public void CheckUrl(HttpContext context) { //公众平台上开发者设置的token, corpID, EncodingAESKey string sToken = ConfigurationManager.AppSettings["Token"].ToString(); string sCorpID = ConfigurationManager.AppSettings["CorpID"].ToString(); string sEncodingAESKey = ConfigurationManager.AppSettings["EncodingAESKey"].ToString(); Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); string sVerifyMsgSig = context.Request.QueryString["msg_signature"]; string sVerifyTimeStamp = context.Request.QueryString["timestamp"]; string sVerifyNonce = context.Request.QueryString["nonce"]; string sVerifyEchoStr = context.Request.QueryString["echostr"]; int ret = 0; string sEchoStr = ""; try { ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { context.Response.Write("ERR: VerifyURL fail, ret: " + ret); } else { context.Response.Write(sEchoStr); } } catch { context.Response.Write("error: " + ret); } }
//範例一:驗證回調URL public long Get(String msg_signature, String timestamp, String nonce, String echostr) { //企业微信后台开发者设置的token, corpID, EncodingAESKey string sToken = "5WQvoxc7HKzxSWKCc3O"; string sCorpID = "wwb2491d1e47ba94f8"; string sEncodingAESKey = "4CyeXxKsWzkYMxepDmdUHzNYHQoJ6QbAFPVN8OvUG4p"; //string sToken = "QDG6eK"; //string sCorpID = "wx5823bf96d3bd56c7"; //string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; /* * ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业微信会向验证url发送一个get请求 * 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及企业微信推送过来的随机加密字符串(echostr), * 这一步注意作URL解码。 * 2.验证消息体签名的正确性 * 3.解密出echostr原文,将原文当作Get请求的response,返回给企业微信 * 第2,3步可以用企业微信提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); // string sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature"); //string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; string sVerifyMsgSig = msg_signature; // string sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp"); //string sVerifyTimeStamp = "1409659589"; string sVerifyTimeStamp = timestamp; // string sVerifyNonce = HttpUtils.ParseUrl("nonce"); //string sVerifyNonce = "263014780"; string sVerifyNonce = nonce; // string sVerifyEchoStr = HttpUtils.ParseUrl("echostr"); //string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; string sVerifyEchoStr = echostr; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); //return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业微信。 // HttpUtils.SetResponse(sEchoStr); //return sEchoStr; return(Convert.ToInt64(sEchoStr)); }
/// <summary> /// 处理企业号的信息 /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { //公众平台上开发者设置的token, corpID, EncodingAESKey string sToken = "OnlineServiceHandler"; string sCorpID = "wx31204de5a3ae758e"; string sEncodingAESKey = "rEsvuhPLljasjaUdx7nbcXvAEwishtl2KuvEQQ3J8F3"; logger.Info(context.Request.Url.AbsoluteUri); /* ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业号会向验证url发送一个get请求 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及公众平台推送过来的随机加密字符串(echostr), 这一步注意作URL解码。 2.验证消息体签名的正确性 3.解密出echostr原文,将原文当作Get请求的response,返回给公众平台 第2,3步可以用公众平台提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); System.Collections.Specialized.NameValueCollection queryStrings = context.Request.QueryString; context.Request.ContentEncoding = System.Text.Encoding.UTF8; string sVerifyMsgSig = queryStrings["msg_signature"]; string sVerifyTimeStamp = queryStrings["timestamp"]; string sVerifyNonce = queryStrings["nonce"]; string sVerifyEchoStr = queryStrings["echostr"]; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); logger.Info("sVerifyMsgSig=" + sVerifyMsgSig); logger.Info("sVerifyTimeStamp=" + sVerifyTimeStamp); logger.Info("sVerifyNonce=" + sVerifyNonce); logger.Info("sVerifyEchoStr=" + sVerifyEchoStr); logger.Info("sEchoStr=" + sEchoStr); logger.Info("ret=" + ret); if (ret != 0) { logger.Info("ERR: VerifyURL fail, ret: " + ret); System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业号。 context.Response.Write(sEchoStr); // HttpUtils.SetResponse(sEchoStr); }
