Closed yqsphp closed 10 months ago
方便看看怎么改么?然后帮忙提个 PR?
我再调用下载插件时多传入了一个参数,然后再verify_wechat_sign函数中验证这个参数是否存在,存在直接跳过 `
$plugin = Pay::wechat($this->config)->mergeCommonPlugins([DownloadBillPlugin::class]); //下载账单
$params = [
'download_url' => $url,
// 自定义的参数【下载账单响应取消验证签名】 ,修改函数verdor/yansongda/pay/src/Functions.php verify_wechat_sign
'download_verify' => false,
];
$bill = Pay::wechat()->pay($plugin, $params);
在verify_wechat_sign函数中加入判断
function verify_wechat_sign(MessageInterface $message, array $params): void
{
if ($message instanceof ServerRequestInterface && 'localhost' === $message->getUri()->getHost()) {
return;
}
//针对下载账单不验证响应
if(isset($params['download_verify'])){
return;
}
$wechatSerial = $message->getHeaderLine('Wechatpay-Serial');
$timestamp = $message->getHeaderLine('Wechatpay-Timestamp');
$random = $message->getHeaderLine('Wechatpay-Nonce');
$sign = $message->getHeaderLine('Wechatpay-Signature');
$body = (string) $message->getBody();
$content = $timestamp."\n".$random."\n".$body."\n";
$public = get_wechat_config($params)['wechat_public_cert_path'][$wechatSerial] ?? null;
if (empty($sign)) {
throw new InvalidResponseException(Exception::INVALID_RESPONSE_SIGN, '', ['headers' => $message->getHeaders(), 'body' => $body]);
}
$public = get_public_cert(
empty($public) ? reload_wechat_public_certs($params, $wechatSerial) : $public
);
$result = 1 === openssl_verify(
$content,
base64_decode($sign),
$public,
'sha256WithRSAEncryption'
);
if (!$result) {
throw new InvalidResponseException(Exception::INVALID_RESPONSE_SIGN, '', ['headers' => $message->getHeaders(), 'body' => $body]);
}
}
`
这只是我个人的,应该可以在初始化配置中加入参数来取消验证。
别 mergeCommonPlugins ,直接使用所有插件试试:
Pay::wechat()->pay([
PreparePlugin::class,
DownloadBillPlugin::class,
RadarSignPlugin::class,
ParserPlugin::class,
], $params);
包版本号
v3.*
问题描述
通过插件“GetTradeBillPlugin”获取到交易下载地址后,再次使用下载插件“DownloadBillPlugin”下载对账单,对账单已经响应成功,但是微信服务端返回没有“Wechatpay”等响应头,而执行Pay::wechat()->pay($plugin, $params);方法后逻辑会走Functions.php中的verify_wechat_sign函数验证,就会抛异常sign为空异常
你的代码
`
**以下是响应后打印数据**
`
Error details
以下是报错函数部分,(响应头中没有包含Wechatpay等信息)文件所在地址:pay/src/Function.php 函数:verify_wechat_sign `
`
SDK logs
nginx/apache logs