From 529ad9dd8d1876b57e852bc45b602ba3ccc8df2a Mon Sep 17 00:00:00 2001
From: KKSU <15274802129@163.com>
Date: Wed, 10 Apr 2024 17:19:08 +0800
Subject: [PATCH] 公告-首页公告调整
---
src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java | 615 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 552 insertions(+), 63 deletions(-)
diff --git a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
index a35aa8d..935ab4a 100644
--- a/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
+++ b/src/main/java/cc/mrbird/febs/pay/service/impl/WxFaPiaoServiceImpl.java
@@ -1,108 +1,597 @@
package cc.mrbird.febs.pay.service.impl;
import cc.mrbird.febs.common.properties.XcxProperties;
+import cc.mrbird.febs.common.utils.AppContants;
import cc.mrbird.febs.common.utils.SpringContextHolder;
+import cc.mrbird.febs.mall.entity.MallInvoice;
+import cc.mrbird.febs.mall.entity.MallOrderInfo;
+import cc.mrbird.febs.mall.entity.MallOrderItem;
+import cc.mrbird.febs.mall.mapper.MallInvoiceMapper;
+import cc.mrbird.febs.mall.mapper.MallOrderInfoMapper;
+import cc.mrbird.febs.mall.mapper.MallOrderItemMapper;
+import cc.mrbird.febs.pay.model.FPCertificateVo;
+import cc.mrbird.febs.pay.model.FPCertificates;
+import cc.mrbird.febs.pay.model.FPEncryptCertificate;
import cc.mrbird.febs.pay.service.WxFaPiaoService;
+import cc.mrbird.febs.pay.util.JCEUtil;
import cc.mrbird.febs.pay.util.RandomStringGenerator;
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import com.wechat.pay.contrib.apache.httpclient.util.AesUtil;
import lombok.RequiredArgsConstructor;
-import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import okhttp3.HttpUrl;
+import org.apache.http.HttpEntity;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpPatch;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicNameValuePair;
+import org.apache.http.util.EntityUtils;
import org.springframework.core.io.ClassPathResource;
import org.springframework.stereotype.Service;
import org.springframework.util.Base64Utils;
+import org.springframework.web.bind.annotation.RequestBody;
+import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.*;
+import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
-import java.util.Map;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.*;
import java.util.stream.Collectors;
-import java.util.stream.Stream;
@Slf4j
@Service
@RequiredArgsConstructor
public class WxFaPiaoServiceImpl implements WxFaPiaoService {
+ private final MallOrderInfoMapper mallOrderInfoMapper;
+ private final MallOrderItemMapper mallOrderItemMapper;
+ private final MallInvoiceMapper mallInvoiceMapper;
+
private final XcxProperties xcxProperties = SpringContextHolder.getBean(XcxProperties.class);
@Override
- public String createAuthorization(String method, String canonicalUrl, String body, KeyPair keyPair) {
+ public String createAuthorization(String method, String canonicalUrl, String body, PrivateKey keyPair) throws UnsupportedEncodingException, NoSuchAlgorithmException {
String nonceStr = RandomStringGenerator.getRandomStringByLength(32);//随机字符串
long timestamp = System.currentTimeMillis() / 1000;//时间戳
- String signature = sign(method, canonicalUrl, timestamp, nonceStr, body, keyPair);//签名加密
+ HttpUrl httpurl = HttpUrl.parse(canonicalUrl);
+ String message = buildMessage(method, httpurl, timestamp, nonceStr, body);
+ log.info("签名串:\n"+message);
+ log.info("签名串长度:\n"+getWordCount(message));
+ String signature = sign2(message.getBytes("utf-8"), keyPair);
+
+ log.info("签名串sign:\n"+signature);
+ log.info("签名串长度sign:\n"+getWordCount(signature));
+// String yourCertificateSerialNo = "221D49AEC4EA538A63941D1936709C8559EB05C5";
return "mchid=\"" + xcxProperties.getWecharpayMchid() + "\","
+ "nonce_str=\"" + nonceStr + "\","
+ "timestamp=\"" + timestamp + "\","
- + "serial_no=\"" + "50F37206347BCC9E6AC9860DAACE52AC035F7C24" + "\","//证书序列号
+ + "serial_no=\"" + AppContants.WX_CARD_NUM + "\","
+ "signature=\"" + signature + "\"";
}
- @Override
- public KeyPair getPrivateKey() {
- return createPKCS12("Tenpay Certificate", "1658958205");
- }
- /**
- * V3 SHA256withRSA 签名.
