add 企业微信通知测试接口

2023-04-05 16:41:08 +08:00 · 2023-04-05 16:41:08 +08:00 · f494a89f5c
commit f494a89f5c
parent b3c1559ea6
4 changed files with 92 additions and 0 deletions
--- a/package.json
+++ b/package.json
@ -17,6 +17,7 @@
    "@fastify/formbody": "^7.4.0",
    "@fastify/helmet": "^10.1.0",
    "@fastify/jwt": "^6.7.0",
+    "@wecom/crypto": "^1.0.1",
    "dotenv": "^16.0.3",
    "fastify": "^4.14.1",
    "fastify-plugin": "^4.5.0",
--- a/src/controllers/workflow.controller.ts
+++ b/src/controllers/workflow.controller.ts
@ -0,0 +1,27 @@
+import BaseController from 'common/base.controller'
+import { ZError } from 'common/ZError'
+import { role, router } from 'decorators/router'
+import { aesDecrypt, base64Decode, sha1 } from 'utils/security.util'
+import { getSignature, decrypt } from '@wecom/crypto'
+
+let signData = function (timestamp, nonce, echostr, token) {
+  let hashStr = [timestamp, nonce, echostr, token].sort().join('')
+  return sha1(hashStr)
+}
+
+const TOKEN = 'qDd25AkMStj6mI9ViNUQt'
+const AES_KEY = 'rk7nvsNobBx3aG9jMSTlKc1gMj4GIPDrWs4ZMdlgP4V'
+
+class WorkFlowController extends BaseController {
+  @role('anon')
+  @router('get /workflow/notify')
+  async sendOneMail(req, res) {
+    let { msg_signature, timestamp, nonce, echostr } = req.params
+    const signature = getSignature(TOKEN, timestamp, nonce, echostr)
+    if (msg_signature !== signature) {
+      throw new ZError(10, 'params mismatch')
+    }
+    const { message, id } = decrypt(AES_KEY, echostr)
+    res.send(message)
+  }
+}
--- a/src/utils/security.util.ts
+++ b/src/utils/security.util.ts
@ -0,0 +1,59 @@
+import crypto from 'crypto'
+const ENCODER = 'base64'
+const REG_KEY = /^[0-9a-fA-F]{63,64}$/
+
+export function isEncrypt(msg: string) {
+  return !REG_KEY.test(msg)
+}
+
+export function aesEncrypt(text: string, password: string, iv: string) {
+  var md5 = crypto.createHash('md5')
+  const key = md5.update(password).digest('hex')
+  let cipher = crypto.createCipheriv('aes-256-cbc', key, iv)
+  let encrypted = cipher.update(text, 'utf8', ENCODER)
+  encrypted += cipher.final(ENCODER)
+  return encrypted
+}
+
+export function aesDecrypt(encryptedText: string, password: string, iv: string) {
+  var md5 = crypto.createHash('md5')
+  const key = md5.update(password).digest('hex')
+  let decipher = crypto.createDecipheriv('aes-256-cbc', key, iv)
+  let decrypted = decipher.update(encryptedText, ENCODER, 'utf8')
+  return decrypted + decipher.final('utf8')
+}
+
+export function sha512(password: string, salt: string) {
+  let hash = crypto.createHmac('sha512', salt)
+  hash.update(password)
+  let value = hash.digest('hex')
+  return {
+    salt: salt,
+    passwordHash: value,
+  }
+}
+
+export function genRandomString(length: number) {
+  return crypto
+    .randomBytes(Math.ceil(length / 2))
+    .toString('hex')
+    .slice(0, length)
+}
+
+export function uuid() {
+  return crypto.randomUUID()
+}
+
+export function md5(content: string) {
+  var md5 = crypto.createHash('md5')
+  return md5.update(content).digest('hex')
+}
+
+export function sha1(content: string) {
+  var md5 = crypto.createHash('sha1')
+  return md5.update(content).digest('hex')
+}
+
+export function base64Decode(str: string) {
+  return Buffer.from(str, ENCODER).toString()
+}
--- a/yarn.lock
+++ b/yarn.lock
@ -301,6 +301,11 @@
    "@typescript-eslint/types" "5.55.0"
    eslint-visitor-keys "^3.3.0"

+"@wecom/crypto@^1.0.1":
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/@wecom/crypto/-/crypto-1.0.1.tgz#6918ed9829043b06075eaa8cff84de2475476a58"
+  integrity sha512-K4Ilkl1l64ceJDbj/kflx8ND/J88pcl8tKx4Ivp7IiCrshRJU+Uo5uWCjAa+PjUiLIdcQSZ4m4d0t1npMPCX5A==
+
 abort-controller@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/abort-controller/-/abort-controller-3.0.0.tgz#eaf54d53b62bae4138e809ca225c8439a6efb392"