From eb70365bed10ef4032147193f8e4caf10830fad0 Mon Sep 17 00:00:00 2001
From: KKSU <15274802129@163.com>
Date: Thu, 18 Jan 2024 12:56:59 +0800
Subject: [PATCH] fapiao

---
 src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java      |    2 
 src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java          |    2 
 src/test/java/cc/mrbird/febs/ProfitTest.java                           |   25 ++++++++
 src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java |  111 +++++++++++++++++++++++-------------
 4 files changed, 96 insertions(+), 44 deletions(-)

diff --git a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
index 0b977e8..9391ea9 100644
--- a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
+++ b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
@@ -254,7 +254,7 @@
      */
     @Transactional(rollbackFor = Exception.class)
     @RequestMapping(value = "/fapiaoCallBack")
-    public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException {
+    public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) {
         return wxFaPiaoService.fapiaoCallBack(request,requestBody);
 
     }
diff --git a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
index bcb1cea..3af2770 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
@@ -25,5 +25,5 @@
 
     String sendGet(String url, Map<String, Object> params, String token);
 
-    Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException;
+    Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody);
 }
diff --git a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
index 54226c0..7c0a9ba 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
@@ -276,7 +276,7 @@
     }
 
     @Override
-    public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException {
+    public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){
         Map<String,Object> map = new HashMap<>();
         String signature = request.getHeader("Wechatpay-Signature");
         String timestamp = request.getHeader("Wechatpay-Timestamp");
@@ -289,8 +289,27 @@
         log.info("头信息---随机字符:" + nonce);
         log.info("头信息---平台证书序列号:" + serial);
         log.info("获取到的body信息:" + body);
+        //应对签名探测流量
+        if(signature.contains("WECHATPAY/SIGNTEST")){
+            map.put("code","500");
+            map.put("message", "失败");
+            return map;
+        }
         //验签
-        boolean signCheck = signCheck(timestamp, nonce, requestBody, signature);
+        boolean signCheck = false;
+        try {
+            signCheck = signCheck(timestamp, nonce, requestBody, signature);
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (SignatureException e) {
+            e.printStackTrace();
+        } catch (IOException e) {
+            e.printStackTrace();
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (ParseException e) {
+            e.printStackTrace();
+        }
         log.info("验签结果:" + signCheck);
         if (signCheck) {
             try {
@@ -346,7 +365,7 @@
                 e.printStackTrace();
             }
         }
-        map.put("code","FAIL");
+        map.put("code","500");
         map.put("message", "失败");
         return map;
     }
@@ -364,7 +383,12 @@
      * @throws IOException
      * @throws InvalidKeyException
      */
-    public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws NoSuchAlgorithmException, SignatureException, IOException, InvalidKeyException, ParseException {
+    public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws
+            NoSuchAlgorithmException,
+            SignatureException,
+            IOException,
+            InvalidKeyException,
+            ParseException {
         //构造验签名串
         String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
         // 加载SHA256withRSA签名器
@@ -432,44 +456,49 @@
     }
 
     public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException {
-        JCEUtil.removeCryptographyRestrictions();
-        String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
-        JSONObject jsonObject = JSONUtil.parseObj(body);
-        log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
-
-        String id = jsonObject.getStr("id");//可能是支付业务的回调数据
-        String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
-        String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
-        String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
-        String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
-        log.info("微信电子发票回调接口....id:"+ id);
-        log.info("微信电子发票回调接口....create_time:"+ create_time);
-        log.info("微信电子发票回调接口....resource_type:"+ resource_type);
-        log.info("微信电子发票回调接口....event_type:"+ event_type);
-        log.info("微信电子发票回调接口....resource:"+ resource);
-
-        if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
-                && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
-            //解密
-            AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
-            JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
-//            String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
-//            String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
-            String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
-            String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
-            String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
-            String decryptToString = aesUtil.decryptToString(
-                    associated_data.getBytes("utf-8"),
-                    nonce.getBytes("utf-8"),
-                    ciphertext);
-            log.info("微信电子发票回调接口....resource解密:"+decryptToString);
-
-            JSONObject parseObj = JSONUtil.parseObj(decryptToString);
-            log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
-            String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
-            log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
-
+        String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+        if(signature.contains("WECHATPAY/SIGNTEST")){
+            System.out.println(1);
         }
+
+//        JCEUtil.removeCryptographyRestrictions();
+//        String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
+//        JSONObject jsonObject = JSONUtil.parseObj(body);
+//        log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
+//
+//        String id = jsonObject.getStr("id");//可能是支付业务的回调数据
+//        String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
+//        String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
+//        String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
+//        String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
+//        log.info("微信电子发票回调接口....id:"+ id);
+//        log.info("微信电子发票回调接口....create_time:"+ create_time);
+//        log.info("微信电子发票回调接口....resource_type:"+ resource_type);
+//        log.info("微信电子发票回调接口....event_type:"+ event_type);
+//        log.info("微信电子发票回调接口....resource:"+ resource);
+//
+//        if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
+//                && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
+//            //解密
+//            AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
+//            JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
+////            String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
+////            String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
+//            String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
+//            String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
+//            String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
+//            String decryptToString = aesUtil.decryptToString(
+//                    associated_data.getBytes("utf-8"),
+//                    nonce.getBytes("utf-8"),
+//                    ciphertext);
+//            log.info("微信电子发票回调接口....resource解密:"+decryptToString);
+//
+//            JSONObject parseObj = JSONUtil.parseObj(decryptToString);
+//            log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
+//            String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
+//            log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
+//
+//        }
     }
 
