微信公眾號支付之付款
阿新 • • 發佈:2018-12-31
最近專案新增微信公眾號內支付的功能,記錄整個過程如下;
本次記錄的主要是統一下單和支付結果通知兩個介面,退款介面下期會講到。
1.匯入pom檔案依賴
<dependency> <groupId>com.squareup.okio</groupId> <artifactId>okio</artifactId> <version>1.11.0</version> <scope>provided</scope> </dependency> <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </dependency><dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> <version>1.46</version> </dependency>
2.定義微信支付的資料model接收和傳遞相關引數
package com.tianxiapai.pub.interfaces.weixinpay.model; /** * 描述:統一下單請求引數<br> * 作者:Administrator <br> * 修改日期:2018年12月23日下午7:54:06 <br> * E-mail: @sinosoft.com.cn <br> */ public class UnifiedOrderRequest { //變數名 欄位名 必填 型別 示例值 描述 private String appid;//公眾賬號ID-微信支付分配的公眾賬號ID(企業號corpid即為此appId) private String mch_id;//商戶號-微信支付分配的商戶號 private String device_info;//裝置號-自定義引數,可以為終端裝置號(門店號或收銀裝置ID),PC網頁或公眾號內支付可以傳"WEB" private String nonce_str;//隨機字串-隨機字串,長度要求在32位以內。推薦隨機數生成演算法 private String sign;//簽名-通過簽名演算法計算得出的簽名值,詳見簽名生成演算法 private String sign_type;//簽名型別-簽名型別,預設為MD5,支援HMAC-SHA256和MD5。 private String body;//商品描述-騰訊充值中心-QQ會員充值 商品簡單描述,該欄位請按照規範傳遞,具體請見引數規定 private String detail;//商品詳情-單品優惠欄位(暫未上線) private String attach;//附加資料 private String out_trade_no;//商戶訂單號 private String fee_type;//標價幣種 private String total_fee;//標價金額 private String spbill_create_ip;//終端IP private String time_start;//交易起始時間 private String time_expire;//交易結束時間 private String goods_tag;//訂單優惠標記 private String notify_url;//通知地址 private String trade_type;//交易型別 private String product_id;//商品ID private String limit_pay;//指定支付方式
private String openid;//使用者標識 public String getAppid() { return appid; } public void setAppid(String appid) { this.appid = appid; } public String getMch_id() { return mch_id; } public void setMch_id(String mch_id) { this.mch_id = mch_id; } public String getDevice_info() { return device_info; } public void setDevice_info(String device_info) { this.device_info = device_info; } public String getNonce_str() { return nonce_str; } public void setNonce_str(String nonce_str) { this.nonce_str = nonce_str; } public String getSign() { return sign; } public void setSign(String sign) { this.sign = sign; } public String getSign_type() { return sign_type; } public void setSign_type(String sign_type) { this.sign_type = sign_type; } public String getBody() { return body; } public void setBody(String body) { this.body = body; } public String getDetail() { return detail; } public void setDetail(String detail) { this.detail = detail; } public String getAttach() { return attach; } public void setAttach(String attach) { this.attach = attach; } public String getOut_trade_no() { return out_trade_no; } public void setOut_trade_no(String out_trade_no) { this.out_trade_no = out_trade_no; } public String getFee_type() { return fee_type; } public void setFee_type(String fee_type) { this.fee_type = fee_type; } public String getTotal_fee() { return total_fee; } public void setTotal_fee(String total_fee) { this.total_fee = total_fee; } public String getSpbill_create_ip() { return spbill_create_ip; } public void setSpbill_create_ip(String spbill_create_ip) { this.spbill_create_ip = spbill_create_ip; } public String getTime_start() { return time_start; } public void setTime_start(String time_start) { this.time_start = time_start; } public String getTime_expire() { return time_expire; } public void setTime_expire(String time_expire) { this.time_expire = time_expire; } public String getGoods_tag() { return goods_tag; } public void setGoods_tag(String goods_tag) { this.goods_tag = goods_tag; } public String getNotify_url() { return notify_url; } public void setNotify_url(String notify_url) { this.notify_url = notify_url; } public String getTrade_type() { return trade_type; } public void setTrade_type(String trade_type) { this.trade_type = trade_type; } public String getProduct_id() { return product_id; } public void setProduct_id(String product_id) { this.product_id = product_id; } public String getLimit_pay() { return limit_pay; } public void setLimit_pay(String limit_pay) { this.limit_pay = limit_pay; } public String getOpenid() { return openid; } public void setOpenid(String openid) { this.openid = openid; } }
