微信支付部分
This commit is contained in:
menxipeng
@@ -0,0 +1,83 @@
|
||||
package com.ruoyi.web.controller.back;
|
||||
|
||||
import com.alipay.easysdk.factory.Factory;
|
||||
import com.ruoyi.system.service.IOrderInfoService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 描述:
|
||||
*
|
||||
* @author MXP by 2025/11/25
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/call/back")
|
||||
public class HandleAlipayNotify {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(HandleAlipayNotify.class);
|
||||
|
||||
@Autowired
|
||||
private IOrderInfoService orderService;
|
||||
|
||||
@PostMapping("/alipay")
|
||||
public String handleAlipayNotify(HttpServletRequest request) {
|
||||
try {
|
||||
// 1. 将异步通知的参数转换为Map
|
||||
Map<String, String> params = new HashMap<>();
|
||||
Map<String, String[]> requestParams = request.getParameterMap();
|
||||
log.info("支付宝异步通知参数: {}", requestParams);
|
||||
for (String name : requestParams.keySet()) {
|
||||
String[] values = requestParams.get(name);
|
||||
String valueStr = "";
|
||||
for (int i = 0; i < values.length; i++) {
|
||||
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
|
||||
}
|
||||
params.put(name, valueStr);
|
||||
}
|
||||
log.info("支付宝异步通知处理后参数: {}", params);
|
||||
// 2. 验证签名(非常重要!防止伪造通知)
|
||||
// 使用SDK验证签名
|
||||
boolean signVerified = Factory
|
||||
.Payment
|
||||
.Common()
|
||||
.verifyNotify(params);
|
||||
|
||||
if (signVerified) {
|
||||
// 签名验证成功,说明通知是支付宝发的
|
||||
|
||||
// 3. 验证商户APP_ID是否匹配
|
||||
String appId = params.get("app_id");
|
||||
if (!"<你的APPID>".equals(appId)) {
|
||||
return "failure";
|
||||
}
|
||||
|
||||
// 4. 处理业务逻辑
|
||||
String tradeStatus = params.get("trade_status");
|
||||
String outTradeNo = params.get("out_trade_no"); // 你的订单号
|
||||
String tradeNo = params.get("trade_no"); // 支付宝的交易号
|
||||
|
||||
if ("TRADE_SUCCESS".equals(tradeStatus)) {
|
||||
// 支付成功!
|
||||
orderService.processPaymentAliResult(outTradeNo, tradeNo);
|
||||
return "success";
|
||||
}
|
||||
} else {
|
||||
// 签名验证失败,记录日志,可能是恶意请求
|
||||
return "failure";
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
// 处理失败,支付宝会稍后重发通知
|
||||
return "failure";
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,16 +1,30 @@
|
||||
package com.ruoyi.web.controller.back;
|
||||
|
||||
import com.ruoyi.common.core.domain.entity.OrderInfo;
|
||||
import com.ruoyi.common.enums.OrderStatus;
|
||||
import cn.hutool.json.JSONUtil;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.system.service.IOrderInfoService;
|
||||
import com.ruoyi.system.util.WeChatPayUtil;
|
||||
import com.wechat.pay.contrib.apache.httpclient.auth.AutoUpdateCertificatesVerifier;
|
||||
import com.wechat.pay.contrib.apache.httpclient.auth.PrivateKeySigner;
|
||||
import com.wechat.pay.contrib.apache.httpclient.auth.Verifier;
|
||||
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Credentials;
|
||||
import com.wechat.pay.contrib.apache.httpclient.util.PemUtil;
|
||||
import com.wechat.pay.java.core.notification.NotificationConfig;
|
||||
import com.wechat.pay.java.core.notification.NotificationParser;
|
||||
import com.wechat.pay.java.core.notification.RequestParam;
|
||||
import com.wechat.pay.java.service.payments.model.Transaction;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.xml.bind.ValidationException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.PrivateKey;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@@ -18,93 +32,120 @@ import java.util.Map;
|
||||
@RequestMapping("/call/back")
|
||||
public class WechatPayNotifyController {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(WechatPayNotifyController.class);
|
||||
|
||||
@Autowired
|
||||
private IOrderInfoService orderService;
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 微信支付结果回调接口
