xc-mall.git - Gitblit

			@@ -1,108 +1,597 @@
			package cc.mrbird.febs.pay.service.impl;

			import cc.mrbird.febs.common.properties.XcxProperties;
			import cc.mrbird.febs.common.utils.AppContants;
			import cc.mrbird.febs.common.utils.SpringContextHolder;
			import cc.mrbird.febs.mall.entity.MallInvoice;
			import cc.mrbird.febs.mall.entity.MallOrderInfo;
			import cc.mrbird.febs.mall.entity.MallOrderItem;
			import cc.mrbird.febs.mall.mapper.MallInvoiceMapper;
			import cc.mrbird.febs.mall.mapper.MallOrderInfoMapper;
			import cc.mrbird.febs.mall.mapper.MallOrderItemMapper;
			import cc.mrbird.febs.pay.model.FPCertificateVo;
			import cc.mrbird.febs.pay.model.FPCertificates;
			import cc.mrbird.febs.pay.model.FPEncryptCertificate;
			import cc.mrbird.febs.pay.service.WxFaPiaoService;
			import cc.mrbird.febs.pay.util.JCEUtil;
			import cc.mrbird.febs.pay.util.RandomStringGenerator;
			import cn.hutool.core.collection.CollUtil;
			import cn.hutool.core.util.ObjectUtil;
			import cn.hutool.json.JSONObject;
			import cn.hutool.json.JSONUtil;
			import com.wechat.pay.contrib.apache.httpclient.util.AesUtil;
			import lombok.RequiredArgsConstructor;
			import lombok.SneakyThrows;
			import lombok.extern.slf4j.Slf4j;
			import okhttp3.HttpUrl;
			import org.apache.http.HttpEntity;
			import org.apache.http.client.methods.CloseableHttpResponse;
			import org.apache.http.client.methods.HttpGet;
			import org.apache.http.client.methods.HttpPatch;
			import org.apache.http.client.methods.HttpPost;
			import org.apache.http.client.protocol.HttpClientContext;
			import org.apache.http.entity.StringEntity;
			import org.apache.http.impl.client.CloseableHttpClient;
			import org.apache.http.impl.client.HttpClients;
			import org.apache.http.message.BasicNameValuePair;
			import org.apache.http.util.EntityUtils;
			import org.springframework.core.io.ClassPathResource;
			import org.springframework.stereotype.Service;
			import org.springframework.util.Base64Utils;
			import org.springframework.web.bind.annotation.RequestBody;

			import javax.servlet.http.HttpServletRequest;
			import java.io.*;
			import java.nio.charset.StandardCharsets;
			import java.security.*;
			import java.security.cert.CertificateFactory;
			import java.security.cert.X509Certificate;
			import java.util.Map;
			import java.security.spec.InvalidKeySpecException;
			import java.security.spec.PKCS8EncodedKeySpec;
			import java.text.ParseException;
			import java.text.SimpleDateFormat;
			import java.util.*;
			import java.util.stream.Collectors;
			import java.util.stream.Stream;

			@Slf4j
			@Service
			@RequiredArgsConstructor
			public class WxFaPiaoServiceImpl implements WxFaPiaoService {

			private final MallOrderInfoMapper mallOrderInfoMapper;
			private final MallOrderItemMapper mallOrderItemMapper;
			private final MallInvoiceMapper mallInvoiceMapper;

			private final XcxProperties xcxProperties = SpringContextHolder.getBean(XcxProperties.class);

			@Override
			public String createAuthorization(String method, String canonicalUrl, String body, KeyPair keyPair) {
			public String createAuthorization(String method, String canonicalUrl, String body, PrivateKey keyPair) throws UnsupportedEncodingException, NoSuchAlgorithmException {
			String nonceStr = RandomStringGenerator.getRandomStringByLength(32);//随机字符串
			long timestamp = System.currentTimeMillis() / 1000;//时间戳
			String signature = sign(method, canonicalUrl, timestamp, nonceStr, body, keyPair);//签名加密
			HttpUrl httpurl = HttpUrl.parse(canonicalUrl);
			String message = buildMessage(method, httpurl, timestamp, nonceStr, body);
			log.info("签名串：\n"+message);
			log.info("签名串长度：\n"+getWordCount(message));
			String signature = sign2(message.getBytes("utf-8"), keyPair);

			log.info("签名串sign：\n"+signature);
			log.info("签名串长度sign：\n"+getWordCount(signature));
			// String yourCertificateSerialNo = "221D49AEC4EA538A63941D1936709C8559EB05C5";
			return "mchid=\"" + xcxProperties.getWecharpayMchid() + "\","
			+ "nonce_str=\"" + nonceStr + "\","
			+ "timestamp=\"" + timestamp + "\","
			+ "serial_no=\"" + "50F37206347BCC9E6AC9860DAACE52AC035F7C24" + "\","//证书序列号
			+ "serial_no=\"" + AppContants.WX_CARD_NUM + "\","
			+ "signature=\"" + signature + "\"";
			}

