From f0ecba5f9b52a548cdb3965153c61b45c37642fa Mon Sep 17 00:00:00 2001
From: jinyu <foxinmy@gmail.com>
Date: Sat, 8 Aug 2015 18:38:40 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E9=AA=8C=E8=AF=81=E7=AD=BE?=
 =?UTF-8?q?=E5=90=8D=E5=8F=82=E6=95=B0=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../foxinmy/weixin4j/qy/model/CorpInfo.java   | 140 ------------------
 .../weixin4j/socket/WeixinRequestHandler.java |  41 +++--
 .../foxinmy/weixin4j/util/MessageUtil.java    |   2 +-
 3 files changed, 29 insertions(+), 154 deletions(-)
 delete mode 100644 weixin4j-qy/src/main/java/com/foxinmy/weixin4j/qy/model/CorpInfo.java

diff --git a/weixin4j-qy/src/main/java/com/foxinmy/weixin4j/qy/model/CorpInfo.java b/weixin4j-qy/src/main/java/com/foxinmy/weixin4j/qy/model/CorpInfo.java
deleted file mode 100644
index 1a9ce0b7..00000000
--- a/weixin4j-qy/src/main/java/com/foxinmy/weixin4j/qy/model/CorpInfo.java
+++ /dev/null
@@ -1,140 +0,0 @@
-package com.foxinmy.weixin4j.qy.model;
-
-import java.io.Serializable;
-
-import com.alibaba.fastjson.annotation.JSONField;
-import com.foxinmy.weixin4j.qy.type.CorpType;
-
-/**
- * 授权方企业号信息
- * 
- * @className CorpInfo
- * @author jy
- * @date 2015年6月12日
- * @since JDK 1.7
- * @see
- */
-public class CorpInfo implements Serializable {
-
-	private static final long serialVersionUID = 1251033124778972419L;
-	/**
-	 * 授权方企业号id
-	 */
-	@JSONField(name = "corpid")
-	private String corpId;
-	/**
-	 * 授权方企业号名称
-	 */
-	@JSONField(name = "corp_name")
-	private String corpName;
-	/**
-	 * 企业方形头像
-	 */
-	@JSONField(name = "corp_square_logo_url")
-	private String squareLogoUrl;
-	/**
-	 * 企业圆形头像
-	 */
-	@JSONField(name = "corp_round_logo_url")
-	private String roundLogoUrl;
-	/**
-	 * 授权方企业号类型
-	 */
-	@JSONField(name = "corp_type")
-	private String corpType;
-	/**
-	 * 授权方企业号用户规模
-	 */
-	@JSONField(name = "corp_user_max")
-	private Integer userMax;
-	/**
-	 * 授权方企业号应用规模
-	 */
-	@JSONField(name = "corp_agent_max")
-	private Integer agentMax;
-	/**
-	 * 授权方企业号二维码
-	 */
-	@JSONField(name = "corp_wxqrcode")
-	private String wxQrCode;
-
-	public String getCorpId() {
-		return corpId;
-	}
-
-	public String getCorpType() {
-		return corpType;
-	}
-
-	@JSONField(serialize = false)
-	public CorpType getFormatCorpType() {
-		return corpType != null ? CorpType.valueOf(corpType) : null;
-	}
-
-	public String getCorpName() {
-		return corpName;
-	}
-
-	public String getSquareLogoUrl() {
-		return squareLogoUrl;
-	}
-
-	public String getRoundLogoUrl() {
-		return roundLogoUrl;
-	}
-
-	public Integer getUserMax() {
-		return userMax;
-	}
-
-	public Integer getAgentMax() {
-		return agentMax;
-	}
-
-	public String getWxQrCode() {
-		return wxQrCode;
-	}
-
-	// ---------- setter 应该全部去掉
-
-	public void setCorpId(String corpId) {
-		this.corpId = corpId;
-	}
-
-	public void setCorpName(String corpName) {
-		this.corpName = corpName;
-	}
-
-	public void setSquareLogoUrl(String squareLogoUrl) {
-		this.squareLogoUrl = squareLogoUrl;
-	}
-
-	public void setRoundLogoUrl(String roundLogoUrl) {
-		this.roundLogoUrl = roundLogoUrl;
-	}
-
-	public void setCorpType(String corpType) {
-		this.corpType = corpType;
-	}
-
-	public void setUserMax(Integer userMax) {
-		this.userMax = userMax;
-	}
-
-	public void setAgentMax(Integer agentMax) {
-		this.agentMax = agentMax;
-	}
-
-	public void setWxQrCode(String wxQrCode) {
-		this.wxQrCode = wxQrCode;
-	}
-
-	@Override
-	public String toString() {
-		return "CorpInfo [corpType=" + corpId + ", corpName=" + corpName
-				+ ", squareLogoUrl=" + squareLogoUrl + ", roundLogoUrl="
-				+ roundLogoUrl + ", corpType=" + corpType + ", userMax="
-				+ userMax + ", agentMax=" + agentMax + ", wxQrCode=" + wxQrCode
