验证服务器有效性: 在微信验证页面上 get方法直接调用WechatCheckSerer方法就可以。
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
if (context.Request.HttpMethod.ToLower().Equals("get"))
{
chekSer.CheckServer(); //验证服务器有效性
}
else
{
//这是post
}
}
以下是验证代码
/// <summary>
/// 验证微信平台填写的服务器地址的有效性
/// </summary>
public class WechatCheckSerer
{
/// <summary>
/// 验证微信平台填写的服务器地址的有效性
/// </summary>
public void CheckServer()
{
string _token = "自己在微信后台填写 的token";
string _timestamp = HttpContext.Current.Request["timestamp"];
string _nonce = HttpContext.Current.Request["nonce"];
string _singature = HttpContext.Current.Request["signature"];
string _echostr = HttpContext.Current.Request["echostr"];
if (CheckSignAture(_token, _timestamp, _nonce, _singature))
{
if (!string.IsNullOrEmpty(_echostr))
{
HttpContext.Current.Response.Write(_echostr);
HttpContext.Current.Response.End();
}
}
}
/// <summary>
/// 验证签名是否一致
/// </summary>
/// <param name="token">微信平台设置的口令</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">随机数</param>
/// <param name="signature">微信加密签名</param>
/// <returns></returns>
public bool CheckSignAture(string token, string timestamp, string nonce, string signature)
{
string[] strs = new string[] { token, timestamp, nonce };//把参数放到数组
Array.Sort(strs);//加密/校验流程1、数组排序
string sign = string.Join("", strs);
sign = GetSHA1Str(sign);
if (sign == signature)
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// SHA1加密方法
/// </summary>
/// <param name="str">需要加密的字符串</param>
/// <returns></returns>
public string GetSHA1Str(string str)
{
byte[] _byte = Encoding.Default.GetBytes(str);
HashAlgorithm ha = new SHA1CryptoServiceProvider();
_byte = ha.ComputeHash(_byte);
StringBuilder sha1Str = new StringBuilder();
foreach (byte b in _byte)
{
sha1Str.AppendFormat("{0:x2}", b);
}
return sha1Str.ToString();
}
}