			@Override
			public KeyPair getPrivateKey() {
			return createPKCS12("Tenpay Certificate", "1658958205");
			}
			/**
			* V3 SHA256withRSA 签名.
			*
			* @param method 请求方法 GET POST PUT DELETE 等
			* @param canonicalUrl 例如 https://api.mch.weixin.qq.com/v3/pay/transactions/app?version=1 ——> /v3/pay/transactions/app?version=1
			* @param timestamp 当前时间戳因为要配置到TOKEN 中所以签名中的要跟TOKEN 保持一致
			* @param nonceStr 随机字符串要和TOKEN中的保持一致
			* @param body 请求体 GET 为 "" POST 为JSON
			* @param keyPair 商户API 证书解析的密钥对实际使用的是其中的私钥
			* @return the string
			*/
			@SneakyThrows
			public String sign(String method, String canonicalUrl, long timestamp, String nonceStr, String body, KeyPair keyPair) {
			String signatureStr = Stream.of(method, canonicalUrl, String.valueOf(timestamp), nonceStr, body)
			.collect(Collectors.joining("\n", "", "\n"));
			Signature sign = Signature.getInstance("SHA256withRSA");
			sign.initSign(keyPair.getPrivate());
			sign.update(signatureStr.getBytes(StandardCharsets.UTF_8));
			return Base64Utils.encodeToString(sign.sign());
			}
			public int getWordCount(String s)
			{
			int length = 0 ;
			for ( int i = 0 ; i < s.length(); i ++ )
			{
			int ascii = Character.codePointAt(s, i);
			if (ascii >= 0 && ascii <= 255 )
			length ++ ;
			else
			length += 2 ;

			/**
			* 获取公私钥.通过证书
			*/
			private KeyStore store;
			private final Object lock = new Object();
			public KeyPair createPKCS12(String keyAlias, String keyPass) {
			ClassPathResource resource = new ClassPathResource(xcxProperties.getCertLocalPath());
			// File file = new File("src/main/resources/wxP12/apiclient_cert.p12");
			char[] pem = keyPass.toCharArray();
			try {
			synchronized (lock) {
			if (store == null) {
			synchronized (lock) {
			store = KeyStore.getInstance("PKCS12");
			store.load(resource.getInputStream(), pem);
			// store.load(new FileInputStream(file), pem);
			}
			}
			}
			X509Certificate certificate = (X509Certificate) store.getCertificate(keyAlias);
			certificate.checkValidity();
			// 证书的序列号也有用 50F37206347BCC9E6AC9860DAACE52AC035F7C24
			String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
			// 证书的公钥
			PublicKey publicKey = certificate.getPublicKey();
			// 证书的私钥
			PrivateKey storeKey = (PrivateKey) store.getKey(keyAlias, pem);
			return new KeyPair(publicKey, storeKey);
			} catch (Exception e) {
			throw new IllegalStateException("Cannot load keys from store: " , e);
			}
			return length;

			}

			public static void main(String[] args) {
			public String sign2(byte[] message,PrivateKey keyPair) throws NoSuchAlgorithmException {
			Signature sign = Signature.getInstance("SHA256withRSA");
			String s = null;
			try {
			System.out.println(new ClassPathResource("wxP12/apiclient_cert.p12").getFile().exists());
			} catch (IOException e) {
			sign.initSign(keyPair);
			sign.update(message);
			s = Base64.getEncoder().encodeToString(sign.sign());
			} catch (InvalidKeyException e) {
			e.printStackTrace();
			} catch (SignatureException e) {
			e.printStackTrace();
			}
			return s;
			}

			public String buildMessage(String method, HttpUrl url, long timestamp, String nonceStr, String body) {
			String canonicalUrl = url.encodedPath();
			if (url.encodedQuery() != null) {
			canonicalUrl += "?" + url.encodedQuery();
			}
			return method + "\n"
			+ canonicalUrl + "\n"
			+ timestamp + "\n"
			+ nonceStr + "\n"
			+ body + "\n";
			}

