csxj2026/junhong_cmp_fiber
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
main
junhong_cmp_fiber/scripts/verify-wechat.sh
huang bf591095a2 微信相关能力
2026-01-30 17:25:30 +08:00

201 lines
6.6 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
# 微信配置验证脚本
# 用途:检查微信公众号和支付配置的完整性
set -e
echo "========================================"
echo " 微信配置验证脚本"
echo "========================================"
echo ""
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# 错误计数
ERROR_COUNT=0
WARNING_COUNT=0
# 检查环境变量是否存在
check_env() {
local var_name=$1
local is_required=${2:-true}
if [ -z "${!var_name}" ]; then
if [ "$is_required" = true ]; then
echo -e "${RED}✗ 缺失必填配置: $var_name${NC}"
((ERROR_COUNT++))
return 1
else
echo -e "${YELLOW}⚠ 缺失可选配置: $var_name${NC}"
((WARNING_COUNT++))
return 0
fi
else
echo -e "${GREEN}$var_name${NC}"
return 0
fi
}
# 检查文件是否存在
check_file() {
local file_path=$1
local var_name=$2
if [ ! -f "$file_path" ]; then
echo -e "${RED}✗ 文件不存在: $file_path (来自 $var_name)${NC}"
((ERROR_COUNT++))
return 1
else
echo -e "${GREEN}✓ 文件存在: $file_path${NC}"
# 检查文件权限
local perms=$(stat -f "%A" "$file_path" 2>/dev/null || stat -c "%a" "$file_path" 2>/dev/null)
if [ "$perms" != "600" ] && [ "$perms" != "644" ] && [ "$perms" != "400" ]; then
echo -e "${YELLOW} ⚠ 建议修改文件权限为 600: chmod 600 $file_path${NC}"
((WARNING_COUNT++))
fi
return 0
fi
}
# 检查字符串长度
check_length() {
local var_name=$1
local expected_length=$2
local value="${!var_name}"
if [ ${#value} -ne $expected_length ]; then
echo -e "${YELLOW}$var_name 长度应为 $expected_length 位,当前 ${#value}${NC}"
((WARNING_COUNT++))
return 1
fi
return 0
}
echo "1. 检查微信公众号配置"
echo "----------------------------------------"
check_env "JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_ID" true
check_env "JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_SECRET" true
check_env "JUNHONG_WECHAT_OFFICIAL_ACCOUNT_TOKEN" false
check_env "JUNHONG_WECHAT_OFFICIAL_ACCOUNT_AES_KEY" false
check_env "JUNHONG_WECHAT_OFFICIAL_ACCOUNT_OAUTH_REDIRECT_URL" false
echo ""
echo "2. 检查微信支付配置"
echo "----------------------------------------"
check_env "JUNHONG_WECHAT_PAYMENT_APP_ID" true
check_env "JUNHONG_WECHAT_PAYMENT_MCH_ID" true
check_env "JUNHONG_WECHAT_PAYMENT_API_V3_KEY" true
check_env "JUNHONG_WECHAT_PAYMENT_API_V2_KEY" false
check_env "JUNHONG_WECHAT_PAYMENT_CERT_PATH" true
check_env "JUNHONG_WECHAT_PAYMENT_KEY_PATH" true
check_env "JUNHONG_WECHAT_PAYMENT_SERIAL_NO" true
check_env "JUNHONG_WECHAT_PAYMENT_NOTIFY_URL" true
check_env "JUNHONG_WECHAT_PAYMENT_HTTP_DEBUG" false
check_env "JUNHONG_WECHAT_PAYMENT_TIMEOUT" false
echo ""
echo "3. 检查证书文件"
echo "----------------------------------------"
if [ -n "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" ]; then
