公众平台用户提交信息后,微信服务器将发送GET请求到填写的URL上,并且带上四个参数:
开发者通过检验signature对请求进行校验(下面有校验方式)。若确认此次GET请求来自微信服务器,请原样返回echostr参数内容,则接入生效,否则接入失败。
signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数。
加密/校验流程:
1. 将token、timestamp、nonce三个参数进行字典序排序
2. 将三个参数字符串拼接成一个字符串进行sha1加密
3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信
/// <summary> /// 验证签名 /// </summary> /// <param></param> /// <param></param> /// <param></param> /// <returns></returns> public static bool CheckSignature(String signature, String timestamp, String nonce) { String[] arr = new String[] { token, timestamp, nonce }; // 将token、timestamp、nonce三个参数进行字典序排序 Array.Sort<String>(arr); StringBuilder content = new StringBuilder(); for (int i = 0; i < arr.Length; i++) { content.Append(arr[i]); } String tmpStr = SHA1_Encrypt(content.ToString()); // 将sha1加密后的字符串可与signature对比,标识该请求来源于微信 return tmpStr != null ? tmpStr.Equals(signature) : false; } /// <summary> /// 使用缺省密钥给字符串加密 /// </summary> /// <param></param> /// <returns></returns> public static string SHA1_Encrypt(string Source_String) { byte[] StrRes = Encoding.Default.GetBytes(Source_String); HashAlgorithm iSHA = new SHA1CryptoServiceProvider(); StrRes = iSHA.ComputeHash(StrRes); StringBuilder EnText = new StringBuilder(); foreach (byte iByte in StrRes) { EnText.AppendFormat("{0:x2}", iByte); } return EnText.ToString(); }
接入后是消息推送当普通微信用户向公众账号发消息时,微信服务器将POST该消息到填写的URL上。
protected void Page_Load(object sender, EventArgs e) { if (Request.HttpMethod.ToUpper() == "GET") { // 微信加密签名 string signature = Request.QueryString["signature"]; // 时间戳 string timestamp = Request.QueryString["timestamp"]; // 随机数 string nonce = Request.QueryString["nonce"]; // 随机字符串 string echostr = Request.QueryString["echostr"]; if (WeixinServer.CheckSignature(signature, timestamp, nonce)) { Response.Write(echostr); } } else if (Request.HttpMethod.ToUpper() == "POST") { StreamReader stream = new StreamReader(Request.InputStream); string xml = stream.ReadToEnd(); processRequest(xml); } } /// <summary> /// 处理微信发来的请求 /// </summary> /// <param></param> public void processRequest(String xml) { try { // xml请求解析 Hashtable requestHT = WeixinServer.ParseXml(xml); // 发送方帐号(open_id) string fromUserName = (string)requestHT["FromUserName"]; // 公众帐号 string toUserName = (string)requestHT["ToUserName"]; // 消息类型 string msgType = (string)requestHT["MsgType"]; //文字消息 if (msgType == ReqMsgType.Text) { // Response.Write(str); string content = (string)requestHT["Content"]; if(content=="1") { // Response.Write(str); Response.Write(GetNewsMessage(toUserName, fromUserName)); return; } if (content == "2") { Response.Write(GetUserBlogMessage(toUserName, fromUserName)); return; } if (content == "3") { Response.Write(GetGroupMessage(toUserName, fromUserName)); return; } if (content == "4") { Response.Write(GetWinePartyMessage(toUserName, fromUserName)); return; } Response.Write(GetMainMenuMessage(toUserName, fromUserName, "你好,我是vinehoo,")); } else if (msgType == ReqMsgType.Event) { // 事件类型 String eventType = (string)requestHT["Event"]; // 订阅 if (eventType==ReqEventType.Subscribe) { Response.Write(GetMainMenuMessage(toUserName, fromUserName, "谢谢您的关注!,")); } // 取消订阅 else if (eventType==ReqEventType.Unsubscribe) { // TODO 取消订阅后用户再收不到公众号发送的消息,因此不需要回复消息 } // 自定义菜单点击事件 else if (eventType==ReqEventType.CLICK) { // TODO 自定义菜单权没有开放,暂不处理该类消息 } } else if (msgType == ReqMsgType.Location) { } } catch (Exception e) { } }<pre> protected void Page_Load(object sender, EventArgs e) { if (Request.HttpMethod.ToUpper() == "GET") { // 微信加密签名 string signature = Request.QueryString["signature"]; // 时间戳 string timestamp = Request.QueryString["timestamp"]; // 随机数 string nonce = Request.QueryString["nonce"]; // 随机字符串 string echostr = Request.QueryString["echostr"]; if (WeixinServer.CheckSignature(signature, timestamp, nonce)) { Response.Write(echostr); } } else if (Request.HttpMethod.ToUpper() == "POST") { StreamReader stream = new StreamReader(Request.InputStream); string xml = stream.ReadToEnd(); processRequest(xml); } } /// <summary> /// 处理微信发来的请求 /// </summary> /// <param></param> public void processRequest(String xml) { try { // xml请求解析 Hashtable requestHT = WeixinServer.ParseXml(xml); // 发送方帐号(open_id) string fromUserName = (string)requestHT["FromUserName"]; // 公众帐号 string toUserName = (string)requestHT["ToUserName"]; // 消息类型 string msgType = (string)requestHT["MsgType"]; //文字消息 if (msgType == ReqMsgType.Text) { // Response.Write(str); string content = (string)requestHT["Content"]; if(content=="1") { // Response.Write(str); Response.Write(GetNewsMessage(toUserName, fromUserName)); return; } if (content == "2") { Response.Write(GetUserBlogMessage(toUserName, fromUserName)); return; } if (content == "3") { Response.Write(GetGroupMessage(toUserName, fromUserName)); return; } if (content == "4") { Response.Write(GetWinePartyMessage(toUserName, fromUserName)); return; } Response.Write(GetMainMenuMessage(toUserName, fromUserName, "你好,我是vinehoo,")); } else if (msgType == ReqMsgType.Event) { // 事件类型 String eventType = (string)requestHT["Event"]; // 订阅 if (eventType==ReqEventType.Subscribe) { Response.Write(GetMainMenuMessage(toUserName, fromUserName, "谢谢您的关注!,")); } // 取消订阅 else if (eventType==ReqEventType.Unsubscribe) { // TODO 取消订阅后用户再收不到公众号发送的消息,因此不需要回复消息 } // 自定义菜单点击事件 else if (eventType==ReqEventType.CLICK) { // TODO 自定义菜单权没有开放,暂不处理该类消息 } } else if (msgType == ReqMsgType.Location) { } } catch (Exception e) { } }</pre><br> <pre></pre> <br> <br>