c#WeChat Public Number Development - Basic Settings

Reference to official WeChat documents

https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html

Development_Basic Configuration

Public Number Development Information

 

Note: 1. Keep track of the developer password and it will be used in the process of program validation.

2. When access_token is called through appid and appsecret, it will not be called successfully until there is a whitelist of ip s.

 

 

Server Configuration

 

If server configuration is turned on here, the set automatic reply and custom menus will all fail.Relevant methods must be overridden in the program.

 

 

Click Modify Configuration, token is a random parameter

 

 

I used token validation of the WeChat interface written by a general processing program, with parameters referenced to the official documentation.The code is as follows:

 

Developers validate requests by validating signature s.If you confirm that the GET request is from the WeChat server, please return the echostr parameter content as it is, the access will take effect and become a developer successfully, otherwise the access will fail.The encryption/verification process is as follows:

1) Dictionary ordering of three parameters: token, timestamp and nonce

2) sha1 encryption by splicing three parameter strings into one string

3) Developers can compare encrypted strings with signature s to identify that the request originated from WeChat.

 

 1 public void ProcessRequest(HttpContext context){
 2     //Verification token
 3     string postString = string.Empty;
 4     string token ="aabbcc";   //Verification token，Fill in freely  
 5     if(string.IsNullEmpty(token)){
 6         return ;
 7     }
 8     string echoString = HttpContext.Current.Request.QueryString["echoStr"];
 9     string signature = HttpContext.Current.Request.QueryString["sianature"];
10     string timestamp = HttpContext.Current.Request.QueryString["timestamp"];
11     string nonce = HttpContext.Current.Request.QueryString["nonce"];
12     if(CheckSignature(token,signature,timestamp,nonce)){
13         if(!string.IsNullOrEmpty(echiString)){
14           HttpContext.Current.Response.Write(echoString);
15           HttpContext.Current.Response.End();
16        } 
17     }
18 }

 

 1          /// <summary>
 2         /// Verify WeChat Signature
 3         /// </summary>
 4         /// <param name="token">token</param>
 5         /// <param name="signature">autograph</param>
 6         /// <param name="timestamp">time stamp</param>
 7         /// <param name="nonce">random number</param>
 8         /// <returns></returns>
 9         public static bool CheckSignature(string token,
10  string signature, string timestamp, string nonce)
11         {
12             string[] ArrTmp = { token, timestamp, nonce };
13             //Dictionary sorting
14             Array.Sort(ArrTmp);
15             //Stitching
16             string tmpStr = string.Join("", ArrTmp);
17             //sha1 Verification
18             tmpStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tmpStr, "SHA1");
19             //tmpStr = Membership.CreateUser(tmpStr, "SHA1");
20             tmpStr = tmpStr.ToLower();
21 
22             if (tmpStr == signature)
23             {
24                 return true;
25             }
26             else
27             {
28                 return false;
29             }
30         }

 

Fill in the url with the path to the code you've written and the "aabbcc" you've filled in before. In this case, the token must also be "aabbcc".

token must be consistent, otherwise a prompt pops up.