From 566124b07d1ced752942a48f5c422906a6428696 Mon Sep 17 00:00:00 2001
From: KKSU <15274802129@163.com>
Date: Mon, 10 Feb 2025 10:13:39 +0800
Subject: [PATCH] fix(pay): 修复菲乌回调金额格式问题

---
 src/main/java/cc/mrbird/febs/pay/controller/FiuuReturnController.java |   36 +++++++++++++++++++++++++++++-------
 1 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/src/main/java/cc/mrbird/febs/pay/controller/FiuuReturnController.java b/src/main/java/cc/mrbird/febs/pay/controller/FiuuReturnController.java
index 19ba8b9..0b71004 100644
--- a/src/main/java/cc/mrbird/febs/pay/controller/FiuuReturnController.java
+++ b/src/main/java/cc/mrbird/febs/pay/controller/FiuuReturnController.java
@@ -17,6 +17,8 @@
 import org.springframework.web.bind.annotation.RequestParam;
 
 import javax.annotation.Resource;
+import java.math.BigDecimal;
+import java.math.RoundingMode;
 
 @Slf4j
 @Controller
@@ -37,20 +39,40 @@
             @RequestParam("status") String status,
             @RequestParam("domain") String domain,
             @RequestParam("currency") String currency,
+            @RequestParam("appcode") String appcode,
             @RequestParam("paydate") String payDate,
             @RequestParam("skey") String receivedSkey,
-            Model model) {
+            Model model)  {
 
-        // 验证skey以确保数据完整性
-        String preSkey = DigestUtils.md5Hex(tranId + orderId + status + domain + amount + currency);
-        String calculatedSkey = DigestUtils.md5Hex(payDate + domain + preSkey + SECRET_KEY);
+        // 1. 格式化amount为两位小数（确保与Fiuu传递的格式一致）
+        BigDecimal amountDecimal;
+        try {
+            amountDecimal = new BigDecimal(amount).setScale(2, RoundingMode.HALF_UP);
+        } catch (NumberFormatException e) {
+            throw new FebsException("金额格式错误: " + amount);
+        }
+        String formattedAmount = amountDecimal.toPlainString(); // 例如 "100.00"
 
-        log.info("callback status: {}", status);
-        log.info("callback skey: {}", receivedSkey);
+        // 2. 生成preSkey（严格按照参数顺序拼接）
+        log.info("callback Parameters for preSkey: tranId={}, orderId={}, status={}, domain={}, amount={}, currency={}", tranId, orderId, status, domain, amount, currency);
+        // 第一步哈希：pre_skey = md5(txnID + orderID + status + domain + amount + currency)
+        String preSkeyInput = tranId + orderId + status + domain + formattedAmount + currency;
+        String preSkey = DigestUtils.md5Hex(preSkeyInput);
+        log.info("callback preSkey生成参数: {}", preSkeyInput);
+        log.info("callback preSkey计算结果: {}", preSkey);
+        log.info("callback Parameters for calculatedSkey: payDate={}, domain={}, preSkey={}, appcode={}, SECRET_KEY={}", payDate, domain, preSkey, appcode, SECRET_KEY);
+        // 第二步哈希：skey = md5(paydate + domain + pre_skey + appcode + secret_key)
+        String skeyInput = payDate + domain + preSkey + appcode + SECRET_KEY;
+        String calculatedSkey = DigestUtils.md5Hex(skeyInput);
+
+        log.info("callback skey生成参数: {}", skeyInput);
+        log.info("callback callback status: {}", status);
+        log.info("callback receivedSkey: {}", receivedSkey);
         log.info("callback calculatedSkey: {}", calculatedSkey);
+
         if (!calculatedSkey.equalsIgnoreCase(receivedSkey)) {
             // 记录安全警告日志
-            throw new FebsException("订单回调失败，---"+orderId);
+            throw new FebsException("订单回调失败，---" + orderId);
         }
 
         // 将支付结果信息传递给支付成功页面

--
Gitblit v1.9.1