			@Override
			public PrivateKey getPrivateKeyV3() throws IOException {
			InputStream inputStream = new ClassPathResource("wxP12/apiclient_key.pem")
			.getInputStream();

			String content = new BufferedReader(new InputStreamReader(inputStream))
			.lines().collect(Collectors.joining(System.lineSeparator()));
			try {
			String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
			.replace("-----END PRIVATE KEY-----", "")
			.replaceAll("\\s+", "");

			KeyFactory kf = KeyFactory.getInstance("RSA");
			return kf.generatePrivate(
			new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
			} catch (NoSuchAlgorithmException e) {
			throw new RuntimeException("当前Java环境不支持RSA", e);
			} catch (InvalidKeySpecException e) {
			throw new RuntimeException("无效的密钥格式");
			}
			}

			@Override
			public String sendPatch(String url, String params, String token) {
			String result = "";
			CloseableHttpClient httpClient = HttpClients.createDefault();
			HttpPatch httpPatch = new HttpPatch(url);
			CloseableHttpResponse response = null;
			httpPatch.setHeader("Content-type", "application/json");
			httpPatch.setHeader("Charset", "utf-8");
			httpPatch.setHeader("Accept", "application/json");
			httpPatch.setHeader("Accept-Charset", "utf-8");
			httpPatch.setHeader("Authorization", token);
			try {
			StringEntity data = new StringEntity(params, "utf-8");
			httpPatch.setEntity(data);
			response = httpClient.execute(httpPatch);
			HttpEntity entity = response.getEntity();
			result = EntityUtils.toString(entity);
			} catch (Exception e) {
			result = "{\"status\":\"1\",\"error\":\"" + e.getMessage() + "\"}";
			}finally {
			try {
			httpClient.close();
			if (response != null) {
			response.close();
			}
			} catch (IOException var22) {
			var22.printStackTrace();
			}
			}
			return result;
			}

			@Override
			public String sendPost(String url, String params, String token) {
			String result = "";
			int err = 0;
			while (true) {
			CloseableHttpClient client = HttpClients.createDefault();
			HttpPost httpPost = new HttpPost(url);
			CloseableHttpResponse response = null;
			try {
			httpPost.addHeader("Content-type", "application/json");
			httpPost.addHeader("Charset", "utf-8");
			httpPost.addHeader("Accept", "application/json");
			httpPost.addHeader("Accept-Charset", "utf-8");
			httpPost.addHeader("Authorization", token);

			StringEntity data = new StringEntity(params, "utf-8");
			httpPost.setEntity(data);
			response = client.execute(httpPost);
			HttpEntity resEntity = response.getEntity();
			result = EntityUtils.toString(resEntity);
			return result;
			} catch (IOException e) {
			result = "{\"status\":\"1\",\"errors\":\"" + e.getMessage() + "\"}";
			if (err++ > 2) {
			break;
			}
			try {
			Thread.sleep((err + 2) * 1000);
			} catch (InterruptedException e1) {
			result = "{\"status\":\"1\",\"errors\":\"" + e1.getMessage() + "\"}";
			}
			}finally {
			try {
			client.close();
			if (response != null) {
			response.close();
			}
			} catch (IOException var22) {
			var22.printStackTrace();
			}
			}
			}
			return result;
			}

			@Override
			public String sendGet(String url, Map<String, Object> params, String token) {
			String result = "";
			int err = 0;
			while (true) {
			CloseableHttpClient httpClient = HttpClients.createDefault();
			CloseableHttpResponse response = null;
			try {
			List<BasicNameValuePair> parameters = new ArrayList<>();
			for (Map.Entry<String, Object> entry : params.entrySet()) {
			parameters.add(new BasicNameValuePair(entry.getKey(), entry.getValue().toString()));
			}
			StringBuilder dataparm = new StringBuilder();
			params.forEach((k, v) -> dataparm.append("&" + k + "=" + v));
			String urlparm = "";
			String string = dataparm.toString();
			if (!"".equals(string)) {
			urlparm = dataparm.toString().substring(1);
			}
			HttpGet httpget = new HttpGet(url + "?" + urlparm);

			httpget.addHeader("Accept", "application/json");
			httpget.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36");
			httpget.addHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
			httpget.addHeader("Authorization", token);
			response = httpClient.execute(httpget, HttpClientContext.create());

