node-easywechat 3.3.5 → 3.4.0

package/CHANGELOG.md

@@ -1,6 +1,14 @@
 # CHANGELOG
 
 
+## v3.4.0 (2023-06-13)
+
+- Feat: 公众号、小程序配置项新增是否使用稳定版接口调用凭据的选项
+
+## v3.3.6 (2023-05-12)
+
+- Fix: 修复微信支付v3签名错误
+
 ## v3.3.5 (2023-04-28)
 
 - Fix: 修复部分接口请求方式及请求参数设置方式异常的问题

package/README.md

@@ -127,7 +127,9 @@ let data = response.toObject();
     scope: 'snsapi_userinfo',
     // 网页授权回调地址，完整的URL
     redirect: 'http://node-easywechat.hpyer.cn/wxlogin/callback'
-  }
+  },
+  // 是否使用稳定版接口调用凭据，默认：false
+  use_stable_access_token: false
 }
 ```
 
@@ -141,7 +143,9 @@ let data = response.toObject();
   // 小程序的 token
   token: '',
   // EncodingAESKey
-  aes_key: ''
+  aes_key: '',
+  // 是否使用稳定版接口调用凭据，默认：false
+  use_stable_access_token: false
 }
 ```
 

package/dist/Core/Support/RSA.d.ts

@@ -1,5 +1,5 @@
 /// <reference types="node" />
-import crypto from 'crypto';
+import crypto, { BinaryToTextEncoding } from 'crypto';
 declare class RSA {
     protected publicKey: crypto.KeyObject;
     /**
@@ -40,21 +40,19 @@ declare class RSA {
     /**
      * 计算签名
      * @param data 待解密文本
-     * @param hashType 哈希方式，默认：'sha256'
+     * @param hashType 哈希方式，默认：'RSA-SHA256'
      * @param encoding 编码，默认：'base64'
-     * @param padding 补位方式，默认：crypto.constants.RSA_PKCS1_PSS_PADDING
      * @returns
      */
-    sign(data: string, hashType?: string, encoding?: BufferEncoding, padding?: number): string;
+    sign(data: string, hashType?: string, encoding?: BinaryToTextEncoding): string;
     /**
      * 验证签名
      * @param signature 待验证签名字符串
      * @param data 待解密文本
-     * @param hashType 哈希方式，默认：'sha256'
+     * @param hashType 哈希方式，默认：'RSA-SHA256'
      * @param encoding 编码，默认：'base64'
-     * @param padding 补位方式，默认：crypto.constants.RSA_PKCS1_PSS_PADDING
      * @returns
      */
-    verify(signature: string, data: string, hashType: string, encoding?: BufferEncoding, padding?: number): boolean;
+    verify(signature: string, data: string, hashType?: string, encoding?: BinaryToTextEncoding): boolean;
 }
 export = RSA;

package/dist/Core/Support/RSA.js

@@ -65,33 +65,28 @@ class RSA {
     /**
      * 计算签名
      * @param data 待解密文本
-     * @param hashType 哈希方式，默认：'sha256'
+     * @param hashType 哈希方式，默认：'RSA-SHA256'
      * @param encoding 编码，默认：'base64'
-     * @param padding 补位方式，默认：crypto.constants.RSA_PKCS1_PSS_PADDING
      * @returns
      */
-    sign(data, hashType = 'sha256', encoding = 'base64', padding = crypto_1.default.constants.RSA_PKCS1_PSS_PADDING) {
-        let signature = crypto_1.default.sign(hashType, Buffer.from(data), {
-            key: this.privateKey,
-            padding,
-        });
-        return signature.toString(encoding);
+    sign(data, hashType = 'RSA-SHA256', encoding = 'base64') {
+        return crypto_1.default
+            .createSign(hashType)
+            .update(data)
+            .sign(this.privateKey, encoding);
     }
     /**
      * 验证签名
      * @param signature 待验证签名字符串
      * @param data 待解密文本
-     * @param hashType 哈希方式，默认：'sha256'
+     * @param hashType 哈希方式，默认：'RSA-SHA256'
      * @param encoding 编码，默认：'base64'
-     * @param padding 补位方式，默认：crypto.constants.RSA_PKCS1_PSS_PADDING
      * @returns
      */
-    verify(signature, data, hashType, encoding = 'base64', padding = crypto_1.default.constants.RSA_PKCS1_PSS_PADDING) {
-        let isVerified = crypto_1.default.verify(hashType, Buffer.from(data), {
-            key: this.publicKey,
-            padding,
-        }, Buffer.from(signature, encoding));
-        return !!isVerified;
+    verify(signature, data, hashType = 'RSA-SHA256', encoding = 'base64') {
+        const verify = crypto_1.default.createVerify(hashType);
+        verify.update(data);
+        return verify.verify(this.publicKey, signature, encoding);
     }
 }
 ;

package/dist/MiniApp/Application.js

@@ -90,7 +90,7 @@ class Application {
     }
     getAccessToken() {
         if (!this.accessToken) {
-            this.accessToken = new AccessToken_1.default(this.getAccount().getAppId(), this.getAccount().getSecret(), null, this.getCache(), this.getHttpClient());
+            this.accessToken = new AccessToken_1.default(this.getAccount().getAppId(), this.getAccount().getSecret(), null, this.getCache(), this.getHttpClient(), this.config.get('use_stable_access_token', false));
         }
         return this.accessToken;
     }

