token验证-微信公众平台开发3(asp.net)

童鞋们直接看代码吧:(我这里是ashx处理程序写的类,开发过网站的一般都知道)

<%@ WebHandler Language="C#" class="weixin" %>

using System;
using System.Web;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Security.Policy;
using System.Collections;
using System.Xml;

public class weixin : IHttpHandler {
    protected string TOKEN = "asdasd"; //TOKEN 必须跟你在微信公众平台上写的token是一致的
    public void ProcessRequest (HttpContext context) {
        //context.Response.ContentType = "text/plain";
        context.Response.Clear(); //清除所有之前生成的Response内容
        Handlewinxin(context);  //进入专业微信处理程序
        context.Response.End();
    }
 
    public bool IsReusable {
        get {
            return false;
        }
    }
    /// <summary>
    ///
    /// </summary>
    /// <param name="content"></param>
    public void Handlewinxin(HttpContext context)
    {
        
        if (context.Request.HttpMethod.ToUpper() == "GET")
        {
            // 微信加密签名  
            string signature = context.Request.QueryString["signature"];
            // 时间戳  
            string timestamp = context.Request.QueryString["timestamp"];
            // 随机数  
            string nonce = context.Request.QueryString["nonce"];
            // 随机字符串  
            string echostr = context.Request.QueryString["echostr"];
            if (CheckSignature(signature, timestamp, nonce))
            {
                context.Response.Write(echostr);
            }
            
        }
        else if (context.Request.HttpMethod.ToUpper() == "POST")
        {

            StreamReader stream = new StreamReader(context.Request.InputStream);
            string xml = stream.ReadToEnd();

            processRequest(xml, context);
        }
    }
    /// <summary>
    /// 验证签名
    /// </summary>
    /// <param name="signature"></param>
    /// <param name="timestamp"></param>
    /// <param name="nonce"></param>
    /// <returns></returns>
    public bool CheckSignature(String signature, String timestamp, String nonce)
    {
        String[] arr = new String[] { TOKEN, timestamp, nonce };
        // 将token、timestamp、nonce三个参数进行字典序排序  
        Array.Sort<String>(arr);

        StringBuilder content = new StringBuilder();
        for (int i = 0; i < arr.Length; i++)
        {
            content.Append(arr[i]);
        }

        String tmpStr = SHA1_Encrypt(content.ToString());


        // 将sha1加密后的字符串可与signature对比,标识该请求来源于微信  
        return tmpStr != null ? tmpStr.Equals(signature) : false;
    }


    /// <summary>
    /// 使用缺省密钥给字符串加密
    /// </summary>
    /// <param name="Source_String"></param>
    /// <returns></returns>
    public static string SHA1_Encrypt(string Source_String)
    {
        byte[] StrRes = Encoding.Default.GetBytes(Source_String);
        HashAlgorithm iSHA = new SHA1CryptoServiceProvider();
        StrRes = iSHA.ComputeHash(StrRes);
        StringBuilder EnText = new StringBuilder();
        foreach (byte iByte in StrRes)
        {
            EnText.AppendFormat("{0:x2}", iByte);
        }
        return EnText.ToString();
    }
    /// <summary>
    /// 处理微信发来的请求
    /// </summary>
    /// <param name="xml"></param>
    public void processRequest(String xml,HttpContext context)
    {
        //待下一章节全部贴出代码
    }

}

 

posted @ 2014-03-07 12:27  飞剑  阅读(720)  评论(0编辑  收藏  举报