package com.tianxiapai.pub.interfaces.weixinpay.model; /** * 描述:統一下單返回引數<br> * 作者:Administrator <br> * 修改日期:2018年12月23日下午7:55:09 <br> * E-mail: @sinosoft.com.cn <br> */ public class UnifiedOrderRespose { private String return_code; //返回狀態碼 private String return_msg; //返回資訊 private String appid; //公眾賬號ID private String mch_id; //商戶號 private String device_info; //裝置號 private String nonce_str; //隨機字串 private String sign; //簽名 private String result_code; //業務結果 private String err_code; //錯誤程式碼 private String err_code_des; //錯誤程式碼描述 private String trade_type; //交易型別 private String prepay_id; //預支付交易會話標識 private String code_url; //二維碼連結 public String getReturn_code() { return return_code; } public void setReturn_code(String return_code) { this.return_code = return_code; } public String getReturn_msg() { return return_msg; } public void setReturn_msg(String return_msg) { this.return_msg = return_msg; } public String getAppid() { return appid; } public void setAppid(String appid) { this.appid = appid; } public String getMch_id() { return mch_id; } public void setMch_id(String mch_id) { this.mch_id = mch_id; } public String getDevice_info() { return device_info; } public void setDevice_info(String device_info) { this.device_info = device_info; } public String getNonce_str() { return nonce_str; } public void setNonce_str(String nonce_str) { this.nonce_str = nonce_str; } public String getSign() { return sign; } public void setSign(String sign) { this.sign = sign; } public String getResult_code() { return result_code; } public void setResult_code(String result_code) { this.result_code = result_code; } public String getErr_code() { return err_code; } public void setErr_code(String err_code) { this.err_code = err_code; } public String getErr_code_des() { return err_code_des; } public void setErr_code_des(String err_code_des) { this.err_code_des = err_code_des; } public String getTrade_type() { return trade_type; } public void setTrade_type(String trade_type) { this.trade_type = trade_type; } public String getPrepay_id() { return prepay_id; } public void setPrepay_id(String prepay_id) { this.prepay_id = prepay_id; } public String getCode_url() { return code_url; } public void setCode_url(String code_url) { this.code_url = code_url; } @Override public String toString() { return "UnifiedOrderRespose [return_code=" + return_code + ", return_msg=" + return_msg + ", appid=" + appid + ", mch_id=" + mch_id + ", device_info=" + device_info + ", nonce_str=" + nonce_str + ", sign=" + sign + ", result_code=" + result_code + ", err_code=" + err_code + ", err_code_des=" + err_code_des + ", trade_type=" + trade_type + ", prepay_id=" + prepay_id + ", code_url=" + code_url + "]"; } }
package com.tianxiapai.pub.interfaces.weixinpay.model; /** * 描述:微信支付常量<br> * 作者:Administrator <br> * 修改日期:2018年12月23日下午7:56:25 <br> * E-mail: @sinosoft.com.cn <br> */ public class WXPayConstants { public enum SignType { MD5, HMACSHA256 } public static final String FAIL = "FAIL"; public static final String SUCCESS = "SUCCESS"; public static final String HMACSHA256 = "HMAC-SHA256"; public static final String MD5 = "MD5"; public static final String FIELD_SIGN = "sign"; public static final String FIELD_SIGN_TYPE = "sign_type"; }
3.定義微信支付過程中幾個常用的工具類
package com.tianxiapai.pub.interfaces.weixinpay.utils;
import javax.servlet.http.HttpServletRequest;
public class IpUtil {
/**
* 獲取終端IP
* @param request
* @return
*/
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader( " x-forwarded-for " );
if (ip == null || ip.length() == 0 || " unknown " .equalsIgnoreCase(ip)) {
ip = request.getHeader( " Proxy-Client-IP " );
}
if (ip == null || ip.length() == 0 || " unknown " .equalsIgnoreCase(ip)) {
ip = request.getHeader( " WL-Proxy-Client-IP " );
}
if (ip == null || ip.length() == 0 || " unknown " .equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
}
package com.tianxiapai.pub.interfaces.weixinpay.utils; import java.security.MessageDigest; /** * 描述:MD5工具類<br> * 作者:Administrator <br> * 修改日期:2018年12月23日下午7:58:09 <br> * E-mail: @sinosoft.com.cn <br> */ public class MD5Util { public final static String MD5(String s) { char hexDigits[]={'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'}; try { byte[] btInput = s.getBytes(); MessageDigest mdInst = MessageDigest.getInstance("MD5"); mdInst.update(btInput); byte[] md = mdInst.digest(); int j = md.length; char str[] = new char[j * 2]; int k = 0; for (int i = 0; i < j; i++) { byte byte0 = md[i]; str[k++] = hexDigits[byte0 >>> 4 & 0xf]; str[k++] = hexDigits[byte0 & 0xf]; } String md5Str = new String(str); return md5Str; } catch (Exception e) { e.printStackTrace(); return null; } } }
