xc-mall.git - Gitblit

			@@ -16,7 +16,6 @@
			import org.springframework.web.bind.annotation.RequestParam;

			import javax.annotation.Resource;
			import java.io.IOException;
			import java.security.MessageDigest;
			import java.security.NoSuchAlgorithmException;

			@@ -26,6 +25,10 @@
			@Api(value = "FiuuReturnController", tags = "FIUU支付-ReturnURL")
			@RequestMapping(value = "/api/fuPayReturn")
			public class FiuuReturnController {

			private static final String SECRET_KEY = "59c709fc18978a6a83b87f05d37cecbf";
			@Resource
			private MallOrderInfoMapper mallOrderInfoMapper;

			@PostMapping("/payment/callback")
			public String handlePaymentCallback(
			@@ -37,13 +40,14 @@
			@RequestParam("currency") String currency,
			@RequestParam("paydate") String payDate,
			@RequestParam("approcode") String appCode,
			@RequestParam("skey") String skey,
			@RequestParam("skey") String receivedSkey,
			Model model) {

			// // 验证skey以确保数据完整性
			// if (!validateSkey(tranId, orderId, status, domain, amount, currency, payDate, skey)) {
			// return "error"; // 如果验证失败，跳转到错误页面
			// }
			// 验证skey以确保数据完整性
			String calculatedSkey = calculateSkey(tranId, orderId, status, domain, amount, currency, payDate, appCode);
			log.info("callback status: {}", status);
			log.info("callback skey: {}", receivedSkey);
			log.info("callback calculatedSkey: {}", calculatedSkey);

			// 将支付结果信息传递给支付成功页面
			model.addAttribute("amount", amount);
			@@ -53,54 +57,14 @@
			model.addAttribute("currency", currency);
			model.addAttribute("payDate", payDate);

			// 跳转到支付成功页面
			return "payment-success";
			}

			private boolean validateSkey(String tranId, String orderId, String status, String domain,
			String amount, String currency, String payDate, String skey) {
			// 这里实现skey的验证逻辑
			// 根据支付网关提供的skey生成规则，生成skey并与传入的skey进行比较
			// 如果一致，返回true，否则返回false
			return true; // 这里假设验证通过
			}

			private static final String SECRET_KEY = "59c709fc18978a6a83b87f05d37cecbf";
			@Resource
			private MallOrderInfoMapper mallOrderInfoMapper;

			// Java 通知接口暂时停止使用
			@PostMapping("/callback")
			public void handlePaymentCallback(
			@RequestParam("amount") String amount,
			@RequestParam("orderid") String orderId,
			@RequestParam("tranID") String tranId,
			@RequestParam("status") String status,
			@RequestParam("domain") String domain,
			@RequestParam("currency") String currency,
			@RequestParam("paydate") String payDate,
			@RequestParam("approcode") String appCode,
			@RequestParam("skey") String receivedSkey) throws IOException{

			// 计算 skey 验证
			String calculatedSkey = calculateSkey(tranId, orderId, status, domain, amount, currency, payDate, appCode);
			MallOrderInfo mallOrderInfo = ValidateEntityUtils
			.ensureColumnReturnEntity(orderId, MallOrderInfo::getId, mallOrderInfoMapper::selectOne, "订单不存在");
			log.info("callback status: {}", status);
			log.info("callback skey: {}", receivedSkey);
			log.info("callback calculatedSkey: {}", calculatedSkey);
			log.info("callback payResult: {}", mallOrderInfo.getPayResult());
			if("1".equals(mallOrderInfo.getPayResult())){
			return;
			}
			if (!calculatedSkey.equalsIgnoreCase(receivedSkey)) {
			// 记录安全警告日志
			throw new FebsException("订单回调失败，---"+orderId);
			}
			if ("00".equals(status)) {
			updateOrderStatus(orderId, status, amount, payDate, tranId);
			return;
			}
			updateOrderStatus(orderId, status, amount, payDate, tranId);

			// 跳转到支付成功页面
			return "payment-success";
			}

			private String calculateSkey(String tranId, String orderId, String status,