From eb70365bed10ef4032147193f8e4caf10830fad0 Mon Sep 17 00:00:00 2001
From: KKSU <15274802129@163.com>
Date: Thu, 18 Jan 2024 12:56:59 +0800
Subject: [PATCH] fapiao
---
src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java | 2
src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java | 2
src/test/java/cc/mrbird/febs/ProfitTest.java | 25 ++++++++
src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java | 111 +++++++++++++++++++++++-------------
4 files changed, 96 insertions(+), 44 deletions(-)
diff --git a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
index 0b977e8..9391ea9 100644
--- a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
+++ b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java
@@ -254,7 +254,7 @@
*/
@Transactional(rollbackFor = Exception.class)
@RequestMapping(value = "/fapiaoCallBack")
- public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException {
+ public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) {
return wxFaPiaoService.fapiaoCallBack(request,requestBody);
}
diff --git a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
index bcb1cea..3af2770 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java
@@ -25,5 +25,5 @@
String sendGet(String url, Map<String, Object> params, String token);
- Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException;
+ Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody);
}
diff --git a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
index 54226c0..7c0a9ba 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
@@ -276,7 +276,7 @@
}
@Override
- public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException {
+ public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){
Map<String,Object> map = new HashMap<>();
String signature = request.getHeader("Wechatpay-Signature");
String timestamp = request.getHeader("Wechatpay-Timestamp");
@@ -289,8 +289,27 @@
log.info("头信息---随机字符:" + nonce);
log.info("头信息---平台证书序列号:" + serial);
log.info("获取到的body信息:" + body);
+ //应对签名探测流量
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ map.put("code","500");
+ map.put("message", "失败");
+ return map;
+ }
//验签
- boolean signCheck = signCheck(timestamp, nonce, requestBody, signature);
+ boolean signCheck = false;
+ try {
+ signCheck = signCheck(timestamp, nonce, requestBody, signature);
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (SignatureException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ } catch (ParseException e) {
+ e.printStackTrace();
+ }
log.info("验签结果:" + signCheck);
if (signCheck) {
try {
@@ -346,7 +365,7 @@
e.printStackTrace();
}
}
- map.put("code","FAIL");
+ map.put("code","500");
map.put("message", "失败");
return map;
}
@@ -364,7 +383,12 @@
* @throws IOException
* @throws InvalidKeyException
*/
- public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws NoSuchAlgorithmException, SignatureException, IOException, InvalidKeyException, ParseException {
+ public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws
+ NoSuchAlgorithmException,
+ SignatureException,
+ IOException,
+ InvalidKeyException,
+ ParseException {
//构造验签名串
String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
// 加载SHA256withRSA签名器
@@ -432,44 +456,49 @@
}
public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException {
- JCEUtil.removeCryptographyRestrictions();
- String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
- JSONObject jsonObject = JSONUtil.parseObj(body);
- log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
-
- String id = jsonObject.getStr("id");//可能是支付业务的回调数据
- String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
- String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
- String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
- String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
- log.info("微信电子发票回调接口....id:"+ id);
- log.info("微信电子发票回调接口....create_time:"+ create_time);
- log.info("微信电子发票回调接口....resource_type:"+ resource_type);
- log.info("微信电子发票回调接口....event_type:"+ event_type);
- log.info("微信电子发票回调接口....resource:"+ resource);
-
- if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
- && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
- //解密
- AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
- JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
-// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
-// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
- String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
- String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
- String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
- String decryptToString = aesUtil.decryptToString(
