|
@@ -6,6 +6,8 @@ import com.yoho.core.security.WechatException; |
|
@@ -6,6 +6,8 @@ import com.yoho.core.security.WechatException; |
|
6
|
import com.yoho.core.security.WechatHelper;
|
6
|
import com.yoho.core.security.WechatHelper;
|
|
7
|
import com.yoho.error.ServiceError;
|
7
|
import com.yoho.error.ServiceError;
|
|
8
|
import com.yoho.error.exception.ServiceException;
|
8
|
import com.yoho.error.exception.ServiceException;
|
|
|
|
9
|
+import com.yohobuy.ufo.model.order.bo.OrderInfo;
|
|
|
|
10
|
+import com.yohobuy.ufo.model.order.bo.OutTradeNoMeta;
|
|
9
|
import com.yohobuy.ufo.model.order.bo.PaymentData;
|
11
|
import com.yohobuy.ufo.model.order.bo.PaymentData;
|
|
10
|
import com.yohoufo.common.utils.DateUtil;
|
12
|
import com.yohoufo.common.utils.DateUtil;
|
|
11
|
import com.yohoufo.common.utils.HttpClient;
|
13
|
import com.yohoufo.common.utils.HttpClient;
|
|
@@ -13,12 +15,10 @@ import com.yohoufo.common.utils.TimeUtils; |
|
@@ -13,12 +15,10 @@ import com.yohoufo.common.utils.TimeUtils; |
|
13
|
import com.yohoufo.common.utils.WXUtils;
|
15
|
import com.yohoufo.common.utils.WXUtils;
|
|
14
|
import com.yohoufo.order.config.WeixinPayConfig;
|
16
|
import com.yohoufo.order.config.WeixinPayConfig;
|
|
15
|
import com.yohoufo.order.constants.RefundContant;
|
17
|
import com.yohoufo.order.constants.RefundContant;
|
|
16
|
-import com.yohobuy.ufo.model.order.bo.OrderInfo;
|
|
|
|
17
|
import com.yohoufo.order.model.PayQueryBo;
|
18
|
import com.yohoufo.order.model.PayQueryBo;
|
|
18
|
import com.yohoufo.order.model.PayRefundBo;
|
19
|
import com.yohoufo.order.model.PayRefundBo;
|
|
19
|
import com.yohoufo.order.service.PaymentSupportService;
|
20
|
import com.yohoufo.order.service.PaymentSupportService;
|
|
20
|
import com.yohoufo.order.service.pay.AbstractPayService;
|
21
|
import com.yohoufo.order.service.pay.AbstractPayService;
|
|
21
|
-import com.yohobuy.ufo.model.order.bo.OutTradeNoMeta;
|
|
|
|
22
|
import org.apache.commons.lang3.StringUtils;
|
22
|
import org.apache.commons.lang3.StringUtils;
|
|
23
|
import org.slf4j.Logger;
|
23
|
import org.slf4j.Logger;
|
|
24
|
import org.slf4j.LoggerFactory;
|
24
|
import org.slf4j.LoggerFactory;
|
|
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.annotation.Value; |
|
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.annotation.Value; |
|
28
|
import java.util.HashMap;
|
28
|
import java.util.HashMap;
|
|
29
|
import java.util.LinkedHashMap;
|
29
|
import java.util.LinkedHashMap;
|
|
30
|
import java.util.Map;
|
30
|
import java.util.Map;
|
|
|
|
31
|
+import java.util.Objects;
|
|
31
|
|
32
|
|
|
32
|
import static com.yohoufo.order.utils.ServiceExceptions.throwServiceException;
|
33
|
import static com.yohoufo.order.utils.ServiceExceptions.throwServiceException;
|
|
33
|
|
34
|
|
|
@@ -70,7 +71,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -70,7 +71,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
70
|
return false;
|
71
|
return false;
|
|
71
|
}
|
72
|
}
|
|
72
|
|
73
|
|
|
73
|
- if(!md5SignVerify(paramsMap)) {
|
74
|
+ if(!verifySign(paramsMap)) {
|
|
74
|
log.error("[{}] sign verify failed", paramsMap.get("out_trade_no"));
|
75
|
log.error("[{}] sign verify failed", paramsMap.get("out_trade_no"));
|
|
75
|
return false;
|
76
|
return false;
|
|
76
|
}
|
77
|
}
|
|
@@ -161,18 +162,12 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -161,18 +162,12 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
161
|
* @return
|
162
|
* @return
|
|
162
|
*/
|
163
|
*/
|
|
163
|
private Map<String, String> buildPayQureyParams(String tradeNo) {
|
164
|
private Map<String, String> buildPayQureyParams(String tradeNo) {
|
|
164
|
-
|
|
|
|
165
|