public override void handleGETRequest(HttpProcessor p) { Console.WriteLine("request: {0}", p.http_url); //企业微信后台开发者设置的token, corpID, EncodingAESKey /* * ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业微信会向验证url发送一个get请求 * 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及企业微信推送过来的随机加密字符串(echostr), * 这一步注意作URL解码。 * 2.验证消息体签名的正确性 * 3.解密出echostr原文,将原文当作Get请求的response,返回给企业微信 * 第2,3步可以用企业微信提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); string all_str = p.http_url; all_str = all_str.Substring(all_str.IndexOf("?") + 1); string[] parm = all_str.Split('&'); // string sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature"); string sVerifyMsgSig = HttpUtility.UrlDecode(parm[0].Substring(parm[0].IndexOf("=") + 1)); // string sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp"); string sVerifyTimeStamp = HttpUtility.UrlDecode(parm[1].Substring(parm[1].IndexOf("=") + 1)); // string sVerifyNonce = HttpUtils.ParseUrl("nonce"); string sVerifyNonce = HttpUtility.UrlDecode(parm[2].Substring(parm[2].IndexOf("=") + 1)); // string sVerifyEchoStr = HttpUtils.ParseUrl("echostr"); string sVerifyEchoStr = HttpUtility.UrlDecode(parm[3].Substring(parm[3].IndexOf("=") + 1)); int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业微信。 // HttpUtils.SetResponse(sEchoStr); p.writeSuccess(); p.outputStream.WriteLine(sEchoStr); }
/// <summary> /// 验证企业号签名 /// </summary> /// <param name="token">企业号配置的Token</param> /// <param name="signature">签名内容</param> /// <param name="timestamp">时间戳</param> /// <param name="nonce">nonce参数</param> /// <param name="corpId">企业号ID标识</param> /// <param name="encodingAESKey">加密键</param> /// <param name="echostr">内容字符串</param> /// <param name="retEchostr">返回的字符串</param> /// <returns></returns> public bool CheckSignature(string token, string signature, string timestamp, string nonce, string corpId, string encodingAESKey, string echostr, ref string retEchostr) { Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(token, encodingAESKey, corpId); int result = wxcpt.VerifyURL(signature, timestamp, nonce, echostr, ref retEchostr); if (result != 0) { //LogTextHelper.Error("ERR: VerifyURL fail, ret: " + result); return(false); } return(true); //ret==0表示验证成功,retEchostr参数表示明文,用户需要将retEchostr作为get请求的返回参数,返回给企业号。 // HttpUtils.SetResponse(retEchostr); }
protected virtual string Auth() { var Request = System.Web.HttpContext.Current.Request; if (HasEncryption()) { string echoString = Request.QueryString["echoStr"]; string signature = Request.QueryString["msg_signature"];//企业号的 msg_signature string timestamp = Request.QueryString["timestamp"]; string nonce = Request.QueryString["nonce"]; Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(GetToken(), GetEncodingAESKey(), GetAppID()); string decryptEchoString = ""; wxcpt.VerifyURL(signature, timestamp, nonce, echoString, ref decryptEchoString); return(decryptEchoString); } else { string echoStr = Request.QueryString["echoStr"]; return(echoStr); } }
//驗證回調URL public long Get(String msg_signature, String timestamp, String nonce, String echostr) { //企业微信后台开发者设置的token, corpID, EncodingAESKey string sToken = "5WQvoxc7HKzxSWKCc3O"; string sCorpID = "wwb2491d1e47ba94f8"; string sEncodingAESKey = "4CyeXxKsWzkYMxepDmdUHzNYHQoJ6QbAFPVN8OvUG4p"; /* * ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业微信会向验证url发送一个get请求 * 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及企业微信推送过来的随机加密字符串(echostr), * 这一步注意作URL解码。 * 2.验证消息体签名的正确性 * 3.解密出echostr原文,将原文当作Get请求的response,返回给企业微信 * 第2,3步可以用企业微信提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); string sVerifyMsgSig = msg_signature; string sVerifyTimeStamp = timestamp; string sVerifyNonce = nonce; string sVerifyEchoStr = echostr; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { return(ret); } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业微信。 return(Convert.ToInt64(sEchoStr)); }
