最近研究了下服务号的服务器配置和企业号的回调模式。真正实现完后,觉得很简单,但一开始还是走了点弯路,所以写了个web程序,只用改下配置文件里的参数就可以直接用了。下面介绍下详细的用法以及实现步骤。
本文原文地址:用c#开发微信(1)服务号的服务器配置和企业号的回调模式 - url接入 (源码下载)
一、用法
1. 下载web程序
http://yunpan.cn/cjeTSAKwUVmv9 访问密码 7ab3
2. 修改配置文件web.config
<appSettings>
<!--微信的Token-->
<add key="WeixinToken" value="dd"/>
<add key="AppId" value="wxdbddd2bc"/>
<add key="AppSecret" value="82f7ddd88e196"/>
<!--企业号配置信息-->
<add key="CorpToken" value="fddd"/>
<add key="CorpId" value="wx1156d982ddda8"/>
<add key="EncodingAESKey" value="aNvJOkGYddyGwf5Rg"/>
</appSettings>
3. 发布到你的服务器上
4. 服务号和企业号里分别填上url及参数:
企业号:
服务号:
二、实现方法
1. 新建一个web程序
2. 添加二个ashx文件(这里不用aspx页面,是为了更简便),参考官方文档,实现校验流程
服务号:
完整源码:
/// <summary>
/// 处理微信服务器验证消息
/// </summary>
public void Auth()
{
string token = ConfigurationManager.AppSettings[Token].ToString();
string signature = HttpContext.Current.Request.QueryString["signature"];
string timestamp = HttpContext.Current.Request.QueryString["timestamp"];
string nonce = HttpContext.Current.Request.QueryString["nonce"];
string echostr = HttpContext.Current.Request.QueryString["echostr"];
if (HttpContext.Current.Request.HttpMethod.ToUpper() == "GET")
{
//get method - 仅在微信后台填写URL验证时触发
if (CheckSignature(signature, timestamp, nonce, token))
{
WriteContent(echostr); //返回随机字符串则表示验证通过
}
else
{
WriteContent("failed:" + signature + "," + GetSignature(timestamp, nonce, token) + "。" +
"如果你在浏览器中看到这句话,说明此地址可以被作为微信公众账号后台的Url,请注意保持Token一致。");
}
HttpContext.Current.Response.End();
}
}
private void WriteContent(string str)
{
HttpContext.Current.Response.Output.Write(str);
}
/// <summary>
/// 检查签名是否正确
/// </summary>
/// <param name="signature"></param>
/// <param name="timestamp"></param>
/// <param name="nonce"></param>
/// <param name="token"></param>
/// <returns></returns>
public static bool CheckSignature(string signature, string timestamp, string nonce, string token)
{
return signature == GetSignature(timestamp, nonce, token);
}
/// <summary>
/// 返回正确的签名
/// </summary>
/// <param name="timestamp"></param>
/// <param name="nonce"></param>
/// <param name="token"></param>
/// <returns></returns>
public static string GetSignature(string timestamp, string nonce, string token)
{
string[] arr = new[] { token, timestamp, nonce }.OrderBy(z => z).ToArray();
string arrString = string.Join("", arr);
System.Security.Cryptography.SHA1 sha1 = System.Security.Cryptography.SHA1.Create();
byte[] sha1Arr = sha1.ComputeHash(Encoding.UTF8.GetBytes(arrString));
StringBuilder enText = new StringBuilder();
foreach (var b in sha1Arr)
{
enText.AppendFormat("{0:x2}", b);
}
return enText.ToString();
}
官方接入文档: http://mp.weixin.qq.com/wiki/17/2d4265491f12608cd170a95559800f2d.html
企业号:
完整源码:
public void ProcessRequest(HttpContext context)
{
string postString = string.Empty;
if (HttpContext.Current.Request.HttpMethod.ToUpper() == "GET")
{
Auth();
}
}
/// <summary>
/// 成为开发者的第一步,验证并相应服务器的数据
/// </summary>
private void Auth()
{
string token = ConfigurationManager.AppSettings["CorpToken"];//从配置文件获取Token
