Patrick
/
wechat_hitxy
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
166 коммитов
1 ветка
9.4MB
Дерево: fc77aab127
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'fc77aab127'
${ noResults }
wechat_hitxy/server.go

261 line
6.3KB
Исходник Blame История 

  1. package main

  2. 

  3. import (

  4. 	"crypto/sha1"

  5. 	"fmt"

  6. 	"io"

  7. 	"io/ioutil"

  8. 	"log"

  9. 	"net/http"

  10. 	"net/http/httputil"

  11. 	"net/url"

  12. 	"os"

  13. 	"sort"

  14. 	"strings"

  15. )

  16. 

  17. //apiV1Main  version 1 main entry for all wechat callbacks

  18. //

  19. func apiV1Main(w http.ResponseWriter, r *http.Request) {

  20. 	logRequestDebug(httputil.DumpRequest(r, true))

  21. 	if checkSignature(r) == false {

  22. 		log.Println("signature of URL incorrect")

  23. 		w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  24. 		w.WriteHeader(http.StatusUnauthorized)

  25. 		fmt.Fprintf(w, "") //empty string

  26. 		return

  27. 	}

  28. 

  29. 	switch r.Method {

  30. 	case "POST":

  31. 		//answerWechatPostEcho(w, r)

  32. 		answerWechatPost(w, r)

  33. 	case "GET":

  34. 		answerInitialAuth(w, r)

  35. 	default:

  36. 		log.Println(fmt.Sprintf("FATAL: Unhandled HTTP %s", r.Method))

  37. 		response404Handler(w)

  38. 		//fmt.Fprintf(w, "Protocol Error: Expect GET or POST only")

  39. 	}

  40. }

  41. 

  42. //

  43. //answerInitialAuth,  when wechat first verify our URL for API hooks

  44. //

  45. func answerInitialAuth(w http.ResponseWriter, r *http.Request) {

  46. 	rq := r.URL.RawQuery

  47. 	m, _ := url.ParseQuery(rq)

  48. 

  49. 	echostr, eok := m["echostr"]

  50. 	if checkSignature(r) && eok {

  51. 		fmt.Fprintf(w, echostr[0])

  52. 	} else {

  53. 		fmt.Fprintf(w, "wtf is wrong with the Internet")

  54. 	}

  55. }

  56. 

  57. //

  58. //InWechatMsg  what we received currently from wechat

  59. type InWechatMsg struct {

  60. 	header CommonHeader

  61. 	body   interface{} //dynamic type

  62. }

  63. 

  64. //

  65. //answerWechatPost  distribute PostRequest according to xml body info

  66. func answerWechatPost(w http.ResponseWriter, r *http.Request) {

  67. 	in, valid := readWechatInput(r)

  68. 	reply := "" //nothing

  69. 	if !valid {

  70. 		log.Println("Error:  Invalid Input ")

  71. 	}

  72. 

  73. 	//are we in an existing procedure

  74. 	openID := in.header.FromUserName

  75. 	yes, state := isInProc(openID)

  76. 	if yes {

  77. 		state := serveProc(openID, in)

  78. 		reply = state.response

  79. 	} else {

  80. 		state, processed := serveCommand(openID, in) //search or other command

  81. 		if !processed {                              // transfer to Customer Service (kf)

  82. 			reply = buildKfForwardMsg(openID, "")

  83. 		} else {

  84. 			reply = state.response

  85. 		}

  86. 	}

  87. 	log.Println(reply)

  88. 	w.Header().Set("Content-Type", "text/xml; charset=utf-8")

  89. 	fmt.Fprint(w, reply)

  90. 

  91. 	saveChatState(state)

  92. 	return

  93. }

  94. 

  95. func readWechatInput(r *http.Request) (result InWechatMsg, valid bool) {

  96. 	body, err := ioutil.ReadAll(r.Body)

  97. 	if err != nil {

  98. 		log.Println(err)

  99. 		valid = false

  100. 		return

  101. 	}

  102. 	d := decryptToXML(string(body))

  103. 	if d == "" {

  104. 		log.Println("Cannot decode Message : \r\n" + string(body))

  105. 		valid = false

  106. 		return

  107. 	}

  108. 	valid = true

  109. 	fmt.Printf("decrypt as: %s\n", d)

  110. 	result.header = ReadCommonHeader(d)

  111. 	switch result.header.MsgType {

  112. 	case "text":

  113. 		result.body = ReadTextMsg(d)

  114. 	case "image":

  115. 		result.body = ReadPicMsg(d)

  116. 	case "voice":

  117. 		result.body = ReadVoiceMsg(d)

  118. 	case "video":

  119. 		result.body = ReadVideoMsg(d)

  120. 	case "shortvideo":

  121. 		result.body = ReadShortVideoMsg(d)

  122. 	case "location":

  123. 		result.body = ReadLocationMsg(d)

  124. 	case "link":

  125. 		result.body = ReadLinkMsg(d)

  126. 	case "event":

  127. 		result.body = ReadEventMsg(d)

  128. 	default:

  129. 		log.Println("Fatal: unknown incoming message type" + result.header.MsgType)

  130. 		valid = false

  131. 	}

  132. 	return

  133. }

  134. 