- *
- * @param method 请求方法 GET POST PUT DELETE 等
- * @param canonicalUrl 例如 https://api.mch.weixin.qq.com/v3/pay/transactions/app?version=1 ——> /v3/pay/transactions/app?version=1
- * @param timestamp 当前时间戳 因为要配置到TOKEN 中所以 签名中的要跟TOKEN 保持一致
- * @param nonceStr 随机字符串 要和TOKEN中的保持一致
- * @param body 请求体 GET 为 "" POST 为JSON
- * @param keyPair 商户API 证书解析的密钥对 实际使用的是其中的私钥
- * @return the string
- */
- @SneakyThrows
- public String sign(String method, String canonicalUrl, long timestamp, String nonceStr, String body, KeyPair keyPair) {
- String signatureStr = Stream.of(method, canonicalUrl, String.valueOf(timestamp), nonceStr, body)
- .collect(Collectors.joining("\n", "", "\n"));
- Signature sign = Signature.getInstance("SHA256withRSA");
- sign.initSign(keyPair.getPrivate());
- sign.update(signatureStr.getBytes(StandardCharsets.UTF_8));
- return Base64Utils.encodeToString(sign.sign());
- }
+ public int getWordCount(String s)
+ {
+ int length = 0 ;
+ for ( int i = 0 ; i < s.length(); i ++ )
+ {
+ int ascii = Character.codePointAt(s, i);
+ if (ascii >= 0 && ascii <= 255 )
+ length ++ ;
+ else
+ length += 2 ;
- /**
- * 获取公私钥.通过证书
- */
- private KeyStore store;
- private final Object lock = new Object();
- public KeyPair createPKCS12(String keyAlias, String keyPass) {
- ClassPathResource resource = new ClassPathResource(xcxProperties.getCertLocalPath());
-// File file = new File("src/main/resources/wxP12/apiclient_cert.p12");
- char[] pem = keyPass.toCharArray();
- try {
- synchronized (lock) {
- if (store == null) {
- synchronized (lock) {
- store = KeyStore.getInstance("PKCS12");
- store.load(resource.getInputStream(), pem);
-// store.load(new FileInputStream(file), pem);
- }
- }
- }
- X509Certificate certificate = (X509Certificate) store.getCertificate(keyAlias);
- certificate.checkValidity();
- // 证书的序列号 也有用 50F37206347BCC9E6AC9860DAACE52AC035F7C24
- String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
- // 证书的 公钥
- PublicKey publicKey = certificate.getPublicKey();
- // 证书的私钥
- PrivateKey storeKey = (PrivateKey) store.getKey(keyAlias, pem);
- return new KeyPair(publicKey, storeKey);
- } catch (Exception e) {
- throw new IllegalStateException("Cannot load keys from store: " , e);
}
+ return length;
+
}
- public static void main(String[] args) {
+ public String sign2(byte[] message,PrivateKey keyPair) throws NoSuchAlgorithmException {
+ Signature sign = Signature.getInstance("SHA256withRSA");
+ String s = null;
try {
- System.out.println(new ClassPathResource("wxP12/apiclient_cert.p12").getFile().exists());
- } catch (IOException e) {
+ sign.initSign(keyPair);
+ sign.update(message);
+ s = Base64.getEncoder().encodeToString(sign.sign());
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ } catch (SignatureException e) {
e.printStackTrace();
}
+ return s;
+ }
+
+ public String buildMessage(String method, HttpUrl url, long timestamp, String nonceStr, String body) {
+ String canonicalUrl = url.encodedPath();
+ if (url.encodedQuery() != null) {
+ canonicalUrl += "?" + url.encodedQuery();
+ }
+ return method + "\n"
+ + canonicalUrl + "\n"
+ + timestamp + "\n"
+ + nonceStr + "\n"
+ + body + "\n";
+ }
+
+ @Override
+ public PrivateKey getPrivateKeyV3() throws IOException {
+ InputStream inputStream = new ClassPathResource("wxP12/apiclient_key.pem")
+ .getInputStream();
+
+ String content = new BufferedReader(new InputStreamReader(inputStream))
+ .lines().collect(Collectors.joining(System.lineSeparator()));
+ try {
+ String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
+ .replace("-----END PRIVATE KEY-----", "")
+ .replaceAll("\\s+", "");
+