package com.tianxiapai.pub.interfaces.weixinpay.utils; import java.io.BufferedOutputStream; import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.StringWriter; import java.io.UnsupportedEncodingException; import java.io.Writer; import java.net.HttpURLConnection; import java.net.URL; import java.security.MessageDigest; import java.security.Security; import java.util.Arrays; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import java.util.SortedMap; import java.util.TreeMap; import java.util.UUID; import javax.crypto.Cipher; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import org.apache.commons.lang3.StringUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.jdom2.Document; import org.jdom2.Element; import org.jdom2.input.SAXBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import com.thoughtworks.xstream.XStream; import com.thoughtworks.xstream.core.util.QuickWriter; import com.thoughtworks.xstream.io.HierarchicalStreamWriter; import com.thoughtworks.xstream.io.xml.PrettyPrintWriter; import com.thoughtworks.xstream.io.xml.XppDriver; import com.tianxiapai.pub.interfaces.weixinpay.model.UnifiedOrderRequest; import com.tianxiapai.pub.interfaces.weixinpay.model.UnifiedOrderRespose; import com.tianxiapai.pub.interfaces.weixinpay.model.WXPayConstants; import com.tianxiapai.pub.interfaces.weixinpay.model.WXPayConstants.SignType; public class WXPayUtil { private static Logger log = LoggerFactory.getLogger(WXPayUtil.class); /** * 生成訂單物件資訊 * * @param orderId 訂單號 * @param appId 微信appId * @param mch_id 微信分配的商戶ID * @param body 支付介紹主體 * @param price 支付價格(放大100倍) * @param spbill_create_ip 終端IP * @param notify_url 非同步直接結果通知介面地址 * @param noncestr * @return */ public static Map<String, Object> createOrderInfo(Map<String, String> requestMap, String weiXinPayAppSecret) { // 生成訂單物件 UnifiedOrderRequest unifiedOrderRequest = new UnifiedOrderRequest(); unifiedOrderRequest.setAppid(requestMap.get("appId"));// 公眾賬號ID unifiedOrderRequest.setBody(requestMap.get("body"));// 商品描述 unifiedOrderRequest.setMch_id(requestMap.get("mch_id"));// 商戶號 unifiedOrderRequest.setNonce_str(requestMap.get("noncestr"));// 隨機字串 unifiedOrderRequest.setNotify_url(requestMap.get("notify_url"));// 通知地址 unifiedOrderRequest.setOpenid(requestMap.get("userWeixinOpenId")); unifiedOrderRequest.setDetail(requestMap.get("detail"));// 詳情 unifiedOrderRequest.setOut_trade_no(requestMap.get("out_trade_no"));// 商戶訂單號 unifiedOrderRequest.setSpbill_create_ip(requestMap.get("spbill_create_ip"));// 終端IP unifiedOrderRequest.setTotal_fee(requestMap.get("payMoney")); // 金額需要擴大100倍:1代表支付時是0.01 unifiedOrderRequest.setTrade_type("JSAPI");// JSAPI--公眾號支付、NATIVE--原生掃碼支付、APP--app支付 SortedMap<String, String> packageParams = new TreeMap<String, String>(); packageParams.put("appid", unifiedOrderRequest.getAppid()); packageParams.put("body", unifiedOrderRequest.getBody()); packageParams.put("mch_id", unifiedOrderRequest.getMch_id()); packageParams.put("nonce_str", unifiedOrderRequest.getNonce_str()); packageParams.put("notify_url", unifiedOrderRequest.getNotify_url()); packageParams.put("openid", unifiedOrderRequest.getOpenid()); packageParams.put("detail", unifiedOrderRequest.getDetail()); packageParams.put("out_trade_no", unifiedOrderRequest.getOut_trade_no()); packageParams.put("spbill_create_ip", unifiedOrderRequest.getSpbill_create_ip()); packageParams.put("total_fee", unifiedOrderRequest.getTotal_fee()); packageParams.put("trade_type", unifiedOrderRequest.getTrade_type()); try { unifiedOrderRequest.setSign(generateSignature(packageParams, weiXinPayAppSecret));// 簽名 } catch (Exception e) { e.printStackTrace(); } // 將訂單物件轉為xml格式 xstream.alias("xml", UnifiedOrderRequest.class);// 根元素名需要是xml System.out.println("封裝好的統一下單請求資料:" + xstream.toXML(unifiedOrderRequest).replace("__", "_")); Map<String, Object> responseMap = new HashMap<String, Object>(); responseMap.put("orderInfo_toString", xstream.toXML(unifiedOrderRequest).replace("__", "_")); responseMap.put("unifiedOrderRequest", unifiedOrderRequest); return responseMap; } /** * 生成簽名 * * @param appid_value * @param mch_id_value * @param productId * @param nonce_str_value * @param trade_type * @param notify_url * @param spbill_create_ip * @param total_fee * @param out_trade_no * @return */ private static String createSign(UnifiedOrderRequest unifiedOrderRequest) { // 根據規則建立可排序的map集合 SortedMap<String, String> packageParams = new TreeMap<String, String>(); packageParams.put("appid", unifiedOrderRequest.getAppid()); packageParams.put("body", unifiedOrderRequest.getBody()); packageParams.put("mch_id", unifiedOrderRequest.getMch_id()); packageParams.put("nonce_str", unifiedOrderRequest.getNonce_str()); packageParams.put("notify_url", unifiedOrderRequest.getNotify_url()); packageParams.put("out_trade_no", unifiedOrderRequest.getOut_trade_no()); packageParams.put("spbill_create_ip", unifiedOrderRequest.getSpbill_create_ip()); packageParams.put("trade_type", unifiedOrderRequest.getTrade_type()); packageParams.put("total_fee", unifiedOrderRequest.getTotal_fee()); StringBuffer sb = new StringBuffer(); Set es = packageParams.entrySet();// 字典序 Iterator it = es.iterator(); while (it.hasNext()) { Map.Entry entry = (Map.Entry) it.next(); String k = (String) entry.getKey(); String v = (String) entry.getValue(); // 為空不參與簽名、引數名區分大小寫 if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k)) { sb.append(k + "=" + v + "&"); } } // 第二步拼接key,key設定路徑:微信商戶平臺(pay.weixin.qq.com)-->賬戶設定-->API安全-->金鑰設定 sb.append("key=" + "你的密匙"); String sign = MD5Util.MD5(sb.toString()).toUpperCase();// MD5加密 log.error("方式一生成的簽名=" + sign); return sign; } private static XStream xstream = new XStream(new XppDriver() { public HierarchicalStreamWriter createWriter(Writer out) { return new PrettyPrintWriter(out) { // 對所有xml節點的轉換都增加CDATA標記 boolean cdata = true; String NodeName = ""; @SuppressWarnings("unchecked") public void startNode(String name, Class clazz) { NodeName = name; super.startNode(name, clazz); } protected void writeText(QuickWriter writer, String text) { if (cdata) { if (!NodeName.equals("detail")) { writer.write(text); } else { writer.write("<![CDATA["); writer.write(text); writer.write("]]>"); } } else { writer.write(text); } } }; } }); // xml解析 public static SortedMap<String, String> doXMLParseWithSorted(String strxml) throws Exception { strxml = strxml.replaceFirst("encoding=\".*\"", "encoding=\"UTF-8\""); if (null == strxml || "".equals(strxml)) { return null; } SortedMap<String, String> m = new TreeMap<String, String>(); InputStream in = new ByteArrayInputStream(strxml.getBytes("UTF-8")); SAXBuilder builder = new SAXBuilder(); Document doc = builder.build(in); Element root = doc.getRootElement(); List list = root.getChildren(); Iterator it = list.iterator(); while (it.hasNext()) { Element e = (Element) it.next(); String k = e.getName(); String v = ""; List children = e.getChildren(); if (children.isEmpty()) { v = e.getTextNormalize(); } else { v = getChildrenText(children); } m.put(k, v); } // 關閉流 in.close(); return m; } public static String getChildrenText(List children) { StringBuffer sb = new StringBuffer(); if (!children.isEmpty()) { Iterator it = children.iterator(); while (it.hasNext()) { Element e = (Element) it.next(); String name = e.getName(); String value = e.getTextNormalize(); List list = e.getChildren(); sb.append("<" + name + ">"); if (!list.isEmpty()) { sb.append(getChildrenText(list)); } sb.append(value); sb.append("</" + name + ">"); } } return sb.toString(); } /** * 調統一下單API * * @param orderInfo * @return */ public static UnifiedOrderRespose httpOrder(String orderInfo) { String url = "https://api.mch.weixin.qq.com/pay/unifiedorder"; try { HttpURLConnection conn = (HttpURLConnection) new URL(url).openConnection(); // 加入資料 conn.setRequestMethod("POST"); conn.setDoOutput(true); BufferedOutputStream buffOutStr = new BufferedOutputStream(conn.getOutputStream()); buffOutStr.write(orderInfo.getBytes("UTF-8")); buffOutStr.flush(); buffOutStr.close(); // 獲取輸入流 BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8")); String