public string Get(String msg_signature) { //企业微信后台开发者设置的token, corpID, EncodingAESKey string sToken = "QDG6eK"; string sCorpID = "wx5823bf96d3bd56c7"; string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; /* * ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业微信会向验证url发送一个get请求 * 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及企业微信推送过来的随机加密字符串(echostr), * 这一步注意作URL解码。 * 2.验证消息体签名的正确性 * 3.解密出echostr原文,将原文当作Get请求的response,返回给企业微信 * 第2,3步可以用企业微信提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); // string sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature"); //string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; string sVerifyMsgSig = msg_signature; // string sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp"); string sVerifyTimeStamp = "1409659589"; // string sVerifyNonce = HttpUtils.ParseUrl("nonce"); string sVerifyNonce = "263014780"; // string sVerifyEchoStr = HttpUtils.ParseUrl("echostr"); string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); //return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业微信。 // HttpUtils.SetResponse(sEchoStr); return(sEchoStr); /* * ------------使用示例二:对用户回复的消息解密--------------- * 用户回复消息或者点击事件响应时,企业会收到回调消息,此消息是经过企业微信加密之后的密文以post形式发送给企业,密文格式请参考官方文档 * 假设企业收到企业微信的回调消息如下: * POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1 * Host: qy.weixin.qq.com * Content-Length: 613 * <xml> <ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt> * <AgentID><![CDATA[218]]></AgentID> * </xml> * * 企业收到post请求之后应该 1.解析出url上的参数,包括消息体签名(msg_signature),时间戳(timestamp)以及随机数字串(nonce) * 2.验证消息体签名的正确性。 * 3.将post请求的数据进行xml解析,并将<Encrypt>标签的内容进行解密,解密出来的明文即是用户回复消息的明文,明文格式请参考官方文档 * 第2,3步可以用企业微信提供的库函数DecryptMsg来实现。 */ /* * // string sReqMsgSig = HttpUtils.ParseUrl("msg_signature"); * string sReqMsgSig = "477715d11cdb4164915debcba66cb864d751f3e6"; * // string sReqTimeStamp = HttpUtils.ParseUrl("timestamp"); * string sReqTimeStamp = "1409659813"; * // string sReqNonce = HttpUtils.ParseUrl("nonce"); * string sReqNonce = "1372623149"; * // Post请求的密文数据 * // string sReqData = HttpUtils.PostData(); * string sReqData = "<xml><ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt><AgentID><![CDATA[218]]></AgentID></xml>"; * string sMsg = ""; // 解析之后的明文 * ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); * if (ret != 0) * { * System.Console.WriteLine("ERR: Decrypt Fail, ret: " + ret); * //return; * } * // ret==0表示解密成功,sMsg表示解密之后的明文xml串 * // TODO: 对明文的处理 * // For example: * XmlDocument doc = new XmlDocument(); * doc.LoadXml(sMsg); * XmlNode root = doc.FirstChild; * string content = root["Content"].InnerText; * System.Console.WriteLine(content); * // ... * // ... */ /* * ------------使用示例三:企业回复用户消息的加密--------------- * 企业被动回复用户的消息也需要进行加密,并且拼接成密文格式的xml串。 * 假设企业需要回复用户的明文如下: * <xml> * <ToUserName><![CDATA[mycreate]]></ToUserName> * <FromUserName><![CDATA[wx5823bf96d3bd56c7]]></FromUserName> * <CreateTime>1348831860</CreateTime> * <MsgType><![CDATA[text]]></MsgType> * <Content><![CDATA[this is a test]]></Content> * <MsgId>1234567890123456</MsgId> * <AgentID>128</AgentID> * </xml> * * 为了将此段明文回复给用户,企业应: 1.自己生成时间时间戳(timestamp),随机数字串(nonce)以便生成消息体签名,也可以直接用从企业微信的post url上解析出的对应值。 * 2.将明文加密得到密文。 3.用密文,步骤1生成的timestamp,nonce和企业在企业微信设定的token生成消息体签名。 4.将密文,消息体签名,时间戳,随机数字串拼接成xml格式的字符串,发送给企业。 * 以上2,3,4步可以用企业微信提供的库函数EncryptMsg来实现。 */ /* * // 需要发送的明文 * string sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[wx582396d3bd56c7]]></FromUserName><CreateTime>1348831860</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is a test]]></Content><MsgId>1234567890123456</MsgId><AgentID>128</AgentID></xml>"; * string sEncryptMsg = ""; //xml格式的密文 * ret = wxcpt.EncryptMsg(sRespData, sReqTimeStamp, sReqNonce, ref sEncryptMsg); * if (ret != 0) * { * System.Console.WriteLine("ERR: EncryptMsg Fail, ret: " + ret); * //return; * } * // TODO: * // 加密成功,企业需要将加密之后的sEncryptMsg返回 * // HttpUtils.SetResponse(sEncryptMsg); */ }