+ KeyFactory kf = KeyFactory.getInstance("RSA");
+ return kf.generatePrivate(
+ new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException("当前Java环境不支持RSA", e);
+ } catch (InvalidKeySpecException e) {
+ throw new RuntimeException("无效的密钥格式");
+ }
+ }
+
+ @Override
+ public String sendPatch(String url, String params, String token) {
+ String result = "";
+ CloseableHttpClient httpClient = HttpClients.createDefault();
+ HttpPatch httpPatch = new HttpPatch(url);
+ CloseableHttpResponse response = null;
+ httpPatch.setHeader("Content-type", "application/json");
+ httpPatch.setHeader("Charset", "utf-8");
+ httpPatch.setHeader("Accept", "application/json");
+ httpPatch.setHeader("Accept-Charset", "utf-8");
+ httpPatch.setHeader("Authorization", token);
+ try {
+ StringEntity data = new StringEntity(params, "utf-8");
+ httpPatch.setEntity(data);
+ response = httpClient.execute(httpPatch);
+ HttpEntity entity = response.getEntity();
+ result = EntityUtils.toString(entity);
+ } catch (Exception e) {
+ result = "{\"status\":\"1\",\"error\":\"" + e.getMessage() + "\"}";
+ }finally {
+ try {
+ httpClient.close();
+ if (response != null) {
+ response.close();
+ }
+ } catch (IOException var22) {
+ var22.printStackTrace();
+ }
+ }
+ return result;
+ }
+
+ @Override
+ public String sendPost(String url, String params, String token) {
+ String result = "";
+ int err = 0;
+ while (true) {
+ CloseableHttpClient client = HttpClients.createDefault();
+ HttpPost httpPost = new HttpPost(url);
+ CloseableHttpResponse response = null;
+ try {
+ httpPost.addHeader("Content-type", "application/json");
+ httpPost.addHeader("Charset", "utf-8");
+ httpPost.addHeader("Accept", "application/json");
+ httpPost.addHeader("Accept-Charset", "utf-8");
+ httpPost.addHeader("Authorization", token);
+
+ StringEntity data = new StringEntity(params, "utf-8");
+ httpPost.setEntity(data);
+ response = client.execute(httpPost);
+ HttpEntity resEntity = response.getEntity();
+ result = EntityUtils.toString(resEntity);
+ return result;
+ } catch (IOException e) {
+ result = "{\"status\":\"1\",\"errors\":\"" + e.getMessage() + "\"}";
+ if (err++ > 2) {
+ break;
+ }
+ try {
+ Thread.sleep((err + 2) * 1000);
+ } catch (InterruptedException e1) {
+ result = "{\"status\":\"1\",\"errors\":\"" + e1.getMessage() + "\"}";
+ }
+ }finally {
+ try {
+ client.close();
+ if (response != null) {
+ response.close();
+ }
+ } catch (IOException var22) {
+ var22.printStackTrace();
+ }
+ }
+ }
+ return result;
+ }
+
+ @Override
+ public String sendGet(String url, Map<String, Object> params, String token) {
+ String result = "";
+ int err = 0;
+ while (true) {
+ CloseableHttpClient httpClient = HttpClients.createDefault();
+ CloseableHttpResponse response = null;
+ try {
+ List<BasicNameValuePair> parameters = new ArrayList<>();
+ for (Map.Entry<String, Object> entry : params.entrySet()) {
+ parameters.add(new BasicNameValuePair(entry.getKey(), entry.getValue().toString()));
+ }
+ StringBuilder dataparm = new StringBuilder();
+ params.forEach((k, v) -> dataparm.append("&" + k + "=" + v));
+ String urlparm = "";
+ String string = dataparm.toString();
+ if (!"".equals(string)) {
+ urlparm = dataparm.toString().substring(1);
+ }
+ HttpGet httpget = new HttpGet(url + "?" + urlparm);
+
+ httpget.addHeader("Accept", "application/json");
+ httpget.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36");
+ httpget.addHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
+ httpget.addHeader("Authorization", token);
+ response = httpClient.execute(httpget, HttpClientContext.create());
+
+ HttpEntity resEntity = response.getEntity();
