From fbd735311c87cc171980bda9902820d39d29b8c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=82=B9=E5=AE=97=E6=A5=A0?= <zouzongnan1995@icloud.com>
Date: Mon, 24 Oct 2022 20:57:13 +0800
Subject: [PATCH] 1

---
 controllers/tiktok_store.go | 53 ++++++++++++++++++++++++++++++-------
 globals/globals.go          |  2 ++
 2 files changed, 45 insertions(+), 10 deletions(-)

diff --git a/controllers/tiktok_store.go b/controllers/tiktok_store.go
index b2517fdf9..df4a3c287 100644
--- a/controllers/tiktok_store.go
+++ b/controllers/tiktok_store.go
@@ -1,7 +1,11 @@
 package controllers
 
 import (
+	"crypto/aes"
+	"crypto/cipher"
+	"encoding/base64"
 	"encoding/json"
+	"errors"
 	"git.rosy.net.cn/baseapi/platformapi/tiktok_shop/tiktok_api"
 	"git.rosy.net.cn/baseapi/utils"
 	"git.rosy.net.cn/jx-callback/business/jxstore/common"
@@ -11,6 +15,7 @@ import (
 	"github.com/astaxie/beego/server/web"
 	"io/ioutil"
 	"net/http"
+	"strings"
 	"time"
 )
 
@@ -18,6 +23,39 @@ type TiktokShopController struct {
 	web.Controller
 }
 
+func AesDecrypt(msgSecret, appSecret string) (string, error) {
+	var appSecretArr = []byte(strings.ReplaceAll(appSecret, "-", ""))
+	bytesPass, err := base64.StdEncoding.DecodeString(msgSecret)
+	if err != nil {
+		return "", errors.New("解密失败！！！")
+	}
+	sourceMsg, err := DoAesDecrypt(bytesPass, appSecretArr)
+	if err != nil {
+		return "", errors.New("解密失败！！！")
+	}
+	return string(sourceMsg), nil
+}
+
+func DoAesDecrypt(encryptedMsg, key []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	//AES分组长度为128位，所以blockSize=16，单位字节
+	blockSize := block.BlockSize()
+	blockMode := cipher.NewCBCDecrypter(block, key[:blockSize]) //初始向量的长度必须等于块block的长度16字节
+	origData := make([]byte, len(encryptedMsg))
+	blockMode.CryptBlocks(origData, encryptedMsg)
+	origData = PKCS5UnPadding(origData)
+	return origData, nil
+}
+
+func PKCS5UnPadding(origData []byte) []byte {
+	length := len(origData)
+	unfilledNum := int(origData[length-1])
+	return origData[:(length - unfilledNum)]
+}
+
 func (c *TiktokShopController) TokenMsg() {
 	req := c.Ctx.Request
 	var code []string
@@ -25,34 +63,28 @@ func (c *TiktokShopController) TokenMsg() {
 	case http.MethodPost:
 		data, err := ioutil.ReadAll(req.Body)
 		if err != nil {
-			globals.SugarLogger.Debugf("MethodPost=====err%s", utils.Format4Output(err, false))
 			c.Data["json"] = tiktok_api.CallbackResponse{Code: tiktok_api.CallbackFailCode, Msg: tiktok_api.CallbackFail}
 			c.ServeJSON()
 			return
 		}
 
-		globals.SugarLogger.Debugf("data=====err%s", string(data))
-		if err := json.Unmarshal(data, &code); err != nil {
-			globals.SugarLogger.Debugf("Unmarshal=====err%s", utils.Format4Output(err, false))
+		codeToken, err := AesDecrypt(string(data), globals.TiktokShopAppSecret)
+		if err != nil {
 			c.Data["json"] = tiktok_api.CallbackResponse{Code: tiktok_api.CallbackFailCode, Msg: tiktok_api.CallbackFail}
 			c.ServeJSON()
-			return
 		}
+		code = append(code, codeToken)
 	case http.MethodGet:
 		codeValues := req.URL.Query()
-		globals.SugarLogger.Debugf("codeValues=====%s", utils.Format4Output(codeValues, false))
 		codeList := codeValues.Get("code")
-		globals.SugarLogger.Debugf("codeList=====%s", utils.Format4Output(codeList, false))
-		globals.SugarLogger.Debugf("codeValues.Get(code)===%s", utils.Format4Output(codeValues.Get("Code"), false))
 		if err := json.Unmarshal([]byte(string(codeList)), &code); err != nil {
-			globals.SugarLogger.Debugf("codeList=====err%s", utils.Format4Output(err, false))
 			c.Data["json"] = tiktok_api.CallbackResponse{Code: tiktok_api.CallbackFailCode, Msg: tiktok_api.CallbackFail}
 			c.ServeJSON()
 			return
 		}
 	}
-	globals.SugarLogger.Debugf("code ==================%s", utils.Format4Output(code, false))
 
+	globals.SugarLogger.Debugf("code ==================%s", utils.Format4Output(code, false))
 	if len(code) == 0 {
 		c.Data["json"] = tiktok_api.CallbackResponse{Code: tiktok_api.CallbackFailCode, Msg: tiktok_api.CallbackFail}
 		c.ServeJSON()
@@ -66,6 +98,7 @@ func (c *TiktokShopController) TokenMsg() {
 			c.ServeJSON()
 			return
 		}
+
 		globals.SugarLogger.Debugf("result=====%s", utils.Format4Output(result, false))
 
 		result.ExpiresIn += time.Now().Unix()
diff --git a/globals/globals.go b/globals/globals.go
index 158606505..3131c4774 100644
--- a/globals/globals.go
+++ b/globals/globals.go
@@ -82,6 +82,7 @@ var (
 	IsAddEvent    bool
 
 	OutputDebugMsgLevel int
+	TiktokShopAppSecret string
 )
 
 func init() {
@@ -164,6 +165,7 @@ func Init() {
 	JdLoginName = web.AppConfig.DefaultString("jdLoginName", "")
 	IsAddEvent = web.AppConfig.DefaultBool("addEvent", false)
 	TictokpayNotifyURL = web.AppConfig.DefaultString("tiktokNotifyUrl", "")
+	TiktokShopAppSecret = web.AppConfig.DefaultString("tiktokShopAppSecret", "")
 
 	IsStoreSkuAct = !IsProductEnv()