token验证-微信公众平台开发3(asp.net)
童鞋们直接看代码吧:(我这里是ashx处理程序写的类,开发过网站的一般都知道)
<%@ WebHandler Language="C#" class="weixin" %>
using System;
using System.Web;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Security.Policy;
using System.Collections;
using System.Xml;
public class weixin : IHttpHandler {
protected string TOKEN = "asdasd"; //TOKEN 必须跟你在微信公众平台上写的token是一致的
public void ProcessRequest (HttpContext context) {
//context.Response.ContentType = "text/plain";
context.Response.Clear(); //清除所有之前生成的Response内容
Handlewinxin(context); //进入专业微信处理程序
context.Response.End();
}
public bool IsReusable {
get {
return false;
}
}
/// <summary>
///
/// </summary>
/// <param name="content"></param>
public void Handlewinxin(HttpContext context)
{
if (context.Request.HttpMethod.ToUpper() == "GET")
{
// 微信加密签名
string signature = context.Request.QueryString["signature"];
// 时间戳
string timestamp = context.Request.QueryString["timestamp"];
// 随机数
string nonce = context.Request.QueryString["nonce"];
// 随机字符串
string echostr = context.Request.QueryString["echostr"];
if (CheckSignature(signature, timestamp, nonce))
{
context.Response.Write(echostr);
}
}
else if (context.Request.HttpMethod.ToUpper() == "POST")
{
StreamReader stream = new StreamReader(context.Request.InputStream);
string xml = stream.ReadToEnd();
processRequest(xml, context);
}
}
/// <summary>
/// 验证签名
/// </summary>
/// <param name="signature"></param>
/// <param name="timestamp"></param>
/// <param name="nonce"></param>
/// <returns></returns>
public bool CheckSignature(String signature, String timestamp, String nonce)
{
String[] arr = new String[] { TOKEN, timestamp, nonce };
// 将token、timestamp、nonce三个参数进行字典序排序
Array.Sort<String>(arr);
StringBuilder content = new StringBuilder();
for (int i = 0; i < arr.Length; i++)
{
content.Append(arr[i]);
}
String tmpStr = SHA1_Encrypt(content.ToString());
// 将sha1加密后的字符串可与signature对比,标识该请求来源于微信
return tmpStr != null ? tmpStr.Equals(signature) : false;
}
/// <summary>
/// 使用缺省密钥给字符串加密
/// </summary>
/// <param name="Source_String"></param>
/// <returns></returns>
public static string SHA1_Encrypt(string Source_String)
{
byte[] StrRes = Encoding.Default.GetBytes(Source_String);
HashAlgorithm iSHA = new SHA1CryptoServiceProvider();
StrRes = iSHA.ComputeHash(StrRes);
StringBuilder EnText = new StringBuilder();
foreach (byte iByte in StrRes)
{
EnText.AppendFormat("{0:x2}", iByte);
}
return EnText.ToString();
}
/// <summary>
/// 处理微信发来的请求
/// </summary>
/// <param name="xml"></param>
public void processRequest(String xml,HttpContext context)
{
//待下一章节全部贴出代码
}
}