From eb70365bed10ef4032147193f8e4caf10830fad0 Mon Sep 17 00:00:00 2001 From: KKSU <15274802129@163.com> Date: Thu, 18 Jan 2024 12:56:59 +0800 Subject: [PATCH] fapiao --- src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java | 2 src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java | 2 src/test/java/cc/mrbird/febs/ProfitTest.java | 25 ++++++++ src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java | 111 +++++++++++++++++++++++------------- 4 files changed, 96 insertions(+), 44 deletions(-) diff --git a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java index 0b977e8..9391ea9 100644 --- a/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java +++ b/src/main/java/cc/mrbird/febs/pay/controller/XcxPayController.java @@ -254,7 +254,7 @@ */ @Transactional(rollbackFor = Exception.class) @RequestMapping(value = "/fapiaoCallBack") - public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException { + public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) { return wxFaPiaoService.fapiaoCallBack(request,requestBody); } diff --git a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java index bcb1cea..3af2770 100644 --- a/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java +++ b/src/main/java/cc/mrbird/febs/pay/service/WxFaPiaoService.java @@ -25,5 +25,5 @@ String sendGet(String url, Map<String, Object> params, String token); - Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException; + Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody); } diff --git a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java index 54226c0..7c0a9ba 100644 --- a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java +++ b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java @@ -276,7 +276,7 @@ } @Override - public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException { + public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){ Map<String,Object> map = new HashMap<>(); String signature = request.getHeader("Wechatpay-Signature"); String timestamp = request.getHeader("Wechatpay-Timestamp"); @@ -289,8 +289,27 @@ log.info("头信息---随机字符:" + nonce); log.info("头信息---平台证书序列号:" + serial); log.info("获取到的body信息:" + body); + //应对签名探测流量 + if(signature.contains("WECHATPAY/SIGNTEST")){ + map.put("code","500"); + map.put("message", "失败"); + return map; + } //验签 - boolean signCheck = signCheck(timestamp, nonce, requestBody, signature); + boolean signCheck = false; + try { + signCheck = signCheck(timestamp, nonce, requestBody, signature); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (SignatureException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } catch (InvalidKeyException e) { + e.printStackTrace(); + } catch (ParseException e) { + e.printStackTrace(); + } log.info("验签结果:" + signCheck); if (signCheck) { try { @@ -346,7 +365,7 @@ e.printStackTrace(); } } - map.put("code","FAIL"); + map.put("code","500"); map.put("message", "失败"); return map; } @@ -364,7 +383,12 @@ * @throws IOException * @throws InvalidKeyException */ - public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws NoSuchAlgorithmException, SignatureException, IOException, InvalidKeyException, ParseException { + public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws + NoSuchAlgorithmException, + SignatureException, + IOException, + InvalidKeyException, + ParseException { //构造验签名串 String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n"; // 加载SHA256withRSA签名器 @@ -432,44 +456,49 @@ } public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException { - JCEUtil.removeCryptographyRestrictions(); - String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}"; - JSONObject jsonObject = JSONUtil.parseObj(body); - log.info("微信电子发票回调接口....解析请求体:"+jsonObject); - - String id = jsonObject.getStr("id");//可能是支付业务的回调数据 - String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据 - String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据 - String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据 - String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据 - log.info("微信电子发票回调接口....id:"+ id); - log.info("微信电子发票回调接口....create_time:"+ create_time); - log.info("微信电子发票回调接口....resource_type:"+ resource_type); - log.info("微信电子发票回调接口....event_type:"+ event_type); - log.info("微信电子发票回调接口....resource:"+ resource); - - if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED - && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。 - //解密 - AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8")); - JSONObject jsonObjectResource = JSONUtil.parseObj(resource); -// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据 -// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据 - String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据 - String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据 - String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据 - String decryptToString = aesUtil.decryptToString( - associated_data.getBytes("utf-8"), - nonce.getBytes("utf-8"), - ciphertext); - log.info("微信电子发票回调接口....resource解密:"+decryptToString); - - JSONObject parseObj = JSONUtil.parseObj(decryptToString); - log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj); - String fapiao_apply_id = parseObj.getStr("fapiao_apply_id"); - log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id); - + String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g=="; + if(signature.contains("WECHATPAY/SIGNTEST")){ + System.out.println(1); } + +// JCEUtil.removeCryptographyRestrictions(); +// String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}"; +// JSONObject jsonObject = JSONUtil.parseObj(body); +// log.info("微信电子发票回调接口....解析请求体:"+jsonObject); +// +// String id = jsonObject.getStr("id");//可能是支付业务的回调数据 +// String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据 +// String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据 +// String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据 +// String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据 +// log.info("微信电子发票回调接口....id:"+ id); +// log.info("微信电子发票回调接口....create_time:"+ create_time); +// log.info("微信电子发票回调接口....resource_type:"+ resource_type); +// log.info("微信电子发票回调接口....event_type:"+ event_type); +// log.info("微信电子发票回调接口....resource:"+ resource); +// +// if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED +// && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。 +// //解密 +// AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8")); +// JSONObject jsonObjectResource = JSONUtil.parseObj(resource); +//// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据 +//// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据 +// String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据 +// String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据 +// String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据 +// String decryptToString = aesUtil.decryptToString( +// associated_data.getBytes("utf-8"), +// nonce.getBytes("utf-8"), +// ciphertext); +// log.info("微信电子发票回调接口....resource解密:"+decryptToString); +// +// JSONObject parseObj = JSONUtil.parseObj(decryptToString); +// log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj); +// String fapiao_apply_id = parseObj.getStr("fapiao_apply_id"); +// log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id); +// +// } } } diff --git a/src/test/java/cc/mrbird/febs/ProfitTest.java b/src/test/java/cc/mrbird/febs/ProfitTest.java index 1c57182..c17cb02 100644 --- a/src/test/java/cc/mrbird/febs/ProfitTest.java +++ b/src/test/java/cc/mrbird/febs/ProfitTest.java @@ -53,6 +53,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.ResourceLoader; +import org.springframework.util.Base64Utils; import org.springframework.web.client.RestTemplate; import javax.annotation.Resource; @@ -296,6 +297,8 @@ e.printStackTrace(); } String responseBodyAsString = wxFaPiaoService.sendGet(baseUrl + canonicalUrl, new HashMap<>(), "WECHATPAY2-SHA256-RSA2048 "+postStr); + //完成签名并执行请求 + X509Certificate x509Certificate = null; try { cn.hutool.json.JSONObject maps = JSONUtil.parseObj(responseBodyAsString); System.out.println(maps); @@ -316,13 +319,33 @@ ByteArrayInputStream inputStream = new ByteArrayInputStream(pulicKey.getBytes(StandardCharsets.UTF_8)); - X509Certificate x509Certificate = (X509Certificate) cf.generateCertificate(inputStream); + x509Certificate = (X509Certificate) cf.generateCertificate(inputStream); System.out.println(x509Certificate); } } } catch (IOException e) { e.printStackTrace(); } + String timestamp = "1705548628"; + String nonce = "sJBCGwYIM8WFJCpTE3gDGifC6VOyrPFY"; + String body = "{\"id\":\"f23942b4-b128-56ef-9172-2da8204b5159\",\"create_time\":\"2024-01-18T11:30:28+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"X7XjgHrepsnVpFqNgjl9EfRbJIdMUf15izFrtnvEf7So3SWlg6CFNofcQAJE+iL1XfkFk7DNNW0rILNbY1cGWGlAlKbbPhv5SFEakZVe9GZsSTd4EC5zTk9D6g+FTS6EQNxCkj4ut2WyYaSSqJjHgYaqdKzLNPSTGRVQnynafFE=\",\"associated_data\":\"fapiao\",\"nonce\":\"X7daAHdejNsm\"}}"; + Map<String, Object> requestBody = JSONUtil.parseObj(body); + String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g=="; + //构造验签名串 + String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n"; + System.out.println(signature.length()); + System.out.println(signature); + System.out.println(signatureStr.length()); + System.out.println(signatureStr); + // 加载SHA256withRSA签名器 + Signature signer = Signature.getInstance("SHA256withRSA"); + // 用微信平台公钥对签名器进行初始化(调上一节中的获取平台证书方法) + signer.initVerify(x509Certificate); + // 把我们构造的验签名串更新到签名器中 + signer.update(signatureStr.getBytes(StandardCharsets.UTF_8)); + // 把请求头中微信服务器返回的签名用Base64解码 并使用签名器进行验证 + boolean result = signer.verify(Base64Utils.decodeFromString(signature)); + System.out.println(result); } -- Gitblit v1.9.1