			HttpEntity resEntity = response.getEntity();
			result = EntityUtils.toString(resEntity);
			return result;
			} catch (IOException e) {
			result = "{\"status\":\"1\",\"errors\":\"" + e.getMessage() + "\"}";
			if (err++ > 2) {
			break;
			}
			try {
			Thread.sleep((err + 2) * 1000);
			} catch (InterruptedException e1) {
			result = "{\"status\":\"1\",\"errors\":\"" + e1.getMessage() + "\"}";
			}
			}finally {
			try {
			httpClient.close();
			if (response != null) {
			response.close();
			}
			} catch (IOException var22) {
			var22.printStackTrace();
			}
			}
			}
			return result;
			}

			@Override
			public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){
			Map<String,Object> map = new HashMap<>();
			String signature = request.getHeader("Wechatpay-Signature");
			String timestamp = request.getHeader("Wechatpay-Timestamp");
			String nonce = request.getHeader("Wechatpay-Nonce");
			//平台证书序列号不是API证书序列号
			String serial = request.getHeader("Wechatpay-Serial");
			String body = com.alibaba.fastjson.JSONObject.toJSONString(requestBody);
			log.info("头信息---签名：" + signature);
			log.info("头信息---时间戳：" + timestamp);
			log.info("头信息---随机字符：" + nonce);
			log.info("头信息---平台证书序列号：" + serial);
			log.info("获取到的body信息：" + body);
			//应对签名探测流量
			if(signature.contains("WECHATPAY/SIGNTEST")){
			map.put("code",500);
			map.put("message", "失败");
			return map;
			}
			//验签
			boolean signCheck = false;
			try {
			signCheck = signCheck(timestamp, nonce, requestBody, signature);
			} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
			} catch (SignatureException e) {
			e.printStackTrace();
			} catch (IOException e) {
			e.printStackTrace();
			} catch (InvalidKeyException e) {
			e.printStackTrace();
			} catch (ParseException e) {
			e.printStackTrace();
			}
			log.info("验签结果：" + signCheck);
			if (signCheck) {
			try {
			//解析请求体
			JSONObject jsonObject = JSONUtil.parseObj(body);
			log.info("微信电子发票回调接口....解析请求体:"+jsonObject);

			String id = jsonObject.getStr("id");//可能是支付业务的回调数据
			String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
			String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
			String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
			String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
			log.info("微信电子发票回调接口....id:"+ id);
			log.info("微信电子发票回调接口....create_time:"+ create_time);
			log.info("微信电子发票回调接口....resource_type:"+ resource_type);
			log.info("微信电子发票回调接口....event_type:"+ event_type);
			log.info("微信电子发票回调接口....resource:"+ resource);
			if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型：FAPIAO.USER_APPLIED
			&& "encrypt-resource".equals(resource_type)) {//通知的资源数据类型，确认成功通知为encryptresource。
			JCEUtil.removeCryptographyRestrictions();
			//解密
			AesUtil aesUtil = new AesUtil(xcxProperties.getWecharpaySecretV3().getBytes("utf-8"));
			JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
			String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
			String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
			String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
			String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
			String nonceStr = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
			String decryptToString = aesUtil.decryptToString(
			associated_data.getBytes("utf-8"),
			nonceStr.getBytes("utf-8"),
			ciphertext);
			log.info("微信电子发票回调接口....resource解密:"+decryptToString);

			JSONObject parseObj = JSONUtil.parseObj(decryptToString);
			log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
			String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
			log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
			MallOrderInfo mallOrderInfo = mallOrderInfoMapper.selectBypayOrderNo(fapiao_apply_id);
			if(ObjectUtil.isEmpty(mallOrderInfo)){
			map.put("code",404);
			map.put("message", "订单不存在");
			return map;
			}