static void Test(string[] args) { //公众平台上开发者设置的token, corpID, EncodingAESKey string sToken = "QDG6eK"; string sCorpID = "wx5823bf96d3bd56c7"; string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; /* ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业号会向验证url发送一个get请求 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及公众平台推送过来的随机加密字符串(echostr), 这一步注意作URL解码。 2.验证消息体签名的正确性 3.解密出echostr原文,将原文当作Get请求的response,返回给公众平台 第2,3步可以用公众平台提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); // string sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature"); string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; // string sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp"); string sVerifyTimeStamp = "1409659589"; // string sVerifyNonce = HttpUtils.ParseUrl("nonce"); string sVerifyNonce = "263014780"; // string sVerifyEchoStr = HttpUtils.ParseUrl("echostr"); string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret ); return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业号。 // HttpUtils.SetResponse(sEchoStr); /* ------------使用示例二:对用户回复的消息解密--------------- 用户回复消息或者点击事件响应时,企业会收到回调消息,此消息是经过公众平台加密之后的密文以post形式发送给企业,密文格式请参考官方文档 假设企业收到公众平台的回调消息如下: POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1 Host: qy.weixin.qq.com Content-Length: 613 <xml> <ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt> <AgentID><![CDATA[218]]></AgentID> </xml> 企业收到post请求之后应该 1.解析出url上的参数,包括消息体签名(msg_signature),时间戳(timestamp)以及随机数字串(nonce) 2.验证消息体签名的正确性。 3.将post请求的数据进行xml解析,并将<Encrypt>标签的内容进行解密,解密出来的明文即是用户回复消息的明文,明文格式请参考官方文档 第2,3步可以用公众平台提供的库函数DecryptMsg来实现。 */ // string sReqMsgSig = HttpUtils.ParseUrl("msg_signature"); string sReqMsgSig = "477715d11cdb4164915debcba66cb864d751f3e6"; // string sReqTimeStamp = HttpUtils.ParseUrl("timestamp"); string sReqTimeStamp = "1409659813"; // string sReqNonce = HttpUtils.ParseUrl("nonce"); string sReqNonce = "1372623149"; // Post请求的密文数据 // string sReqData = HttpUtils.PostData(); string sReqData = "<xml><ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt><AgentID><![CDATA[218]]></AgentID></xml>"; string sMsg = ""; // 解析之后的明文 ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); if (ret != 0) { System.Console.WriteLine("ERR: Decrypt Fail, ret: " + ret); return; } // ret==0表示解密成功,sMsg表示解密之后的明文xml串 // TODO: 对明文的处理 // For example: XmlDocument doc = new XmlDocument(); doc.LoadXml(sMsg); XmlNode root = doc.FirstChild; string content = root["Content"].InnerText; System.Console.WriteLine(content); // ... // ... /* ------------使用示例三:企业回复用户消息的加密--------------- 企业被动回复用户的消息也需要进行加密,并且拼接成密文格式的xml串。 假设企业需要回复用户的明文如下: <xml> <ToUserName><![CDATA[mycreate]]></ToUserName> <FromUserName><![CDATA[wx5823bf96d3bd56c7]]></FromUserName> <CreateTime>1348831860</CreateTime> <MsgType><![CDATA[text]]></MsgType> <Content><![CDATA[this is a test]]></Content> <MsgId>1234567890123456</MsgId> <AgentID>128</AgentID> </xml> 为了将此段明文回复给用户,企业应: 1.自己生成时间时间戳(timestamp),随机数字串(nonce)以便生成消息体签名,也可以直接用从公众平台的post url上解析出的对应值。 2.将明文加密得到密文。 3.用密文,步骤1生成的timestamp,nonce和企业在公众平台设定的token生成消息体签名。 4.将密文,消息体签名,时间戳,随机数字串拼接成xml格式的字符串,发送给企业。 以上2,3,4步可以用公众平台提供的库函数EncryptMsg来实现。 */ // 需要发送的明文 string sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[wx582396d3bd56c7]]></FromUserName><CreateTime>1348831860</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is a test]]></Content><MsgId>1234567890123456</MsgId><AgentID>128</AgentID></xml>"; string sEncryptMsg = ""; //xml格式的密文 ret = wxcpt.EncryptMsg(sRespData, sReqTimeStamp, sReqNonce, ref sEncryptMsg); if( ret!=0 ) { System.Console.WriteLine("ERR: EncryptMsg Fail, ret: " + ret); return; } // TODO: // 加密成功,企业需要将加密之后的sEncryptMsg返回 // HttpUtils.SetResponse(sEncryptMsg); return; }
static void Main(string[] args) { //公众平台上开发者设置的token, corpID, EncodingAESKey string sToken = "QDG6eK"; string sCorpID = "wx5823bf96d3bd56c7"; string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); /* * 假定公众平台上开发者设置的Token * 1. 验证回调URL * 点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * 接收到该请求时,企业应1.先验证签名的正确性 2. 解密出echostr原文。 * 以上两步用verifyURL完成 */ //解析出url上的参数值如下: string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; string sVerifyTimeStamp = "1409659589"; string sVerifyNonce = "263014780"; string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); string input3 = System.Console.ReadLine(); return; } System.Console.WriteLine(sEchoStr); /* 2. 