def parse_payment_result(self, xml): """解析微信支付结果通知""" try: data = xmltodict.parse(xml) except (xmltodict.ParsingInterrupted, ExpatError): raise InvalidSignatureException() if not data or "xml" not in data: raise InvalidSignatureException() data = data["xml"] sign = data.pop("sign", None) real_sign = calculate_signature( data, self.api_key if not self.sandbox else self.sandbox_api_key) if sign != real_sign: raise InvalidSignatureException() for key in ( "total_fee", "settlement_total_fee", "cash_fee", "coupon_fee", "coupon_count", ): if key in data: data[key] = int(data[key]) data["sign"] = sign return data
def parse_refund_result(wechat_pay_api_key, xml): """ 解析退款结果 https://github.com/jxtech/wechatpy/issues/266 """ try: data = xmltodict.parse(xml) except (xmltodict.ParsingInterrupted, ExpatError): raise InvalidSignatureException() if not data or 'xml' not in data: raise InvalidSignatureException() data = data['xml'] req_info = base64.decodestring(data['req_info'].encode()) BS = AES.block_size pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS) unpad = lambda s: s[0:-ord(s[-1])] hash = hashlib.md5() hash.update(wechat_pay_api_key.encode()) key = hash.hexdigest().encode() cipher = AES.new(key, AES.MODE_ECB) decrypt_bytes = cipher.decrypt(req_info) decrypt_str = decrypt_bytes.decode() decrypt_str = unpad(decrypt_str) info = xmltodict.parse(decrypt_str)['root'] data = dict(data, **info) data.pop('req_info') return data
def parse_payment_result(self, xml): """解析微信支付结果通知""" try: data = xmltodict.parse(xml) except (xmltodict.ParsingInterrupted, ExpatError): raise InvalidSignatureException() if not data or 'xml' not in data: raise InvalidSignatureException() data = data['xml'] sign = data.pop('sign', None) real_sign = calculate_signature(data, self.api_key) if sign != real_sign: raise InvalidSignatureException() data['sign'] = sign return data
def validate_message(self, msg, sign): """ :raises: wechatpy.exceptions.InvalidSignatureException """ str_to_sign = (msg + self.session_key).encode() server_sign = hashlib.sha1(str_to_sign).hexdigest() if server_sign != sign: raise InvalidSignatureException() return json.loads(msg)
def _check_signature(self, signature, timestamp, nonce, echo_str, crypto_class=None): _signature = _get_signature(self.token, timestamp, nonce, echo_str) if _signature != signature: raise InvalidSignatureException() pc = crypto_class(self.key) return pc.decrypt(echo_str, self._id)
def parse_payment_result(self, xml): """解析微信支付结果通知""" try: data = xmltodict.parse(xml) except (xmltodict.ParsingInterrupted, ExpatError): raise InvalidSignatureException() if not data or 'xml' not in data: raise InvalidSignatureException() data = data['xml'] sign = data.pop('sign', None) real_sign = calculate_signature(data, self.api_key) if sign != real_sign: raise InvalidSignatureException() for key in ('total_fee', 'settlement_total_fee', 'cash_fee', 'coupon_fee', 'coupon_count'): if key in data: data[key] = int(data[key]) data['sign'] = sign return data
def check_signature(token, signature, timestamp, nonce): """Check WeChat callback signature, raises InvalidSignatureException if check failed. :param token: WeChat callback token :param signature: WeChat callback signature sent by WeChat server :param timestamp: WeChat callback timestamp sent by WeChat server :param nonce: WeChat callback nonce sent by WeChat sever """ signer = WeChatSigner() signer.add_data(token, timestamp, nonce) if signer.signature != signature: from wechatpy.exceptions import InvalidSignatureException raise InvalidSignatureException()
def _decrypt_message(self, msg, signature, timestamp, nonce, crypto_class=None): if not isinstance(msg, dict): import xmltodict msg = xmltodict.parse(to_text(msg))['xml'] encrypt = msg['Encrypt'] _signature = _get_signature(self.token, timestamp, nonce, encrypt) if _signature != signature: raise InvalidSignatureException() pc = crypto_class(self.key) return pc.decrypt(encrypt, self._id)
def check_wxa_signature(session_key, raw_data, client_signature): """校验前端传来的rawData签名正确 详情请参考 https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/signature.html # noqa :param session_key: code换取的session_key :param raw_data: 前端拿到的rawData :param client_signature: 前端拿到的signature :raises: InvalidSignatureException :return: 返回数据dict """ str2sign = (raw_data + session_key).encode("utf-8") signature = hashlib.sha1(str2sign).hexdigest() if signature != client_signature: from wechatpy.exceptions import InvalidSignatureException raise InvalidSignatureException()