|
||||
* POST /api/wechat/pay/notify
|
||||
*/
|
||||
@PostMapping("/wechat")
|
||||
public Map<String, String> handleWechatPayNotify(HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
public Map<String, String> handleWechatPayNotify(HttpServletRequest request, HttpServletResponse response) {
|
||||
Map<String, String> result = new HashMap<>();
|
||||
|
||||
try {
|
||||
System.out.println("收到微信支付回调通知");
|
||||
// 1. 读取请求体
|
||||
String requestBody = getRequestBody(request);
|
||||
log.info("微信支付回调参数: {}", requestBody);
|
||||
if (StringUtils.isEmpty(requestBody)) {
|
||||
result.put("code", "FAIL");
|
||||
result.put("message", "请求体为空");
|
||||
return result;
|
||||
}
|
||||
|
||||
// 1. 构建回调参数
|
||||
RequestParam requestParam = buildRequestParam(request);
|
||||
// 2. 获取请求头中的关键信息
|
||||
String wechatpaySignature = request.getHeader("Wechatpay-Signature");
|
||||
String wechatpayTimestamp = request.getHeader("Wechatpay-Timestamp");
|
||||
String wechatpayNonce = request.getHeader("Wechatpay-Nonce");
|
||||
String wechatpaySerial = request.getHeader("Wechatpay-Serial");
|
||||
String wechatpaySignatureType = request.getHeader("Wechatpay-Signature-Type");
|
||||
|
||||
NotificationParser parser = new NotificationParser();
|
||||
// 2. 解析并验证通知
|
||||
log.info("回调头部信息:");
|
||||
log.info("Wechatpay-Signature: " + wechatpaySignature);
|
||||
log.info("Wechatpay-Timestamp: " + wechatpayTimestamp);
|
||||
log.info("Wechatpay-Nonce: " + wechatpayNonce);
|
||||
log.info("Wechatpay-Serial: " + wechatpaySerial);
|
||||
log.info("Wechatpay-Signature-Type: " + wechatpaySignatureType);
|
||||
|
||||
// 3. 验证必要的请求头
|
||||
if (StringUtils.isEmpty(wechatpaySignature) ||
|
||||
StringUtils.isEmpty(wechatpayTimestamp) ||
|
||||
StringUtils.isEmpty(wechatpayNonce) ||
|
||||
StringUtils.isEmpty(wechatpaySerial)) {
|
||||
result.put("code", "FAIL");
|
||||
result.put("message", "缺少必要的微信支付头部信息");
|
||||
return result;
|
||||
}
|
||||
|
||||
// 4. 构建 RequestParam
|
||||
RequestParam requestParam = new RequestParam.Builder()
|
||||
.serialNumber(wechatpaySerial)
|
||||
.nonce(wechatpayNonce)
|
||||
.signature(wechatpaySignature)
|
||||
.timestamp(wechatpayTimestamp)
|
||||
.signType(wechatpaySignatureType)
|
||||
.body(requestBody)
|
||||
.build();
|
||||
|
||||
// 5. 初始化验证器 - 正确的方式
|
||||
|
||||
NotificationParser parser = new NotificationParser((NotificationConfig) WeChatPayUtil.getConfig());
|
||||
|
||||
// 6. 解析并验证通知
|
||||
Transaction transaction = parser.parse(requestParam, Transaction.class);
|
||||
|
||||
System.out.println("解析支付通知成功:");
|
||||
System.out.println("商户订单号: " + transaction.getOutTradeNo());
|
||||
System.out.println("微信支付订单号: " + transaction.getTransactionId());
|
||||
System.out.println("交易状态: " + transaction.getTradeState());
|
||||
System.out.println("交易类型: " + transaction.getTradeType());
|
||||
System.out.println("金额: " + transaction.getAmount().getTotal());
|
||||
log.info("接收到微信支付回调:{}", JSONUtil.toJsonStr(transaction));
|
||||
|
||||
// 3. 处理业务逻辑
|
||||
orderService.processPaymentResult(transaction);
|
||||
|
||||
// if (processResult) {
|
||||
// // 4. 返回成功响应
|
||||
// result.put("code", "SUCCESS");
|
||||
// result.put("message", "成功");
|
||||
// System.out.println("支付回调处理成功");
|
||||
// } else {
|
||||
// result.put("code", "FAIL");
|
||||
// result.put("message", "处理失败");
|
||||
// System.err.println("支付回调处理失败");
|
||||
// }
|
||||
// 7. 处理业务逻辑
|
||||
//processPaymentResult(transaction, result);
|
||||
|
||||
} catch (Exception e) {
|
||||
System.err.println("支付回调处理异常: " + e.getMessage());
|
||||
} catch (ValidationException e) {
|
||||
// logger.error("签名验证失败", e);
|
||||
e.printStackTrace();
|
||||
|
||||
// 返回失败响应
|
||||
