C# 微信开发 《验证签名》

using System;

using  System.Collections.Generic;

using  System.Linq;

using  System.Web;

using  TalentCloud.Base.Utils;

using  System.IO;

using  System.Text;

using  System.Web.Security;

using  System.Configuration;

using  TalentCloud.Common.Log;

 

namespace  TalentCloud.Agriculture.Weixin.Web

{

     /// <summary>

     /// WeiXinCheckSignature 的摘要说明

     /// </summary>

     public  class  WeiXinCheckSignature : IHttpHandler

     {

           WeiXinService WeiXinService =  new  WeiXinService();

          public  void  ProcessRequest(HttpContext context)

         {

             string  postString =  string .Empty;

             if  (HttpContext.Current.Request.HttpMethod.ToUpper() ==  "POST" )

             {

                 using  (Stream stream = HttpContext.Current.Request.InputStream)

                 {

                     Byte[] postBytes =  new  Byte[stream.Length];

                     stream.Read(postBytes, 0, (Int32)stream.Length);

                     postString = Encoding.UTF8.GetString(postBytes);

                 }

 

                 if  (! string .IsNullOrEmpty(postString))

                 {

                     ///处理回复信息

                     WeiXinService.ResponseMsg(postString, context);

                 }

             }

             else

             {

                 Auth();  //微信接入的测试

             }

         }

 

 

         /// <summary>

         /// 成为开发者的第一步，验证并相应服务器的数据

         /// </summary>

         private  void  Auth()

         {

             string  token = ConfigurationManager.AppSettings[ "WeixinToken" ].TryToString(); //从配置文件获取Token

             if  ( string .IsNullOrEmpty(token))

             {

                 LogHelper.WriteFileLog( "WeixinToken" ,  string .Format( "WeixinToken 配置项没有配置！" ));

             }

 

             string  echoString = HttpContext.Current.Request.QueryString[ "echoStr" ];

             string  signature = HttpContext.Current.Request.QueryString[ "signature" ];

             string  timestamp = HttpContext.Current.Request.QueryString[ "timestamp" ];

             string  nonce = HttpContext.Current.Request.QueryString[ "nonce" ];

             if  (CheckSignature(token, signature, timestamp, nonce))

             {

                 if  (! string .IsNullOrEmpty(echoString))

                 {

                     HttpContext.Current.Response.Write(echoString);

                     HttpContext.Current.Response.End();

                 }

             }

         }

 

 

         /// <summary>

         /// 验证微信签名

         /// </summary>

         public  bool  CheckSignature( string  token,  string  signature,  string  timestamp,  string  nonce)

         {

             string [] ArrTmp = { token, timestamp, nonce };

 

             Array.Sort(ArrTmp);

             string  tmpStr =  string .Join( "" , ArrTmp);

 

             tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr,  "SHA1" );

             tmpStr = tmpStr.ToLower();

 

             if  (tmpStr == signature)

             {

                 return  true ;

             }

             else

             {

                 return  false ;

             }

         }

 

         public  bool  IsReusable

         {

             get

             {

                 return  false ;

             }

         }

     }

}