From a44f9c8dd6734179899a9c3e7727ecccc3b60607 Mon Sep 17 00:00:00 2001
From: jianweie code <jianweie@live.com>
Date: Tue, 21 Mar 2023 10:48:50 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E4=BC=98=E5=8C=96=E3=80=91=E4=BC=98?=
 =?UTF-8?q?=E5=8C=96=E5=BE=AE=E4=BF=A1=E5=85=AC=E4=BC=97=E5=8F=B7=E6=9C=8D?=
 =?UTF-8?q?=E5=8A=A1=E5=99=A8=E9=85=8D=E7=BD=AE=E8=BF=9C=E7=A8=8B=E6=A0=A1?=
 =?UTF-8?q?=E9=AA=8C=E5=8F=AF=E8=83=BD=E5=AD=98=E5=9C=A8=E6=A0=A1=E9=AA=8C?=
 =?UTF-8?q?=E5=A4=B1=E8=B4=A5=E7=9A=84=E9=97=AE=E9=A2=98=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WeChatOffiaccountNotifyController.cs      | 27 ++++++++++++++-----
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/CoreCms.Net.Web.WebApi/Controllers/WeChatOAuth/WeChatOffiaccountNotifyController.cs b/CoreCms.Net.Web.WebApi/Controllers/WeChatOAuth/WeChatOffiaccountNotifyController.cs
index 5733a42e..eff5b7ac 100644
--- a/CoreCms.Net.Web.WebApi/Controllers/WeChatOAuth/WeChatOffiaccountNotifyController.cs
+++ b/CoreCms.Net.Web.WebApi/Controllers/WeChatOAuth/WeChatOffiaccountNotifyController.cs
@@ -84,18 +84,33 @@ namespace CoreCms.Net.Web.Controllers.WeChat
             // 验证服务器推送
             // 文档：https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html
 
-            NLogUtil.WriteFileLog(LogLevel.Info, LogType.WeChat, "GET接收到微信推送的数据", JsonConvert.SerializeObject(new
+            var getModel = new
             {
                 timestamp,
                 nonce,
                 signature,
                 echoString
-            }));
+            };
 
-            var client = _weChatApiHttpClientFactory.CreateWeXinClient();
-            var valid = client.VerifyEventSignatureForEcho(callbackTimestamp: timestamp, callbackNonce: nonce, callbackSignature: signature);
 
-            return Content(!valid ? "fail" : echoString);
+            //NLogUtil.WriteFileLog(LogLevel.Info, LogType.WeChat, "GET接收到微信推送的数据", JsonConvert.SerializeObject(getModel));
+
+            //var client = _weChatApiHttpClientFactory.CreateWeXinClient();
+            //var valid = client.VerifyEventSignatureForEcho(callbackTimestamp: timestamp, callbackNonce: nonce, callbackSignature: signature);
+
+            //return Content(!valid ? "fail" : echoString);
+
+            if (!CheckSignature.Check(signature, timestamp, nonce, _weChatOptions.WeiXinToken))
+            {
+                NLogUtil.WriteFileLog(LogLevel.Error, LogType.WeChat, "GET接收到微信推送的数据（签名错误）", JsonConvert.SerializeObject(getModel));
+                return Content("fail");
+            }
+            else
+            {
+                NLogUtil.WriteFileLog(LogLevel.Info, LogType.WeChat, "GET接收到微信推送的数据（签名成功）", JsonConvert.SerializeObject(getModel));
+                return Content(echoString);
+            }
+
         }
 
         /// <summary>
@@ -271,7 +286,7 @@ namespace CoreCms.Net.Web.Controllers.WeChat
                                                     var userInfo = await _weChatUserInfoServices.QueryByClauseAsync(p => p.openid == eventModel.FromUserName);
                                                     if (userInfo == null)
                                                     {
-                                                        
+
                                                         userInfo = new Model.Entities.CoreCmsUserWeChatInfo()
                                                         {
                                                             isSubscribe = response.IsSubscribed,