 }
diff --git a/src/test/java/cc/mrbird/febs/ProfitTest.java b/src/test/java/cc/mrbird/febs/ProfitTest.java
index 1c57182..c17cb02 100644
--- a/src/test/java/cc/mrbird/febs/ProfitTest.java
+++ b/src/test/java/cc/mrbird/febs/ProfitTest.java
@@ -53,6 +53,7 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.ResourceLoader;
+import org.springframework.util.Base64Utils;
 import org.springframework.web.client.RestTemplate;
 
 import javax.annotation.Resource;
@@ -296,6 +297,8 @@
             e.printStackTrace();
         }
         String responseBodyAsString = wxFaPiaoService.sendGet(baseUrl + canonicalUrl, new HashMap<>(), "WECHATPAY2-SHA256-RSA2048 "+postStr);
+        //完成签名并执行请求
+        X509Certificate x509Certificate = null;
         try {
             cn.hutool.json.JSONObject maps = JSONUtil.parseObj(responseBodyAsString);
             System.out.println(maps);
@@ -316,13 +319,33 @@
 
                     ByteArrayInputStream inputStream = new ByteArrayInputStream(pulicKey.getBytes(StandardCharsets.UTF_8));
 
-                    X509Certificate x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
+                    x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
                     System.out.println(x509Certificate);
                 }
             }
         } catch (IOException e) {
             e.printStackTrace();
         }
+        String timestamp = "1705548628";
+        String nonce = "sJBCGwYIM8WFJCpTE3gDGifC6VOyrPFY";
+        String body = "{\"id\":\"f23942b4-b128-56ef-9172-2da8204b5159\",\"create_time\":\"2024-01-18T11:30:28+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"X7XjgHrepsnVpFqNgjl9EfRbJIdMUf15izFrtnvEf7So3SWlg6CFNofcQAJE+iL1XfkFk7DNNW0rILNbY1cGWGlAlKbbPhv5SFEakZVe9GZsSTd4EC5zTk9D6g+FTS6EQNxCkj4ut2WyYaSSqJjHgYaqdKzLNPSTGRVQnynafFE=\",\"associated_data\":\"fapiao\",\"nonce\":\"X7daAHdejNsm\"}}";
+        Map<String, Object> requestBody = JSONUtil.parseObj(body);
+        String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+        //构造验签名串
+        String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
+        System.out.println(signature.length());
+        System.out.println(signature);
+        System.out.println(signatureStr.length());
+        System.out.println(signatureStr);
+        // 加载SHA256withRSA签名器
+        Signature signer = Signature.getInstance("SHA256withRSA");
+        // 用微信平台公钥对签名器进行初始化(调上一节中的获取平台证书方法)
+        signer.initVerify(x509Certificate);
+        // 把我们构造的验签名串更新到签名器中
+        signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));
+        // 把请求头中微信服务器返回的签名用Base64解码 并使用签名器进行验证
+        boolean result = signer.verify(Base64Utils.decodeFromString(signature));
+        System.out.println(result);
     }
 
 

--
Gitblit v1.9.1