using OASystem.Domain.Dtos.CallBack.QiYeWeChat; namespace OASystem.API.Controllers { /// /// 回调地址 /// [Route("/callback")] public class CallbackController : Controller { private readonly IMapper _mapper; private readonly ILogger _logger; #region 企业微信 通讯录通知回调key And token private readonly string _qiYeWechat_Token = "WWiCDK"; private readonly string _qiYeWechat_EncodingAESKey = "3BWKiWnvp6xJGQ5oD3TBaOKYniNgX1g6kZZEehbM3ym"; private readonly string _qiYeWechat_CorpId = "wwe978bef5495a0728"; #endregion public CallbackController(IMapper mapper, ILogger logger) { _mapper = mapper; _logger = logger; } #region 企业微信回调 /// /// 回调通知 /// /// [Route("memberschange")] [HttpGet, HttpPost] public async Task ApproveCallBack(string msg_signature, string timestamp, string nonce, string echostr) { _logger.LogInformation("【企业微信】【通讯录助手】【回调】进入回调"); var input = new ApproveCallBackInputDTO { msg_signature = msg_signature, timestamp = timestamp, nonce = nonce, echostr = echostr }; _logger.LogInformation("【企业微信】【通讯录助手】【回调】【参数】:{Input}", input.ToJson()); if (HttpContext.Request.Method == System.Net.Http.HttpMethod.Get.Method) { var model = await VerifyURLCallBack(input); return Content(model, "text/xml"); } if (HttpContext.Request.Method == System.Net.Http.HttpMethod.Post.Method) { var stream = Request.Body; var model = await ApproveCallBack(stream, input); return Content(model, "text/xml"); } _logger.LogInformation("【企业微信】【通讯录助手】【回调】回调成功"); return Content("ok", "text/xml"); } /// /// 验证URL有效性 /// /// private async Task VerifyURLCallBack(ApproveCallBackInputDTO input) { string sEchoStr = ""; try { //企业微信官方加解密校验解析类 var wxcpt = new Tencent.WXBizMsgCrypt(_qiYeWechat_Token, _qiYeWechat_EncodingAESKey, _qiYeWechat_CorpId); string sReqMsgSig = input.msg_signature; string sReqTimeStamp = input.timestamp; string sReqNonce = input.nonce; string sReqEchostr = input.echostr; //企业微信官方验证URL var ret = wxcpt.VerifyURL(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqEchostr, ref sEchoStr); if (ret != 0) { throw new Exception($"ERR: VerifyURL fail, ret: {ret}"); } return sEchoStr; } catch (Exception ex) { _logger.LogError(ex, "【企业微信】【通讯录助手】【回调】验证URL失败"); return ex.Message; } } /// /// 回调通知处理业务 /// /// private async Task ApproveCallBack(Stream context, ApproveCallBackInputDTO input) { var sReqData = ""; string sMsg = ""; try { //企业微信官方加解密校验解析类 var wxcpt = new Tencent.WXBizMsgCrypt(_qiYeWechat_Token, _qiYeWechat_EncodingAESKey, _qiYeWechat_CorpId); string sReqMsgSig = input.msg_signature; string sReqTimeStamp = input.timestamp; string sReqNonce = input.nonce; string sReqEchostr = input.echostr; // Post请求的密文数据 using (var reader = new StreamReader(context)) { sReqData = await reader.ReadToEndAsync(); } //回调数据 // 解析之后的明文 var ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); if (ret != 0) { throw new Exception($"ERR: Decrypt Fail, ret: {ret}"); } // ret==0表示解密成功,sMsg表示解密之后的明文xml串 //下一步处理实际业务数据了 return sMsg; } catch (Exception ex) { _logger.LogError(ex, "【企业微信】【通讯录助手】【回调】解密失败"); throw new Exception(ex.Message); } } #endregion } }