Map<String, String> paramMap = new HashMap<String, String>();
|
165
|
Map<String, String> paramMap = new HashMap<String, String>();
|
|
166
|
- // RequestBuilder builder = new RequestBuilder();
|
|
|
|
167
|
paramMap.put("appid", getAppId());
|
166
|
paramMap.put("appid", getAppId());
|
|
168
|
paramMap.put("mch_id", getMchId());
|
167
|
paramMap.put("mch_id", getMchId());
|
|
169
|
paramMap.put("out_trade_no", tradeNo);
|
168
|
paramMap.put("out_trade_no", tradeNo);
|
|
170
|
paramMap.put("nonce_str", WXUtils.getNonceStr());
|
169
|
paramMap.put("nonce_str", WXUtils.getNonceStr());
|
|
171
|
-
|
|
|
|
172
|
- //md5签名
|
|
|
|
173
|
- String sign = signByMD5(paramMap);
|
|
|
|
174
|
- paramMap.put(WeixinPayConfig.ApiConstants.SIGN, sign);
|
|
|
|
175
|
- return paramMap;
|
170
|
+ return withHmacSha256Sign(paramMap);
|
|
176
|
}
|
171
|
}
|
|
177
|
|
172
|
|
|
178
|
protected String signByMD5(Map<String, String> signParams) {
|
173
|
protected String signByMD5(Map<String, String> signParams) {
|
|
@@ -189,6 +184,27 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -189,6 +184,27 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
189
|
return sign;
|
184
|
return sign;
|
|
190
|
}
|
185
|
}
|
|
191
|
|
186
|
|
|
|
|
187
|
+ protected Map<String, String> withHmacSha256Sign(Map<String, String> signParams){
|
|
|
|
188
|
+ signParams.put(WeixinPayConfig.ApiConstants.SIGN_TYPE, "HMAC-SHA256");
|
|
|
|
189
|
+ String sign = hmacSha256(signParams);
|
|
|
|
190
|
+ signParams.put(WeixinPayConfig.ApiConstants.SIGN, sign);
|
|
|
|
191
|
+ return signParams;
|
|
|
|
192
|
+ }
|
|
|
|
193
|
+
|
|
|
|
194
|
+ protected String hmacSha256(Map<String, String> signParams) {
|
|
|
|
195
|
+ String sign;
|
|
|
|
196
|
+ try {
|
|
|
|
197
|
+
|
|
|
|
198
|
+ sign = wechatHelper.signByHmacSha256(getMchId(), WXUtils.buildPreSignContent(signParams).toString());
|
|
|
|
199
|
+
|
|
|
|
200
|
+ } catch (WechatException e) {
|
|
|
|
201
|
+ log.info("wechat sign fail", e);
|
|
|
|
202
|
+ throwServiceException("微信签名失败");
|
|
|
|
203
|
+ sign = StringUtils.EMPTY;
|
|
|
|
204
|
+ }
|
|
|
|
205
|
+ return sign;
|
|
|
|
206
|
+ }
|
|
|
|
207
|
+
|
|
192
|
|
208
|
|
|
193
|
public PaymentData getPaymentData(Map<String, String> paramsMap) {
|
209
|
public PaymentData getPaymentData(Map<String, String> paramsMap) {
|
|
194
|
PaymentData paymentData = new PaymentData();
|
210
|
PaymentData paymentData = new PaymentData();
|
|
@@ -322,11 +338,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -322,11 +338,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
322
|
paramMap.put("op_user_id", getMchId());
|
338
|
paramMap.put("op_user_id", getMchId());
|
|
323
|
|
339
|
|
|
324
|
//签名
|
340
|
//签名
|
|
325
|
- //md5签名
|
|
|
|
326
|
- String sign = signByMD5(paramMap);
|
|
|
|
327
|
- paramMap.put(WeixinPayConfig.ApiConstants.SIGN, sign);
|
|
|
|
328
|
-
|
|
|
|
329
|
- return paramMap;
|
341
|
+ return withHmacSha256Sign(paramMap);
|
|
330
|
}
|
342
|
}
|
|
331
|
|
343
|
|
|
332
|
|
344
|
|
|
@@ -388,9 +400,9 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -388,9 +400,9 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
388
|
signParams.put("package", WeixinPayConfig.ApiConstants.RETURN_PREPAY_ID + "=" + prepayId);
|
400
|
signParams.put("package", WeixinPayConfig.ApiConstants.RETURN_PREPAY_ID + "=" + prepayId);
|
|
389
|
signParams.put("nonceStr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
|
401
|
signParams.put("nonceStr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
|
|
390
|
signParams.put("timeStamp", timeStamp);
|
402
|
signParams.put("timeStamp", timeStamp);
|
|
391
|
- signParams.put("signType", "MD5");
|
403
|
+ signParams.put("signType", "HMAC-SHA256");
|
|
