用户数据签名验证失败
发布于 5 年前 作者 dyao 4949 次浏览 来自 问答

我在客户端的执行代码:

wx.login({

    success: function (result) {

        if (result.code) {

            wx.request({

                url: config.service.requestUrl + ‘/v.php’,

                data: {

                    code: result.code

                },

                header: {

                    ‘content-type’: ‘application/x-www-form-urlencoded’

                },

                method: ‘POST’,

                success: function (res) {

                    wx.getUserInfo({

                        success: function (res) {

                            that.localData.rawdata = res.rawData

                            that.localData.signature = res.signature

                            that.globalData.userInfo = res.userInfo

                            wx.request({

                                url: config.service.requestUrl + ‘/verify.php’,

                                data: {},

                                header: {

                                    ‘content-type’: ‘application/x-www-form-urlencoded’,

                                    ‘Cookie’: ‘PHPSESSID=’ + wx.getStorageSync(‘session_id’),

                                    ‘raw’: escape(this.localData.rawdata),

                                    ‘signature’: this.localData.signature

                                },

                                method: ‘POST’,

                                success: function (res) {

                                },

                                fail: function (res) {

                                }

                            })

                        }

                    })

                }

            })

        }

    }

})

v.php中,通过appid、appsecret、code获取到了openid和session_key,并保存到开发者服务器。

verify.php中:


        $raw = js_unescape ($_SERVER['HTTP_RAW']);

        $sig = $_SERVER['HTTP_SIGNATURE'];


        $cleartext = $raw . $session_key;

        $signature = sha1($cleartext);

现在,问题来了:$sig和$signature,这两个值在某些情况下是相同的,而在某些情况下是不同的!我们用了很多个手机做测试,相同和不同的概率大概五五开,而且跟IOS系统或Android系统无关。咋回事呢?
3 回复

最近我也遇到了 ,用户信息签名验证失败的情况,但这是少部分的,据我观察,这些失败的用户信息rawData中的nickName中都包含一些特殊字符,比如:“nickName”:“ULTIMATE��”,

不知道你们遇到过吗?怎么解决呢?

解决了吗?微信官方真的是爱答不理的,小程序开发的支持度非常差。我也遇到这个问题,我是大概率第一次不行,再来一次就好了。

解决了吗?

回到顶部