120 lines
3.0 KiB
Go
120 lines
3.0 KiB
Go
package oppo
|
|
|
|
import (
|
|
"context"
|
|
"crypto"
|
|
"crypto/rsa"
|
|
"crypto/sha1"
|
|
"crypto/x509"
|
|
"encoding/base64"
|
|
"encoding/pem"
|
|
"fmt"
|
|
"github.com/gogf/gf/v2/errors/gerror"
|
|
"github.com/gogf/gf/v2/frame/g"
|
|
"net/http"
|
|
"strings"
|
|
)
|
|
|
|
// 跟充值平台通信的加密key
|
|
//const PUBLIC_KEY = `dfsdfs`
|
|
|
|
type OppoType struct {
|
|
PublicKey string `json:"public_key"`
|
|
}
|
|
|
|
func New(PublicKey string) *OppoType {
|
|
|
|
return &OppoType{
|
|
PublicKey: PublicKey,
|
|
}
|
|
}
|
|
|
|
func (p *OppoType) Verify(ctx context.Context, data map[string]string) error {
|
|
// 解析请求参数
|
|
for k, v := range data {
|
|
if v == "" || v == "0" {
|
|
delete(data, k)
|
|
}
|
|
}
|
|
|
|
//data["notifyId"] = getParam(r, "notifyId")
|
|
//data["partnerOrder"] = getParam(r, "partnerOrder")
|
|
//data["productName"] = getParam(r, "productName")
|
|
//data["productDesc"] = getParam(r, "productDesc")
|
|
//data["price"] = getParam(r, "price")
|
|
//data["count"] = getParam(r, "count")
|
|
//data["attach"] = getParam(r, "attach")
|
|
//data["sign"] = getParam(r, "sign")
|
|
|
|
// 验证签名
|
|
result, err := p.rsaVerify(data)
|
|
if err != nil {
|
|
//http.Error(w, "Verification error: "+err.Error(), http.StatusInternalServerError)
|
|
g.Log().Errorf(ctx, "Verification error: %v", err.Error())
|
|
return err
|
|
}
|
|
|
|
if result {
|
|
// TODO::验证成功,处理后续逻辑
|
|
//fmt.Fprint(w, "Verification successful")
|
|
//g.Log().Errorf(ctx, "Verification error: %v", err.Error())
|
|
} else {
|
|
// TODO::验证失败,处理后续逻辑
|
|
//http.Error(w, "Verification failed", http.StatusBadRequest)
|
|
g.Log().Error(ctx, "Verification failed")
|
|
err = gerror.New("Verification failed")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (p *OppoType) getParam(r *http.Request, paramName string) string {
|
|
r.ParseForm()
|
|
if value := r.FormValue(paramName); value != "" {
|
|
return strings.TrimSpace(value)
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (p *OppoType) rsaVerify(contents map[string]string) (bool, error) {
|
|
// 构建待签名字符串
|
|
strContents := fmt.Sprintf("notifyId=%s&partnerOrder=%s&productName=%s&productDesc=%s&price=%s&count=%s&attach=%s",
|
|
contents["notifyId"], contents["partnerOrder"], contents["productName"],
|
|
contents["productDesc"], contents["price"], contents["count"], contents["attach"])
|
|
|
|
// 解析公钥
|
|
publicKey := p.PublicKey
|
|
pemData := []byte("-----BEGIN PUBLIC KEY-----\n" +
|
|
strings.ReplaceAll(publicKey, " ", "\n") +
|
|
"\n-----END PUBLIC KEY-----")
|
|
|
|
block, _ := pem.Decode(pemData)
|
|
if block == nil {
|
|
return false, fmt.Errorf("failed to decode PEM block")
|
|
}
|
|
|
|
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
pubKey, ok := pubInterface.(*rsa.PublicKey)
|
|
if !ok {
|
|
return false, fmt.Errorf("public key is not an RSA public key")
|
|
}
|
|
|
|
// 解码签名
|
|
signature, err := base64.StdEncoding.DecodeString(contents["sign"])
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
// 计算内容的哈希值
|
|
hash := sha1.New()
|
|
hash.Write([]byte(strContents))
|
|
hashed := hash.Sum(nil)
|
|
|
|
// 验证签名
|
|
err = rsa.VerifyPKCS1v15(pubKey, crypto.SHA1, hashed, signature)
|
|
return err == nil, err
|
|
}
|