			if(ObjectUtil.isNotEmpty(mallOrderInfo)){
			//更新订单状态
			// mallOrderInfo.setIsInvoice(1);
			// mallOrderInfoMapper.updateById(mallOrderInfo);
			//获取用户的抬头信息
			String userInvoiceInfo = this.getUserInvoiceInfo(fapiao_apply_id);
			JSONObject userInvoiceInfoJson = JSONUtil.parseObj(userInvoiceInfo);
			//查看当前订单是否已经开具发票
			Long memberId = mallOrderInfo.getMemberId();
			String payOrderNo = mallOrderInfo.getPayOrderNo();
			List<MallInvoice> mallInvoices = mallInvoiceMapper.selectByFapiaoApplyIdAndMemberId(fapiao_apply_id, mallOrderInfo.getMemberId());
			if(CollUtil.isEmpty(mallInvoices)){
			MallInvoice mallInvoice = new MallInvoice();
			mallInvoice.setMemberId(memberId);
			mallInvoice.setFapiaoApplyId(payOrderNo);
			mallInvoice.setOrderNo(mallOrderInfo.getOrderNo());
			mallInvoice.setOrderId(mallOrderInfo.getId());
			mallInvoice.setStatus(mallOrderInfo.getStatus());
			mallInvoice.setAmount(mallOrderInfo.getAmount());
			List<MallOrderItem> mallOrderItemList = mallOrderItemMapper.selectListByOrderId(mallOrderInfo.getId());
			mallInvoice.setGoodsImg(mallOrderItemList.get(0).getSkuImage());
			mallInvoice.setState(1);
			mallInvoice.setType(userInvoiceInfoJson.getStr("type"));
			mallInvoice.setName(userInvoiceInfoJson.getStr("name"));
			mallInvoice.setTaxpayerId(userInvoiceInfoJson.getStr("taxpayer_id"));
			mallInvoice.setAddress(userInvoiceInfoJson.getStr("address"));
			mallInvoice.setTelephone(userInvoiceInfoJson.getStr("telephone"));
			mallInvoice.setBankName(userInvoiceInfoJson.getStr("bank_name"));
			mallInvoice.setBankAccount(userInvoiceInfoJson.getStr("bank_account"));
			mallInvoiceMapper.insert(mallInvoice);
			}else{
			MallInvoice mallInvoice = mallInvoices.get(0);
			if(2 != mallInvoice.getState()){
			mallInvoice.setState(1);
			mallInvoice.setType(userInvoiceInfoJson.getStr("type"));
			mallInvoice.setName(userInvoiceInfoJson.getStr("name"));
			mallInvoice.setTaxpayerId(userInvoiceInfoJson.getStr("taxpayer_id"));
			mallInvoice.setAddress(userInvoiceInfoJson.getStr("address"));
			mallInvoice.setTelephone(userInvoiceInfoJson.getStr("telephone"));
			mallInvoice.setBankName(userInvoiceInfoJson.getStr("bank_name"));
			mallInvoice.setBankAccount(userInvoiceInfoJson.getStr("bank_account"));
			mallInvoiceMapper.updateById(mallInvoice);
			}
			}
			//省略查询订单
			//此处处理业务
			map.put("code","SUCCESS");
			map.put("message","成功");
			//消息推送成功
			return map;
			}
			}
			map.put("code",404);
			map.put("message", "订单不存在");
			return map;
			}catch (Exception e) {
			e.printStackTrace();
			}
			}
			map.put("code",500);
			map.put("message", "失败");
			return map;
			}
			/**
			* 获取用户的抬头信息
			*/
			@Override
			public String getUserInvoiceInfo(String fapiaoApplyId) throws IOException {

			//初始化请求参数
			Map<String, Object> params = new HashMap<>();
			params.put("scene","WITH_WECHATPAY");
			// params.put("fapiao_apply_id","4200002070202401175245187105");
			params.put("fapiao_apply_id",fapiaoApplyId);

			String baseUrl = "https://api.mch.weixin.qq.com";
			String canonicalUrl = "/v3/new-tax-control-fapiao/user-title";

			String urlparm = baseUrl+canonicalUrl;//有参数的get请求，加密是需要把参数加载进去URL
			List<BasicNameValuePair> parameters = new ArrayList<>();
			for (Map.Entry<String, Object> entry : params.entrySet()) {
			parameters.add(new BasicNameValuePair(entry.getKey(), entry.getValue().toString()));
			}
			StringBuilder dataparm = new StringBuilder();
			params.forEach((k, v) -> dataparm.append("&" + k + "=" + v));
			String string = dataparm.toString();
			if (!"".equals(string)) {
			urlparm = baseUrl+canonicalUrl + "?" + dataparm.substring(1);
			}
			PrivateKey privateKey = this.getPrivateKeyV3();
			String postStr = null;
			try {
			postStr = this.createAuthorization(
			"GET",
			urlparm,
			"",
			privateKey
			);
			} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
			}
			return this.sendGet(baseUrl+canonicalUrl, params, "WECHATPAY2-SHA256-RSA2048 "+postStr);
			}

