diff --git a/idp/wechat.go b/idp/wechat.go index 7bbbd18d..9fef2c27 100644 --- a/idp/wechat.go +++ b/idp/wechat.go @@ -198,12 +198,22 @@ func (idp *WeChatIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (string, error) { accessTokenUrl := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s", clientId, clientSecret) request, err := http.NewRequest("GET", accessTokenUrl, nil) + if err != nil { + return "", err + } + client := new(http.Client) resp, err := client.Do(request) + if err != nil { + return "", err + } + defer resp.Body.Close() + respBytes, err := ioutil.ReadAll(resp.Body) if err != nil { return "", err } + var data struct { ExpireIn int `json:"expires_in"` AccessToken string `json:"access_token"` @@ -212,20 +222,30 @@ func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) ( if err != nil { return "", err } + return data.AccessToken, nil } func GetWechatOfficialAccountQRCode(clientId string, clientSecret string) (string, error) { accessToken, err := GetWechatOfficialAccountAccessToken(clientId, clientSecret) client := new(http.Client) - params := "{\"action_name\": \"QR_LIMIT_STR_SCENE\", \"action_info\": {\"scene\": {\"scene_str\": \"test\"}}}" + + weChatEndpoint := "https://api.weixin.qq.com/cgi-bin/qrcode/create" + qrCodeUrl := fmt.Sprintf("%s?access_token=%s", weChatEndpoint, accessToken) + params := `{"action_name": "QR_LIMIT_STR_SCENE", "action_info": {"scene": {"scene_str": "test"}}}` + bodyData := bytes.NewReader([]byte(params)) - qrCodeUrl := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/qrcode/create?access_token=%s", accessToken) requeset, err := http.NewRequest("POST", qrCodeUrl, bodyData) + if err != nil { + return "", err + } + resp, err := client.Do(requeset) if err != nil { return "", err } + defer resp.Body.Close() + respBytes, err := ioutil.ReadAll(resp.Body) if err != nil { return "", err diff --git a/object/adapter.go b/object/adapter.go index 4a62ca6e..79cddc99 100644 --- a/object/adapter.go +++ b/object/adapter.go @@ -275,7 +275,7 @@ func GetSession(owner string, offset, limit int, field, value, sortField, sortOr session = session.And("owner=?", owner) } if field != "" && value != "" { - if filterField(field) { + if util.FilterField(field) { session = session.And(fmt.Sprintf("%s like ?", util.SnakeString(field)), fmt.Sprintf("%%%s%%", value)) } } @@ -303,7 +303,7 @@ func GetSessionForUser(owner string, offset, limit int, field, value, sortField, } } if field != "" && value != "" { - if filterField(field) { + if util.FilterField(field) { if offset != -1 { field = fmt.Sprintf("a.%s", field) } diff --git a/object/check.go b/object/check.go index 17341af5..12530394 100644 --- a/object/check.go +++ b/object/check.go @@ -16,7 +16,6 @@ package object import ( "fmt" - "regexp" "strings" "time" "unicode" @@ -28,21 +27,11 @@ import ( goldap "github.com/go-ldap/ldap/v3" ) -var ( - reWhiteSpace *regexp.Regexp - reFieldWhiteList *regexp.Regexp -) - const ( SigninWrongTimesLimit = 5 LastSignWrongTimeDuration = time.Minute * 15 ) -func init() { - reWhiteSpace, _ = regexp.Compile(`\s`) - reFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`) -} - func CheckUserSignup(application *Application, organization *Organization, form *form.AuthForm, lang string) string { if organization == nil { return i18n.Translate(lang, "check:Organization does not exist") @@ -58,7 +47,7 @@ func CheckUserSignup(application *Application, organization *Organization, form if util.IsEmailValid(form.Username) { return i18n.Translate(lang, "check:Username cannot be an email address") } - if reWhiteSpace.MatchString(form.Username) { + if util.ReWhiteSpace.MatchString(form.Username) { return i18n.Translate(lang, "check:Username cannot contain white spaces") } @@ -294,10 +283,6 @@ func CheckUserPassword(organization string, username string, password string, la return user, "" } -func filterField(field string) bool { - return reFieldWhiteList.MatchString(field) -} - func CheckUserPermission(requestUserId, userId string, strict bool, lang string) (bool, error) { if requestUserId == "" { return false, fmt.Errorf(i18n.Translate(lang, "general:Please login first")) @@ -397,8 +382,8 @@ func CheckUsername(username string, lang string) string { } // https://stackoverflow.com/questions/58726546/github-username-convention-using-regex - re, _ := regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$") - if !re.MatchString(username) { + + if !util.ReUserName.MatchString(username) { return i18n.Translate(lang, "check:The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.") } diff --git a/util/validation.go b/util/validation.go index e8675a87..ec48f951 100644 --- a/util/validation.go +++ b/util/validation.go @@ -22,10 +22,18 @@ import ( "github.com/nyaruka/phonenumbers" ) -var rePhone *regexp.Regexp +var ( + rePhone *regexp.Regexp + ReWhiteSpace *regexp.Regexp + ReFieldWhiteList *regexp.Regexp + ReUserName *regexp.Regexp +) func init() { rePhone, _ = regexp.Compile(`(\d{3})\d*(\d{4})`) + ReWhiteSpace, _ = regexp.Compile(`\s`) + ReFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`) + ReUserName, _ = regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$") } func IsEmailValid(email string) bool { @@ -70,3 +78,7 @@ func GetCountryCode(prefix string, phone string) (string, error) { return countryCode, nil } + +func FilterField(field string) bool { + return ReFieldWhiteList.MatchString(field) +}