From 5035535ac040a87022123f4909dd984e2c78918c Mon Sep 17 00:00:00 2001 From: yumoqing Date: Tue, 3 Mar 2026 13:43:18 +0800 Subject: [PATCH] bugfix --- woa/init.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/woa/init.py b/woa/init.py index 1d444b9..da8988a 100644 --- a/woa/init.py +++ b/woa/init.py @@ -43,13 +43,20 @@ class WOAHandler: debug(f'{self.app_id=}::{self.token=}::{encoding_aes_key=}::{len(encoding_aes_key)=}') self.media_manager = WeChatMediaManager(self.app_id, self.secret) + def _signature(self, timestamp: str, nonce: str, encrypt:str=None) -> str: + lst = [self.token, timestamp, nonce] + if encrypt: + lst.append(encrypt) + check_list = sorted(lst) + check_str = "".join(check_list) + hash_code = hashlib.sha1(check_str.encode('utf-8')).hexdigest() + return hash_code + def _check_signature(self, signature: str, timestamp: str, nonce: str) -> bool: """验证签名""" if not signature: return False - check_list = sorted([self.token, timestamp, nonce]) - check_str = "".join(check_list) - hash_code = hashlib.sha1(check_str.encode('utf-8')).hexdigest() + hash_code = self._signature(timestamp, nonce) return hash_code == signature def _decrypt_msg(self, encrypt_msg: str) -> str: @@ -252,8 +259,9 @@ class WOAHandler: exception(f'{e}') # 构造加密后的返回 XML 包 + sign = self._signature(timestamp, nonce, encrypt=encrypted_xml_str) final_xml = f""" - {timestamp}""" + {timestamp}""" debug(f'加密后的返回:{final_xml}') return web.Response(text=final_xml, content_type='application/xml') elif reply_xml: