search

w7corp / easywechat

📦 一个 PHP 微信 SDK
https://easywechat.com
MIT License
10.26k stars 2.41k forks source link

支付回调notify报错,日志内容如下 #1909

Closed jayleco closed 4 years ago

jayleco commented 4 years ago

我用的环境

问题及现象

使用easywechat支付什么的都很正常,但是我今天看了下日志发现有很多easywechat的报错,日志内容如下:

[2020-07-31 20:44:37] local.ERROR: Invalid request XML. {"exception":"[object] (EasyWeChat\\Kernel\\Exceptions\\Exception(code: 400): Invalid request XML. at /www/wwwroot/wx.hahaha.vip/vendor/overtrue/wechat/src/Payment/Notify/Handler.php:143)
[stacktrace]
#0 /www/wwwroot/wx.hahaha.vip/vendor/overtrue/wechat/src/Payment/Notify/Paid.php(28): EasyWeChat\\Payment\\Notify\\Handler->getMessage()
#1 /www/wwwroot/wx.hahaha.vip/vendor/overtrue/wechat/src/Payment/Application.php(119): EasyWeChat\\Payment\\Notify\\Paid->handle(Object(Closure))
#2 /www/wwwroot/wx.hahaha.vip/app/Http/Controllers/VipController.php(347): EasyWeChat\\Payment\\Application->handlePaidNotify(Object(Closure))
#3 [internal function]: App\\Http\\Controllers\\VipController->notify(Object(Illuminate\\Http\\Request))
#4 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array(Array, Array)
#5 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction('notify', Array)
#6 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Route.php(239): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(App\\Http\\Controllers\\VipController), 'notify')
#7 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Route.php(196): Illuminate\\Routing\\Route->runController()
#8 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Router.php(685): Illuminate\\Routing\\Route->run()
#9 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#10 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#11 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#12 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#13 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure), 60, '1')
#14 /www/wwwroot/wx.hahaha.vip/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php(33): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#15 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful->Laravel\\Sanctum\\Http\\Middleware\\{closure}(Object(Illuminate\\Http\\Request))
#16 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#17 /www/wwwroot/wx.hahaha.vip/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php(34): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#18 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#19 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#20 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#21 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#22 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#23 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#24 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#25 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#26 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#27 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#28 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#29 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#30 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#31 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#32 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#33 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#34 /www/wwwroot/wx.hahaha.vip/vendor/fruitcake/laravel-cors/src/HandleCors.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#35 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#36 /www/wwwroot/wx.hahaha.vip/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#37 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#38 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#39 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#40 /www/wwwroot/wx.hahaha.vip/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#41 /www/wwwroot/wx.hahaha.vip/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#42 {main}
"}
jayleco commented 4 years ago

该错误日志时间对应的的nginx日志信息

[31/Jul/2020:20:14:17 +0800] "GET http://wx.hahaha.vip/api/user/myorder?paid_at%3D1%26page%3D1 HTTP/1.1" 200 94 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0"
 [31/Jul/2020:20:44:37 +0800] "GET http://wx.hahaha.vip/api/wechat-pay/notify/buy-vip HTTP/1.1" 500 593659 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0"
[31/Jul/2020:20:58:23 +0800] "GET /home?pid=124025598570 HTTP/1.1" 302 1398 "-" "Mozilla/5.0 (Linux; Android 9; ANE-AL00 Build/HUAWEIANE-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/77.0.3865.120 MQQBrowser/6.2 TBS/045227 Mobile Safari/537.36 MMWEBID/1988 MicroMessenger/7.0.17.1720(0x27001137) Process/tools WeChat/arm64 NetType/WIFI Language/zh_CN ABI/arm64"
overtrue commented 4 years ago

一般来讲,支付回调接口是公开的,也就可能存在黑客故意模拟微信推送请求来尝试攻击,所以你可以在逻辑里加日志,一旦有报错,记录请求的 XML 用于验证。

vic091 commented 3 years ago

启动swoole 后,

Invalid request XML. 这个错误 ` try {

        $message = XML::parse(strval($this->app['request']->getContent()));
    } catch (\Throwable $e) {
        throw new Exception('Invalid request XML: '.$e->getMessage(), 400);
    }

 if (!is_array($message) || empty($message)) {
        throw new Exception('Invalid request XML.', 400);
    }

`

这个地方抛异常,解析不了

laravel 中修改后,就可以了 ` $message = XML::parse(strval(request()->getContent()));

$message = XML::parse(strval($this->app['request']->getContent()));

`

overtrue commented 3 years ago

非 fpm 模式请自行解决哈

vic091 notifications@github.com于2020年10月23日 周五上午7:27写道:

启动swoole 后,` try {

    $message = XML::parse(strval($this->app['request']->getContent()));

} catch (\Throwable $e) {

    throw new Exception('Invalid request XML: '.$e->getMessage(), 400);

}`

这个地方抛异常,解析不了

— You are receiving this because you modified the open/close state.

Reply to this email directly, view it on GitHub https://github.com/overtrue/wechat/issues/1909#issuecomment-714816187, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALHOYBKMVDHF667GTS4UP3SMC5VRANCNFSM4PRCWEOQ .

panjm commented 1 year ago

$request = ApplicationContext::getContainer()->get(RequestInterface::class); $message = XML::parse(strval($request->getBody()));