name, Value: signedValue, Expires: expiration}

  99. 	return

  100. }

  101. 

  102. func cookieCreate(name, value string, expireInSeconds int) (ret http.Cookie) {

  103. 	expiration := time.Now().Add(time.Duration(expireInSeconds) * time.Second)

  104. 	signedValue := cookieSignValue(value)

  105. 	ret = http.Cookie{Name: name, Value: signedValue, Expires: expiration}

  106. 	return

  107. }

  108. 

  109. func crmCreateNewAnonymousLeadByHTTPRequest(r *http.Request) (info crmdLead) {

  110. 	info.FirstName = "Anonymous"

  111. 	info.LastName = "User " + r.RemoteAddr

  112. 	info.Password = "Password"

  113. 	info.Status = "Anonymous"

  114. 	info.Description = "Anonymous user from " + r.RemoteAddr

  115. 	info.ForceDuplicate = true

  116. 	b, err := json.Marshal(info)

  117. 	if err != nil {

  118. 		return

  119. 	}

  120. 	entity, err := crmCreateEntity("Lead", b)

  121. 	if err == nil || isErrIndicateDuplicate(err) {

  122. 		info, _ = entity.(crmdLead)

  123. 	}

  124. 	return

  125. }

  126. 

  127. func isValidCookieBiukopCL(cookieValue string) (valid bool) {

  128. 	valid = false

  129. 

  130. 	//correctly split string

  131. 	s := strings.Split(cookieValue, "|")

  132. 	if len(s) != 4 || s[0] == "" {

  133. 		return

  134. 	}

  135. 	id, nonce, timestamp, signature := s[0], s[1], s[2], s[3]

  136. 

  137. 	//check signature

  138. 	combined := id + nonce

  139. 	expected := calculateSignature(timestamp, combined, IntraAPIConfig.CRMSecrete)

  140. 	if expected != signature {

  141. 		return

  142. 	}

  143. 

  144. 	ts, err := strconv.Atoi(timestamp)

  145. 	if err != nil {

  146. 		return

  147. 	}

  148. 

  149. 	if timestampOldThan(int32(ts), 86400) { //older than 1 day

  150. 		//find lead data

  151. 		_, err := crmpixelLead(id)

  152. 		if err != nil {

  153. 			return

  154. 		}

  155. 	}

  156. 	valid = true

  157. 	return

  158. }

  159. 

  160. func buildBiukopCLsignature(id, nonce string) (timestamp, signature string) {

  161. 	combined := id + nonce

  162. 	timestamp = fmt.Sprintf("%d", time.Now().Unix())

  163. 	signature = calculateSignature(timestamp, combined, IntraAPIConfig.CRMSecrete)

  164. 	return

  165. }

  166. 

  167. func cookieSignValue(id string) (ret string) {

  168. 	rand.Seed(time.Now().Unix())

  169. 	nonce := fmt.Sprintf("%d", rand.Intn(655352017))

  170. 	timestamp, signature := buildBiukopCLsignature(id, nonce)

  171. 	strs := []string{id, nonce, timestamp, signature} //order is very important

  172. 	ret = strings.Join(strs, "|")

  173. 	return

  174. }

  175. 

  176. func crmpixelLead(id string) (info crmdLead, err error) {

  177. 	entity, err := crmGetEntity("Lead", id)

  178. 	if err != nil {

  179. 		return

  180. 	}

  181. 

  182. 	info, ok := entity.(crmdLead)

  183. 	if !ok {

  184. 		err = errors.New("search lead, return a bad entity type")

  185. 	}

  186. 	return

  187. }

  188. 

  189. //for user's initial registration, especially for wechat users

  190. //they visit a url that is specifically designed for them to

  191. //auth and input their profile data.

  192. //the url's query string will contains a token and a signature

  193. //so that it's verified, by single get request, to allow people to

  194. //enter their details into the CRM system.

  195. //

  196. //this handler, check's the query sting ,set an auth cookie to the client

  197. //and serve angular app, through an URL "/profile/edit"

  198. //or if the user has already been registered,

  199. //redirect user to a URL "/pages/dashboard"

  200. //

  201. func setTrackingCookieAndRecirect(w http.ResponseWriter, r *http.Request) {

  202. 	m, err := url.ParseQuery(r.URL.RawQuery)

  203. 	if err != nil {

  204. 		response400Handler(w)

  205. 		return

  206. 	}

  207. 

  208. 	url, ok := m["url"]

  209. 	if !ok {

  210. 		response400Handler(w)

  211. 		return

  212. 	}

  213. 

  214. 	//check request leadID - lid and my cookie lead id

  215. 	leadID, ok := m["lid"]

  216. 	myLeadID, found := getLeadIDFromCookie(r) //existing cookie

  217. 

  218. 	expireInSeconds := 120                    //default 2minute

  219. 	if found && ok && myLeadID == leadID[0] { //our cookie match the request lid

  220. 		expireInSeconds = 86400 //extended to 1 day

  221. 	}

  222. 

  223. 	//check signature, prevent unauthorized request

  224. 	if !checkSignatureByTokenWithExpireSeconds(r, IntraAPIConfig.CRMSecrete, expireInSeconds) {

  225. 		response403Handler(w)

  226. 		return

  227. 	}

  228. 

  229. 	//set cookie if any

  230. 	if ok {

  231. 		log.Println("setlead cookie :" + leadID[0])

  232. 		cookie := cookieFromLeadID(leadID[0])

  233. 		http.SetCookie(w, &cookie)

  234. 	} else {

  235. 		cookie := crmpixelCookie(r)

  236. 		http.SetCookie(w, &cookie)

  237. 	}

  238. 

  239. 	//get expire settings if any

  240. 	expire := 7200 //2 hours

  241. 	expireTime, ok := m["expire"]

  242. 	if ok {

  243. 		expire, _ = strconv.Atoi(expireTime[0])

  244. 	}

  245. 

  246. 	//set all cookie from url

  247. 	for k, v := range m {

  248. 		if k == "lid" || k == "url" || k == "expire" || k == "nonce" || k == "signature" || k == "timestamp" { //skip lead id and URL and expire

  249. 			continue

  250. 		}

  251. 		log.Printf("set cookie %s=%s", k, v)

  252. 		cookie := cookieCreate(k, v[0], expire)

  253. 		http.SetCookie(w, &cookie)

  254. 	}

  255. 

  256. 	//perform redirect

  257. 	http.Redirect(w, r, url[0], 307) //302 temp redirect

  258. 	return

  259. }