C# 微信开发 《验证签名》

Posted 2022-01-03 bug123456

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using TalentCloud.Base.Utils;

using System.IO;

using System.Text;

using System.Web.Security;

using System.Configuration;

using TalentCloud.Common.Log;

 

namespace TalentCloud.Agriculture.Weixin.Web

    /// <summary>

    /// WeiXinCheckSignature 的摘要说明

    /// </summary>

    public class WeiXinCheckSignature : IHttpHandler

    

          WeiXinService WeiXinService = new WeiXinService();

         public void ProcessRequest(HttpContext context)

        

            string postString = string.Empty;

            if (HttpContext.Current.Request.HttpMethod.ToUpper() == "POST")

            

                using (Stream stream = HttpContext.Current.Request.InputStream)

                

                    Byte[] postBytes = new Byte[stream.Length];

                    stream.Read(postBytes, 0, (Int32)stream.Length);

                    postString = Encoding.UTF8.GetString(postBytes);

                

 

                if (!string.IsNullOrEmpty(postString))

                

                    ///处理回复信息

                    WeiXinService.ResponseMsg(postString, context);

                

            

            else

            

                Auth(); //微信接入的测试

            

        

 

 

        /// <summary>

        /// 成为开发者的第一步，验证并相应服务器的数据

        /// </summary>

        private void Auth()

        

            string token = ConfigurationManager.AppSettings["WeixinToken"].TryToString();//从配置文件获取Token

            if (string.IsNullOrEmpty(token))

            

                LogHelper.WriteFileLog("WeixinToken", string.Format("WeixinToken 配置项没有配置！"));

            

 

            string echoString = HttpContext.Current.Request.QueryString["echoStr"];

            string signature = HttpContext.Current.Request.QueryString["signature"];

            string timestamp = HttpContext.Current.Request.QueryString["timestamp"];

            string nonce = HttpContext.Current.Request.QueryString["nonce"];

            if (CheckSignature(token, signature, timestamp, nonce))

            

                if (!string.IsNullOrEmpty(echoString))

                

                    HttpContext.Current.Response.Write(echoString);

                    HttpContext.Current.Response.End();

                

            

        

 

 

        /// <summary>

        /// 验证微信签名

        /// </summary>

        public bool CheckSignature(string token, string signature, string timestamp, string nonce)

        

            string[] ArrTmp = token, timestamp, nonce ;

 

            Array.Sort(ArrTmp);

            string tmpStr = string.Join("", ArrTmp);

 

            tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1");

            tmpStr = tmpStr.ToLower();

 

            if (tmpStr == signature)

            

                return true;

            

            else

            

                return false;

            

        

 

        public bool IsReusable

        

            get

            

                return false;