This article mainly introduces the ASP.net development of micro-trust public platform for the authenticity of the verification message of the relevant information, the need for friends can refer to the
Verifying the authenticity of a message
Add a filter to the project in which MVC controller is located, overriding it in the filter
public override void OnActionExecuting (ActionExecutingContext filtercontext) method
New data Model
Note: When the server receives the message, it is no longer signature but msg_signature
Example of an HTTP request message that a micro-server pushes messages to a server
Post/cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6xtamp=1409659813&nonce=1372623149 HTTP/1.1
Host:qy.weixin.qq.com
Method overrides to implement validation of the message
Call the method of authentication when the micro-letter access, but the parameters need to change a little bit, using the new data model
Add filter properties on the action method or on Controller
code example
Model
?
| 1 2 3 4 5 6 7 8 9 10 | <summary>///Micro-credit Push message model///</summary> public class Wechatmsgrequestmodel {public string timestamp {get; Set public string Nonce {get; set;} public string Msg_signature {get; set;}} |
Filter
?
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | public class Wechatrequestvalidattribute:actionfilterattribute {Private Const string Token = ' Stupidme '; public override void OnActionExecuting (ActionExecutingContext filtercontext) {//parameter matching Model.FormatModel.WeChatMsgRequestModel model = new Model.FormatModel.WeChatMsgRequestModel () {nonce= filtercontext.httpcontext.request.querystring["Nonce"],msg_signature= filtercontext.httpcontext.request.querystring["Msg_signature"],timestamp= filtercontext.httpcontext.request.querystring["timestamp"]}; Verify if (checksignature (model)) {base. OnActionExecuting (Filtercontext); } private bool Checksignature (Model.FormatModel.WeChatMsgRequestModel Model) {string signature, timestamp, nonc E, TempStr; Gets the requested parameter signature = Model.msg_signature; timestamp = Model.timestamp; Nonce = model.nonce; Creates an array that adds Token, timestamp, nonce three parameters to the array string[] array = {Token, timestamp, nonce}; To sort Array.Sort (Array); Stitching as a string tempstr = String.Join ("", array); SHA1 encryption of strings TEMPSTR = FormSauthentication.hashpasswordforstoringinconfigfile (TempStr, "SHA1"). ToLower (); Determine if signature is correct if (tempstr.equals (signature)) {return true;} else {return false;}} } |
Controller Code
?
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30-31 | <summary>///Log Assistant///</summary> private static Common.loghelper logger = new Common.loghelper (typeof (Hom Econtroller)); [Filters.wechatrequestvalid] public void Valid (Model.FormatModel.WeChatMsgRequestModel Model) {if ( Modelstate.isvalid {try {///judge whether it is a POST request if (HttpContext.Request.HttpMethod.ToUpper () = "POST") {//Get request information from the requested data stream usin G (Stream stream = HttpContext.Request.InputStream) {byte[] postbytes = new Byte[stream. Length]; Stream. Read (postbytes, 0, (int) stream. Length); String poststring = System.Text.Encoding.UTF8.GetString (postbytes); Handle (Poststring,model); The catch (Exception ex) {logger. Error ("exception occurred, exception info:" + ex.) Message + ex. StackTrace); } } } |
The above is the entire contents of this article, I hope you can enjoy.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
