def decrypt_msg(timestamp, nonce, signature, config, msgDict):
''' decrypt msg from wechat, use AES_CBC decryption
return a dict contains encrypted information
if decrypt failed, will return an empty dict
pass {'echostr': ECHOSTR} into msgDict to decrypt Cop mp oauth
'''
if 'echostr' in msgDict:
msgDict['Encrypt'] = msgDict['echostr']
elif msgDict.get('MsgType') != ENCRYPT:
return msgDict
try:
text = aes_decode(config._encodingAesKey, msgDict['Encrypt'])
text = text[16:-(text[-1] if isinstance(text[-1], int) else ord(text[-1]))]
xmlLen = struct.unpack('>I', text[:4])[0]
xmlContent = text[4:xmlLen + 4].decode('utf8')
fromAppid = text[xmlLen + 4:].decode('utf8')
except:
logger.debug(traceback.format_exc())
return {}
# Check appId
if fromAppid not in (config.appId, config.copId):
logger.debug('A message from wrong appid is filtered when decrypt: %s' % fromAppid)
return {}
if 'echostr' in msgDict:
return {'echostr': xmlContent}
else:
return deconstruct_msg(xmlContent)
def decrypt_msg(timestamp, nonce, signature, config, msgDict):
''' decrypt msg from wechat, use AES_CBC decryption
return a dict contains encrypted information
if decrypt failed, will return an empty dict
pass {'echostr': ECHOSTR} into msgDict to decrypt Cop mp oauth
'''
if 'echostr' in msgDict:
msgDict['Encrypt'] = msgDict['echostr']
elif msgDict.get('MsgType') != ENCRYPT:
return msgDict
try:
text = aes_decode(config._encodingAesKey, msgDict['Encrypt'])
text = text[16:-(text[-1] if isinstance(text[-1], int) else ord(text[-1]))]
xmlLen = struct.unpack('>I', text[:4])[0]
xmlContent = text[4:xmlLen + 4].decode('utf8')
fromAppid = text[xmlLen + 4:].decode('utf8')
except:
logger.debug(traceback.format_exc())
return {}
# Check appId
if fromAppid not in (config.appId, config.copId):
logger.debug('A message from wrong appid is filtered when decrypt: %s' % fromAppid)
return {}
if 'echostr' in msgDict:
return {'echostr': xmlContent}
else:
return deconstruct_msg(xmlContent)
def decrypt_msg(timestamp, nonce, signature, config, msgDict):
''' decrypt msg from wechat
* use AES_CBC decryption
* return a dict contains encrypted information
* pass {'echostr': ECHOSTR} into msgDict to decrypt Cop mp oauth
'''
if 'echostr' in msgDict:
msgDict['Encrypt'] = msgDict['echostr']
elif not msgDict.get('MsgType') == ENCRYPT:
return msgDict
text = aes_decode(config._encodingAesKey, msgDict['Encrypt'])
text = text[16:-(text[-1] if isinstance(text[-1], int) else ord(text[-1]))]
xmlLen = struct.unpack('>I', text[:4])[0]
xmlContent = text[4:xmlLen + 4].decode('utf8')
fromAppid = text[xmlLen + 4:].decode('utf8')
if fromAppid != config.appId: return {}
# Check appId
if 'echostr' in msgDict:
return {'echostr': xmlContent}
else:
return deconstruct_msg(xmlContent)
def sync_post_fn(handler):
if core.filterRequest and not core.filter_request(handler.request):
logger.debug('A request from unknown ip is filtered')
return None, None
else:
msgDict = deconstruct_msg(handler.request.body)
isActualEncrypt = 'Encrypt' in msgDict
tns = get_tns(core, handler)
msgDict = verify_message(core, handler, tns, msgDict)
if not msgDict:
logger.debug('Ignore a request because verify failed')
else:
reply_fn = get_reply_fn(core, msgDict['MsgType'])
if reply_fn is None: return None
try:
reply = reply_fn(copy.deepcopy(msgDict))
except Exception as e:
logger.warning(traceback.format_exc())
else: # if nothing goes wrong
if reply:
return verify_reply(core, tns, reply, msgDict,
isActualEncrypt)
return None, None
def coroutine_post_fn(handler):
if core.filterRequest and not core.filter_request(handler.request):
logger.debug('A request from unknown ip is filtered')
else:
msgDict = deconstruct_msg(handler.request.body)
tns = get_tns(core, handler)
isActualEncrypt = 'Encrypt' in msgDict
msgDict = verify_message(core, handler, tns, msgDict)
if not msgDict:
logger.debug('Ignore a request because verify failed')
else:
reply_fn = get_reply_fn(core, msgDict['MsgType'])
if reply_fn is None:
raise gen.Return((None, None))
try:
reply = yield reply_fn(copy.deepcopy(msgDict))
except Exception as e:
logger.warning(traceback.format_exc())
else: # if nothing goes wrong
if reply:
r = yield verify_reply(core, tns, reply, msgDict, isActualEncrypt)
raise gen.Return(r)
raise gen.Return((None, None))
def coroutine_post_fn(handler):
if core.filterRequest and not core.filter_request(handler.request):
logger.debug('A request from unknown ip is filtered')
else:
msgDict = deconstruct_msg(
handler.request.body.decode('utf8', 'replace'))
# please warn me if decode with replace will cause exception
isActualEncrypt = 'Encrypt' in msgDict
msgDict = verify_message(core, handler, msgDict)
if not msgDict:
logger.debug('Ignore a request because verify failed')
else:
reply_fn = get_reply_fn(core, msgDict['MsgType'])
if reply_fn is None: raise gen.Return((None, None))
try:
reply = yield reply_fn(copy.deepcopy(msgDict))
except Exception as e:
logger.debug(traceback.format_exc())
else: # if nothing goes wrong
if reply:
raise gen.Return(
verify_reply(core, reply, msgDict,
isActualEncrypt))
raise gen.Return((None, None))