line = null; StringBuffer sb = new StringBuffer(); while ((line = reader.readLine()) != null) { sb.append(line); } // 將請求返回的內容通過xStream轉換為UnifiedOrderRespose物件 xstream.alias("xml", UnifiedOrderRespose.class); UnifiedOrderRespose unifiedOrderRespose = (UnifiedOrderRespose) xstream.fromXML(sb.toString()); return unifiedOrderRespose; } catch (Exception e) { e.printStackTrace(); } return null; } /** * XML格式字串轉換為Map * * @param strXML XML字串 * @return XML資料轉換後的Map * @throws Exception */ public static Map<String, String> xmlToMap(String strXML) throws Exception { try { Map<String, String> data = new HashMap<String, String>(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8")); org.w3c.dom.Document doc = documentBuilder.parse(stream); doc.getDocumentElement().normalize(); NodeList nodeList = doc.getDocumentElement().getChildNodes(); for (int idx = 0; idx < nodeList.getLength(); ++idx) { Node node = nodeList.item(idx); if (node.getNodeType() == Node.ELEMENT_NODE) { org.w3c.dom.Element element = (org.w3c.dom.Element) node; data.put(element.getNodeName(), element.getTextContent()); } } try { stream.close(); } catch (Exception ex) { // do nothing } return data; } catch (Exception ex) { WXPayUtil.getLogger().warn("Invalid XML, can not convert to map. Error message: {}. XML content: {}", ex.getMessage(), strXML); throw ex; } } /** * 將Map轉換為XML格式的字串 * * @param data Map型別資料 * @return XML格式的字串 * @throws Exception */ public static String mapToXml(Map<String, String> data) throws Exception { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); org.w3c.dom.Document document = documentBuilder.newDocument(); org.w3c.dom.Element root = document.createElement("xml"); document.appendChild(root); for (String key : data.keySet()) { String value = data.get(key); if (value == null) { value = ""; } value = value.trim(); org.w3c.dom.Element filed = document.createElement(key); filed.appendChild(document.createTextNode(value)); root.appendChild(filed); } TransformerFactory tf = TransformerFactory.newInstance(); Transformer transformer = tf.newTransformer(); DOMSource source = new DOMSource(document); transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8"); transformer.setOutputProperty(OutputKeys.INDENT, "yes"); StringWriter writer = new StringWriter(); StreamResult result = new StreamResult(writer); transformer.transform(source, result); String output = writer.getBuffer().toString(); // .replaceAll("\n|\r", ""); try { writer.close(); } catch (Exception ex) { } return output; } /** * 生成帶有 sign 的 XML 格式字串 * * @param data Map型別資料 * @param key API金鑰 * @return 含有sign欄位的XML */ public static String generateSignedXml(final Map<String, String> data, String key) throws Exception { return generateSignedXml(data, key, SignType.MD5); } /** * 生成帶有 sign 的 XML 格式字串 * * @param data Map型別資料 * @param key API金鑰 * @param signType 簽名型別 * @return 含有sign欄位的XML */ public static String generateSignedXml(final Map<String, String> data, String key, SignType signType) throws Exception { String sign = generateSignature(data, key, signType); data.put(WXPayConstants.FIELD_SIGN, sign); return mapToXml(data); } /** * 判斷簽名是否正確 * * @param xmlStr XML格式資料 * @param key API金鑰 * @return 簽名是否正確 * @throws Exception */ public static boolean isSignatureValid(String xmlStr, String key) throws Exception { Map<String, String> data = xmlToMap(xmlStr); if (!data.containsKey(WXPayConstants.FIELD_SIGN)) { return false; } String sign = data.get(WXPayConstants.FIELD_SIGN); return generateSignature(data, key).equals(sign); } /** * 判斷簽名是否正確,必須包含sign欄位,否則返回false。使用MD5簽名。 * * @param data Map型別資料 * @param key API金鑰 * @return 簽名是否正確 * @throws Exception */ public static boolean isSignatureValid(Map<String, String> data, String key) throws Exception { return isSignatureValid(data, key, SignType.MD5); } /** * 判斷簽名是否正確,必須包含sign欄位,否則返回false。 * * @param data Map型別資料 * @param key API金鑰 * @param signType 簽名方式 * @return 簽名是否正確 * @throws Exception */ public static boolean isSignatureValid(Map<String, String> data, String key, SignType signType) throws Exception { if (!data.containsKey(WXPayConstants.FIELD_SIGN)) { return false; } String sign = data.get(WXPayConstants.FIELD_SIGN); return generateSignature(data, key, signType).equals(sign); } /** * 生成簽名 * * @param data 待簽名資料 * @param key API金鑰 * @return 簽名 */ public static String generateSignature(final Map<String, String> data, String key) throws Exception { return generateSignature(data, key, SignType.MD5); } /** * 生成簽名. 