/// <summary> /// 验证消息是否是支付宝发出的合法消息 /// </summary> /// <param name="notifyId">通知验证ID</param> /// <param name="sign">支付宝生成的签名结果</param> /// <returns>验证结果</returns> public bool Verify(string notifyId, string sign) { //获取返回时的签名验证结果 bool isSign = GetSignVerify(sign); //获取是否是支付宝服务器发来的请求的验证结果 string responseText = "true"; if (!string.IsNullOrEmpty(notifyId)) { responseText = GetResponseText(notifyId); } //写日志记录(若要调试,请取消下面两行注释) string word = "responseTxt=" + responseText + "\n isSign=" + isSign + "\n 返回回来的参数:" + GetPreSignStr() + "\n "; AlipayCore.LogResult(word); //判断responseText是否为true,isSign是否为true //responseText的结果不是true,与服务器设置问题、合作身份者ID,notify_id一分钟失效有关 //isSign不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 bool isVerify = responseText == "true" && isSign; if (isVerify) { NotifyInfo = new AlipayNotifyInfo(_paras); } return(isVerify); }
/// <summary> /// 获取待签名字符串(调试用) /// </summary> /// <returns>待签名字符串</returns> public string GetPreSignStr() { //过滤空值、sign与signType参数 Dictionary <string, string> dictPara = AlipayCore.FilterPara(_paras); //获取待签名字符串 string preSignStr = AlipayCore.CreateLinkString(dictPara); return(preSignStr); }
/// <summary> /// 生成要请求给支付宝的参数数组 /// </summary> /// <param name="sParaTemp">请求前的参数数组</param> /// <param name="code">字符编码</param> /// <returns>要请求的参数数组字符串</returns> private static string BuildRequestParaToString(SortedDictionary <string, string> sParaTemp, Encoding code) { //待签名请求参数数组 Dictionary <string, string> sPara = BuildRequestPara(sParaTemp); //把参数组中所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串,并对参数值做urlencode string strRequestData = AlipayCore.CreateLinkStringUrlencode(sPara, code); return(strRequestData); }
/// <summary> /// 生成要请求给支付宝的参数数组 /// </summary> /// <param name="sParaTemp">请求前的参数数组</param> /// <returns>要请求的参数数组</returns> private static Dictionary <string, string> BuildRequestPara(SortedDictionary <string, string> sParaTemp) { //过滤签名参数数组 Dictionary <string, string> sPara = AlipayCore.FilterPara(sParaTemp); //获得签名结果 string mysign = BuildRequestMysign(sPara); //签名结果与签名方式加入请求提交参数组中 sPara.Add("sign", mysign); sPara.Add("sign_type", SignType); return(sPara); }
/// <summary> /// 生成请求时的签名 /// </summary> /// <param name="sPara">请求给支付宝的参数数组</param> /// <returns>签名结果</returns> private static string BuildRequestMysign(Dictionary <string, string> sPara) { //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 string prestr = AlipayCore.CreateLinkString(sPara); //把最终的字符串签名,获得签名结果 string mysign = string.Empty; switch (SignType) { case "MD5": mysign = HashHelper.GetMd5(prestr + Key, Encoding.GetEncoding(InputCharset)); break; } return(mysign); }
/// <summary> /// 获取返回时的签名验证结果 /// </summary> /// <param name="sign">对比签名结果的方式</param> /// <returns>签名验证结果</returns> private bool GetSignVerify(string sign) { //过滤空值、sign与signType参数 Dictionary <string, string> dictPara = AlipayCore.FilterPara(_paras); //获取待签名字符串 string perSignStr = AlipayCore.CreateLinkString(dictPara); bool isSign = false; if (!string.IsNullOrEmpty(sign)) { switch (_signType) { case "MD5": isSign = Md5Verify(perSignStr, sign, _key, _inputCharset); break; } } return(isSign); }