result.put("code", "FAIL");
|
||||
result.put("message", "签名验证失败");
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
//logger.error("微信支付回调处理失败", e);
|
||||
result.put("code", "FAIL");
|
||||
result.put("message", "处理异常: " + e.getMessage());
|
||||
}
|
||||
|
||||
return result;
|
||||
|
||||
// Map<String, String> result = new HashMap<>();
|
||||
//
|
||||
// try {
|
||||
// // 1. 构建回调参数
|
||||
// RequestParam requestParam = buildRequestParam(request);
|
||||
//
|
||||
//
|
||||
//
|
||||
//
|
||||
// NotificationParser parser = new NotificationParser();
|
||||
// // 2. 解析并验证通知
|
||||
// Transaction transaction = parser.parse(requestParam, Transaction.class);
|
||||
//
|
||||
// log.info("接收到微信支付回调:{}", JSONUtil.toJsonStr( transaction));
|
||||
//
|
||||
// // 3. 处理业务逻辑
|
||||
// orderService.processPaymentResult(transaction);
|
||||
//
|
||||
// //4. 返回成功响应
|
||||
// result.put("code", "SUCCESS");
|
||||
// result.put("message", "成功");
|
||||
// } catch (Exception e) {
|
||||
// log.error("支付回调处理异常: " + e.getMessage());
|
||||
// e.printStackTrace();
|
||||
// // 返回失败响应
|
||||
// result.put("code", "FAIL");
|
||||
// result.put("message", "处理异常: " + e.getMessage());
|
||||
// }
|
||||
// return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 从HttpServletRequest构建RequestParam
|
||||
*/
|
||||
private RequestParam buildRequestParam(HttpServletRequest request) throws Exception {
|
||||
// 获取微信回调的头部信息
|
||||
String wechatpaySerial = request.getHeader("Wechatpay-Serial");
|
||||
String wechatpaySignature = request.getHeader("Wechatpay-Signature");
|
||||
String wechatpayTimestamp = request.getHeader("Wechatpay-Timestamp");
|
||||
String wechatpayNonce = request.getHeader("Wechatpay-Nonce");
|
||||
String wechatpaySignatureType = request.getHeader("Wechatpay-Signature-Type");
|
||||
|
||||
System.out.println("回调头部信息:");
|
||||
System.out.println("Wechatpay-Serial: " + wechatpaySerial);
|
||||
System.out.println("Wechatpay-Timestamp: " + wechatpayTimestamp);
|
||||
System.out.println("Wechatpay-Nonce: " + wechatpayNonce);
|
||||
System.out.println("Wechatpay-Signature-Type: " + wechatpaySignatureType);
|
||||
|
||||
// 读取请求体
|
||||
String body = getRequestBody(request);
|
||||
System.out.println("回调请求体: " + body);
|
||||
|
||||
return new RequestParam.Builder()
|
||||
.serialNumber(wechatpaySerial)
|
||||
.nonce(wechatpayNonce)
|
||||
.signature(wechatpaySignature)
|
||||
.timestamp(wechatpayTimestamp)
|
||||
.signType(wechatpaySignatureType)
|
||||
.body(body)
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* 读取请求体内容
|
||||
@@ -127,7 +168,7 @@ public class WechatPayNotifyController {
|
||||
// */
|
||||
// private boolean handleRefund(Order order, Transaction transaction) {
|
||||
// // 实现退款逻辑
|
||||
// System.out.println("处理退款: " + order.getOutTradeNo());
|
||||
// log.info("处理退款: " + order.getOutTradeNo());
|
||||
// return true;
|
||||
// }
|
||||
//
|
||||
@@ -136,7 +177,7 @@ public class WechatPayNotifyController {
|
||||
// */
|
||||
// private boolean handleClosedPayment(Order order, Transaction transaction) {
|
||||
// // 实现订单关闭逻辑
|
||||
// System.out.println("处理订单关闭: " + order.getOutTradeNo());
|
||||
// log.info("处理订单关闭: " + order.getOutTradeNo());
|
||||
// return true;
|
||||
// }
|
||||
}
|
||||
|
||||
@@ -55,6 +55,12 @@ public class ClientOrderInfoController extends BaseController
|
||||
return orderInfoService.wechatPay(orderId);
|
||||
}
|
||||
|
||||
// 查询支付结果
|
||||
@GetMapping("/transactions")
|
||||
public AjaxResult paymentCallback(@RequestParam("transactionId") String transactionId){
|
||||
return orderInfoService.findTransactions(transactionId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 支付订单
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user