import base64 from rest_framework import serializers from libs.weworkapi.callback.WXBizMsgCrypt3 import WXBizMsgCrypt, Prpcrypt from utils.tools import sha1_encoder, get_attribute, camel_to_snake import xml.etree.cElementTree as ET class WechatPublicTokenSerializer(serializers.Serializer): msg_signature = serializers.CharField() echostr = serializers.CharField() timestamp = serializers.CharField() nonce = serializers.CharField() def validate(self, attrs): corp = self.context.get('corp') token = corp.token corpid = corp.corpid encoding_aes_key = corp.encodingaeskey msg_signature = attrs.get('msg_signature') echostr = attrs.get('echostr') timestamp = attrs.get('timestamp') nonce = attrs.get('nonce') # # 1)将token、timestamp、nonce, echostr四个参数进行字典序排序 # arr = [token, timestamp, nonce, echostr] # arr.sort() # # 2)将三个参数字符串拼接成一个字符串进行sha1加密 # data = "".join(arr) # # 3)开发者获得加密后的字符串可与 signature 对比,标识该请求来源于微信 # encode_str = sha1_encoder(data) wxcpt = WXBizMsgCrypt(token, encoding_aes_key, corpid) ret, echostr = wxcpt.VerifyURL(msg_signature, timestamp, nonce, echostr) if ret != 0: return {} attrs['echostr'] = echostr.decode() return attrs class WechatEncryptSerializer(serializers.Serializer): ToUserName = serializers.CharField(write_only=True) Encrypt = serializers.CharField(write_only=True) AgentID = serializers.CharField(write_only=True) def create(self, data): corp = self.context.get('corp') encoding_aes_key = corp.encodingaeskey encrypt = data.get('Encrypt') xmltext = self.decrypt(encrypt, encoding_aes_key) data = self.parse_xml(xmltext) print(data) return {} def decrypt(self, encrypt, encoding_key): try: key = base64.b64decode(encoding_key + "=") prpcrypt = Prpcrypt(key) corpid = '' res, decrypt = prpcrypt.decrypt(encrypt, corpid) if res != 0: return decrypt = decrypt.decode() return decrypt except Exception as e: print(e) def parse_xml(self, xmltext): xml_tree = ET.fromstring(xmltext) data = {} for child in xml_tree: tag = child.tag key = camel_to_snake(tag) data[key] = get_attribute(xml_tree.find(key), 'text') return data