def set_component_verify_ticket(self, appid=None, secret=None, token=None, encodingaeskey=None, post_data=None, encrypt=None, msg_signature=None, timestamp=None, nonce=None, storage=None): # Update Params self.update_params(appid=appid, secret=secret, token=token, encodingaeskey=encodingaeskey, storage=storage) decrypt_msg = msg.decrypt(self.appid, token=self.token, encodingaeskey=self.encodingaeskey, post_data=post_data, encrypt=encrypt, msg_signature=msg_signature, timestamp=timestamp, nonce=nonce) component_verify_ticket = xml_to_dict(decrypt_msg).get( 'ComponentVerifyTicket') return self.storage.set(self.component_verify_ticket_key, component_verify_ticket)
def we_callback(request): signature = request.GET.get('signature', '') timestamp = request.GET.get('timestamp', '') nonce = request.GET.get('nonce', '') echostr = request.GET.get('echostr', '') encrypt_type = request.GET.get('encrypt_type', '') msg_signature = request.GET.get('msg_signature', '') CFG = final_cfg(request, state='callback') # 校验签名 if not check_callback_signature(CFG['token'], signature, timestamp, nonce): return HttpResponse() if request.method == 'GET': return HttpResponse(echostr) xml = request.body resp_xml = '' if hasattr(settings, 'DJANGO_WE_MESSAGE_CALLBACK_FUNC') and hasattr( settings.DJANGO_WE_MESSAGE_CALLBACK_FUNC, '__call__'): decrypted = msg.decrypt(CFG['appID'], token=CFG['token'], encodingaeskey=CFG['encodingaeskey'], post_data=xml, encrypt=None, msg_signature=msg_signature, timestamp=timestamp, nonce=nonce, xmltodict=True) resp_xml = settings.DJANGO_WE_MESSAGE_CALLBACK_FUNC( request, xml_to_dict(xml), decrypted or {}) or '' if resp_xml: resp_xml = msg.encrypt(CFG['appID'], token=CFG['token'], encodingaeskey=CFG['encodingaeskey'], resp_xml=resp_xml, nonce=nonce, timestamp=None, random_str=None) return HttpResponse(resp_xml or 'success')
def we_component_auth(request): signature = request.GET.get('signature', '') timestamp = request.GET.get('timestamp', '') nonce = request.GET.get('nonce', '') encrypt_type = request.GET.get('encrypt_type', '') msg_signature = request.GET.get('msg_signature', '') CFG = final_cfg(request, state='component_auth') # 校验签名 if not check_callback_signature(CFG['token'], signature, timestamp, nonce): return HttpResponse() xml = request.body # 消息解密 decrypted = msg.decrypt(CFG['appID'], token=CFG['token'], encodingaeskey=CFG['encodingaeskey'], post_data=xml, encrypt=None, msg_signature=msg_signature, timestamp=timestamp, nonce=nonce, xmltodict=True) # 获取 InfoType InfoType = decrypted.get( 'InfoType', '' ) # unauthorized是取消授权,updateauthorized是更新授权,authorized是授权成功通知,component_verify_ticket # 当 InfoType 为 component_verify_ticket 时,进行保存 component_verify_ticket 的操作 if InfoType == 'component_verify_ticket': # Set Component Verify Ticket into Redis set_component_verify_ticket( appid=CFG['appID'], secret=CFG['appsecret'], token=CFG['token'], encodingaeskey=CFG['encodingaeskey'], post_data=xml, encrypt=None, msg_signature=msg_signature, timestamp=timestamp, nonce=nonce, storage=redis_storage(request), ) # Set Component Verify Ticket into MySQL component_verify_ticket_push_func(CFG['appID'], CFG['appsecret'], decrypted) resp_xml = '' if hasattr(settings, 'DJANGO_WE_COMPONENT_AUTH_FUNC') and hasattr( settings.DJANGO_WE_COMPONENT_AUTH_FUNC, '__call__'): resp_xml = settings.DJANGO_WE_COMPONENT_AUTH_FUNC( request, xml_to_dict(xml), decrypted or {}) or '' if resp_xml: resp_xml = msg.encrypt(CFG['appID'], token=CFG['token'], encodingaeskey=CFG['encodingaeskey'], resp_xml=resp_xml, nonce=nonce, timestamp=None, random_str=None) return HttpResponse(resp_xml or 'success')