Merge branch 'master-jdk17' of https://gitee.com/zhijiantianya/yudao-cloud

# Conflicts: # yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/oauth2/OAuth2TokenApiImpl.java
2026-03-22 05:07:16 +08:00 · 2025-05-05 10:26:58 +08:00
parent a31ff349f6 f92f9d2e17
commit 2084321637
15 changed files with 95 additions and 47 deletions
--- a/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/controller/admin/open/MpOpenController.java
+++ b/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/controller/admin/open/MpOpenController.java
@@ -2,6 +2,7 @@ package cn.iocoder.yudao.module.mp.controller.admin.open;

 import cn.hutool.core.lang.Assert;
 import cn.hutool.core.util.StrUtil;
+import cn.iocoder.yudao.framework.tenant.core.aop.TenantIgnore;
 import cn.iocoder.yudao.framework.tenant.core.util.TenantUtils;
 import cn.iocoder.yudao.module.mp.controller.admin.open.vo.MpOpenCheckSignatureReqVO;
 import cn.iocoder.yudao.module.mp.controller.admin.open.vo.MpOpenHandleMessageReqVO;
@@ -35,26 +36,6 @@ public class MpOpenController {
    @Resource
    private MpAccountService mpAccountService;

-    /**
-     * 接收微信公众号的校验签名
-     *
-     * 对应 <a href="https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html">文档</a>
-     */
-    @Operation(summary = "校验签名") // 参见
-    @GetMapping(value = "/{appId}", produces = "text/plain;charset=utf-8")
-    public String checkSignature(@PathVariable("appId") String appId,
-                                 MpOpenCheckSignatureReqVO reqVO) {
-        log.info("[checkSignature][appId({}) 接收到来自微信服务器的认证消息({})]", appId, reqVO);
-        // 校验请求签名
-        WxMpService wxMpService = mpServiceFactory.getRequiredMpService(appId);
-        // 校验通过
-        if (wxMpService.checkSignature(reqVO.getTimestamp(), reqVO.getNonce(), reqVO.getSignature())) {
-            return reqVO.getEchostr();
-        }
-        // 校验不通过
-        return "非法请求";
-    }
-
    /**
     * 接收微信公众号的消息推送
     *
@@ -62,6 +43,7 @@ public class MpOpenController {
     */
    @Operation(summary = "处理消息")
    @PostMapping(value = "/{appId}", produces = "application/xml; charset=UTF-8")
+    @TenantIgnore
    public String handleMessage(@PathVariable("appId") String appId,
                                @RequestBody String content,
                                MpOpenHandleMessageReqVO reqVO) {
@@ -79,6 +61,27 @@ public class MpOpenController {
        }
    }

+    /**
+     * 接收微信公众号的校验签名
+     *
+     * 对应 <a href="https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html">文档</a>
+     */
+    @Operation(summary = "校验签名") // 参见
+    @GetMapping(value = "/{appId}", produces = "text/plain;charset=utf-8")
+    @TenantIgnore
+    public String checkSignature(@PathVariable("appId") String appId,
+                                 MpOpenCheckSignatureReqVO reqVO) {
+        log.info("[checkSignature][appId({}) 接收到来自微信服务器的认证消息({})]", appId, reqVO);
+        // 校验请求签名
+        WxMpService wxMpService = mpServiceFactory.getRequiredMpService(appId);
+        // 校验通过
+        if (wxMpService.checkSignature(reqVO.getTimestamp(), reqVO.getNonce(), reqVO.getSignature())) {
+            return reqVO.getEchostr();
+        }
+        // 校验不通过
+        return "非法请求";
+    }
+
    private String handleMessage0(String appId, String content, MpOpenHandleMessageReqVO reqVO) {
        // 校验请求签名
        WxMpService mppService = mpServiceFactory.getRequiredMpService(appId);
--- a/yudao-module-mp/yudao-module-mp-biz/src/main/resources/application.yaml
+++ b/yudao-module-mp/yudao-module-mp-biz/src/main/resources/application.yaml
@@ -126,6 +126,5 @@ yudao:
  tenant: # 多租户相关配置项
    enable: true
    ignore-urls:
-      - /admin-api/mp/open/** # 微信公众号开放平台，微信回调接口，无法携带租户编号

 debug: false