diff --git a/common.props b/common.props index abe0cde..443e5d5 100644 --- a/common.props +++ b/common.props @@ -1,7 +1,7 @@ latest - 3.0.0-preview.2 + 3.0.0-preview.3 $(NoWarn);CS1591 true EasyAbp Team diff --git a/src/Official/EasyAbp.Abp.WeChat.Official.HttpApi/Controllers/WeChatController.cs b/src/Official/EasyAbp.Abp.WeChat.Official.HttpApi/Controllers/WeChatController.cs index 0a6fb7b..04cff3c 100644 --- a/src/Official/EasyAbp.Abp.WeChat.Official.HttpApi/Controllers/WeChatController.cs +++ b/src/Official/EasyAbp.Abp.WeChat.Official.HttpApi/Controllers/WeChatController.cs @@ -183,13 +183,21 @@ public virtual async Task GetJsSdkConfigParametersAsync( /// /// 微信应用事件通知接口,开发人员需要实现 处理器来处理回调请求。 /// + [HttpGet] [HttpPost] [Route("notify")] public virtual async Task NotifyAsync([CanBeNull] string tenantId, [CanBeNull] string appId) { using var changeTenant = CurrentTenant.Change(tenantId.IsNullOrWhiteSpace() ? null : Guid.Parse(tenantId!)); - var result = await _eventRequestHandlingService.NotifyAsync(await CreateRequestModelAsync(), appId); + var model = await CreateRequestModelAsync(); + + if (model is null) + { + return BadRequest(); + } + + var result = await _eventRequestHandlingService.NotifyAsync(model, appId); if (!result.Success) { @@ -219,6 +227,7 @@ public virtual async Task NotifyAsync([CanBeNull] string tenantId, /// 本方法是为了避免多 Route 导致 ABP ApiDescription 报 Warning。 /// 见 /// + [HttpGet] [HttpPost] [Route("notify/tenant-id/{tenantId}")] public virtual Task Notify2Async([CanBeNull] string tenantId, [NotNull] string appId) @@ -230,6 +239,7 @@ public virtual Task Notify2Async([CanBeNull] string tenantId, [Not /// 本方法是为了避免多 Route 导致 ABP ApiDescription 报 Warning。 /// 见 /// + [HttpGet] [HttpPost] [Route("notify/app-id/{appId}")] public virtual Task Notify3Async([CanBeNull] string tenantId, [NotNull] string appId) @@ -241,6 +251,7 @@ public virtual Task Notify3Async([CanBeNull] string tenantId, [Not /// 本方法是为了避免多 Route 导致 ABP ApiDescription 报 Warning。 /// 见 /// + [HttpGet] [HttpPost] [Route("notify/tenant-id/{tenantId}/app-id/{appId}")] public virtual Task Notify4Async([CanBeNull] string tenantId, [NotNull] string appId) @@ -248,8 +259,16 @@ public virtual Task Notify4Async([CanBeNull] string tenantId, [Not return NotifyAsync(tenantId, appId); } + [ItemCanBeNull] protected virtual async Task CreateRequestModelAsync() { + var echostr = Request.Query["echostr"].FirstOrDefault(); + + if (!echostr.IsNullOrWhiteSpace() && Request.Method != "GET") + { + return null; + } + Request.EnableBuffering(); using var streamReader = new StreamReader(Request.Body); @@ -258,6 +277,11 @@ protected virtual async Task CreateRequestModel Request.Body.Position = 0; + if (!postData.IsNullOrWhiteSpace() && Request.Method != "POST") + { + return null; + } + return new WeChatOfficialEventRequestModel { PostData = postData, @@ -265,7 +289,7 @@ protected virtual async Task CreateRequestModel Request.Query["signature"].FirstOrDefault(), Timestamp = Request.Query["timestamp"].FirstOrDefault(), Nonce = Request.Query["nonce"].FirstOrDefault(), - EchoStr = Request.Query["echostr"].FirstOrDefault() + EchoStr = echostr }; } }