392
|
|
404
|
|
|
393
|
- String sign = signByMD5(signParams);
|
405
|
+ String sign = hmacSha256(signParams);
|
|
394
|
|
406
|
|
|
395
|
JSONObject prepayJson = new JSONObject();
|
407
|
JSONObject prepayJson = new JSONObject();
|
|
396
|
prepayJson.put("timeStamp", signParams.get("timeStamp"));
|
408
|
prepayJson.put("timeStamp", signParams.get("timeStamp"));
|
|
@@ -424,8 +436,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -424,8 +436,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
424
|
prePayData.put("noncestr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
|
436
|
prePayData.put("noncestr", requestParams.get(WeixinPayConfig.ApiConstants.NONCE_STR));
|
|
425
|
prePayData.put("timestamp", timeStamp);
|
437
|
prePayData.put("timestamp", timeStamp);
|
|
426
|
|
438
|
|
|
427
|
- String sign = signByMD5(prePayData);
|
|
|
|
428
|
- prePayData.put("sign", sign);
|
439
|
+ withHmacSha256Sign(prePayData);
|
|
429
|
|
440
|
|
|
430
|
JSONObject sendData = new JSONObject();
|
441
|
JSONObject sendData = new JSONObject();
|
|
431
|
sendData.put("prePayUrl", weixinPayConfig.prepayUrl()); //实际上没用,为兼容APP,暂且保留
|
442
|
sendData.put("prePayUrl", weixinPayConfig.prepayUrl()); //实际上没用,为兼容APP,暂且保留
|
|
@@ -457,7 +468,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -457,7 +468,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
457
|
}
|
468
|
}
|
|
458
|
|
469
|
|
|
459
|
//验证签名
|
470
|
//验证签名
|
|
460
|
- if(!md5SignVerify(reponseMap)){
|
471
|
+ if(!verifySign(reponseMap)){
|
|
461
|
log.error("[{}] sign verify failed", orderCode);
|
472
|
log.error("[{}] sign verify failed", orderCode);
|
|
462
|
return false;
|
473
|
return false;
|
|
463
|
}
|
474
|
}
|
|
@@ -471,17 +482,17 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -471,17 +482,17 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
471
|
}
|
482
|
}
|
|
472
|
|
483
|
|
|
473
|
|
484
|
|
|
474
|
- /**
|
|
|
|
475
|
- * 验证MD5签名
|
|
|
|
476
|
- * @param paramsMap
|
|
|
|
477
|
- * @return
|
|
|
|
478
|
- */
|
|
|
|
479
|
- public boolean md5SignVerify(Map<String, String> paramsMap) {
|
|
|
|
480
|
- if(paramsMap == null)
|
485
|
+ public boolean verifySign(Map<String, String> paramsMap) {
|
|
|
|
486
|
+ if (paramsMap == null) {
|
|
481
|
return false;
|
487
|
return false;
|
|
482
|
-
|
488
|
+ }
|
|
|
|
489
|
+ String signType = paramsMap.get(WeixinPayConfig.ApiConstants.SIGN_TYPE);
|
|
|
|
490
|
+ if (Objects.equals(signType, "HMAC-SHA256")) {
|
|
|
|
491
|
+ return hmacSha256(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
|
|
|
|
492
|
+ } else {
|
|
483
|
return signByMD5(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
|
493
|
return signByMD5(paramsMap).equals(paramsMap.get(WeixinPayConfig.ApiConstants.SIGN));
|
|
484
|
}
|
494
|
}
|
|
|
|
495
|
+ }
|
|
485
|
|
496
|
|
|
486
|
/**
|
497
|
/**
|
|
487
|
* 预支付请求
|
498
|
* 预支付请求
|
|
@@ -536,11 +547,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
@@ -536,11 +547,7 @@ public abstract class AbstractWeixinPayService extends AbstractPayService { |
|
536
|
parameters.put(WeixinPayConfig.ApiConstants.LIMIT_PAY, WeixinPayConfig.ApiConstants.NO_CREDIT);
|
547
|
parameters.put(WeixinPayConfig.ApiConstants.LIMIT_PAY, WeixinPayConfig.ApiConstants.NO_CREDIT);
|
|
537
|
}
|
548
|
}
|
|
538
|
|
549
|
|
|
539
|
- //md5签名
|
|
|
|
540
|
- String sign = signByMD5(parameters);
|
|
|
|
541
|
- parameters.put(WeixinPayConfig.ApiConstants.SIGN, sign);
|
|
|
|
542
|
-
|
|
|
|
543
|
- return parameters;
|
550
|
+ return withHmacSha256Sign(parameters);
|
|
544
|
}
|
551
|
}
|
|
545
|
|
552
|
|
|
546
|
private String getPayExpireTimeStr(OrderInfo orderInfo){
|
553
|
private String getPayExpireTimeStr(OrderInfo orderInfo){
|
