.net進行微信公眾號開發的例子好像比較少,這里做個筆記
首先,我們需要讓微信能訪問到我們的項目,所以要么需要有一個可以部署項目的連接到公網下的服務器,要么可以通過端口轉發將請求轉發到我們的項目,總之,就是要讓微信服務器能訪問到我們的項目。
另外,需要注意一下,微信回調通知的地址目前只支持80端口和443端口,所以一般的,我們都需要做個虛擬路徑
其他的就不多說了,具體配置可以在微信公眾號的開發文檔中接入:https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html
接入過程中會遇到很多坑,什么Url超時,Token驗證錯誤等等,反正就是一些觸不及防,當我們接入開發完后,發現我們使用的是明文傳送,那當然就不行了,改成密文又要使用AES加密,反正接入不知道遇到多少坑
下面貼出我接入的代碼,復制一下,稍稍修改就可以用了,可直接驗證接入,支持明文密文傳輸:
一個加密解密輔助類:
using System; using System.Collections; using System.Collections.Generic; using System.IO; using System.Linq; using System.Net; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; using System.Xml; namespace DemoApi { public sealed class EncryptHelper { private EncryptHelper() { } /// <summary> /// Md5加密 /// </summary> /// <param name="text"></param> /// <returns></returns> public static string Md5Encrypt(string text) { //MD5加密 var md5 = MD5.Create(); var bs = md5.ComputeHash(Encoding.UTF8.GetBytes(text)); var sb = new StringBuilder(); foreach (byte b in bs) { sb.Append(b.ToString("x2")); } //所有字符轉為大寫 return sb.ToString().ToUpper(); } /// <summary> /// HMAC-SHA1加密算法 /// </summary> /// <param name="str">加密字符串</param> /// <returns></returns> public static string Sha1Encrypt(string str) { var sha1 = SHA1.Create(); var hash = sha1.ComputeHash(Encoding.Default.GetBytes(str)); //return BitConverter.ToString(hash).Replace("-", ""); string byte2String = null; for (int i = 0; i < hash.Length; i++) { byte2String += hash[i].ToString("x2"); } return byte2String; } /// <summary> /// AES加密 /// </summary> /// <param name="text">加密字符</param> /// <param name="encodingAESKey">加密的密碼</param> /// <param name="appid">appId</param> /// <returns></returns> public static string AESEncrypt(string text, string encodingAESKey, string appid) { if (string.IsNullOrEmpty(text)) { return text; } byte[] key; key = Convert.FromBase64String(encodingAESKey + "="); byte[] iv = new byte[16]; Array.Copy(key, iv, 16); #region 生成隨機值 string codeSerial = "2,3,4,5,6,7,a,c,d,e,f,h,i,j,k,m,n,p,r,s,t,A,C,D,E,F,G,H,J,K,M,N,P,Q,R,S,U,V,W,X,Y,Z"; string[] arr = codeSerial.Split(','); string code = ""; int randValue = -1; Random rand = new Random(unchecked((int)DateTime.Now.Ticks)); for (int i = 0; i < 16; i++) { randValue = rand.Next(0, arr.Length - 1); code += arr[randValue]; } #endregion byte[] bRand = Encoding.UTF8.GetBytes(code); byte[] bAppid = Encoding.UTF8.GetBytes(appid); byte[] btmpMsg = Encoding.UTF8.GetBytes(text); int outval = 0, inval = btmpMsg.Length; for (int i = 0; i < 4; i++) outval = (outval << 8) + ((inval >> (i * 8)) & 255); byte[] bMsgLen = BitConverter.GetBytes(outval); byte[] bMsg = new byte[bRand.Length + bMsgLen.Length + bAppid.Length + btmpMsg.Length]; Array.Copy(bRand, bMsg, bRand.Length); Array.Copy(bMsgLen, 0, bMsg, bRand.Length, bMsgLen.Length); Array.Copy(btmpMsg, 0, bMsg, bRand.Length + bMsgLen.Length, btmpMsg.Length); Array.Copy(bAppid, 0, bMsg, bRand.Length + bMsgLen.Length + btmpMsg.Length, bAppid.Length); var aes = new RijndaelManaged(); //秘鑰的大小,以位為單位 aes.KeySize = 256; //支持的塊大小 aes.BlockSize = 128; //填充模式 //aes.Padding = PaddingMode.PKCS7; aes.Padding = PaddingMode.None; aes.Mode = CipherMode.CBC; aes.Key = key; aes.IV = iv; var encrypt = aes.CreateEncryptor(aes.Key, aes.IV); byte[] xBuff = null; byte[] msg = new byte[bMsg.Length + 32 - bMsg.Length % 32]; Array.Copy(bMsg, msg, bMsg.Length); #region 自己進行PKCS7補位,用系統自己帶的不行,微信加密要使用這個 int block_size = 32; // 計算需要填充的位數 int amount_to_pad = block_size - (bMsg.Length % block_size); if (amount_to_pad == 0) { amount_to_pad = block_size; } // 獲得補位所用的字符 char pad_chr = (char)(byte)(amount_to_pad & 0xFF); string tmp = ""; for (int index = 0; index < amount_to_pad; index++) { tmp += pad_chr; } byte[] pad = Encoding.UTF8.GetBytes(tmp); Array.Copy(pad, 0, msg, bMsg.Length, pad.Length); using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, encrypt, CryptoStreamMode.Write)) { cs.Write(msg, 0, msg.Length); } xBuff = ms.ToArray(); } #endregion #region 注釋的也是一種方法,效果一樣,微信加密不能使用這個!!!! //ICryptoTransform transform = aes.CreateEncryptor(); //xBuff = transform.TransformFinalBlock(msg, 0, msg.Length); #endregion string output = Convert.ToBase64String(xBuff); return output; } /// <summary> /// AES解密 /// </summary> /// <param name="encryptText">密文</param> /// <param name="encodingAESKey">秘鑰</param> /// <param name="appid"></param> /// <returns></returns> public static string AESDecrypt(string encryptText, string encodingAESKey, out string appid) { if (string.IsNullOrEmpty(encryptText)) { appid = ""; return encryptText; } byte[] key; key = Convert.FromBase64String(encodingAESKey + "="); byte[] iv = new byte[16]; Array.Copy(key, iv, 16); byte[] btmpMsg = null; RijndaelManaged aes = new RijndaelManaged(); aes.KeySize = 256; aes.BlockSize = 128; aes.Mode = CipherMode.CBC; aes.Padding = PaddingMode.None; aes.Key = key; aes.IV = iv; var decrypt = aes.CreateDecryptor(aes.Key, aes.IV); using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, decrypt, CryptoStreamMode.Write)) { byte[] xXml = Convert.FromBase64String(encryptText); byte[] msg = new byte[xXml.Length + 32 - xXml.Length % 32]; Array.Copy(xXml, msg, xXml.Length); cs.Write(xXml, 0, xXml.Length); } var decrypted = ms.ToArray(); int pad = (int)decrypted[decrypted.Length - 1]; if (pad < 1 || pad > 32) { pad = 0; } btmpMsg = new byte[decrypted.Length - pad]; Array.Copy(decrypted, 0, btmpMsg, 0, decrypted.Length - pad); } int len = BitConverter.ToInt32(btmpMsg, 16); len = IPAddress.NetworkToHostOrder(len); byte[] bMsg = new byte[len]; byte[] bAppid = new byte[btmpMsg.Length - 20 - len]; Array.Copy(btmpMsg, 20, bMsg, 0, len); Array.Copy(btmpMsg, 20 + len, bAppid, 0, btmpMsg.Length - 20 - len); string oriMsg = Encoding.UTF8.GetString(bMsg); appid = Encoding.UTF8.GetString(bAppid); return oriMsg; } /// <summary> /// AES解密 /// </summary> /// <param name="encryptText">密文</param> /// <param name="encodingAESKey">秘鑰</param> /// <param name="appid"></param> /// <returns></returns> public static string AESDecrypt(string encryptText, string encodingAESKey) { return AESDecrypt(encryptText, encodingAESKey, out _); } } public class CharSort : IComparer { public int Compare(object left, object right) { string sLeft = left as string; string sRight = right as string; int leftLength = sLeft.Length; int rightLength = sRight.Length; int index = 0; while (index < leftLength && index < rightLength) { if (sLeft[index] < sRight[index]) return -1; else if (sLeft[index] > sRight[index]) return 1; else index++; } return leftLength - rightLength; } } }
接入接口核心代碼:
using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Net.Http; using System.Threading.Tasks; using System.Web; using System.Xml.Linq; using Microsoft.AspNetCore.Mvc; namespace DemoApi.Controllers { [Route("api/[controller]")] [ApiController] public class WxController : ControllerBase { /// <summary> /// 生成簽名 /// </summary> /// <param name="args"></param> /// <returns></returns> [NonAction] private string MakeSign(params string[] args) { //字典排序 Array.Sort(args); string tmpStr = string.Join("", args); //字符加密 var sha1 = EncryptHelper.Sha1Encrypt(tmpStr); return sha1; } /// <summary> /// 生成消息簽名 /// </summary> /// <param name="args"></param> /// <returns></returns> [NonAction] private string MakeMsgSign(params string[] args) { //字典排序 Array.Sort(args, new CharSort()); string tmpStr = string.Join("", args); //字符加密 var sha1 = EncryptHelper.Sha1Encrypt(tmpStr); return sha1; } /// <summary> /// 微信回調統一接口 /// </summary> /// <returns></returns> [HttpGet, HttpPost] public string Service() { //獲取配置文件中的數據 var token = ""; var encodingAESKey = ""; var appId = ""; bool isGet = string.Equals(HttpContext.Request.Method, HttpMethod.Get.Method, StringComparison.OrdinalIgnoreCase); bool isPost = string.Equals(HttpContext.Request.Method, HttpMethod.Post.Method, StringComparison.OrdinalIgnoreCase); if (!isGet && !isPost) { return ""; } bool isEncrypt = false; try { var query = HttpContext.Request.QueryString.ToString(); string msg_signature = "", nonce = "", timestamp = "", encrypt_type = "", signature = "", echostr = ""; if (!string.IsNullOrEmpty(query))//需要驗證簽名 { var collection = HttpUtility.ParseQueryString(query); msg_signature = collection["msg_signature"]?.Trim(); nonce = collection["nonce"]?.Trim(); timestamp = collection["timestamp"]?.Trim(); encrypt_type = collection["encrypt_type"]?.Trim(); signature = collection["signature"]?.Trim(); echostr = collection["echostr"]?.Trim(); if (!string.IsNullOrEmpty(encrypt_type))//有使用加密 { if (!string.Equals(encrypt_type, "aes", StringComparison.OrdinalIgnoreCase))//只支持AES加密方式 { return ""; } isEncrypt = true; } } //先驗證簽名 if (!string.IsNullOrEmpty(signature)) { //字符加密 var sha1 = MakeSign(nonce, timestamp, token); if (!sha1.Equals(signature, StringComparison.OrdinalIgnoreCase))//驗證不通過 { return ""; } if (isGet)//是否Get請求,如果true,那么就認為是修改服務器回調配置信息 { return echostr; } } else { return "";//沒有簽名,請求直接返回 } var body = new StreamReader(HttpContext.Request.Body).ReadToEnd(); if (isEncrypt) { XDocument doc = XDocument.Parse(body); var encrypt = doc.Element("xml").Element("Encrypt"); //驗證消息簽名 if (!string.IsNullOrEmpty(msg_signature)) { //消息加密 var sha1 = MakeMsgSign(nonce, timestamp, encrypt.Value, token); if (!sha1.Equals(msg_signature, StringComparison.OrdinalIgnoreCase))//驗證不通過 { return ""; } } body = EncryptHelper.AESDecrypt(encrypt.Value, encodingAESKey);//解密 } if (!string.IsNullOrEmpty(body)) { // //在這里根據body中的MsgType和Even來區分消息,然后來處理不同的業務邏輯 // // //result是上面邏輯處理完成之后的待返回結果,如返回文本消息: var result = @"<xml> <ToUserName><![CDATA[toUser]]></ToUserName> <FromUserName><![CDATA[fromUser]]></FromUserName> <CreateTime>12345678</CreateTime> <MsgType><![CDATA[text]]></MsgType> <Content><![CDATA[你好]]></Content> </xml>"; if (!string.IsNullOrEmpty(result)) { if (isEncrypt) { result = EncryptHelper.AESEncrypt(result, encodingAESKey, appId); var _msg_signature = MakeMsgSign(nonce, timestamp, result, token); result = $@"<xml> <Encrypt><![CDATA[{result}]]></Encrypt> <MsgSignature>{_msg_signature}</MsgSignature> <TimeStamp>{timestamp}</TimeStamp> <Nonce>{nonce}</Nonce> </xml>"; } return result; } //如果這里我們的處理邏輯需要花費較長時間,可以這里先返回空(""),然后使用異步去處理業務邏輯, //異步處理完后,調用微信的客服消息接口通知微信服務器 } } catch (Exception ex) { //記錄異常日志 } return ""; } } }
如果只是接入,只需復制上面的接口代碼,修改一下token,encodingAESKey,appId的值,然后使用接入的回調Url:http://XXX.XXXX.com/api/Wx就可以了
如果要處理微信通知過來的消息,可根據上面的接口自行處理業務邏輯,不過需要注意的是,微信回調接口只會等待5秒,5秒后斷開,並重復3次,所以如果這里業務邏輯處理時間比較長的話,建議使用異步,在異步處理完之后,使用客服消息接口進行結果通知
另外開發過程中,可以使用微信公眾平台接口調試工具進行調試:https://mp.weixin.qq.com/debug/cgi-bin/apiinfo?t=index
有一點注意一下,一般的,我們寫接口時,為了保證接口返回的數據有一定格式,所以會寫一些過濾器,對接口進行一個包裝,比如我們會將結果包裝成以下結構:
{ "result": "success", "success": true, "error": null, "message": "" }
但是這個微信調用的接口不能包裝,要返回微信指定的格式才行,這個切記!!!否則會返回Token驗證失敗的錯誤!