			/**
			* 验证签名
			*
			* @param timestamp 微信平台传入的时间戳
			* @param nonce 微信平台传入的随机字符串
			* @param requestBody 微信平台传入的消息体
			* @param signature 微信平台传入的签名
			* @return
			* @throws NoSuchAlgorithmException
			* @throws SignatureException
			* @throws IOException
			* @throws InvalidKeyException
			*/
			public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws
			NoSuchAlgorithmException,
			SignatureException,
			IOException,
			InvalidKeyException,
			ParseException {
			//构造验签名串
			String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
			// 加载SHA256withRSA签名器
			Signature signer = Signature.getInstance("SHA256withRSA");
			// 用微信平台公钥对签名器进行初始化（调上一节中的获取平台证书方法）
			signer.initVerify(getCertificates());
			// 把我们构造的验签名串更新到签名器中
			signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));
			// 把请求头中微信服务器返回的签名用Base64解码并使用签名器进行验证
			boolean result = signer.verify(Base64Utils.decodeFromString(signature));
			return result;
			}


			/**
			* 获取平台证书
			*/
			public X509Certificate getCertificates() throws IOException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, ParseException {
			JCEUtil.removeCryptographyRestrictions();
			SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");

			PrivateKey privateKey = this.getPrivateKeyV3();
			String baseUrl = "https://api.mch.weixin.qq.com";
			String canonicalUrl = "/v3/certificates";
			String postStr = null;
			try {
			postStr = this.createAuthorization(
			"GET",
			baseUrl+canonicalUrl,
			"",
			privateKey

			);
			} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
			}
			//完成签名并执行请求
			X509Certificate x509Certificate = null;
			try {
			String responseBodyAsString = this.sendGet(baseUrl + canonicalUrl, new HashMap<>(), "WECHATPAY2-SHA256-RSA2048 "+postStr);
			FPCertificateVo certificateVo = com.alibaba.fastjson.JSONObject.parseObject(responseBodyAsString, FPCertificateVo.class);
			for (FPCertificates certificates : certificateVo.getData()) {
			if (format.parse(certificates.getEffective_time()).before(new Date())
			&& format.parse(certificates.getExpire_time()).after(new Date())) {
			FPEncryptCertificate encrypt_certificate = certificates.getEncrypt_certificate();
			//解密
			AesUtil aesUtil = new AesUtil(xcxProperties.getWecharpaySecretV3().getBytes("utf-8"));
			String pulicKey = aesUtil.decryptToString(
			encrypt_certificate.getAssociated_data().getBytes("utf-8"),
			encrypt_certificate.getNonce().getBytes("utf-8"),
			encrypt_certificate.getCiphertext());
			//获取平台证书
			final CertificateFactory cf = CertificateFactory.getInstance("X509");

			ByteArrayInputStream inputStream = new ByteArrayInputStream(pulicKey.getBytes(StandardCharsets.UTF_8));

			x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
			}
			}
			return x509Certificate;
			} catch (GeneralSecurityException \| ParseException e) {
			e.printStackTrace();
			}
			return null;
			}

			public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException {
			String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
			if(signature.contains("WECHATPAY/SIGNTEST")){
			System.out.println(1);
			}

			// JCEUtil.removeCryptographyRestrictions();
			// String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
			// JSONObject jsonObject = JSONUtil.parseObj(body);
			// log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
			//
			// String id = jsonObject.getStr("id");//可能是支付业务的回调数据
			// String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
			// String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
			// String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
			// String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
			// log.info("微信电子发票回调接口....id:"+ id);
			// log.info("微信电子发票回调接口....create_time:"+ create_time);
			// log.info("微信电子发票回调接口....resource_type:"+ resource_type);
			// log.info("微信电子发票回调接口....event_type:"+ event_type);
			// log.info("微信电子发票回调接口....resource:"+ resource);
			//
			// if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型：FAPIAO.USER_APPLIED
			// && !"encryptresource".equals(resource_type)) {//通知的资源数据类型，确认成功通知为encryptresource。
			// //解密
			// AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
			// JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
			//// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
			//// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
			// String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
			// String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
			// String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
			// String decryptToString = aesUtil.decryptToString(
			// associated_data.getBytes("utf-8"),
			// nonce.getBytes("utf-8"),
			// ciphertext);
			// log.info("微信电子发票回调接口....resource解密:"+decryptToString);
			//
			// JSONObject parseObj = JSONUtil.parseObj(decryptToString);
			// log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
			// String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
			// log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
			//
			// }
			}

			}