Delphi XE7 用indy开发微信公众平台(3)- 验证消息真实性
加我微信:Leedege一起交流Delphi开发经验
uses IdHashSHA, IdGlobal;
function SHA1(Input: String): String;
begin
with TIdHashSHA1.Create do
try
Result := LowerCase(HashBytesAsHex(TidBytes(Bytesof(Input))));
finally
Free;
end;
end;
function CheckSignature(ARequestInfo: TIdHTTPRequestInfo): boolean;
var
signature, timestamp, nonce, echostr: String;
tmpstr: TStringList;
temp: String;
begin
tmpstr := TStringList.Create;
try
signature := ARequestInfo.Params.Values['signature'];
timestamp := ARequestInfo.Params.Values['timestamp'];
nonce := ARequestInfo.Params.Values['nonce'];
echostr := ARequestInfo.Params.Values['echostr'];
tmpstr.Add(Token);
tmpstr.Add(timestamp);
tmpstr.Add(nonce);
tmpstr.Sort;
temp := StringReplace(tmpstr.text, #13#10, '', [rfReplaceAll]);
Result := SHA1(temp) = signature;
finally
tmpstr.Free;
end;
end;
procedure TForm1.IdHTTPServerCommandGet(AContext: TIdContext;
ARequestInfo: TIdHTTPRequestInfo; AResponseInfo: TIdHTTPResponseInfo);
begin
if CheckSignature(ARequestInfo) then
if ARequestInfo.Params.Values['echostr'] <> '' then
begin
AResponseInfo.ContentType := 'text/html; charset=UTF-8';
AResponseInfo.ContentText := ARequestInfo.Params.Values['echostr'];
end;
end;