/// <summary>
/// 验证签名,检验是否是从微信服务器上发出的请求
/// </summary>
/// <param name="model">请求参数模型 Model</param>
/// <returns>是否验证通过</returns>
private bool CheckSignature(WXRequestModel model)
{
string signature, timestamp, nonce, tempStr;
//获取请求来的参数
signature = model.signature;
timestamp = model.timestamp;
nonce = model.nonce;
//创建数组,将 Token, timestamp, nonce 三个参数加入数组
string[] array = { WXCommon.WX_TOKEN, timestamp, nonce };
//进行排序
Array.Sort(array);
//拼接为一个字符串
tempStr = String.Join("", array);
//对字符串进行 SHA1加密
tempStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tempStr, "SHA1").ToLower();
//判断signature 是否正确
if (tempStr.Equals(signature))
{
return(true);
}
else
{
return(false);
}
}
// GET: WXTest
public ActionResult Index()
{
string url = Request.Url.ToString();
WXRequestModel model = new WXRequestModel();
//model.AppID = "wxd2a8a39ae0787c30";
//model.AppSecret = "9e00204f95f7d060401d72dcf75d7a3e";
model.AppID = "wx24f55a573d938afb";
model.AppSecret = "279ab0e4bb200b692a358ba3ef2c2088";
model.TimeStamp = WXRequestModel.GetTimeStamp();
model.NonceStr = WXRequestModel.GetRandomString();
model.Signature = WXRequestModel.GetSignature(model.AppID, model.AppSecret, model.NonceStr, model.TimeStamp, url);
return(View(model));
}