- associated_data.getBytes("utf-8"),
- nonce.getBytes("utf-8"),
- ciphertext);
- log.info("微信电子发票回调接口....resource解密:"+decryptToString);
-
- JSONObject parseObj = JSONUtil.parseObj(decryptToString);
- log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
- String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
- log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
-
+ String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ System.out.println(1);
}
+
+// JCEUtil.removeCryptographyRestrictions();
+// String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
+// JSONObject jsonObject = JSONUtil.parseObj(body);
+// log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
+//
+// String id = jsonObject.getStr("id");//可能是支付业务的回调数据
+// String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
+// String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
+// String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
+// String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
+// log.info("微信电子发票回调接口....id:"+ id);
+// log.info("微信电子发票回调接口....create_time:"+ create_time);
+// log.info("微信电子发票回调接口....resource_type:"+ resource_type);
+// log.info("微信电子发票回调接口....event_type:"+ event_type);
+// log.info("微信电子发票回调接口....resource:"+ resource);
+//
+// if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
+// && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
+// //解密
+// AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
+// JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
+//// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
+//// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
+// String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
+// String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
+// String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
+// String decryptToString = aesUtil.decryptToString(
+// associated_data.getBytes("utf-8"),
+// nonce.getBytes("utf-8"),
+// ciphertext);
+// log.info("微信电子发票回调接口....resource解密:"+decryptToString);
+//
+// JSONObject parseObj = JSONUtil.parseObj(decryptToString);
+// log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
+// String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
+// log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
+//
+// }
}
}
diff --git a/src/test/java/cc/mrbird/febs/ProfitTest.java b/src/test/java/cc/mrbird/febs/ProfitTest.java
index 1c57182..c17cb02 100644
--- a/src/test/java/cc/mrbird/febs/ProfitTest.java
+++ b/src/test/java/cc/mrbird/febs/ProfitTest.java
@@ -53,6 +53,7 @@
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.ResourceLoader;
+import org.springframework.util.Base64Utils;
import org.springframework.web.client.RestTemplate;
import javax.annotation.Resource;
@@ -296,6 +297,8 @@
e.printStackTrace();
}
String responseBodyAsString = wxFaPiaoService.sendGet(baseUrl + canonicalUrl, new HashMap<>(), "WECHATPAY2-SHA256-RSA2048 "+postStr);
+ //完成签名并执行请求
+ X509Certificate x509Certificate = null;
try {
cn.hutool.json.JSONObject maps = JSONUtil.parseObj(responseBodyAsString);
System.out.println(maps);
@@ -316,13 +319,33 @@
ByteArrayInputStream inputStream = new ByteArrayInputStream(pulicKey.getBytes(StandardCharsets.UTF_8));
- X509Certificate x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
+ x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
System.out.println(x509Certificate);
}
}
} catch (IOException e) {
e.printStackTrace();
}
+ String timestamp = "1705548628";
+ String nonce = "sJBCGwYIM8WFJCpTE3gDGifC6VOyrPFY";
+ String body = "{\"id\":\"f23942b4-b128-56ef-9172-2da8204b5159\",\"create_time\":\"2024-01-18T11:30:28+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"X7XjgHrepsnVpFqNgjl9EfRbJIdMUf15izFrtnvEf7So3SWlg6CFNofcQAJE+iL1XfkFk7DNNW0rILNbY1cGWGlAlKbbPhv5SFEakZVe9GZsSTd4EC5zTk9D6g+FTS6EQNxCkj4ut2WyYaSSqJjHgYaqdKzLNPSTGRVQnynafFE=\",\"associated_data\":\"fapiao\",\"nonce\":\"X7daAHdejNsm\"}}";
+ Map<String, Object> requestBody = JSONUtil.parseObj(body);
+ String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+ //构造验签名串
+ String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
+ System.out.println(signature.length());
+ System.out.println(signature);
+ System.out.println(signatureStr.length());
+ System.out.println(signatureStr);
+ // 加载SHA256withRSA签名器
+ Signature signer = Signature.getInstance("SHA256withRSA");
+ // 用微信平台公钥对签名器进行初始化(调上一节中的获取平台证书方法)
+ signer.initVerify(x509Certificate);
+ // 把我们构造的验签名串更新到签名器中
+ signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));
+ // 把请求头中微信服务器返回的签名用Base64解码 并使用签名器进行验证
+ boolean result = signer.verify(Base64Utils.decodeFromString(signature));
+ System.out.println(result);
}
--
Gitblit v1.9.1