注意,若含有sign_type欄位,必須和signType引數保持一致。 * * @param data 待簽名資料 * @param key API金鑰 * @param signType 簽名方式 * @return 簽名 */ public static String generateSignature(final Map<String, String> data, String key, SignType signType) throws Exception { Set<String> keySet = data.keySet(); String[] keyArray = keySet.toArray(new String[keySet.size()]); Arrays.sort(keyArray); StringBuilder sb = new StringBuilder(); for (String k : keyArray) { if (k.equals(WXPayConstants.FIELD_SIGN)) { continue; } if (StringUtils.isNotBlank(data.get(k)) && data.get(k).trim().length() > 0) // 引數值為空,則不參與簽名 sb.append(k).append("=").append(data.get(k).trim()).append("&"); } sb.append("key=").append(key); if (SignType.MD5.equals(signType)) { return MD5(sb.toString()).toUpperCase(); } else if (SignType.HMACSHA256.equals(signType)) { return HMACSHA256(sb.toString(), key); } else { log.error("獲取簽名失敗,失敗原因:" + String.format("Invalid sign_type: %s", signType)); throw new Exception(String.format("Invalid sign_type: %s", signType)); } } /** * 獲取隨機字串 Nonce Str * * @return String 隨機字串 */ public static String generateNonceStr() { return UUID.randomUUID().toString().replaceAll("-", "").substring(0, 32); } /** * Map轉xml資料 */ public static String GetMapToXML(Map<String, String> param) { StringBuffer sb = new StringBuffer(); sb.append("<xml>"); for (Map.Entry<String, String> entry : param.entrySet()) { sb.append("<" + entry.getKey() + ">"); sb.append(entry.getValue()); sb.append("</" + entry.getKey() + ">"); } sb.append("</xml>"); return sb.toString(); } /** * 生成 MD5 * * @param data 待處理資料 * @return MD5結果 */ public static String MD5(String data) throws Exception { java.security.MessageDigest md = MessageDigest.getInstance("MD5"); byte[] array = md.digest(data.getBytes("UTF-8")); StringBuilder sb = new StringBuilder(); for (byte item : array) { sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3)); } return sb.toString().toUpperCase(); } /** * 生成 HMACSHA256 * * @param data 待處理資料 * @param key 金鑰 * @return 加密結果 * @throws Exception */ public static String HMACSHA256(String data, String key) throws Exception { Mac sha256_HMAC = Mac.getInstance("HmacSHA256"); SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256"); sha256_HMAC.init(secret_key); byte[] array = sha256_HMAC.doFinal(data.getBytes("UTF-8")); StringBuilder sb = new StringBuilder(); for (byte item : array) { sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3)); } return sb.toString().toUpperCase(); } /** * 日誌 * * @return */ public static Logger getLogger() { Logger logger = LoggerFactory.getLogger("wxpay java sdk"); return logger; } /** * 獲取當前時間戳,單位秒 * * @return */ public static long getCurrentTimestamp() { return System.currentTimeMillis() / 1000; } /** * 獲取當前時間戳,單位毫秒 * * @return */ public static long getCurrentTimestampMs() { return System.currentTimeMillis(); } /** * 生成 uuid, 即用來標識一筆單,也用做 nonce_str * * @return */ public static String generateUUID() { return UUID.randomUUID().toString().replaceAll("-", "").substring(0, 32); } /** * 支付簽名 * * @param timestamp * @param noncestr * @param packages * @return * @throws UnsupportedEncodingException */ public static String paySign(String timestamp, String noncestr, String packages, String appId) { Map<String, String> paras = new HashMap<String, String>(); paras.put("appid", appId); paras.put("timestamp", timestamp); paras.put("noncestr", noncestr); paras.put("package", packages); paras.put("signType", "MD5"); StringBuffer sb = new StringBuffer(); Set es = paras.entrySet();// 字典序 Iterator it = es.iterator(); while (it.hasNext()) { Map.Entry entry = (Map.Entry) it.next(); String k = (String) entry.getKey(); String v = (String) entry.getValue(); // 為空不參與簽名、引數名區分大小寫 if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k)) { sb.append(k + "=" + v + "&"); } } String sign = MD5Util.MD5(sb.toString()).toUpperCase();// MD5加密 return sign; } /** * 元轉換成分 * * @param amount * @return */ public static String getMoney(String