对用户回复的数据进行解密。 * 用户回复消息或者点击事件响应时,企业会收到回调消息,假设企业收到的推送消息: * POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1 * Host: qy.weixin.qq.com * Content-Length: 613 * * <xml> * <ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName> * <Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt> * <AgentID><![CDATA[218]]></AgentID> * </xml> */ string sReqMsgSig = "477715d11cdb4164915debcba66cb864d751f3e6"; string sReqTimeStamp = "1409659813"; string sReqNonce = "1372623149"; string sReqData = "<xml><ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt><AgentID><![CDATA[218]]></AgentID></xml>"; string sMsg = ""; //解析之后的明文 ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); if (ret != 0) { System.Console.WriteLine("ERR: Decrypt fail, ret: " + ret); return; } System.Console.WriteLine(sMsg); /* * 3. 企业回复用户消息也需要加密和拼接xml字符串。 * 假设企业需要回复用户的消息为: * <xml> * <ToUserName><![CDATA[mycreate]]></ToUserName> * <FromUserName><![CDATA[wx5823bf96d3bd56c7]]></FromUserName> * <CreateTime>1348831860</CreateTime> * <MsgType><![CDATA[text]]></MsgType> * <Content><![CDATA[this is a test]]></Content> * <MsgId>1234567890123456</MsgId> * <AgentID>128</AgentID> * </xml> * 生成xml格式的加密消息过程为: */ string sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[wx582测试一下中文的情况,消息长度是按字节来算的396d3bd56c7]]></FromUserName><CreateTime>1348831860</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is这是一个中文测试 a test]]></Content><MsgId>1234567890123456</MsgId><AgentID>128</AgentID></xml>"; string sEncryptMsg = ""; //xml格式的密文 ret = wxcpt.EncryptMsg(sRespData, sReqTimeStamp, sReqNonce, ref sEncryptMsg); System.Console.WriteLine("sEncryptMsg"); System.Console.WriteLine(sEncryptMsg); /*测试: * 将sEncryptMsg解密看看是否是原文 * */ XmlDocument doc = new XmlDocument(); doc.LoadXml(sEncryptMsg); XmlNode root = doc.FirstChild; string sig = root["MsgSignature"].InnerText; string enc = root["Encrypt"].InnerText; string timestamp = root["TimeStamp"].InnerText; string nonce = root["Nonce"].InnerText; string stmp = ""; ret = wxcpt.DecryptMsg(sig, timestamp, nonce, sEncryptMsg, ref stmp); System.Console.WriteLine("stemp"); System.Console.WriteLine(stmp + ret); return; }
static void Main(string[] args) { //公众平台上开发者设置的token, corpID, EncodingAESKey string sToken = "QDG6eK"; string sCorpID = "wx5823bf96d3bd56c7"; string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); /* * 假定公众平台上开发者设置的Token 1. 验证回调URL * 点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.WeiXin.qq.com * 接收到该请求时,企业应1.先验证签名的正确性 2. 解密出echostr原文。 * 以上两步用verifyURL完成 */ //解析出url上的参数值如下: string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; string sVerifyTimeStamp = "1409659589"; string sVerifyNonce = "263014780"; string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret ); string input3 = System.Console.ReadLine(); return; } System.Console.WriteLine(sEchoStr); /* 2. 对用户回复的数据进行解密。 * 用户回复消息或者点击事件响应时,企业会收到回调消息,假设企业收到的推送消息: * POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1 Host: qy.WeiXin.qq.com Content-Length: 613 * * <xml> <ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName> <Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt> <AgentID><![CDATA[218]]></AgentID> </xml> */ string sReqMsgSig = "477715d11cdb4164915debcba66cb864d751f3e6"; string sReqTimeStamp = "1409659813"; string sReqNonce = "1372623149"; string sReqData = "<xml><ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt><AgentID><![CDATA[218]]></AgentID></xml>"; string sMsg = ""; //解析之后的明文 ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); if (ret != 0) { System.Console.WriteLine("ERR: Decrypt fail, ret: " + ret); return; } System.Console.WriteLine(sMsg); /* * 3. 企业回复用户消息也需要加密和拼接xml字符串。 * 假设企业需要回复用户的消息为: * <xml> * <ToUserName><![CDATA[mycreate]]></ToUserName> * <FromUserName><![CDATA[wx5823bf96d3bd56c7]]></FromUserName> * <CreateTime>1348831860</CreateTime> <MsgType><![CDATA[text]]></MsgType> * <Content><![CDATA[this is a test]]></Content> * <MsgId>1234567890123456</MsgId> * <AgentID>128</AgentID> * </xml> * 生成xml格式的加密消息过程为: */ string sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[wx582测试一下中文的情况,消息长度是按字节来算的396d3bd56c7]]></FromUserName><CreateTime>1348831860</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is这是一个中文测试 a test]]></Content><MsgId>1234567890123456</MsgId><AgentID>128</AgentID></xml>"; string sEncryptMsg = ""; //xml格式的密文 ret = wxcpt.EncryptMsg(sRespData, sReqTimeStamp, sReqNonce, ref sEncryptMsg); System.Console.WriteLine("sEncryptMsg"); System.Console.WriteLine(sEncryptMsg); /*测试: * 将sEncryptMsg解密看看是否是原文 * */ XmlDocument doc = new XmlDocument(); doc.LoadXml(sEncryptMsg); XmlNode root = doc.FirstChild; string sig = root["MsgSignature"].InnerText; string enc = root["Encrypt"].InnerText; string timestamp = root["TimeStamp"].InnerText; string nonce = root["Nonce"].InnerText; string stmp = ""; ret = wxcpt.DecryptMsg(sig, timestamp, nonce, sEncryptMsg, ref stmp); System.Console.WriteLine("stemp"); System.Console.WriteLine(stmp + ret); return; }
static void Main(string[] args) { //企业微信后台开发者设置的token, corpID, EncodingAESKey string sToken = "QDG6eK"; string sCorpID = "wx5823bf96d3bd56c7"; string sEncodingAESKey = "jWmYm7qr5nMoAUwZRjGtBxmz3KA1tkAj3ykkR6q2B2C"; /* * ------------使用示例一:验证回调URL--------------- *企业开启回调模式时,企业微信会向验证url发送一个get请求 * 假设点击验证时,企业收到类似请求: * GET /cgi-bin/wxpush?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3×tamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D * HTTP/1.1 Host: qy.weixin.qq.com * * 接收到该请求时,企业应 1.解析出Get请求的参数,包括消息体签名(msg_signature),时间戳(timestamp),随机数字串(nonce)以及企业微信推送过来的随机加密字符串(echostr), * 这一步注意作URL解码。 * 2.验证消息体签名的正确性 * 3.解密出echostr原文,将原文当作Get请求的response,返回给企业微信 * 第2,3步可以用企业微信提供的库函数VerifyURL来实现。 */ Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); // string sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature"); string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; // string sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp"); string sVerifyTimeStamp = "1409659589"; // string sVerifyNonce = HttpUtils.ParseUrl("nonce"); string sVerifyNonce = "263014780"; // string sVerifyEchoStr = HttpUtils.ParseUrl("echostr"); string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); return; } //ret==0表示验证成功,sEchoStr参数表示明文,用户需要将sEchoStr作为get请求的返回参数,返回给企业微信。 // HttpUtils.SetResponse(sEchoStr); /* * ------------使用示例二:对用户回复的消息解密--------------- * 用户回复消息或者点击事件响应时,企业会收到回调消息,此消息是经过企业微信加密之后的密文以post形式发送给企业,密文格式请参考官方文档 * 假设企业收到企业微信的回调消息如下: * POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1 * Host: qy.weixin.qq.com * Content-Length: 613 * <xml> <ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt> * <AgentID><![CDATA[218]]></AgentID> * </xml> * * 企业收到post请求之后应该 1.解析出url上的参数,包括消息体签名(msg_signature),时间戳(timestamp)以及随机数字串(nonce) * 2.验证消息体签名的正确性。 * 3.将post请求的数据进行xml解析,并将<Encrypt>标签的内容进行解密,解密出来的明文即是用户回复消息的明文,明文格式请参考官方文档 * 第2,3步可以用企业微信提供的库函数DecryptMsg来实现。 */ // string sReqMsgSig = HttpUtils.ParseUrl("msg_signature"); string sReqMsgSig = "477715d11cdb4164915debcba66cb864d751f3e6"; // string sReqTimeStamp = HttpUtils.ParseUrl("timestamp"); string sReqTimeStamp = "1409659813"; // string sReqNonce = HttpUtils.ParseUrl("nonce"); string sReqNonce = "1372623149"; // Post请求的密文数据 // string sReqData = HttpUtils.PostData(); // <xml> // <ToUserName><![CDATA[ww7f78b8efd38dc961]]></ToUserName> // <Encrypt><![CDATA[+SBHr/1G0C+ggjFOzw0Eol/1GKvkk3F3qecELKH5UFJoRs76YWTIn8KtGWjvdi1fHqBQS94q01UYsVmDj8Nx4Kjy18Jd6DwOmpyh10IYnXDjfdpMWKTYzbHq7BUCv4B3u2kd6MOb0gQJMPjj8tg2aoFYdds2KSNLzybuHgxFhYi8VeJIE/DhdmudgdVGAxVV1J7GOClpt1xxq1OxzqXpLePz+LohTvqZDtwtiBCdLGVUtXW8Tm+AILQu1ApwIbVIDLLD6GXPaffYPmEZ3qeCpkmRaRy7f1pHaAuGL9lBBQmqnZSZgdJQ8R8fXlVMaZywN6fyXQdexKvIYW2MsWF5szTjXanm2WCq73j8JviVXxjhN6RdQkVv7Wm2ESDcsZHdKrCoXACsyCbCMSVvmrorD+8Kd611X8mn2OdoABXSn/c=]]></Encrypt> // <AgentID><![CDATA[1000002]]></AgentID> //</xml> string sReqData = "<xml><ToUserName><![CDATA[wx5823bf96d3bd56c7]]></ToUserName><Encrypt><![CDATA[RypEvHKD8QQKFhvQ6QleEB4J58tiPdvo+rtK1I9qca6aM/wvqnLSV5zEPeusUiX5L5X/0lWfrf0QADHHhGd3QczcdCUpj911L3vg3W/sYYvuJTs3TUUkSUXxaccAS0qhxchrRYt66wiSpGLYL42aM6A8dTT+6k4aSknmPj48kzJs8qLjvd4Xgpue06DOdnLxAUHzM6+kDZ+HMZfJYuR+LtwGc2hgf5gsijff0ekUNXZiqATP7PF5mZxZ3Izoun1s4zG4LUMnvw2r+KqCKIw+3IQH03v+BCA9nMELNqbSf6tiWSrXJB3LAVGUcallcrw8V2t9EL4EhzJWrQUax5wLVMNS0+rUPA3k22Ncx4XXZS9o0MBH27Bo6BpNelZpS+/uh9KsNlY6bHCmJU9p8g7m3fVKn28H3KDYA5Pl/T8Z1ptDAVe0lXdQ2YoyyH2uyPIGHBZZIs2pDBS8R07+qN+E7Q==]]></Encrypt><AgentID><![CDATA[218]]></AgentID></xml>"; string sMsg = ""; // 解析之后的明文 ret = wxcpt.DecryptMsg(sReqMsgSig, sReqTimeStamp, sReqNonce, sReqData, ref sMsg); if (ret != 0) { System.Console.WriteLine("ERR: Decrypt Fail, ret: " + ret); return; } // ret==0表示解密成功,sMsg表示解密之后的明文xml串 // TODO: 对明文的处理 // For example: XmlDocument doc = new XmlDocument(); doc.LoadXml(sMsg); XmlNode root = doc.FirstChild; string content = root["Content"].InnerText; System.Console.WriteLine(content); // ... // ... /* * ------------使用示例三:企业回复用户消息的加密--------------- * 企业被动回复用户的消息也需要进行加密,并且拼接成密文格式的xml串。 * 假设企业需要回复用户的明文如下: * <xml> * <ToUserName><![CDATA[mycreate]]></ToUserName> * <FromUserName><![CDATA[wx5823bf96d3bd56c7]]></FromUserName> * <CreateTime>1348831860</CreateTime> * <MsgType><![CDATA[text]]></MsgType> * <Content><![CDATA[this is a test]]></Content> * <MsgId>1234567890123456</MsgId> * <AgentID>128</AgentID> * </xml> * * 为了将此段明文回复给用户,企业应: 1.自己生成时间时间戳(timestamp),随机数字串(nonce)以便生成消息体签名,也可以直接用从企业微信的post url上解析出的对应值。 * 2.将明文加密得到密文。 3.用密文,步骤1生成的timestamp,nonce和企业在企业微信设定的token生成消息体签名。 4.将密文,消息体签名,时间戳,随机数字串拼接成xml格式的字符串,发送给企业。 * 以上2,3,4步可以用企业微信提供的库函数EncryptMsg来实现。 */ // 需要发送的明文 string sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[wx582396d3bd56c7]]></FromUserName><CreateTime>1348831860</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[this is a test]]></Content><MsgId>1234567890123456</MsgId><AgentID>128</AgentID></xml>"; string sEncryptMsg = ""; //xml格式的密文 ret = wxcpt.EncryptMsg(sRespData, sReqTimeStamp, sReqNonce, ref sEncryptMsg); if (ret != 0) { System.Console.WriteLine("ERR: EncryptMsg Fail, ret: " + ret); return; } // TODO: // 加密成功,企业需要将加密之后的sEncryptMsg返回 // HttpUtils.SetResponse(sEncryptMsg); return; }
public void ProcessRequest(HttpContext param_context) { HttpContext.Current.Response.ContentType = "text/plain"; // string postString = string.Empty; string postString = ""; if (HttpContext.Current.Request.HttpMethod.ToUpper() == "POST") { using (Stream stream = HttpContext.Current.Request.InputStream) { Byte[] postBytes = new Byte[stream.Length]; stream.Read(postBytes, 0, (Int32)stream.Length); // postString = Encoding.UTF8.GetString(postBytes); postString = Encoding.Default.GetString(postBytes); //Handle(postString); //接收xml数据包后解密 string PostData = postString; string sToken = "D2op9SR8HV4U5vVL7p1bKFm2fjLdXV8"; string sCorpID = "wx4fbb38c93e921603"; string sEncodingAESKey = "vQrIN6MevZ2RJekY79C0RC19Fe4KNcvI6UM4IQvGeWq"; Tencent.WXBizMsgCrypt Msg = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); int ret = 0; string sMsg = ""; string MsgSig = HttpContext.Current.Request.QueryString["msg_signature"]; string TimeStamp = HttpContext.Current.Request.QueryString["timestamp"]; string Nonce = HttpContext.Current.Request.QueryString["nonce"]; ret = Msg.DecryptMsg(MsgSig, TimeStamp, Nonce, PostData, ref sMsg); //System.Console.WriteLine(sMsg); //将解析后的Xml数据写入文件 // string txt = sMsg; StreamWriter sw = new StreamWriter(@"E:\程序库\Data1.txt"); sw.WriteLine(sMsg); sw.Flush(); sw.Close(); AnalyzeXml(sMsg);//解析Xml消息 Reply_Msg(TimeStamp, Nonce, sMsg, Choose_EventKey);//回复消息 // Handle(sMsg); } } else { //获取Access_token令牌 // createMenu Get_access = new createMenu(); // Access_tok = Get_access.Get_Access_token("wx4fbb38c93e921603", "O1Ftul_DfvuGJwzZOmUKfGCGJBollEvDk-RqFjxuthumfN3HDbpnareA8mK7LShA"); // Uploadfile("E:\\weixin_api\\pic\\002.jpg", Access_tok, "image"); // Uploadfile("E:\\weixin_api\\music\\001.mp3", Access_tok, "voice"); // Uploadfile("E:\\weixin_api\\video\\001.mp4", Access_tok, "video"); //param_context.Response.Write(HttpContext.Current.Response.ContentType);//表示服务器正在运行 //InterfaceTest();//订阅号验证成为开发者 //团队号验证回调模式 string sToken = "D2op9SR8HV4U5vVL7p1bKFm2fjLdXV8"; string sCorpID = "wx4fbb38c93e921603"; string sEncodingAESKey = "vQrIN6MevZ2RJekY79C0RC19Fe4KNcvI6UM4IQvGeWq"; Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); string VerifyMsgSig = HttpContext.Current.Request.QueryString["msg_signature"]; string VerifyTimeStamp = HttpContext.Current.Request.QueryString["timestamp"]; string VerifyNonce = HttpContext.Current.Request.QueryString["nonce"]; string VerifyEchoStr = HttpContext.Current.Request.QueryString["echoStr"]; string sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3"; string sVerifyTimeStamp = "1409659589"; string sVerifyNonce = "263014780"; string sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ=="; if (VerifyEchoStr != null) { sVerifyMsgSig = VerifyMsgSig; sVerifyTimeStamp = VerifyTimeStamp; sVerifyNonce = VerifyNonce; sVerifyEchoStr = VerifyEchoStr; } int ret = 0; string sEchoStr = ""; ret = wxcpt.VerifyURL(sVerifyMsgSig, sVerifyTimeStamp, sVerifyNonce, sVerifyEchoStr, ref sEchoStr); if (ret != 0) { System.Console.WriteLine("ERR: VerifyURL fail, ret: " + ret); return; } } }
public async Task <string> ReceiveMessage(string msg_signature, string timestamp, string nonce, string echostr) { Logger.WriteLog(Utility.Constants.LogLevel.Debug, "微信传入参数", new { msg_signature, timestamp, nonce, echostr }); //企业微信后台开发者设置的token, corpID, EncodingAESKey string sToken = "wKB3j3POS33LqEy2vTEhiTzh"; string sCorpID = "ww1c5ca8f9af6164f4"; string sEncodingAESKey = "sV96P5yUsG64zuAPQqLDgayL4jdvx7HIDJrlMf8jIWf"; var wxcpt = new Tencent.WXBizMsgCrypt(sToken, sEncodingAESKey, sCorpID); int ret = 0; string result = ""; if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase)) { string sReqData; using (var streamReader = new StreamReader(Request.Body)) { sReqData = await streamReader.ReadToEndAsync(); } Logger.WriteLog(Utility.Constants.LogLevel.Debug, "微信接收数据", sReqData); ret = wxcpt.DecryptMsg(msg_signature, timestamp, nonce, sReqData, ref result); if (ret != 0) { return("fail"); } Logger.WriteLog(Utility.Constants.LogLevel.Debug, "微信解密数据", result); var gatewayData = new GatewayData(DataFormat.Xml, result); var content = gatewayData.GetValue <string>("Content"); if (!string.IsNullOrEmpty(content)) { var message = ""; if (int.TryParse(content, out int id)) { message = await _userInfoService.GetStockMessageByIdAsync(id); } else { message = await _userInfoService.GetStockTradeByNameAsync(content); } string sRespData = $"<xml><ToUserName><![CDATA[{gatewayData.GetValue<string>("FromUserName")}]]></ToUserName><FromUserName><![CDATA[{sCorpID}]]></FromUserName><CreateTime>{gatewayData.GetValue<string>("CreateTime")}</CreateTime><MsgType><![CDATA[text]]></MsgType><Content><![CDATA[{message}]]></Content><MsgId>{gatewayData.GetValue<string>("MsgId")}</MsgId><AgentID>{gatewayData.GetValue<string>("AgentID")}</AgentID></xml>"; ret = wxcpt.EncryptMsg(sRespData, timestamp, nonce, ref result); if (ret != 0) { return("fail"); } } } else { ret = wxcpt.VerifyURL(msg_signature, timestamp, nonce, echostr, ref result); if (ret != 0) { return("fail"); } } return(result); }
/// <summary> /// 验证企业号签名 /// </summary> /// <param name="token">企业号配置的Token</param> /// <param name="signature">签名内容</param> /// <param name="timestamp">时间戳</param> /// <param name="nonce">nonce参数</param> /// <param name="corpId">企业号ID标识</param> /// <param name="encodingAESKey">加密键</param> /// <param name="echostr">内容字符串</param> /// <param name="retEchostr">返回的字符串</param> /// <returns></returns> public bool CheckSignature(string token, string signature, string timestamp, string nonce, string corpId, string encodingAESKey, string echostr, ref string retEchostr) { Tencent.WXBizMsgCrypt wxcpt = new Tencent.WXBizMsgCrypt(token, encodingAESKey, corpId); int result = wxcpt.VerifyURL(signature, timestamp, nonce, echostr, ref retEchostr); if (result != 0) { return false; } return true; }