-				+ "]";
-	}
-}
diff --git a/weixin4j-server/src/main/java/com/foxinmy/weixin4j/socket/WeixinRequestHandler.java b/weixin4j-server/src/main/java/com/foxinmy/weixin4j/socket/WeixinRequestHandler.java
index 084c07db..5c0a39a0 100644
--- a/weixin4j-server/src/main/java/com/foxinmy/weixin4j/socket/WeixinRequestHandler.java
+++ b/weixin4j-server/src/main/java/com/foxinmy/weixin4j/socket/WeixinRequestHandler.java
@@ -56,18 +56,34 @@ public class WeixinRequestHandler extends
 	protected void channelRead0(ChannelHandlerContext ctx, WeixinRequest request)
 			throws WeixinException {
 		final AesToken aesToken = request.getAesToken();
-		if (aesToken == null) {
+		if (aesToken == null
+				|| (StringUtil.isBlank(request.getSignature()) && StringUtil
+						.isBlank(request.getMsgSignature()))) {
 			ctx.writeAndFlush(HttpUtil.createHttpResponse(BAD_REQUEST))
 					.addListener(ChannelFutureListener.CLOSE);
 			return;
 		}
+		/**
+		 * 公众平台:无论Get,Post都带signature参数,当开启aes模式时带msg_signature参数
+		 * 企业号:无论Get,Post都带msg_signature参数
+		 **/
 		if (request.getMethod().equals(HttpMethod.GET.name())) {
-			if (MessageUtil.signature(aesToken.getToken(),
-					request.getTimeStamp(), request.getNonce()).equals(
-					request.getSignature())) {
+			if (!StringUtil.isBlank(request.getSignature())
+					&& MessageUtil.signature(aesToken.getToken(),
+							request.getTimeStamp(), request.getNonce()).equals(
+							request.getSignature())) {
 				ctx.write(new SingleResponse(request.getEchoStr()));
 				return;
 			}
+			if (!StringUtil.isBlank(request.getMsgSignature())
+					&& MessageUtil.signature(aesToken.getToken(),
+							request.getTimeStamp(), request.getNonce(),
+							request.getEchoStr()).equals(
+							request.getMsgSignature())) {
+				ctx.write(new SingleResponse(MessageUtil.aesDecrypt(null,
+						aesToken.getAesKey(), request.getEchoStr())));
+				return;
+			}
 			ctx.writeAndFlush(HttpUtil.createHttpResponse(FORBIDDEN))
 					.addListener(ChannelFutureListener.CLOSE);
 			return;
@@ -80,15 +96,14 @@ public class WeixinRequestHandler extends
 						.addListener(ChannelFutureListener.CLOSE);
 				return;
 			}
-			if (request.getEncryptType() == EncryptType.AES) {
-				if (!MessageUtil.signature(aesToken.getToken(),
-						request.getTimeStamp(), request.getNonce(),
-						request.getEncryptContent()).equals(
-						request.getMsgSignature())) {
-					ctx.writeAndFlush(HttpUtil.createHttpResponse(FORBIDDEN))
-							.addListener(ChannelFutureListener.CLOSE);
-					return;
-				}
+			if (request.getEncryptType() == EncryptType.AES
+					&& !MessageUtil.signature(aesToken.getToken(),
+							request.getTimeStamp(), request.getNonce(),
+							request.getEncryptContent()).equals(
+							request.getMsgSignature())) {
+				ctx.writeAndFlush(HttpUtil.createHttpResponse(FORBIDDEN))
+						.addListener(ChannelFutureListener.CLOSE);
+				return;
 			}
 		} else {
 			ctx.writeAndFlush(HttpUtil.createHttpResponse(METHOD_NOT_ALLOWED))
diff --git a/weixin4j-server/src/main/java/com/foxinmy/weixin4j/util/MessageUtil.java b/weixin4j-server/src/main/java/com/foxinmy/weixin4j/util/MessageUtil.java
index 96cef7ea..53613d21 100644
--- a/weixin4j-server/src/main/java/com/foxinmy/weixin4j/util/MessageUtil.java
+++ b/weixin4j-server/src/main/java/com/foxinmy/weixin4j/util/MessageUtil.java
@@ -159,7 +159,7 @@ public final class MessageUtil {
 			throw new WeixinException("-40008", "xml内容不合法:" + e.getMessage());
 		}
 		// 校验appId是否一致
-		if (!fromAppId.trim().equals(appId)) {
+		if (appId != null && !fromAppId.trim().equals(appId)) {
 			throw new WeixinException("-40005", "校验AppID失败,expect " + appId
 					+ ",but actual is " + fromAppId);
 		}