using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; using ZcPeng.weixin.PublicAccount; using System.IO; using System.Text; using Common.Wechat; using Microsoft.AspNetCore.Http; namespace SupplierWeb.Controllers { [Route("api/WXValid")] public class WXValidController : Controller { private readonly ILogger _logger; public WXValidController(ILoggerFactory loggerFactory) { _logger = loggerFactory.CreateLogger(); } public string Token = "Token"; /// /// 验证接口 /// /// 签名 /// 时间戳 /// /// /// [HttpGet] //[AllowAnonymous] public ActionResult Index(string echostr, string signature, string timestamp,string nonce) { _logger.LogInformation($"echostr:{echostr}, signature:{signature}, timestamp:{timestamp}, nonce:{nonce}"); if (CheckSignature(signature, timestamp, nonce, Token)) { return Content(echostr); } return Content("error"); } /// /// 接收消息并处理和返回相应结果 /// /// 当加密模式时才会有该变量(消息签名) /// 签名 /// 时间戳 /// /// [HttpPost] //[AllowAnonymous] public ActionResult MessagePost(string msg_signature, string signature, string timestamp, string nonce) { try { //if (!new SecurityHelper().CheckSignature(signature, timestamp, nonce, _settings.Value.Token)) //{ // return Content(null); //} using (Stream stream = HttpContext.Request.Body) { byte[] buffer = new byte[HttpContext.Request.ContentLength.Value]; stream.Read(buffer, 0, buffer.Length); string content = Encoding.UTF8.GetString(buffer); /*if (!string.IsNullOrWhiteSpace(msg_signature)) // 消息加密模式 { string decryptMsg = string.Empty; var wxBizMsgCrypt = new WXBizMsgCrypt(_settings.Value.Token, _settings.Value.EncodingAESKey, _settings.Value.AppId); int decryptResult = wxBizMsgCrypt.DecryptMsg(msg_signature, timestamp, nonce, content, ref decryptMsg); if (decryptResult == 0 && !string.IsNullOrWhiteSpace(decryptMsg)) { string resultMsg = new WechatMessageHelper().MessageResult(decryptMsg); string sEncryptMsg = string.Empty; if (!string.IsNullOrWhiteSpace(resultMsg)) { int encryptResult = wxBizMsgCrypt.EncryptMsg(resultMsg, timestamp, nonce, ref sEncryptMsg); if (encryptResult == 0 && !string.IsNullOrWhiteSpace(sEncryptMsg)) { return Content(sEncryptMsg); } } } } else // 消息未加密码处理 {*/ string resultMsg = string.Empty; RequestMessageHelper helper = new RequestMessageHelper(content, ref resultMsg); return Content(resultMsg); /*} return Content(null);*/ } } catch (Exception ex) { _logger.LogError("接收消息并处理和返回相应结果异常:", ex); return Content(null); } } ////////////////////////////////////////// /// /// 要与基本配置中的Token一致 /// //PRotected void Page_Load(string echostr, string signature, string timestamp, string nonce) //{ // //Log.Debug("Token", "测试输出: echoStr = " + echoStr); // if (CheckSignature() && !string.IsNullOrEmpty(echoStr)) // { // Response.Write(echoStr); // Response.End(); // } //} /// /// 验证微信签名 /// /// * 将token、timestamp、nonce三个参数进行字典序排序 /// * 将三个参数字符串拼接成一个字符串进行sha1加密 /// * 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信。 /// private bool CheckSignature(string msg_signature, string signature, string timestamp, string nonce) { //Log.Debug("Token", "测试输出: signature = " + signature); //Log.Debug("Token", "测试输出: timestamp = " + timestamp); //Log.Debug("Token", "测试输出: nonce = " + nonce); string[] arrTmp = { Token, timestamp, nonce }; Array.Sort(arrTmp); string tmpStr = string.Join("", arrTmp); //tmpStr = System.Web.Security.FormsAuthentication.HashPassWordForStoringInConfigFile(tmpStr, "SHA1"); //if (tmpStr != null) //{ // tmpStr = tmpStr.ToLower(); // return tmpStr == signature; //} return true; //return false; } } }