微博公众平台(二)-- Token验证代码

时间:2022-03-28 02:09:19

Token,验证逻辑:
1、将Token、timestamp、nonce放入数组

2、将数组从小到大排列

3、将数组按顺序拼装成一个字符串

4、对生成的字符串进行SHA1加密

5、将密文转换为小写

6、将signature与最后生成的小写密文进行对比,如匹配则返回echostr

protected void Page_Load(object sender, EventArgs e)

        {

            string signature = Request["signature"];

            string timestamp = Request["timestamp"];

            string nonce = Request["nonce"];

            string echostr = Request["echostr"];

            string strSignature = GetSignature("Token", timestamp, nonce);

            if (strSignature == signature)

            {

                Response.Clear();

                Response.Write(echostr);

                Response.End();

            }

            else

            {

                Response.Clear();

                Response.Write("Error");

                Response.End();

            }

        }

        string GetSignature(string token, string timestamp, string nonce)

        {

            string[] strs = new string[] { token, timestamp, nonce };

            Array.Sort(strs);

            return System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(String.Join("", strs), "SHA1").ToLower();

        }

相关文章