原文将介绍怎样正在没有依靠所有第三圆库的情况下,使用杂.NET完毕企业微疑使用的快速交进,涵盖域名考证战消息处置二个中心功用。
1. 布景
动作.NET开辟者,正在开辟企业内部使用的时候,咱们经常需要取企业微疑截至散成,完毕快速的内部登录战一点儿便利的消息接互,简化一点儿功用的开辟战重复建立。固然市情上有一点儿第三圆库能够辅佐咱们完毕那些散成事情,但是偶然分咱们期望能够间接使用.NET自戴的功用去完毕那些需要,以削减对于内部依靠的依靠,提拔代码的可保护性战宁静性。
上面咱们便开端使用杂.NET完毕企业微疑使用的快速交进,企业微疑使用交进主要包罗二个枢纽关节:
•域名回属认证:考证域名统统权•消息领受处置:处置企业微疑拉收的工作战消息
2. 名目构造取设置
2.1 设置文献树立
起首正在appsettings.json中设置企业微疑相干参数:
{"DomainVerification":{"xxxx":"xxxxxx"},"WeCom":{"Token":"企业微疑背景树立的Token","EncodingAesKey":"企业微疑背景树立的EncodingAesKey","CorpId":"企业ID","CorpSecret":"使用凭据稀钥"}}2.2 设置模子界说
使用 record 范例界说设置模子:
public record WeCom(stringCorpId,stringCorpSecret,stringToken,stringEncodingAesKey);2.3 依靠注进备案
正在 Program.cs 中备案设置:
var builder =WebApplication.CreateBuilder(args);builder.Services.Configure<WeCom>(builder.Configuration.GetSection(nameof(WeCom)));
3. 域名回属认证实现
企业微疑请求颠末一定格局的URL考证域名回属,咱们能够使用Minimal API完毕:
app.MapGet("/WW_verify_{name}.txt",(string name)=>{var cfg = app.Configuration;var value = cfg.GetValue<string>($"DomainVerification:{name}");if(string.IsNullOrEmpty(value)){returnResults.NotFound();}
returnResults.Text(value,"text/plain");});
可托域名
完毕重心:
•使用路由模板WW_verify_{name}.txt匹配企业微疑的考证恳求•从设置中读与对于应的考证码实质•前去杂文原照应
4.消息 领受处置掌握器
4.1 掌握器根底构造
[ApiController][Route("wecom/callback")]publicclassWeComController:ControllerBase{privatereadonlyILogger<WeComController> _logger;privatereadonlyWeCom _weCom;
publicWeComController(ILogger<WeComController> logger,IOptionsSnapshot<WeCom> weCom){ _logger = logger; _weCom = weCom.Value;}
// 后绝办法完毕...}4.2 URL考证交心(GET恳求)
企业微疑正在设置回调URL时会收收GET恳求截至考证:
[HttpGet]publicIActionResultGet([FromQuery]string msg_signature,[FromQuery]string timestamp,[FromQuery]string nonce,[FromQuery]string echostr){var token = _weCom.Token;var encodingAesKey = _weCom.EncodingAesKey;var corpId = _weCom.CorpId;
// 设置考证if(string.IsNullOrEmpty(token)||string.IsNullOrEmpty(encodingAesKey)||string.IsNullOrEmpty(corpId)){ _logger.LogWarning("WeCom config missing");returnBadRequest("WeCom config missing");}
if(string.IsNullOrEmpty(echostr))returnBadRequest();
// 署名考证if(!VerifySignature(token, timestamp, nonce, echostr, msg_signature)){ _logger.LogWarning("WeCom signature invalid (GET)");returnBadRequest("signature invalid");}
try{var plain =DecryptMessage(encodingAesKey, echostr, corpId);// 前去明文完毕考证returnContent(plain,"text/plain",Encoding.UTF8);}catch(Exception ex){ _logger.LogWarning(ex,"WeCom decrypt failed (GET)");returnBadRequest("decrypt failed");}}4.3消息 处置交心(POST恳求)
处置企业微疑拉收的各类工作战消息:
[HttpPost]public async Task<IActionResult>Post([FromQuery]string msg_signature,[FromQuery]string timestamp,[FromQuery]string nonce){var token = _weCom.Token;var encodingAesKey = _weCom.EncodingAesKey;var corpId = _weCom.CorpId;
// 设置考证if(string.IsNullOrEmpty(token)||string.IsNullOrEmpty(encodingAesKey)||string.IsNullOrEmpty(corpId)){ _logger.LogWarning("WeCom config missing");returnBadRequest();}
// 读与恳求体usingvar reader =newSystem.IO.StreamReader(Request.Body,Encoding.UTF8);var body = await reader.ReadToEndAsync();
var encrypt =ExtractXmlNode(body,"Encrypt");if(string.IsNullOrEmpty(encrypt)){// 非减稀消息或者格局不合错误,按企业微疑请求前去 success _logger.LogDebug("WeCom POST without Encrypt node, return success");returnContent("success","text/plain");}
