public class WXverifyController : Controller { public ActionResult WXverify() { Load(); return View(); } const string Token = "Aa123456";//你的token protected void Load() { string postStr = ""; if (Request.HttpMethod.ToLower() == "post") { System.IO.Stream s = System.Web.HttpContext.Current.Request.InputStream; byte[] b = new byte[s.Length]; s.Read(b, 0, (int)s.Length); postStr = System.Text.Encoding.UTF8.GetString(b); if (!string.IsNullOrEmpty(postStr)) { //ResponseMsg(postStr); Response.Write(ResponseMsg(postStr)); Response.End(); } //WriteLog("postStr:" + postStr); } else { Valid(); } } public string ResponseMsg(string s) { return s; } /// <summary> /// 验证微信签名 /// </summary> /// * 将token、timestamp、nonce三个参数进行字典序排序 /// * 将三个参数字符串拼接成一个字符串进行sha1加密 /// * 开发者获得加密后的字符串可与signature对比,标识该请求来源于微信。 /// <returns></returns> private bool CheckSignature() { string signature = Request.QueryString["signature"].ToString(); string timestamp = Request.QueryString["timestamp"].ToString(); string nonce = Request.QueryString["nonce"].ToString(); string[] ArrTmp = { Token, timestamp, nonce }; Array.Sort(ArrTmp); //字典排序 string tmpStr = string.Join("", ArrTmp); tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1"); tmpStr = tmpStr.ToLower(); if (tmpStr == signature) { return true; } else { return false; } } private void Valid() { string echoStr = Request.QueryString["echoStr"].ToString(); if (CheckSignature()) { if (!string.IsNullOrEmpty(echoStr)) { Response.Write(echoStr); Response.End(); } } }