package/dist/OfficialAccount/AccessToken.d.ts

@@ -7,7 +7,8 @@ declare class AccessToken implements RefreshableAccessTokenInterface {
     protected key: string;
     protected cache: CacheInterface;
     protected httpClient: HttpClientInterface;
-    constructor(appId: string, secret: string, key?: string, cache?: CacheInterface, httpClient?: HttpClientInterface);
+    protected stable: boolean;
+    constructor(appId: string, secret: string, key?: string, cache?: CacheInterface, httpClient?: HttpClientInterface, stable?: boolean);
     /**
      * 获取access_token的缓存名称
      * @returns
@@ -22,5 +23,14 @@ declare class AccessToken implements RefreshableAccessTokenInterface {
     getToken(): Promise<string>;
     toQuery(): Promise<Record<string, any>>;
     refresh(): Promise<string>;
+    /**
+     * 获取稳定版接口调用凭据
+     * @param forceRefresh 是否强制刷新，默认：false
+     */
+    getStableAccessToken(forceRefresh?: boolean): Promise<string>;
+    /**
+     * 获取接口调用凭据
+     */
+    getAccessToken(): Promise<string>;
 }
 export = AccessToken;

package/dist/OfficialAccount/AccessToken.js

@@ -13,12 +13,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 const HttpClient_1 = __importDefault(require("../Core/HttpClient/HttpClient"));
 class AccessToken {
-    constructor(appId, secret, key = null, cache = null, httpClient = null) {
+    constructor(appId, secret, key = null, cache = null, httpClient = null, stable = false) {
         this.appId = appId;
         this.secret = secret;
         this.key = key;
         this.cache = cache;
         this.httpClient = httpClient;
+        this.stable = stable;
         if (!this.httpClient) {
             this.httpClient = HttpClient_1.default.create({
                 baseURL: 'https://api.weixin.qq.com/',
@@ -64,6 +65,35 @@ class AccessToken {
         });
     }
     refresh() {
+        return this.stable ? this.getStableAccessToken() : this.getAccessToken();
+    }
+    /**
+     * 获取稳定版接口调用凭据
+     * @param forceRefresh 是否强制刷新，默认：false
+     */
+    getStableAccessToken(forceRefresh = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let response = (yield this.httpClient.request('post', 'cgi-bin/stable_token', {
+                json: {
+                    grant_type: 'client_credential',
+                    appid: this.appId,
+                    secret: this.secret,
+                    force_refresh: forceRefresh,
+                }
+            })).toObject();
+            if (!response['access_token']) {
+                throw new Error('Failed to get stable access_token: ' + JSON.stringify(response));
+            }
+            if (this.cache) {
+                yield this.cache.set(this.getKey(), response['access_token'], parseInt(response['expires_in']));
+            }
+            return response['access_token'];
+        });
+    }
+    /**
+     * 获取接口调用凭据
+     */
+    getAccessToken() {
         return __awaiter(this, void 0, void 0, function* () {
             let response = (yield this.httpClient.request('get', 'cgi-bin/token', {
                 params: {

package/dist/OfficialAccount/Application.js

@@ -90,7 +90,7 @@ class Application {
     }
     getAccessToken() {
         if (!this.accessToken) {
-            this.accessToken = new AccessToken_1.default(this.getAccount().getAppId(), this.getAccount().getSecret(), null, this.getCache(), this.getHttpClient());
+            this.accessToken = new AccessToken_1.default(this.getAccount().getAppId(), this.getAccount().getSecret(), null, this.getCache(), this.getHttpClient(), this.config.get('use_stable_access_token', false));
         }
         return this.accessToken;
     }

package/dist/Pay/Application.js

@@ -84,7 +84,7 @@ class Application {
      */
     getHttpClientDefaultOptions() {
         return (0, merge_1.default)(true, {
-            baseURL: 'https://api.weixin.qq.com/',
+            baseURL: 'https://api.mch.weixin.qq.com',
         }, this.getConfig().get('http'));
     }
 }

package/dist/Pay/Signature.js

@@ -34,7 +34,7 @@ class Signature {
                 body = payload.data;
             }
         }
-        let signString = `${method.toUpperCase()}\n${pathname}\n${timestamp}\n${nonce}\n${body}`;
+        let signString = `${method.toUpperCase()}\n${pathname}\n${timestamp}\n${nonce}\n${body}\n`;
         let rsa = new RSA_1.default;
         rsa.setPublicKey(this.merchant.getCertificate().getValue());
         rsa.setPrivateKey(this.merchant.getPrivateKey().getKey());

package/dist/Types/global.d.ts

@@ -147,6 +147,12 @@ export declare interface OfficialAccountConfig extends BaseConfig {
    * 网页授权相关配置
    */
   oauth?: OauthConfig;
+
+  /**
+   * 是否使用稳定版接口调用凭据，默认：false
+   * @see https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/getStableAccessToken.html
+   */
+  use_stable_access_token?: boolean;
 }
 
 /**
@@ -172,6 +178,12 @@ export declare interface MiniAppConfig extends BaseConfig {
    * 服务端消息加解密密钥 aes_key
    */
   aes_key?: string;
+
+  /**
+   * 是否使用稳定版接口调用凭据，默认：false
+   * @see https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/mp-access-token/getStableAccessToken.html
+   */
+  use_stable_access_token?: boolean;
 }
 
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "node-easywechat",
-  "version": "3.3.5",
+  "version": "3.4.0",
   "description": "EasyWechat SDK for Node.js (NOT OFFICIAL)",
   "main": "dist/index.js",
   "scripts": {