  135. func answerWechatPostEcho(w http.ResponseWriter, r *http.Request) {

  136. 	body, _ := ioutil.ReadAll(r.Body)

  137. 	//fmt.Printf("get body: %s", string(body))

  138. 	s := ReadEncryptedMsg(string(body))

  139. 	//fmt.Printf("to decrypt %s", s.Encrypt)

  140. 	d := Decode(s.Encrypt)

  141. 	fmt.Printf("echo as: \r\n%s", d)

  142. 

  143. 	e := strings.Replace(d, "ToUserName", "FDDD20170506xyzunique", 2)

  144. 	f := strings.Replace(e, "FromUserName", "ToUserName", 2)

  145. 	g := strings.Replace(f, "FDDD20170506xyzunique", "FromUserName", 2)

  146. 	fmt.Fprint(w, g)

  147. }

  148. 

  149. //

  150. func checkSignature(r *http.Request) bool {

  151. 	rq := r.URL.RawQuery

  152. 	m, _ := url.ParseQuery(rq)

  153. 

  154. 	signature, sok := m["signature"]

  155. 	timestamp, tok := m["timestamp"]

  156. 	nonce, nok := m["nonce"]

  157. 	token := APIConfig.Token

  158. 	if sok && tok && nok {

  159. 		//sort token, timestamp, nonce  and join them

  160. 		strs := []string{token, timestamp[0], nonce[0]}

  161. 		sort.Strings(strs)

  162. 		s := strings.Join(strs, "")

  163. 

  164. 		//calculate sha1

  165. 		h := sha1.New()

  166. 		h.Write([]byte(s))

  167. 		calculated := fmt.Sprintf("%x", h.Sum(nil))

  168. 		return signature[0] == calculated

  169. 	}

  170. 	return false

  171. }

  172. 

  173. func checkSignature1() bool {

  174. 	s1 := "e39de9f2e28079c01ebb4b803dfc3442b819545c"

  175. 	t1 := "1492970761"

  176. 	n1 := "1850971833"

  177. 	token := APIConfig.Token

  178. 

  179. 	strs := []string{token, t1, n1}

  180. 	sort.Strings(strs)

  181. 	s := strings.Join(strs, "")

  182. 

  183. 	h := sha1.New()

  184. 	h.Write([]byte(s))

  185. 	us := fmt.Sprintf("%x", h.Sum(nil))

  186. 	return s1 == us

  187. }

  188. 

  189. //webrootHandler sending contents to client when request "/"

  190. //      essentially to prove the webserver is still alive

  191. //      echo query string to the client

  192. func webrootHandler(w http.ResponseWriter, r *http.Request) {

  193. 	fmt.Fprintf(w, "Hi there, I love %s!", r.URL.Path[1:])

  194. 	rq := r.URL.RawQuery

  195. 	m, _ := url.ParseQuery(rq)

  196. 	for index, element := range m {

  197. 		fmt.Fprintf(w, "\n%s => %s", index, element)

  198. 	}

  199. 	logRequestDebug(httputil.DumpRequest(r, true))

  200. 

  201. }

  202. 

  203. func logRequestDebug(data []byte, err error) {

  204. 	if err == nil {

  205. 		fmt.Printf("%s\n\n", string(data))

  206. 	} else {

  207. 		log.Fatalf("%s\n\n", err)

  208. 	}

  209. }

  210. 

  211. //save uploaded 'file' into temporary location

  212. func uploadHandler(w http.ResponseWriter, r *http.Request) {

  213. 	r.ParseMultipartForm(32 << 20)           //32MB memory

  214. 	file, handler, err := r.FormFile("file") //form-field 'file'

  215. 	if err != nil {

  216. 		fmt.Println(err)

  217. 		return

  218. 	}

  219. 	defer file.Close()

  220. 	fmt.Fprintf(w, "%v", handler.Header)

  221. 	f, err := os.OpenFile("/tmp/wechat_hitxy_"+handler.Filename, os.O_WRONLY|os.O_CREATE, 0666)

  222. 	if err != nil {

  223. 		fmt.Println(err)

  224. 		return

  225. 	}

  226. 	defer f.Close()

  227. 	io.Copy(f, file)

  228. }

  229. 

  230. //when user requst an attachment from our server, we get the file from CRM server and reply it back

  231. //in this way, user has no 'direct-access' to the CRM server.

  232. func crmAttachmentHandler(w http.ResponseWriter, r *http.Request) {

  233. 	fileID := getCrmFileID(r.URL.Path)

  234. 	saveAs := GlobalPath.CRMAttachment + "crm_attach_" + fileID //add prefix for easy deleting

  235. 	if isFileExist(saveAs) {

  236. 		http.ServeFile(w, r, saveAs)

  237. 		return

  238. 	}

  239. 	if fileID == "" {

  240. 		log.Println("invalid fileID")

  241. 		response404Handler(w)

  242. 		return

  243. 	}

  244. 	log.Printf("download %s => %s", fileID, saveAs)

  245. 	crmDownloadAttachmentAs(fileID, saveAs)

  246. 	if !isFileExist(saveAs) {

  247. 		response404Handler(w)

  248. 		return

  249. 	}

  250. 	http.ServeFile(w, r, saveAs)

  251. }

  252. 

  253. func getCrmFileID(urlPath string) string {

  254. 	return strings.TrimPrefix(urlPath, "/crmfiles/")

  255. }

  256. 

  257. func response404Handler(w http.ResponseWriter) {

  258. 	w.WriteHeader(http.StatusNotFound)

  259. 	fmt.Fprintf(w, "not found")

  260. }