惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
AI
AI
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
LINUX DO - 热门话题
G
GRAHAM CLULEY
Cisco Talos Blog
Cisco Talos Blog
T
Tenable Blog
L
Lohrmann on Cybersecurity
Know Your Adversary
Know Your Adversary
A
Arctic Wolf
T
Threatpost
AWS News Blog
AWS News Blog
S
Securelist
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
J
Java Code Geeks
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
The GitHub Blog
The GitHub Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
C
Cisco Blogs
F
Full Disclosure
Jina AI
Jina AI
Engineering at Meta
Engineering at Meta
I
InfoQ
C
CXSECURITY Database RSS Feed - CXSecurity.com
I
Intezer
C
CERT Recently Published Vulnerability Notes
Last Week in AI
Last Week in AI
P
Privacy International News Feed
Scott Helme
Scott Helme
WordPress大学
WordPress大学
Simon Willison's Weblog
Simon Willison's Weblog
D
Docker
T
Threat Research - Cisco Blogs
P
Proofpoint News Feed
C
Cyber Attacks, Cyber Crime and Cyber Security
Y
Y Combinator Blog
T
Tor Project blog
V
Visual Studio Blog
Spread Privacy
Spread Privacy
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google DeepMind News
Google DeepMind News
B
Blog RSS Feed
Google Online Security Blog
Google Online Security Blog
C
Check Point Blog
爱范儿
爱范儿
N
News and Events Feed by Topic
博客园 - 【当耐特】
TaoSecurity Blog
TaoSecurity Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main

博客园 - Yu

Illegal characters in path 依赖注入的 Singleton、Scoped、Transient vs2015 编译报错:The project references NuGet package(s) that are missing on this computer... discuz 迁移 uc_server 报错 The timeout period elapsed prior to completion of the operation or the server is not responding. 微信小程序笔记 xmlns 与 targetNamespace 的解释 Ubuntu64 apache2+lvs+Keepalived NPOI CellStyle 设置 mysql --initialize specified but the data directory has files in it select2 多选设置默认值 VS 2015 IDE 不支持 MS SQL 2000 生成 dbml Ajax 如何执行 Response.Redirect ng 发生 Error: ELOOP: too many symbolic links encountered... jquery call cross-domain webapi owin self-host HtmlAgilityPack 使用 EF 热加载 Winform/Asp.net vs2015 使用 Eazfuscator.NET 3.3 The requested page cannot be accessed because the related configuration data for the page is invalid.
微信 oauth2 两次回调
Yu · 2017-05-06 · via 博客园 - Yu

 场景:

logger.Info("f: " + wx.From);
logger.Info("c: " + wx.Code);
logger.Info("s: " + wx.State);

Response.Redirect("https://open.weixin.qq.com/connect/oauth2/authorize?appid=8RAN90uJ1967wpt1Y5&redirect_uri=www.xxxx.com%3a8001%2fWxAuthPage.aspx?from=notreserve&response_type=code&scope=snsapi_base&state=1#wechat_redirect");

出现:

除了code不一致,其它一致。

这样导致如下两次插入:

var mealtake = new MealTake
{
Id = Guid.NewGuid(),
IsTaked = true,
TakeDate = DateTime.Now,
MealType = mt.MealType,
PersonOrder = personOrder
};

context.Set<MealTake>().Add(mealtake);
context.SaveChanges();

想到的解决方法:

Response.Redirect("https://open.weixin.qq.com/connect/oauth2/authorize?appid=8RAN90uJ1967wpt1Y5&redirect_uri=www.xxxx.com%3a8001%2fWxAuthPage.aspx?from=notreserve&response_type=code&scope=snsapi_base&state=1#wechat_redirect");

改成

Response.Redirect("https://open.weixin.qq.com/connect/oauth2/authorize?appid=8RAN90uJ1967wpt1Y5&redirect_uri=www.xxxx.com%3a8001%2fWxAuthPage.aspx?from=notreserve&response_type=code&scope=snsapi_base&state="+Guid.NewGuid().ToString()+"#wechat_redirect");

 

再把插入代码改成

if (!context.Set<PersonOrder>().Any(n => n.Comment == wx.State))
{
  var person = context.Set<MealPerson>().Include("PersonType").FirstOrDefault(n => n.Id == wxUserInfo.User.Id);
  var personOrder = MealOrderService.CreatePersonOrder(person, mt.MealType, mealdate, false);
  personOrder.Comment = wx.State;
  var mealtake = new MealTake
  {
    Id = Guid.NewGuid(),
    IsTaked = true,
    TakeDate = DateTime.Now,
    MealType = mt.MealType,
    PersonOrder = personOrder
  };

  context.Set<MealTake>().Add(mealtake);
  context.SaveChanges();
}

=============================================================

具体原因,原来是redirect_uri导致的,漏了对redirect_uri进行完整的UrlEncode:

redirect_uri=www.xxxx.com%3a8001%2fWxAuthPage.aspx?from=notreserve

改成

redirect_uri=www.xxxx.com%3a8001%2fWxAuthPage.aspx%3ffrom%3dnotreserve

就不会发生两次回调了