amount) { if (amount == null) { return ""; } // 金額轉化為分為單位 // 處理包含, ¥ 或者$的金額 String currency = amount.replaceAll("\\$|\\¥|\\,", ""); int index = currency.indexOf("."); int length = currency.length(); Long amLong = 0l; if (index == -1) { amLong = Long.valueOf(currency + "00"); } else if (length - index >= 3) { amLong = Long.valueOf((currency.substring(0, index + 3)).replace(".", "")); } else if (length - index == 2) { amLong = Long.valueOf((currency.substring(0, index + 2)).replace(".", "") + 0); } else { amLong = Long.valueOf((currency.substring(0, index + 1)).replace(".", "") + "00"); } return amLong.toString(); } /** * 方法名稱: SortedMaptoXml<br> * 描述:請求值轉換為xml格式 SortedMap轉xml * 作者: WQ * 修改日期:2018年12月24日下午5:13:49 * * @param params * @return */ public static String SortedMaptoXml(SortedMap<String, String> params) { StringBuilder sb = new StringBuilder(); Set es = params.entrySet(); Iterator it = es.iterator(); sb.append("<xml>\n"); while (it.hasNext()) { Map.Entry entry = (Map.Entry) it.next(); String k = (String) entry.getKey(); Object v = entry.getValue(); sb.append("<" + k + ">"); sb.append(v); sb.append("</" + k + ">\n"); } sb.append("</xml>"); return sb.toString(); } /** * 建立md5摘要,規則是:按引數名稱a-z排序,遇到空值的引數不參加簽名。 */ public static String createSign(SortedMap<String, String> packageParams, String AppKey) { StringBuffer sb = new StringBuffer(); Set es = packageParams.entrySet(); Iterator it = es.iterator(); while (it.hasNext()) { Map.Entry entry = (Map.Entry) it.next(); String k = (String) entry.getKey(); String v = (String) entry.getValue(); if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k)) { sb.append(k + "=" + v + "&"); } } sb.append("key=" + AppKey); String sign = MD5Encode(sb.toString(), "UTF-8").toUpperCase(); return sign; } public static String MD5Encode(String origin, String charsetname) { String resultString = null; try { resultString = new String(origin); MessageDigest md = MessageDigest.getInstance("MD5"); if (charsetname == null || "".equals(charsetname)) resultString = byteArrayToHexString(md.digest(resultString .getBytes())); else resultString = byteArrayToHexString(md.digest(resultString .getBytes(charsetname))); } catch (Exception exception) { } return resultString; } private static String byteArrayToHexString(byte b[]) { StringBuffer resultSb = new StringBuffer(); for (int i = 0; i < b.length; i++) resultSb.append(byteToHexString(b[i])); return resultSb.toString(); } private static String byteToHexString(byte b) { int n = b; if (n < 0) n += 256; int d1 = n / 16; int d2 = n % 16; return hexDigits[d1] + hexDigits[d2]; } private static final String hexDigits[] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f" }; public static String getRefundDecrypt(byte[] bt, String key) { String result = ""; try { Security.addProvider(new BouncyCastleProvider()); SecretKey secretKey = new SecretKeySpec(key.getBytes(), "AES"); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC"); cipher.init(Cipher.DECRYPT_MODE, secretKey); byte[] resultbt = cipher.doFinal(bt); result = new String(resultbt,"UTF-8"); } catch (Exception e) { e.printStackTrace(); } return result; } }
5.呼叫微信統一下單介面
呼叫介面之前我們需要熟悉一下微信支付的流程。
/** * 描述:微信支付控制器<br> * 1.使用者發起微信支付,初始化資料、呼叫統一下單介面。 * 生成JSAPI頁面呼叫的支付引數並簽名(paySign,prepay_id,nonceStr,timestamp) * 2.js如果返回Ok,提示支付成功,實際支付結果已收到通知為主。 * 3.在微信支付結果通知中,獲取微信提供的終端使用者支付結果資訊,支付結果等資訊更新使用者支付記錄中 * 4.根據微信支付結果通知中的微信訂單號呼叫查詢介面,如果查詢是已經支付成功,則傳送支付成功模板資訊給客戶 * * 作者:Administrator <br> * 修改日期:2018年12月23日下午8:22:09 <br> * E-mail: @sinosoft.com.cn <br> */
6.統一下單介面
/** * 支付初始化 * * @param payMoney * @return */ @RequestMapping("/toPayInit") @ResponseBody public Result<Object> toPay(@RequestBody OrderModel orderModel, HttpServletRequest request) { //TODO 專案業務校驗(具體根據個人專案實際情況)
//1.使用者是否登入
//2.支付金額是否正確
