Merge branch 'test6.9.14' of http://git.yoho.cn/ufo/yohoufo-fore into test6.9.14

tanling
Commit 1fd1558a86f8053d776eb3af6ebb395633ac3e3a 2 parents b0ecf072 25db1f8a
Showing 2 changed files with 43 additions and 34 deletions
order/src/main/java/com/yohoufo/order/config/WeixinPayConfig.java
order/src/main/java/com/yohoufo/order/service/pay/weixin/AbstractWeixinPayService.java
--- a/order/src/main/java/com/yohoufo/order/config/WeixinPayConfig.java
View file @1fd1558
+++ b/order/src/main/java/com/yohoufo/order/config/WeixinPayConfig.java
View file @1fd1558
@@ -56,6 +56,8 @@ public class WeixinPayConfig {
 		public static final String NONCE_STR = "nonce_str";
 		//签名
 		public static final String SIGN = "sign";
+ 		//签名类型
+ 		public static final String SIGN_TYPE = "sign_type";
 		//商品描述
 		public static final String BODY = "body";
 		//商户订单号
--- a/order/src/main/java/com/yohoufo/order/service/pay/weixin/AbstractWeixinPayService.java
View file @1fd1558
+++ b/order/src/main/java/com/yohoufo/order/service/pay/weixin/AbstractWeixinPayService.java
View file @1fd1558
@@ -6,6 +6,8 @@ import com.yoho.core.security.WechatException;
 import com.yoho.core.security.WechatHelper;
 import com.yoho.error.ServiceError;
 import com.yoho.error.exception.ServiceException;
+ import com.yohobuy.ufo.model.order.bo.OrderInfo;
+ import com.yohobuy.ufo.model.order.bo.OutTradeNoMeta;
 import com.yohobuy.ufo.model.order.bo.PaymentData;
 import com.yohoufo.common.utils.DateUtil;
 import com.yohoufo.common.utils.HttpClient;
@@ -13,12 +15,10 @@ import com.yohoufo.common.utils.TimeUtils;
 import com.yohoufo.common.utils.WXUtils;
 import com.yohoufo.order.config.WeixinPayConfig;
 import com.yohoufo.order.constants.RefundContant;
- import com.yohobuy.ufo.model.order.bo.OrderInfo;
 import com.yohoufo.order.model.PayQueryBo;
 import com.yohoufo.order.model.PayRefundBo;
 import com.yohoufo.order.service.PaymentSupportService;
 import com.yohoufo.order.service.pay.AbstractPayService;
- import com.yohobuy.ufo.model.order.bo.OutTradeNoMeta;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.annotation.Value;
 import java.util.HashMap;
 import java.util.LinkedHashMap;
 import java.util.Map;
+ import java.util.Objects;
 
 import static com.yohoufo.order.utils.ServiceExceptions.throwServiceException;
 
@@ -70,7 +71,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
             return false;
         }
 
-         if(!md5SignVerify(paramsMap)) {
+         if(!verifySign(paramsMap)) {
             log.error("[{}] sign verify failed", paramsMap.get("out_trade_no"));
             return false;
         }
@@ -161,18 +162,12 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
      * @return
      */
     private Map<String, String> buildPayQureyParams(String tradeNo) {
- 
         Map<String, String> paramMap = new HashMap<String, String>();
-         // RequestBuilder builder = new RequestBuilder();
         paramMap.put("appid", getAppId());
         paramMap.put("mch_id", getMchId());
         paramMap.put("out_trade_no", tradeNo);
         paramMap.put("nonce_str", WXUtils.getNonceStr());
- 
-         //md5签名
-         String sign = signByMD5(paramMap);
-         paramMap.put(WeixinPayConfig.ApiConstants.SIGN, sign);
-         return paramMap;
+         return withHmacSha256Sign(paramMap);
     }
 
     protected String signByMD5(Map<String, String> signParams) {
@@ -189,6 +184,27 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
         return sign;
     }
 
+     protected Map<String, String> withHmacSha256Sign(Map<String, String> signParams){
+         signParams.put(WeixinPayConfig.ApiConstants.SIGN_TYPE, "HMAC-SHA256");
+         String sign = hmacSha256(signParams);
+         signParams.put(WeixinPayConfig.ApiConstants.SIGN, sign);
+         return signParams;
+     }
+ 
+     protected String hmacSha256(Map<String, String> signParams) {
+         String sign;
+         try {
+ 
+             sign = wechatHelper.signByHmacSha256(getMchId(), WXUtils.buildPreSignContent(signParams).toString());
+ 
+         } catch (WechatException e) {
+             log.info("wechat sign fail", e);
+             throwServiceException("微信签名失败");
+             sign = StringUtils.EMPTY;
+         }
+         return sign;
+     }
+ 
 
     public PaymentData getPaymentData(Map<String, String> paramsMap) {
         PaymentData paymentData = new PaymentData();
@@ -322,11 +338,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
         paramMap.put("op_user_id", getMchId());
 
         //签名
-         //md5签名
-         String sign = signByMD5(paramMap);
-         paramMap.put(WeixinPayConfig.ApiConstants.SIGN, sign);
- 
-         return paramMap;
+         return withHmacSha256Sign(paramMap);
     }
 
 
@@ -388,9 +400,9 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
         signParams.put("package", WeixinPayConfig.ApiConstants.RETURN_PREPAY_ID + "=" + prepayId);
         signParams.put("nonceStr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
         signParams.put("timeStamp", timeStamp);
-         signParams.put("signType", "MD5");
+         signParams.put("signType", "HMAC-SHA256");
 
-         String sign = signByMD5(signParams);
+         String sign = hmacSha256(signParams);
 
         JSONObject prepayJson = new JSONObject();
         prepayJson.put("timeStamp", signParams.get("timeStamp"));
@@ -424,8 +436,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
         prePayData.put("noncestr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
         prePayData.put("timestamp", timeStamp);
 
-         String sign = signByMD5(prePayData);
-         prePayData.put("sign", sign);
+         withHmacSha256Sign(prePayData);
 
         JSONObject sendData = new JSONObject();
         sendData.put("prePayUrl", weixinPayConfig.prepayUrl());	//实际上没用，为兼容APP，暂且保留
@@ -457,7 +468,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
         }
 
         //验证签名
-         if(!md5SignVerify(reponseMap)){
+         if(!verifySign(reponseMap)){
             log.error("[{}] sign verify failed", orderCode);
             return false;
         }
@@ -471,16 +482,16 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
     }
 
 
-     /**
-      * 验证MD5签名
-      * @param paramsMap
-      * @return
-      */
-     public boolean md5SignVerify(Map<String, String> paramsMap) {
-         if(paramsMap == null)
+     public boolean verifySign(Map<String, String> paramsMap) {
+         if (paramsMap == null) {
             return false;
- 
-         return signByMD5(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
+         }
+         String signType = paramsMap.get(WeixinPayConfig.ApiConstants.SIGN_TYPE);
+         if (Objects.equals(signType, "HMAC-SHA256")) {
+             return hmacSha256(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
+         } else {
+             return signByMD5(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
+         }
     }
 
     /**
@@ -536,11 +547,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService {
             parameters.put(WeixinPayConfig.ApiConstants.LIMIT_PAY, WeixinPayConfig.ApiConstants.NO_CREDIT);
         }
 
-         //md5签名
-         String sign = signByMD5(parameters);
-         parameters.put(WeixinPayConfig.ApiConstants.SIGN, sign);
- 
-         return parameters;
+         return withHmacSha256Sign(parameters);
     }
 
     private String getPayExpireTimeStr(OrderInfo orderInfo){