string encodingAESKey = ConfigurationManager.AppSettings["EncodingAESKey"];//从配置文件获取EncodingAESKey
string corpId = ConfigurationManager.AppSettings["CorpId"];//从配置文件获取corpId
string echoString = HttpContext.Current.Request.QueryString["echoStr"];
string signature = HttpContext.Current.Request.QueryString["msg_signature"];//企业号的 msg_signature
string timestamp = HttpContext.Current.Request.QueryString["timestamp"];
string nonce = HttpContext.Current.Request.QueryString["nonce"];
string decryptEchoString = "";
if (CheckSignature(token, signature, timestamp, nonce, corpId, encodingAESKey, echoString, ref decryptEchoString))
{
if (!string.IsNullOrEmpty(decryptEchoString))
{
HttpContext.Current.Response.Write(decryptEchoString);
HttpContext.Current.Response.End();
}
}
}
/// <summary>
/// 验证企业号签名
/// </summary>
/// <param name="token">企业号配置的Token</param>
/// <param name="signature">签名内容</param>
/// <param name="timestamp">时间戳</param>
/// <param name="nonce">nonce参数</param>
/// <param name="corpId">企业号ID标识</param>
/// <param name="encodingAESKey">加密键</param>
/// <param name="echostr">内容字符串</param>
/// <param name="retEchostr">返回的字符串</param>
/// <returns></returns>
public bool CheckSignature(string token, string signature, string timestamp, string nonce, string corpId, string encodingAESKey, string echostr, ref string retEchostr)
{
WXBizMsgCrypt wxcpt = new WXBizMsgCrypt(token, encodingAESKey, corpId);
int result = wxcpt.VerifyURL(signature, timestamp, nonce, echostr, ref retEchostr);
if (result != 0)
{
//LogTextHelper.Error("ERR: VerifyURL fail, ret: " + result);
return false;
}
return true;
//ret==0表示验证成功,retEchostr参数表示明文,用户需要将retEchostr作为get请求的返回参数,返回给企业号。
// HttpUtils.SetResponse(retEchostr);
}
官方接入文档: http://qydev.weixin.qq.com/wiki/index.php?title=%E5%9B%9E%E8%B0%83%E6%A8%A1%E5%BC%8F
3. 配置文件
<system.web>
<compilation debug="true" targetFramework="4.0" />
<httpHandlers>
<add verb="*" path="MPService.ashx" type="Wechat.Config.MPService,Wechat.Config" validate="true"/>
<add verb="*" path="QYService.ashx" type="Wechat.Config.QYService,Wechat.Config" validate="true"/>
<add verb="*" path="TestAccountService.ashx" type="Wechat.Config.TestAccountService,Wechat.Config" validate="true"/>
</httpHandlers>
</system.web>
如果直接用Senparc.Weixin微信开发框架来实现,就更简单了:
rotected void Page_Load(object sender, EventArgs e)
private readonly string Token = ConfigurationManager.AppSettings["token"];//与微信公众账号后台的Token设置保持一致,区分大小写。
string signature = Request["signature"];
string timestamp = Request["timestamp"];
string nonce = Request["nonce"];
string echostr = Request["echostr"];
if (Request.HttpMethod == "GET")
{
//get method - 仅在微信后台填写URL验证时触发
if (CheckSignature.Check(signature, timestamp, nonce, Token))
{
Response.Output.Write(echostr); //返回随机字符串则表示验证通过
}
else
{
Response.Output.Write("failed:" + signature + "," + CheckSignature.GetSignature(timestamp, nonce, Token) + "。" +
"如果你在浏览器中看到这句话,说明此地址可以被作为微信公众账号后台的Url,请注意保持Token一致。");
}
Response.End();
}
}