+ result = EntityUtils.toString(resEntity);
+ return result;
+ } catch (IOException e) {
+ result = "{\"status\":\"1\",\"errors\":\"" + e.getMessage() + "\"}";
+ if (err++ > 2) {
+ break;
+ }
+ try {
+ Thread.sleep((err + 2) * 1000);
+ } catch (InterruptedException e1) {
+ result = "{\"status\":\"1\",\"errors\":\"" + e1.getMessage() + "\"}";
+ }
+ }finally {
+ try {
+ httpClient.close();
+ if (response != null) {
+ response.close();
+ }
+ } catch (IOException var22) {
+ var22.printStackTrace();
+ }
+ }
+ }
+ return result;
+ }
+
+ @Override
+ public Map<String, Object> fapiaoCallBack(HttpServletRequest request, @RequestBody Map<String, Object> requestBody){
+ Map<String,Object> map = new HashMap<>();
+ String signature = request.getHeader("Wechatpay-Signature");
+ String timestamp = request.getHeader("Wechatpay-Timestamp");
+ String nonce = request.getHeader("Wechatpay-Nonce");
+ //平台证书序列号不是API证书序列号
+ String serial = request.getHeader("Wechatpay-Serial");
+ String body = com.alibaba.fastjson.JSONObject.toJSONString(requestBody);
+ log.info("头信息---签名:" + signature);
+ log.info("头信息---时间戳:" + timestamp);
+ log.info("头信息---随机字符:" + nonce);
+ log.info("头信息---平台证书序列号:" + serial);
+ log.info("获取到的body信息:" + body);
+ //应对签名探测流量
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ map.put("code",500);
+ map.put("message", "失败");
+ return map;
+ }
+ //验签
+ boolean signCheck = false;
+ try {
+ signCheck = signCheck(timestamp, nonce, requestBody, signature);
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (SignatureException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ } catch (ParseException e) {
+ e.printStackTrace();
+ }
+ log.info("验签结果:" + signCheck);
+ if (signCheck) {
+ try {
+ //解析请求体
+ JSONObject jsonObject = JSONUtil.parseObj(body);
+ log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
+
+ String id = jsonObject.getStr("id");//可能是支付业务的回调数据
+ String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
+ String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
+ String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
+ String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
+ log.info("微信电子发票回调接口....id:"+ id);
+ log.info("微信电子发票回调接口....create_time:"+ create_time);
+ log.info("微信电子发票回调接口....resource_type:"+ resource_type);
+ log.info("微信电子发票回调接口....event_type:"+ event_type);
+ log.info("微信电子发票回调接口....resource:"+ resource);
+ if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
+ && "encrypt-resource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
+ JCEUtil.removeCryptographyRestrictions();
+ //解密
+ AesUtil aesUtil = new AesUtil(xcxProperties.getWecharpaySecretV3().getBytes("utf-8"));
+ JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
+ String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
+ String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
+ String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
+ String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
+ String nonceStr = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
+ String decryptToString = aesUtil.decryptToString(
+ associated_data.getBytes("utf-8"),
+ nonceStr.getBytes("utf-8"),
+ ciphertext);
+ log.info("微信电子发票回调接口....resource解密:"+decryptToString);
+
+ JSONObject parseObj = JSONUtil.parseObj(decryptToString);
+ log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
+ String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
+ log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
+ MallOrderInfo mallOrderInfo = mallOrderInfoMapper.selectBypayOrderNo(fapiao_apply_id);
+ if(ObjectUtil.isEmpty(mallOrderInfo)){
