/// <summary> /// 验证签名,检验是否是从微信服务器上发出的请求 /// </summary> /// <param name="model">请求参数模型 Model</param> /// <returns>是否验证通过</returns> private bool CheckSignature(WXRequestModel model) { string signature, timestamp, nonce, tempStr; //获取请求来的参数 signature = model.signature; timestamp = model.timestamp; nonce = model.nonce; //创建数组,将 Token, timestamp, nonce 三个参数加入数组 string[] array = { WXCommon.WX_TOKEN, timestamp, nonce }; //进行排序 Array.Sort(array); //拼接为一个字符串 tempStr = String.Join("", array); //对字符串进行 SHA1加密 tempStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tempStr, "SHA1").ToLower(); //判断signature 是否正确 if (tempStr.Equals(signature)) { return(true); } else { return(false); } }
// GET: WXTest public ActionResult Index() { string url = Request.Url.ToString(); WXRequestModel model = new WXRequestModel(); //model.AppID = "wxd2a8a39ae0787c30"; //model.AppSecret = "9e00204f95f7d060401d72dcf75d7a3e"; model.AppID = "wx24f55a573d938afb"; model.AppSecret = "279ab0e4bb200b692a358ba3ef2c2088"; model.TimeStamp = WXRequestModel.GetTimeStamp(); model.NonceStr = WXRequestModel.GetRandomString(); model.Signature = WXRequestModel.GetSignature(model.AppID, model.AppSecret, model.NonceStr, model.TimeStamp, url); return(View(model)); }