最近研究了下服务号的服务器配置和企业号的回调模式。真正实现完后,觉得很简单,但一开始还是走了点弯路,所以写了个web程序,只用改下配置文件里的参数就可以直接用了。下面介绍下详细的用法以及实现步骤。
一、用法
1. 下载web程序
http://yunpan.cn/cjeTSAKwUVmv9 访问密码 7ab3
2. 修改配置文件web.config
<appSettings>
<!--微信的Token-->
<add key="WeixinToken" value="dd"/>
<add key="AppId" value="wxdbddd2bc"/>
<add key="AppSecret" value="82f7ddd88e196"/>
<!--企业号配置信息-->
<add key="CorpToken" value="fddd"/>
<add key="CorpId" value="wx1156d982ddda8"/>
<add key="EncodingAESKey" value="aNvJOkGYddyGwf5Rg"/>
</appSettings>
3. 发布到你的服务器上
4. 服务号和企业号里分别填上url及参数:
企业号:
服务号:
二、实现方法
1. 新建一个web程序
2. 添加二个ashx文件(这里不用aspx页面,是为了更简便),参考官方文档,实现校验流程
服务号:
public class MPService : IHttpHandler { public void ProcessRequest(HttpContext context) { string postString = string.Empty; if (HttpContext.Current.Request.HttpMethod.ToUpper() == "GET") { Auth(); } } public bool IsReusable { get { return false; } } /// <summary> /// 处理微信服务器验证消息 /// </summary> private void Auth() { string token = ConfigurationManager.AppSettings["WeixinToken"].ToString(); string signature = HttpContext.Current.Request.QueryString["signature"]; string timestamp = HttpContext.Current.Request.QueryString["timestamp"]; string nonce = HttpContext.Current.Request.QueryString["nonce"]; string echostr = HttpContext.Current.Request.QueryString["echostr"]; if (HttpContext.Current.Request.HttpMethod.ToUpper() == "GET") { //get method - 仅在微信后台填写URL验证时触发 if (CheckSignature(signature, timestamp, nonce, token)) { WriteContent(echostr); //返回随机字符串则表示验证通过 } else { WriteContent("failed:" + signature + "," + GetSignature(timestamp, nonce, token) + "。" + "如果你在浏览器中看到这句话,说明此地址可以被作为微信公众账号后台的Url,请注意保持Token一致。"); } HttpContext.Current.Response.End(); } } private void WriteContent(string str) { HttpContext.Current.Response.Output.Write(str); } /// <summary> /// 检查签名是否正确 /// </summary> /// <param name="signature"></param> /// <param name="timestamp"></param> /// <param name="nonce"></param> /// <param name="token"></param> /// <returns></returns> public static bool CheckSignature(string signature, string timestamp, string nonce, string token) { return signature == GetSignature(timestamp, nonce, token); } /// <summary> /// 返回正确的签名 /// </summary> /// <param name="timestamp"></param> /// <param name="nonce"></param> /// <param name="token"></param> /// <returns></returns> public static string GetSignature(string timestamp, string nonce, string token) { string[] arr = new[] { token, timestamp, nonce }.OrderBy(z => z).ToArray(); string arrString = string.Join("", arr); System.Security.Cryptography.SHA1 sha1 = System.Security.Cryptography.SHA1.Create(); byte[] sha1Arr = sha1.ComputeHash(Encoding.UTF8.GetBytes(arrString)); StringBuilder enText = new StringBuilder(); foreach (var b in sha1Arr) { enText.AppendFormat("{0:x2}", b); } return enText.ToString(); } }
官方接入文档: http://mp.weixin.qq.com/wiki/17/2d4265491f12608cd170a95559800f2d.html
企业号:
public class QYService : IHttpHandler { public void ProcessRequest(HttpContext context) { string postString = string.Empty; if (HttpContext.Current.Request.HttpMethod.ToUpper() == "GET") { Auth(); } } public bool IsReusable { get { return false; } } /// <summary> /// 成为开发者的第一步,验证并相应服务器的数据 /// </summary> private void Auth() { string token = ConfigurationManager.AppSettings["CorpToken"];//从配置文件获取Token
string encodingAESKey = ConfigurationManager.AppSettings["EncodingAESKey"];//从配置文件获取EncodingAESKey
string corpId = ConfigurationManager.AppSettings["CorpId"];//从配置文件获取corpId string echoString = HttpContext.Current.Request.QueryString["echoStr"]; string signature = HttpContext.Current.Request.QueryString["msg_signature"];//企业号的 msg_signature string timestamp = HttpContext.Current.Request.QueryString["timestamp"]; string nonce = HttpContext.Current.Request.QueryString["nonce"]; string decryptEchoString = ""; if (CheckSignature(token, signature, timestamp, nonce, corpId, encodingAESKey, echoString, ref decryptEchoString)) { if (!string.IsNullOrEmpty(decryptEchoString)) { HttpContext.Current.Response.Write(decryptEchoString); HttpContext.Current.Response.End(); } } } /// <summary> /// 验证企业号签名 /// </summary> /// <param name="token">企业号配置的Token</param> /// <param name="signature">签名内容</param> /// <param name="timestamp">时间戳</param> /// <param name="nonce">nonce参数</param> /// <param name="corpId">企业号ID标识</param> /// <param name="encodingAESKey">加密键</param> /// <param name="echostr">内容字符串</param> /// <param name="retEchostr">返回的字符串</param> /// <returns></returns> public bool CheckSignature(string token, string signature, string timestamp, string nonce, string corpId, string encodingAESKey, string echostr, ref string retEchostr) { WXBizMsgCrypt wxcpt = new WXBizMsgCrypt(token, encodingAESKey, corpId); int result = wxcpt.VerifyURL(signature, timestamp, nonce, echostr, ref retEchostr); if (result != 0) { //LogTextHelper.Error("ERR: VerifyURL fail, ret: " + result); return false; } return true; //ret==0表示验证成功,retEchostr参数表示明文,用户需要将retEchostr作为get请求的返回参数,返回给企业号。 // HttpUtils.SetResponse(retEchostr); } }
官方接入文档: http://qydev.weixin.qq.com/wiki/index.php?title=%E5%9B%9E%E8%B0%83%E6%A8%A1%E5%BC%8F
3. 配置文件
<system.web> <compilation debug="true" targetFramework="4.0" /> <httpHandlers> <add verb="*" path="MPService.ashx" type="Wechat.Config.MPService,Wechat.Config" validate="true"/> <add verb="*" path="QYService.ashx" type="Wechat.Config.QYService,Wechat.Config" validate="true"/> </httpHandlers></system.web>