fix
This commit is contained in:
laodaming
parent
108167430d
commit
4b8af75652
|
|
@ -4,8 +4,10 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"fusenapi/server/feishu-sync/internal/svc"
|
"fusenapi/server/feishu-sync/internal/svc"
|
||||||
"github.com/zeromicro/go-zero/core/logx"
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
|
|
@ -51,10 +53,14 @@ func (l *WebhookLogic) Webhook(w http.ResponseWriter, r *http.Request) {
|
||||||
logx.Error("读取请求body失败", err)
|
logx.Error("读取请求body失败", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
logx.Info("收到头消息:", r.Header)
|
//计算签名
|
||||||
logx.Info("收到body消息:", string(bodyBytes))
|
timestamp := r.Header.Get("X-Lark-Request-Timestamp")
|
||||||
//验证消息合法性
|
nonce := r.Header.Get("X-Lark-Request-Nonce")
|
||||||
if !l.VerifyWebhook(r.Header, bodyBytes, "DmiHQ2bHhKiR3KK4tIjLShbs13eErxKA") {
|
encryptKey := "DmiHQ2bHhKiR3KK4tIjLShbs13eErxKA"
|
||||||
|
signature := r.Header.Get("X-Lark-Signature")
|
||||||
|
sign := l.calculateSignature(timestamp, nonce, encryptKey, bodyBytes)
|
||||||
|
if signature != sign {
|
||||||
|
logx.Error("非法的消息,签名验证不通过", sign, "====", signature)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer r.Body.Close()
|
defer r.Body.Close()
|
||||||
|
|
@ -103,23 +109,17 @@ func (l *WebhookLogic) Webhook(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
// 计算签名
|
||||||
// func (l *WebhookLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
|
func (l *WebhookLogic) calculateSignature(timestamp, nonce, encryptKey string, body []byte) string {
|
||||||
// // httpx.OkJsonCtx(r.Context(), w, resp)
|
var b strings.Builder
|
||||||
// }
|
b.WriteString(timestamp)
|
||||||
func (l *WebhookLogic) VerifyWebhook(header http.Header, bodyBytes []byte, encryptKey string) bool {
|
b.WriteString(nonce)
|
||||||
b := []byte(header.Get("X-Lark-Request-Timestamp") + header.Get("X-Lark-Request-Nonce") + encryptKey)
|
b.WriteString(encryptKey)
|
||||||
b = append(b, bodyBytes...)
|
b.Write(body) //bodystring 指整个请求体,不要在反序列化后再计算
|
||||||
|
bs := []byte(b.String())
|
||||||
h := sha256.New()
|
h := sha256.New()
|
||||||
_, err := h.Write(b)
|
h.Write(bs)
|
||||||
if err != nil {
|
bs = h.Sum(nil)
|
||||||
logx.Error(err)
|
sig := fmt.Sprintf("%x", bs)
|
||||||
return false
|
return sig
|
||||||
}
|
|
||||||
hashKey := h.Sum(nil)
|
|
||||||
if string(hashKey) != header.Get("X-Lark-Signature") {
|
|
||||||
logx.Error("无效的消息", string(b), ":------:", string(hashKey), ":-----:", header.Get("X-Lark-Signature"))
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
return true
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user