private string Token = "gacl";
public string wxGet(string signature, string timestamp, string nonce, string echostr)
{
//return echostr;
if (Check(signature, timestamp, nonce, Token))
{
return (echostr);//返回随机字符串则表示验证通过
}
else
{
return ("failed:" + signature + "," + GetSignature(timestamp, nonce, Token) + "。如果你在浏览器中看到这句话，说明此地址可以被作为微信公众账号后台的Url，请注意保持Token一致。");
}

    }
    /// <summary>
    /// 检查签名是否正确
    /// </summary>
    /// <param name="signature"></param>
    /// <param name="timestamp"></param>
    /// <param name="nonce"></param>
    /// <param name="token"></param>
    /// <returns></returns>
    public bool Check(string signature, string timestamp, string nonce, string token = null)
    {
        return signature == GetSignature(timestamp, nonce, token);
    }
    public string GetSignature(string timestamp, string nonce, string token = null)
    {
        token = token ?? Token;
        var arr = new[] { token, timestamp, nonce }.OrderBy(z => z).ToArray();
        var arrString = string.Join("", arr);
        //var enText = FormsAuthentication.HashPasswordForStoringInConfigFile(arrString, "SHA1");//使用System.Web.Security程序集
        var sha1 = System.Security.Cryptography.SHA1.Create();
        var sha1Arr = sha1.ComputeHash(Encoding.UTF8.GetBytes(arrString));
        System.Text.StringBuilder enText = new StringBuilder();
        foreach (var b in sha1Arr)
        {
            enText.AppendFormat("{0:x2}", b);
        }

        return enText.ToString();
    }