check_file "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" "JUNHONG_WECHAT_PAYMENT_CERT_PATH"
fi
if [ -n "$JUNHONG_WECHAT_PAYMENT_KEY_PATH" ]; then
check_file "$JUNHONG_WECHAT_PAYMENT_KEY_PATH" "JUNHONG_WECHAT_PAYMENT_KEY_PATH"
fi
echo ""
echo "4. 验证配置格式"
echo "----------------------------------------"
# 检查 AppID 格式(应以 wx 开头)
if [ -n "$JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_ID" ]; then
if [[ ! "$JUNHONG_WECHAT_OFFICIAL_ACCOUNT_APP_ID" =~ ^wx ]]; then
echo -e "${YELLOW} ⚠ 公众号 AppID 格式可能有误(通常以 wx 开头)${NC}"
((WARNING_COUNT++))
fi
fi
# 检查 APIv3 密钥长度(应为 32 位)
if [ -n "$JUNHONG_WECHAT_PAYMENT_API_V3_KEY" ]; then
check_length "JUNHONG_WECHAT_PAYMENT_API_V3_KEY" 32
fi
# 检查回调 URL 格式(必须是 HTTPS
if [ -n "$JUNHONG_WECHAT_PAYMENT_NOTIFY_URL" ]; then
if [[ ! "$JUNHONG_WECHAT_PAYMENT_NOTIFY_URL" =~ ^https:// ]]; then
echo -e "${RED}✗ 支付回调 URL 必须使用 HTTPS${NC}"
((ERROR_COUNT++))
else
echo -e "${GREEN}✓ 支付回调 URL 使用 HTTPS${NC}"
fi
fi
echo ""
echo "5. 检查证书有效性(可选)"
echo "----------------------------------------"
if [ -n "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" ] && [ -f "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" ]; then
if command -v openssl &> /dev/null; then
# 检查证书是否过期
expiry_date=$(openssl x509 -in "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" -noout -enddate 2>/dev/null | cut -d= -f2)
if [ -n "$expiry_date" ]; then
echo -e "${GREEN}✓ 证书有效期至: $expiry_date${NC}"
# 检查证书序列号是否匹配
cert_serial=$(openssl x509 -in "$JUNHONG_WECHAT_PAYMENT_CERT_PATH" -noout -serial 2>/dev/null | cut -d= -f2)
if [ -n "$cert_serial" ]; then
if [ "$cert_serial" != "$JUNHONG_WECHAT_PAYMENT_SERIAL_NO" ]; then
echo -e "${YELLOW} ⚠ 证书序列号不匹配${NC}"
echo -e " 配置中: $JUNHONG_WECHAT_PAYMENT_SERIAL_NO"
echo -e " 证书中: $cert_serial"
((WARNING_COUNT++))
else
echo -e "${GREEN} ✓ 证书序列号匹配${NC}"
fi
fi
fi
else
echo -e "${YELLOW} ⚠ 未安装 openssl跳过证书验证${NC}"
fi
fi
echo ""
echo "========================================"
echo " 验证结果"
echo "========================================"
echo -e "${RED}错误: $ERROR_COUNT${NC}"
echo -e "${YELLOW}警告: $WARNING_COUNT${NC}"
echo ""
if [ $ERROR_COUNT -gt 0 ]; then
echo -e "${RED}❌ 配置验证失败,请修复上述错误后重试${NC}"
echo ""
echo "建议操作:"
echo "1. 检查 .env.local 文件是否正确加载"
echo "2. 确认所有必填环境变量已设置"
echo "3. 验证证书文件路径是否正确"
echo "4. 参考文档: docs/wechat-integration/使用指南.md"
exit 1
elif [ $WARNING_COUNT -gt 0 ]; then
echo -e "${YELLOW}⚠️ 配置验证通过,但存在警告${NC}"
echo ""
echo "建议操作:"
echo "1. 检查警告信息并根据建议调整"
echo "2. 警告不会影响服务启动,但可能影响功能"
exit 0
else
echo -e "${GREEN}✅ 配置验证通过,所有配置正确${NC}"
echo ""
echo "下一步:"
echo "1. 启动服务: go run cmd/api/main.go"
echo "2. 查看启动日志确认微信服务初始化成功"
echo "3. 参考验证指南进行功能测试: docs/wechat-integration/验证指南.md"
exit 0
fi
Reference in New Issue View Git Blame Copy Permalink