微信服务号-基本配置填写服务器配置代码 校验

 //验证URL
        // @param sMsgSignature: 签名串，对应URL参数的msg_signature
        // @param sTimeStamp: 时间戳，对应URL参数的timestamp
        // @param sNonce: 随机串，对应URL参数的nonce
        // @param sEchoStr: 随机串，对应URL参数的echostr
        // @param sReplyEchoStr: 解密之后的echostr，当return返回0时有效
        // @return：成功0，失败返回对应的错误码
        public int VerifyURL(string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, ref string sReplyEchoStr)
        {
            int ret = 0;
            if (m_sEncodingAESKey.Length != 43)
            {
                return (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey;
            }
            ret = VerifySignature(m_sToken, sTimeStamp, sNonce, sEchoStr, sMsgSignature);
            if (0 != ret)
            {
                return ret;
            }
            sReplyEchoStr = "";
            string cpid = "";
            try
            {
                sReplyEchoStr = Cryptography.AES_decrypt(sEchoStr, m_sEncodingAESKey, ref cpid); //m_sCorpID);
            }
            catch (Exception)
            {
                sReplyEchoStr = "";
                return (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error;
            }
            if (cpid != m_sCorpID)
            {
                sReplyEchoStr = "";
                return (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error;
            }
            return 0;
        }

以上是一段微信逛网提供的多年校验URL代码，单此代码我在微信企业号中使用过。目前由于公司需要做微信服务号使用时死活就报“签名错误-40001”.最后根据博客了解自己编写一个校验简单的方法。

#region 自己额外添加

        /// <summary>
        /// MD5 加密
        /// </summary>
        /// <param name="s"></param>
        /// <returns></returns>
        public static string Sha1(string s)
        {
            using (var sha1 = SHA1.Create())
            {
                var result = sha1.ComputeHash(Encoding.UTF8.GetBytes(s));
                var strResult = BitConverter.ToString(result);
                return strResult.Replace("-", "").ToUpper();
            }
        }




        /// <summary>
        /// 验证微信签名
        /// </summary>
        /// <param name="token">token</param>
        /// <param name="signature">签名</param>
        /// <param name="timestamp">时间戳</param>
        /// <param name="nonce">随机数</param>
        /// <returns></returns>
        public static bool WooCheckSignature(string token,
             string signature, string timestamp, string nonce)
        {
            string[] ArrTmp = { token, timestamp, nonce };
            //字典排序
            Array.Sort(ArrTmp);
            //拼接
            string tmpStr = string.Join("", ArrTmp);
            //sha1验证
            tmpStr = Sha1(tmpStr); //FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1");
                                   //tmpStr = Membership.CreateUser(tmpStr, "SHA1");
            tmpStr = tmpStr.ToLower();

            if (tmpStr == signature)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        #endregion 自己额外添加

用以上方法就方法就可以了。.net core 控制器使用

  /// <summary>
        ///回调地址
        /// </summary>
        /// <returns></returns>
        public IActionResult InitWxPort(string echoStr, string signature, string timestamp, string nonce)
        {
            var httpcontext = _accessor.HttpContext;
            if (httpcontext.Request.Method.ToLower().Equals("get"))
            {
                string token = Constant.CorpToken;
                //WeixinUtiliy weixin = new WeixinUtiliy();
                if (WeixinUtiliy.WooCheckSignature(token, signature, timestamp, nonce))
                {
                    return Content(echoStr);
                }
                return Content("no as");
                //return Content(weixin.Auth2(echoStr, signature, timestamp, nonce));
            }
            else
            {
                return Ok();

            }
            
        }