Simple development of wechat public number (2) verify the server address

After logging in to the official website of wechat public platform, check the protocol to become a developer on the development – Basic Settings page of the official website of wechat public platform, click “Modify Configuration” button, and fill in the server address (URL), Token and EncodingAESKey, where THE URL is the interface URL that the developer uses to receive wechat messages and events. The Token can be filled in at will by the developer and used to generate the signature (the Token is compared to the Token contained in the interface URL to verify security). EncodingAESKey is manually filled in or randomly generated by the developer and used as the message body encryption and decryption key.

At the same time, the developer can choose the message encryption and decryption mode: plaintext mode, compatible mode and security mode. The mode selection and server configuration will take effect immediately after submission. Please fill in and select with caution. The default encryption and decryption mode is plain text. You need to configure encryption and decryption codes in advance to select compatible mode and secure mode. For details, see the message body signature and encryption and decryption documents.

We write the program first and then fill in the service:

The procedure is as follows: First create a WebAPI program.

And then create a Controller, in this case, wechat Controller

/// <summary>
///Receive and respond to wechat access verification request
/// </summary>
[HttpGet]
[Route("api/WeChat")]
public string Get(string signature, string timestamp, string nonce, string echostr)
{
    System.Console.WriteLine("Come in.");
    System.Console.WriteLine($"signature:{signature},timestamp:{timestamp},nonce:{nonce},echostr:{echostr}");
    if(! IsNullOrEntity(signature) && ! IsNullOrEntity(timestamp) && ! IsNullOrEntity(nonce) && ! IsNullOrEntity(echostr)) { System.Console.WriteLine("Inside validation: all the above parameters are non-null");
        var token = "tokenYanZhen";
        if(! IsNullOrEntity(token) && VerificationSignature(echostr, nonce, signature, timestamp, token)) { System.Console.WriteLine("Get returned successfully");
            returnechostr; }}return "false";
}

/// <summary>
///Determines whether the string is empty
/// </summary>
public bool IsNullOrEntity(string str)
{
    return string.IsNullOrWhiteSpace(str);
}


/// <summary>
///Verify the wechat interface
/// </summary>
/// <param name="echostr"></param>
/// <param name="nonce"></param>
/// <param name="signature"></param>
/// <param name="timestamp"></param>
/// <param name="token"></param>
/// <returns></returns>
public static bool VerificationSignature(string echostr, string nonce, string signature, string timestamp,
    string token)
{
    string[] StrArray = { token, timestamp, nonce };
    Array.Sort(StrArray);
    var ArrayString = new StringBuilder();
    for (var i = 0; i < StrArray.Length; i++) ArrayString.Append(StrArray[i]);
    var strHash = GetSha1Hash(ArrayString.ToString());
    return signature == strHash;
}


/// <summary>
///Hash 1
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public static string GetSha1Hash(string input)
{
    var inputBytes = Encoding.Default.GetBytes(input);

    SHA1 sha = new SHA1CryptoServiceProvider();

    var result = sha.ComputeHash(inputBytes);

    var sBuilder = new StringBuilder();

    for (var i = 0; i < result.Length; i++) sBuilder.Append(result[i].ToString("x2"));

    return sBuilder.ToString();
}
Copy the code

Then we deploy the program and address it

Note: Do not use UTF-8 for file encoding– Thanks to Jango: 2019.11.1_ 17:35

Welcome to qq group communication: 704028989