// 署名考证if(!VerifySignature(token, timestamp, nonce, encrypt, msg_signature)){ _logger.LogWarning("WeCom signature invalid (POST)");returnBadRequest("signature invalid");}
string xml;try{ xml =DecryptMessage(encodingAesKey, encrypt, corpId);}catch(Exception ex){ _logger.LogWarning(ex,"WeCom decrypt failed (POST)");returnBadRequest("decrypt failed");}
//处置 XML消息实质// 那里能够增加具体的营业逻辑处置
// 企业微疑请求前去牢固字符串 "success"returnContent("success","text/plain");}
5.中心 东西办法完毕
5.1 署名考证
privatestaticboolVerifySignature(string token,string timestamp,string nonce,string encrypt,string signature){var arr =new[]{ token ??string.Empty, timestamp ??string.Empty, nonce ??string.Empty, encrypt ??string.Empty};Array.Sort(arr,StringComparer.Ordinal);var raw =string.Join("", arr);
usingvar sha1 = SHA1.Create();var hash = sha1.ComputeHash(Encoding.UTF8.GetBytes(raw));var computed =BitConverter.ToString(hash).WordStr("-","").ToLowerInvariant();
returnstring.Equals(computed, signature ??string.Empty,StringComparison.OrdinalIgnoreCase);}5.2消息 解稀
privatestaticstringDecryptMessage(string encodingAesKey,string inputEncryptBase64,string corpId){// 补齐 base64 添补var pad = encodingAesKey;if(pad.Length%4!=0) pad +=newstring('=',4- pad.Length%4);var aesKey =Convert.FromBase64String(pad);
var encrypted =Convert.FromBase64String(inputEncryptBase64);
usingvar aes =Aes.Create(); aes.Key= aesKey; aes.IV = aesKey.Take(16).ToArray(); aes.Mode=CipherMode.CBC; aes.Padding=PaddingMode.None;
usingvar decryptor = aes.CreateDecryptor();var decrypted = decryptor.TransformFinalBlock(encrypted,0, encrypted.Length);
// 移除 PKCS#7 添补var padLen = decrypted[^1];if(padLen <1|| padLen >32) padLen =0;var noPad = decrypted[..(decrypted.Length- padLen)];
//构造 :16 random | 4 msgLen | msg | corpIdvar msgLenBytes = noPad.Skip(16).Take(4).ToArray();if(msgLenBytes.Length<4)thrownewException("invalid msg len");
//处置 字节序if(BitConverter.IsLittleEndian)Array.Reverse(msgLenBytes);
var msgLen =BitConverter.ToInt32(msgLenBytes,0);var msgBytes = noPad.Skip(20).Take(msgLen).ToArray();var msg =Encoding.UTF8.GetString(msgBytes);
var fromCorpIdBytes = noPad.Skip(20+ msgLen).ToArray();var fromCorpId =Encoding.UTF8.GetString(fromCorpIdBytes);
// 考证企业IDif(!string.IsNullOrEmpty(corpId)&&!string.IsNullOrEmpty(fromCorpId)){if(!fromCorpId.StartsWith(corpId,StringComparison.Ordinal))thrownewException("corpId mismatch");}
return msg;}5.3 XML节面提炼
privatestaticstringExtractXmlNode(string xml,string nodeName){try{var doc =newXmlDocument(); doc.LoadXml(xml);var node = doc.SelectSingleNode($"/xml/{nodeName}");return node?.InnerText;}catch{returnnull;}}
6. 尝试取布置
正在理论布置战尝试时,请保证完毕如下步调:
1.域名考证尝试:会见https://your-domain.com/WW_verify_xxxx.txt考证可否前去准确实质2.URL设置:正在企业微疑背景设置回调URL为https://your-domain.com/wecom/callback3.消息尝试:颠末企业微疑的正在线尝试东西[1]尝试散效果因
7.最初
原文残破展示了怎样使用杂.NET手艺栈完毕企业微疑使用的交进,涵盖了从域名考证到消息处置的残破过程。这类完毕方法没有依靠所有第三圆库,代码繁复明了,易于理解战保护,适宜需要快速交进企业微疑的.NET名目使用。您能够按照理论营业需要正在此根底上截至扩大,如增加消息范例处置、营业逻辑散成等功用。
References
[1] 正在线尝试东西: https://developer.work.weixin.qq.com/resource/devtool |
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
广告
