From ab1dc2056487b4505e7ef2378f750a0b36c51427 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B9=E5=AE=97=E6=A5=A0?= Date: Wed, 28 Jun 2023 18:03:14 +0800 Subject: [PATCH] 1 --- .../partner/purchase/tao_vegetable/order.go | 29 +++++++-------- controllers/taobao_vegetable.go | 36 ++++++++++++++++--- 2 files changed, 47 insertions(+), 18 deletions(-) diff --git a/business/partner/purchase/tao_vegetable/order.go b/business/partner/purchase/tao_vegetable/order.go index c33167d42..841b150a4 100644 --- a/business/partner/purchase/tao_vegetable/order.go +++ b/business/partner/purchase/tao_vegetable/order.go @@ -305,7 +305,7 @@ func (c *PurchaseHandler) onOrderMsg(orderStatus, orderId string, orderCallback msg := orderCallback.(*tao_vegetable.CallbackOrder) if orderStatus == tao_vegetable.OrderStatusOnSaleCancel { onSale := orderCallback.(*tao_vegetable.OnSaleCancel) - msg.PublicModel = onSale.PublicModel + //msg.PublicModel = onSale.PublicModel msg.MerchantCode = onSale.MerchantCode msg.StoreId = onSale.StoreId msg.BizOrderId = onSale.BizOrderId @@ -386,7 +386,8 @@ func (c *PurchaseHandler) callbackOrderMsg2Status(msg *tao_vegetable.CallbackOrd RefVendorOrderID: orderId, RefVendorID: model.VendorIDTaoVegetable, VendorStatus: msg.OrderStatus, - StatusTime: utils.Str2TimeWithDefault(msg.Timestamp, time.Now()), + //StatusTime: utils.Str2TimeWithDefault(msg.Timestamp, time.Now()), + StatusTime: time.Now(), } switch msg.OrderStatus { @@ -420,18 +421,18 @@ func (c *PurchaseHandler) callbackOrderMsg2Status(msg *tao_vegetable.CallbackOrd func (c *PurchaseHandler) postFakeMsg(vendorOrderID, cmd, vendorStatus string) { msg := &tao_vegetable.CallbackOrder{ - PublicModel: tao_vegetable.PublicModel{ - Method: "", - AppKey: "", - Session: "", - Timestamp: utils.Time2Str(time.Now()), - V: "", - SignMethod: "", - Sign: "", - Format: "", - Simplify: false, - CustomerId: false, - }, + //PublicModel: tao_vegetable.PublicModel{ + // Method: "", + // AppKey: "", + // Session: "", + // Timestamp: utils.Time2Str(time.Now()), + // V: "", + // SignMethod: "", + // Sign: "", + // Format: "", + // Simplify: false, + // CustomerId: false, + //}, MerchantCode: "", StoreId: "", BizOrderId: utils.Str2Int64(vendorOrderID), diff --git a/controllers/taobao_vegetable.go b/controllers/taobao_vegetable.go index 9dd3a6530..58ef695b0 100644 --- a/controllers/taobao_vegetable.go +++ b/controllers/taobao_vegetable.go @@ -1,6 +1,8 @@ package controllers import ( + "crypto/md5" + "fmt" "git.rosy.net.cn/baseapi/platformapi/tao_vegetable" "git.rosy.net.cn/baseapi/platformapi/tiktok_shop/tiktok_api" "git.rosy.net.cn/baseapi/utils" @@ -12,6 +14,9 @@ import ( "github.com/astaxie/beego/server/web" "io/ioutil" "net/http" + "net/url" + "sort" + "strings" ) type TaoBaoVegetableController struct { @@ -69,13 +74,36 @@ func (c *TaoBaoVegetableController) GetCode() { return } +func Sign(param url.Values, data, secret string) string { + var publicParam = make([]string, 0, 0) + for k, v := range param { + if k == "sign" { + continue + } + publicParam = append(publicParam, fmt.Sprintf("%s%s", k, v[0])) + } + + sort.Strings(publicParam) + cc := secret + strings.Join(publicParam, "") + strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(data, "\n", ""), "\t", ""), " ", "") + secret + return fmt.Sprintf("%X", md5.Sum([]byte(cc))) +} + // OrderStatus 订单状态变化 [post] func (c *TaoBaoVegetableController) OrderStatus() { - c.Data["json"] = tao_vegetable.CallBackResultInfo(nil) - c.ServeJSON() - return - + urlParam := c.Ctx.Request.URL.RawQuery + values, err := url.ParseQuery(urlParam) order, err := api.TaoVegetableApi.ReaderOrderInfo(c.Ctx.Request) + sign := Sign(values, utils.Format4Output(order, false), api.TaoVegetableApi.GetAppSecret()) + if sign != values.Get("sign") { // 49C8CEEDC523CA387A677D08C8861ABC + c.Data["json"] = tao_vegetable.CallBackResultSign(fmt.Errorf("非法签名")) + c.ServeJSON() + return + } else { + c.Data["json"] = tao_vegetable.CallBackResultInfo(nil) + c.ServeJSON() + return + } + globals.SugarLogger.Debugf("OrderStatus := %s", utils.Format4Output(order, false)) if err != nil { globals.SugarLogger.Debugf("订单状态变化:%s", err.Error())