Comments (7)
fudiwei
commented on August 24, 2024
字面意思,签名错误。
可能传参错误、混用了不同商户号(即用商户A去验签商户B的回调)等原因。
请贴下完整代码看看。
from dotnetcore.skit.flurlhttpclient.wechat.
Lingweiy
commented on August 24, 2024
目前还没支持多商户号,只配置了一个商户号,应该不是混用的原因。
这是Controller:
这是service:
后面的 DecryptEventResource 方法是可以解密出来数据的
from dotnetcore.skit.flurlhttpclient.wechat.
fudiwei
commented on August 24, 2024
你应该使用收到的原始数据验签,而不是先反序列化后再序列化回 JSON 字符串 —— 你无法保证你序列化出来的结果跟你收到的是一模一样的。
from dotnetcore.skit.flurlhttpclient.wechat.
Lingweiy
commented on August 24, 2024
原来是这样,感谢大神指点!
因为一直读不到Request.Body,用 Sample 里读取body的方式也不行,最后无奈选择了这种方式...我再研究下
from dotnetcore.skit.flurlhttpclient.wechat.
Lingweiy
commented on August 24, 2024
定位到了问题,我定义input的时候字段的顺序与官方文档的顺序的不一致,将顺序修改成一样后,还是使用上面的方式将input反序列化后验签,可以通过了!
感谢大神指点~
from dotnetcore.skit.flurlhttpclient.wechat.
fudiwei
commented on August 24, 2024
定位到了问题,我定义input的时候字段的顺序与官方文档的顺序的不一致,将顺序修改成一样后,还是使用上面的方式将input反序列化后验签,可以通过了! 感谢大神指点~
不建议你这么搞。以后微信突然调整字段顺序了你怎么办?或者人家传给你的 JSON 里突然多了空格怎么办?
{ "key1": "value1", "key2": "value2" }
{"key2":"value2","key1":"value1"}虽然一个有空格一个没空格、键顺序也不一样,但从数据的角度上讲,这俩 JSON 完全一样。可从字符串上看,这就是俩不同的字符串,当然签名结果会不一样。
REF: https://pay.weixin.qq.com/docs/merchant/development/interface-rules/signature-verification.html
微信官方也强调了,要使用原始报文主体验签。
from dotnetcore.skit.flurlhttpclient.wechat.
Lingweiy
commented on August 24, 2024
好的,感谢大神指出问题~
现在框架使用的是 ASP.NET Core 8,读取 Request.Body 的方式应该是变化了,我再查查文档,优化成使用原始报文主体验签。
from dotnetcore.skit.flurlhttpclient.wechat.
Related Issues (20)
- 📢 v3.0.0 已发布 HOT 1
- [BUG] 相同的配置下 TestExecuteCreatePayTransactionJsapi v3.0分支无法通过单元测试 HOT 1
- JSAPI 接口请求失败 提示 Private key format is not supported. HOT 4
- 企业微信官方接口新增:获取已服务的外部联系人 HOT 3
- 订单支付的时候提示201商户订单号重复 HOT 4
- 企业微信会话存档解密 rsa密钥前后不一致 HOT 2
- 商家转账到零钱-发起商家转账 HOT 1
- [BUG] 企微获取会话内容功能meetingid类型定义错误 HOT 2
- 想进行微信仿真测试系统测试,请问该如何修改接入的URL? HOT 6
- 请问如何回复公众平台发的消息 HOT 2
- [FEATURE] ChannelsECOrderGetResponse 希望能加一下 Unionid字段 HOT 1
- 商家转账到零钱 HOT 1
- [BUG] 企微获取部门成员详情接口的gender类型定义错误 HOT 2
- [BUG] ExecuteCgibinFreePublishSubmitAsync 解析返回数据的json格式报错了 HOT 2
- SwaggerGeneratorException HOT 1
- 请问怎么输出或者查看生成的签名? HOT 6
- 建议优化项 HOT 2
- [FEATURE] 适配智能对话平台 V2 版接口 HOT 7
- CgibinMaterialAddMaterialRequest 没有设置 FileName 可以正常上传,设置了FileName , 40113 ,unsupported file type hint HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dotnetcore.skit.flurlhttpclient.wechat.