//3.0元支付問題 //... Map<String, Object> map = new HashMap<>(); String noncestr = WXPayUtil.generateNonceStr(); Map<String, String> requestMap = new HashMap<String, String>(); requestMap.put("appId", ""); requestMap.put("out_trade_no", "商戶訂單號"); requestMap.put("mch_id", weixinConfig.getMchId()); requestMap.put("payMoney", "1"); requestMap.put("spbill_create_ip", IpUtil.getIpAddr(request)); requestMap.put("notify_url", "這裡設定微信支付結果通知地址URL"); requestMap.put("noncestr", noncestr); requestMap.put("body", "yyyyyyyyyyyyyyyyyyyy"); requestMap.put("detail", "xxxxxxxxx測試訂單"); Map<String, Object> requestInfo = WXPayUtil.createOrderInfo(requestMap, weixinConfig.getWeiXinPayAppSecret()); String orderInfo_toString = (String) requestInfo.get("orderInfo_toString"); // 判斷返回碼 UnifiedOrderRespose orderResponse = WXPayUtil.httpOrder(orderInfo_toString);// 呼叫統一下單介面 // 根據微信文件return_code 和result_code都為SUCCESS的時候才會返回code_url log.info("支付請求資料資訊:" + orderResponse.toString()); if (null != orderResponse && "SUCCESS".equals(orderResponse.getReturn_code()) && "SUCCESS".equals(orderResponse.getResult_code())) { String timestamp = String.valueOf(WXPayUtil.getCurrentTimestamp()); UnifiedOrderRequest unifiedOrderRequest = (UnifiedOrderRequest) requestInfo.get("unifiedOrderRequest"); map.put("unifiedOrderRequest", unifiedOrderRequest); SortedMap<String, String> packageParams = new TreeMap<String, String>(); packageParams.put("appId", weixinConfig.getWeiXinPayAppId()); packageParams.put("signType", "MD5"); packageParams.put("nonceStr", noncestr); packageParams.put("timeStamp", timestamp); String packages = "prepay_id=" + orderResponse.getPrepay_id(); packageParams.put("package", packages); String sign = null; // JS支付引數 map.put("appId", weixinConfig.getWeiXinPayAppId()); map.put("timeStamp", timestamp); map.put("nonceStr", noncestr); map.put("package", packages); map.put("signType", "MD5"); try { sign = WXPayUtil.generateSignature(packageParams, weixinConfig.getWeiXinPayAppSecret()); } catch (Exception e) { map.put("result", -1); e.printStackTrace(); } if (sign != null && !"".equals(sign)) { map.put("paySign", sign); map.put("result", 1); } else { map.put("result", -1); } map.put("prepay_id", orderResponse.getPrepay_id()); return new Result<Object>(map); } else { // 不成功 String text = "呼叫微信支付出錯,返回狀態碼:" + orderResponse.getReturn_code() + ",返回資訊:" + orderResponse.getReturn_msg(); if (orderResponse.getErr_code() != null && !"".equals(orderResponse.getErr_code())) { text = text + ",錯誤碼:" + orderResponse.getErr_code() + ",錯誤描述:" + orderResponse.getErr_code_des(); } log.info("支付失敗錯誤資訊:" + text); map.put("result", -1); return new Result<Object>(map); } }
上述程式碼中的微信支付商戶號的引數需要根據自己申請的微信支付商戶號的實際引數進行配置,否則校驗會不通過。
上述統一下單介面如果可以正常呼叫的話,傳值給前端頁面就可以正常調起微信支付的頁面了。
7.支付結果通知介面
/** * 支付成功非同步回撥介面 * * @param request * @param response * @throws Exception */ @RequestMapping(value = "/paymentNotice", produces = "text/html;charset=utf-8") @ResponseBody public String WeixinParentNotifyPage(HttpServletRequest request, HttpServletResponse response) throws Exception { ServletInputStream instream = request.getInputStream(); StringBuffer sb = new StringBuffer(); int len = -1; byte[] buffer = new byte[1024]; while ((len = instream.read(buffer)) != -1) { sb.append(new String(buffer, 0, len)); } instream.close(); log.info("支付通知回撥資訊:" + sb.toString()); Map<String, String> map = WXPayUtil.xmlToMap(sb.toString());// 接受微信的回撥的通知引數 Map<String, String> return_data = new HashMap<String, String>(); // 判斷簽名是否正確 if (WXPayUtil.isSignatureValid(map, weixinConfig.getWeiXinPayAppSecret())) { if (map.get("return_code").toString().equals("FAIL")) { return_data.put("return_code", "FAIL"); return_data.put("return_msg", map.get("return_msg")); } else if (map.get("return_code").toString().equals("SUCCESS")) { String result_code = map.get("result_code").toString(); String out_trade_no = map.get("out_trade_no").toString();
//根據out_trade_no商戶訂單號進行系統的業務邏輯判斷 TODO
// 2 已支付(不確定是否支付成功)3 支付完成 4 取消支付 5支付失敗
if (result_code.equals("SUCCESS")) {// 支付成功
if(支付成功){
return_data.put("return_code", "SUCCESS");
return_data.put("return_msg", "OK");
return WXPayUtil.GetMapToXML(return_data);
}else if(支付失敗){
return_data.put("return_code", "FAIL");
return_data.put("return_msg", "金額異常");
return WXPayUtil.GetMapToXML(return_data);
}
} } else { return_data.put("return_code", "FAIL"); return_data.put("return_msg", "簽名錯誤"); } String xml = WXPayUtil.GetMapToXML(return_data); log.info("支付通知回撥結果:" + xml); return xml; }
上述程式碼刪掉了部分專案業務邏輯,請自行根據專案實際情況填寫。
可以參考官方文件:
統一下單
https://pay.weixin.qq.com/wiki/doc/api/H5.php?chapter=9_20&index=1
支付結果通知
https://pay.weixin.qq.com/wiki/doc/api/H5.php?chapter=9_7&index=8