From eb70365bed10ef4032147193f8e4caf10830fad0 Mon Sep 17 00:00:00 2001
From: KKSU <15274802129@163.com>
Date: Thu, 18 Jan 2024 12:56:59 +0800
Subject: [PATCH] fapiao
---
src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java | 111 +++++++++++++++++++++++++++++++++++--------------------
1 files changed, 70 insertions(+), 41 deletions(-)
diff --git a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
index 54226c0..7c0a9ba 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
@@ -276,7 +276,7 @@
}
@Override
- public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, ParseException {
+ public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){
Map<String,Object> map = new HashMap<>();
String signature = request.getHeader("Wechatpay-Signature");
String timestamp = request.getHeader("Wechatpay-Timestamp");
@@ -289,8 +289,27 @@
log.info("头信息---随机字符:" + nonce);
log.info("头信息---平台证书序列号:" + serial);
log.info("获取到的body信息:" + body);
+ //应对签名探测流量
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ map.put("code","500");
+ map.put("message", "失败");
+ return map;
+ }
//验签
- boolean signCheck = signCheck(timestamp, nonce, requestBody, signature);
+ boolean signCheck = false;
+ try {
+ signCheck = signCheck(timestamp, nonce, requestBody, signature);
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (SignatureException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ } catch (ParseException e) {
+ e.printStackTrace();
+ }
log.info("验签结果:" + signCheck);
if (signCheck) {
try {
@@ -346,7 +365,7 @@
e.printStackTrace();
}
}
- map.put("code","FAIL");
+ map.put("code","500");
map.put("message", "失败");
return map;
}
@@ -364,7 +383,12 @@
* @throws IOException
* @throws InvalidKeyException
*/
- public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws NoSuchAlgorithmException, SignatureException, IOException, InvalidKeyException, ParseException {
+ public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws
+ NoSuchAlgorithmException,
+ SignatureException,
+ IOException,
+ InvalidKeyException,
+ ParseException {
//构造验签名串
String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
// 加载SHA256withRSA签名器
@@ -432,44 +456,49 @@
}
public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException {
- JCEUtil.removeCryptographyRestrictions();
- String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
- JSONObject jsonObject = JSONUtil.parseObj(body);
- log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
-
- String id = jsonObject.getStr("id");//可能是支付业务的回调数据
- String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
- String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
- String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
- String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
- log.info("微信电子发票回调接口....id:"+ id);
- log.info("微信电子发票回调接口....create_time:"+ create_time);
- log.info("微信电子发票回调接口....resource_type:"+ resource_type);
- log.info("微信电子发票回调接口....event_type:"+ event_type);
- log.info("微信电子发票回调接口....resource:"+ resource);
-
- if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
- && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
- //解密
- AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
- JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
-// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
-// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
- String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
- String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
- String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
- String decryptToString = aesUtil.decryptToString(
- associated_data.getBytes("utf-8"),
- nonce.getBytes("utf-8"),
- ciphertext);
- log.info("微信电子发票回调接口....resource解密:"+decryptToString);
-
- JSONObject parseObj = JSONUtil.parseObj(decryptToString);
- log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
- String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
- log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
-
+ String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ System.out.println(1);
}
+
+// JCEUtil.removeCryptographyRestrictions();
+// String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
+// JSONObject jsonObject = JSONUtil.parseObj(body);
+// log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
+//
+// String id = jsonObject.getStr("id");//可能是支付业务的回调数据
+// String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
+// String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
+// String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
+// String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
+// log.info("微信电子发票回调接口....id:"+ id);
+// log.info("微信电子发票回调接口....create_time:"+ create_time);
+// log.info("微信电子发票回调接口....resource_type:"+ resource_type);
+// log.info("微信电子发票回调接口....event_type:"+ event_type);
+// log.info("微信电子发票回调接口....resource:"+ resource);
+//
+// if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
+// && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
+// //解密
+// AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
+// JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
+//// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
+//// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
+// String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
+// String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
+// String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
+// String decryptToString = aesUtil.decryptToString(
+// associated_data.getBytes("utf-8"),
+// nonce.getBytes("utf-8"),
+// ciphertext);
+// log.info("微信电子发票回调接口....resource解密:"+decryptToString);
+//
+// JSONObject parseObj = JSONUtil.parseObj(decryptToString);
+// log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
+// String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
+// log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
+//
+// }
}
}
--
Gitblit v1.9.1