Patrick
/
wechat_hitxy
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Požadavky na natažení 0 Vydání 0 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
92 Revize
1 Větev
9.4MB
Strom: dc50ea5ff9
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „dc50ea5ff9“
${ noResults }
wechat_hitxy/server.go

161 lines
4.2KB
Surový Blame Historie 

  1. package main

  2. 

  3. import (

  4. 	"crypto/sha1"

  5. 	"fmt"

  6. 	"io/ioutil"

  7. 	"log"

  8. 	"net/http"

  9. 	"net/http/httputil"

  10. 	"net/url"

  11. 	"sort"

  12. 	"strings"

  13. )

  14. 

  15. //apiV1Main  version 1 main entry for all wechat callbacks

  16. //

  17. func apiV1Main(w http.ResponseWriter, r *http.Request) {

  18. 	logRequestDebug(httputil.DumpRequest(r, true))

  19. 	if checkSignature(r) == false {

  20. 		log.Println("signature of URL incorrect")

  21. 		w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  22. 		w.WriteHeader(http.StatusUnauthorized)

  23. 		fmt.Fprintf(w, "") //empty string

  24. 		return

  25. 	}

  26. 

  27. 	switch r.Method {

  28. 	case "POST":

  29. 		//answerWechatPostEcho(w, r)

  30. 		answerWechatPost(w, r)

  31. 	case "GET":

  32. 		answerInitialAuth(w, r)

  33. 	default:

  34. 		log.Fatalln(fmt.Sprintf("Unhandled HTTP %s", r.Method))

  35. 		fmt.Fprintf(w, "Protocol Error: Expect GET or POST only")

  36. 	}

  37. }

  38. 

  39. //

  40. //answerInitialAuth,  when wechat first verify our URL for API hooks

  41. //

  42. func answerInitialAuth(w http.ResponseWriter, r *http.Request) {

  43. 	rq := r.URL.RawQuery

  44. 	m, _ := url.ParseQuery(rq)

  45. 

  46. 	echostr, eok := m["echostr"]

  47. 	if checkSignature(r) && eok {

  48. 		fmt.Fprintf(w, echostr[0])

  49. 	} else {

  50. 		fmt.Fprintf(w, "wtf is wrong with the Internet")

  51. 	}

  52. }

  53. 

  54. //answerWechatPost  distribute PostRequest according to xml body info

  55. //

  56. func answerWechatPost(w http.ResponseWriter, r *http.Request) {

  57. 	body, _ := ioutil.ReadAll(r.Body)

  58. 	d := decryptToXML(string(body))

  59. 	fmt.Printf("decrypt as: %s\n", d)

  60. 	h := ReadCommonHeader(d)

  61. 	reply, _ := BuildTextMsg(h.MsgType, h.FromUserName)

  62. 	if h.MsgType == "voice" {

  63. 		a := ReadVoiceMsg(d)

  64. 		reply, _ = BuildTextMsg(a.Recognition, h.FromUserName)

  65. 	}

  66. 	if h.MsgType == "event" {

  67. 		a := ReadEventMsg(d)

  68. 		if a.Event == "LOCATION" {

  69. 			reply = BuildLocationMsg(0, 0, 0, h.FromUserName)

  70. 			fmt.Printf("output %s", reply)

  71. 		} else {

  72. 			reply, _ = BuildTextMsg(a.Event+"/"+a.EventKey, h.FromUserName)

  73. 		}

  74. 		mediaID := "cU8BYvAEp3H25V-yGO3WBtMVk2bZcEBgf_kje7V-EPkRA_U4x-OAWb_ONg6Y-Qxt" //video

  75. 		//mediaID := "e2iNEiSxCX5TV1WbFd0TQMqvVrqFDbDOacdjgQ-OAuE" //news

  76. 		reply = buildVideoMsg(h.FromUserName, mediaID, "标题", a.Event+"/"+a.EventKey)

  77. 

  78. 		reply = buildUploadPicMsg(h.FromUserName, "media_for_test/640x480.jpg")

  79. 		reply = buildUploadVoiceMsg(h.FromUserName, "media_for_test/music.mp3")

  80. 	}

  81. 	w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  82. 	fmt.Fprint(w, reply)

  83. 	return

  84. }

  85. 

  86. func answerWechatPostEcho(w http.ResponseWriter, r *http.Request) {

  87. 	body, _ := ioutil.ReadAll(r.Body)

  88. 	//fmt.Printf("get body: %s", string(body))

  89. 	s := ReadEncryptedMsg(string(body))

  90. 	//fmt.Printf("to decrypt %s", s.Encrypt)

  91. 	d := Decode(s.Encrypt)

  92. 	fmt.Printf("echo as: \n%s", d)

  93. 

  94. 	e := strings.Replace(d, "ToUserName", "FDDD20170506xyzunique", 2)

  95. 	f := strings.Replace(e, "FromUserName", "ToUserName", 2)

  96. 	g := strings.Replace(f, "FDDD20170506xyzunique", "FromUserName", 2)

  97. 	fmt.Fprint(w, g)

  98. }

  99. 

  100. //

  101. func checkSignature(r *http.Request) bool {

  102. 	rq := r.URL.RawQuery

  103. 	m, _ := url.ParseQuery(rq)

  104. 

  105. 	signature, sok := m["signature"]

  106. 	timestamp, tok := m["timestamp"]

  107. 	nonce, nok := m["nonce"]

  108. 	token := APIConfig.Token

  109. 	if sok && tok && nok {

  110. 		//sort token, timestamp, nonce  and join them

  111. 		strs := []string{token, timestamp[0], nonce[0]}

  112. 		sort.Strings(strs)

  113. 		s := strings.Join(strs, "")

  114. 

  115. 		//calculate sha1

  116. 		h := sha1.New()

  117. 		h.Write([]byte(s))

  118. 		calculated := fmt.Sprintf("%x", h.Sum(nil))

  119. 		return signature[0] == calculated

  120. 	}

  121. 	return false

  122. }

  123. 

  124. func checkSignature1() bool {

  125. 	s1 := "e39de9f2e28079c01ebb4b803dfc3442b819545c"

  126. 	t1 := "1492970761"

  127. 	n1 := "1850971833"

  128. 	token := APIConfig.Token

  129. 

  130. 	strs := []string{token, t1, n1}

  131. 	sort.Strings(strs)

  132. 	s := strings.Join(strs, "")

  133. 

  134. 	h := sha1.New()

  135. 	h.Write([]byte(s))

  136. 	us := fmt.Sprintf("%x", h.Sum(nil))

  137. 	return s1 == us

  138. }

  139. 

  140. //webrootHandler sending contents to client when request "/"

  141. //      essentially to prove the webserver is still alive

  142. //      echo query string to the client

  143. func webrootHandler(w http.ResponseWriter, r *http.Request) {

  144. 	fmt.Fprintf(w, "Hi there, I love %s!", r.URL.Path[1:])

  145. 	rq := r.URL.RawQuery

  146. 	m, _ := url.ParseQuery(rq)

  147. 	for index, element := range m {

  148. 		fmt.Fprintf(w, "\n%s => %s", index, element)

  149. 	}

  150. 	logRequestDebug(httputil.DumpRequest(r, true))

  151. 

  152. }

  153. 

  154. func logRequestDebug(data []byte, err error) {

  155. 	if err == nil {

  156. 		fmt.Printf("%s\n\n", data)

  157. 	} else {

  158. 		log.Fatalf("%s\n\n", err)

  159. 	}

  160. }