+ map.put("code",404);
+ map.put("message", "订单不存在");
+ return map;
+ }
+
+ if(ObjectUtil.isNotEmpty(mallOrderInfo)){
+ //更新订单状态
+// mallOrderInfo.setIsInvoice(1);
+// mallOrderInfoMapper.updateById(mallOrderInfo);
+ //获取用户的抬头信息
+ String userInvoiceInfo = this.getUserInvoiceInfo(fapiao_apply_id);
+ JSONObject userInvoiceInfoJson = JSONUtil.parseObj(userInvoiceInfo);
+ //查看当前订单是否已经开具发票
+ Long memberId = mallOrderInfo.getMemberId();
+ String payOrderNo = mallOrderInfo.getPayOrderNo();
+ List<MallInvoice> mallInvoices = mallInvoiceMapper.selectByFapiaoApplyIdAndMemberId(fapiao_apply_id, mallOrderInfo.getMemberId());
+ if(CollUtil.isEmpty(mallInvoices)){
+ MallInvoice mallInvoice = new MallInvoice();
+ mallInvoice.setMemberId(memberId);
+ mallInvoice.setFapiaoApplyId(payOrderNo);
+ mallInvoice.setOrderNo(mallOrderInfo.getOrderNo());
+ mallInvoice.setOrderId(mallOrderInfo.getId());
+ mallInvoice.setStatus(mallOrderInfo.getStatus());
+ mallInvoice.setAmount(mallOrderInfo.getAmount());
+ List<MallOrderItem> mallOrderItemList = mallOrderItemMapper.selectListByOrderId(mallOrderInfo.getId());
+ mallInvoice.setGoodsImg(mallOrderItemList.get(0).getSkuImage());
+ mallInvoice.setState(1);
+ mallInvoice.setType(userInvoiceInfoJson.getStr("type"));
+ mallInvoice.setName(userInvoiceInfoJson.getStr("name"));
+ mallInvoice.setTaxpayerId(userInvoiceInfoJson.getStr("taxpayer_id"));
+ mallInvoice.setAddress(userInvoiceInfoJson.getStr("address"));
+ mallInvoice.setTelephone(userInvoiceInfoJson.getStr("telephone"));
+ mallInvoice.setBankName(userInvoiceInfoJson.getStr("bank_name"));
+ mallInvoice.setBankAccount(userInvoiceInfoJson.getStr("bank_account"));
+ mallInvoiceMapper.insert(mallInvoice);
+ }else{
+ MallInvoice mallInvoice = mallInvoices.get(0);
+ if(2 != mallInvoice.getState()){
+ mallInvoice.setState(1);
+ mallInvoice.setType(userInvoiceInfoJson.getStr("type"));
+ mallInvoice.setName(userInvoiceInfoJson.getStr("name"));
+ mallInvoice.setTaxpayerId(userInvoiceInfoJson.getStr("taxpayer_id"));
+ mallInvoice.setAddress(userInvoiceInfoJson.getStr("address"));
+ mallInvoice.setTelephone(userInvoiceInfoJson.getStr("telephone"));
+ mallInvoice.setBankName(userInvoiceInfoJson.getStr("bank_name"));
+ mallInvoice.setBankAccount(userInvoiceInfoJson.getStr("bank_account"));
+ mallInvoiceMapper.updateById(mallInvoice);
+ }
+ }
+ //省略查询订单
+ //此处处理业务
+ map.put("code","SUCCESS");
+ map.put("message","成功");
+ //消息推送成功
+ return map;
+ }
+ }
+ map.put("code",404);
+ map.put("message", "订单不存在");
+ return map;
+ }catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+ map.put("code",500);
+ map.put("message", "失败");
+ return map;
+ }
+ /**
+ * 获取用户的抬头信息
+ */
+ @Override
+ public String getUserInvoiceInfo(String fapiaoApplyId) throws IOException {
+
+ //初始化请求参数
+ Map<String, Object> params = new HashMap<>();
+ params.put("scene","WITH_WECHATPAY");
+// params.put("fapiao_apply_id","4200002070202401175245187105");
+ params.put("fapiao_apply_id",fapiaoApplyId);
+
+ String baseUrl = "https://api.mch.weixin.qq.com";
+ String canonicalUrl = "/v3/new-tax-control-fapiao/user-title";
+
+ String urlparm = baseUrl+canonicalUrl;//有参数的get请求,加密是需要把参数加载进去URL
+ List<BasicNameValuePair> parameters = new ArrayList<>();
+ for (Map.Entry<String, Object> entry : params.entrySet()) {
+ parameters.add(new BasicNameValuePair(entry.getKey(), entry.getValue().toString()));
+ }
+ StringBuilder dataparm = new StringBuilder();
+ params.forEach((k, v) -> dataparm.append("&" + k + "=" + v));
+ String string = dataparm.toString();
+ if (!"".equals(string)) {
+ urlparm = baseUrl+canonicalUrl + "?" + dataparm.substring(1);
+ }
+ PrivateKey privateKey = this.getPrivateKeyV3();
+ String postStr = null;
+ try {
+ postStr = this.createAuthorization(
+ "GET",
+ urlparm,
+ "",
+ privateKey
+ );
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ }
+ return this.sendGet(baseUrl+canonicalUrl, params, "WECHATPAY2-SHA256-RSA2048 "+postStr);
+ }
+
+ /**
+ * 验证签名
+ *
+ * @param timestamp 微信平台传入的时间戳
+ * @param nonce 微信平台传入的随机字符串
+ * @param requestBody 微信平台传入的消息体
+ * @param signature 微信平台传入的签名
+ * @return
+ * @throws NoSuchAlgorithmException
+ * @throws SignatureException
+ * @throws IOException
+ * @throws InvalidKeyException
+ */
+ public boolean signCheck(String timestamp, String nonce, Map<String, Object> requestBody, String signature) throws
+ NoSuchAlgorithmException,
+ SignatureException,
+ IOException,
+ InvalidKeyException,
+ ParseException {
+ //构造验签名串
+ String signatureStr = timestamp + "\n" + nonce + "\n" + com.alibaba.fastjson.JSONObject.toJSONString(requestBody) + "\n";
+ // 加载SHA256withRSA签名器
+ Signature signer = Signature.getInstance("SHA256withRSA");
+ // 用微信平台公钥对签名器进行初始化(调上一节中的获取平台证书方法)
+ signer.initVerify(getCertificates());
+ // 把我们构造的验签名串更新到签名器中
+ signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));
+ // 把请求头中微信服务器返回的签名用Base64解码 并使用签名器进行验证
+ boolean result = signer.verify(Base64Utils.decodeFromString(signature));
+ return result;
+ }
+
+
+ /**
+ * 获取平台证书
+ */
+ public X509Certificate getCertificates() throws IOException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, ParseException {
+ JCEUtil.removeCryptographyRestrictions();
+ SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
+
+ PrivateKey privateKey = this.getPrivateKeyV3();
+ String baseUrl = "https://api.mch.weixin.qq.com";
+ String canonicalUrl = "/v3/certificates";
+ String postStr = null;
+ try {
+ postStr = this.createAuthorization(
+ "GET",
+ baseUrl+canonicalUrl,
+ "",
+ privateKey
+
+ );
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ }
+ //完成签名并执行请求
+ X509Certificate x509Certificate = null;
+ try {
+ String responseBodyAsString = this.sendGet(baseUrl + canonicalUrl, new HashMap<>(), "WECHATPAY2-SHA256-RSA2048 "+postStr);
+ FPCertificateVo certificateVo = com.alibaba.fastjson.JSONObject.parseObject(responseBodyAsString, FPCertificateVo.class);
+ for (FPCertificates certificates : certificateVo.getData()) {
+ if (format.parse(certificates.getEffective_time()).before(new Date())
+ && format.parse(certificates.getExpire_time()).after(new Date())) {
+ FPEncryptCertificate encrypt_certificate = certificates.getEncrypt_certificate();
+ //解密
+ AesUtil aesUtil = new AesUtil(xcxProperties.getWecharpaySecretV3().getBytes("utf-8"));
+ String pulicKey = aesUtil.decryptToString(
+ encrypt_certificate.getAssociated_data().getBytes("utf-8"),
+ encrypt_certificate.getNonce().getBytes("utf-8"),
+ encrypt_certificate.getCiphertext());
+ //获取平台证书
+ final CertificateFactory cf = CertificateFactory.getInstance("X509");
+
+ ByteArrayInputStream inputStream = new ByteArrayInputStream(pulicKey.getBytes(StandardCharsets.UTF_8));
+
+ x509Certificate = (X509Certificate) cf.generateCertificate(inputStream);
+ }
+ }
+ return x509Certificate;
+ } catch (GeneralSecurityException | ParseException e) {
+ e.printStackTrace();
+ }
+ return null;
+ }
+
+ public static void main(String[] args) throws UnsupportedEncodingException, GeneralSecurityException {
+ String signature = "WECHATPAY/SIGNTEST/9WwfXW/noMdzDPcOrFD51Bf5YIThXLTtLCl5hoGlSfIBdY2UpE+5eHLs0XyF7y2cQc4OlzTzDDxSMTp/p/8ZenE2hMBaQjxVrdbTtrOLA1h13/WjCNaTr1URTqQ5+IF5bLCxAW8BmZ0jEqpmI/HYR3wdK8/7W91c1zfKODYgkvJzxFzd8OWi2GtELE5tLamkOLyb0GEcsGww2DUOypO5HjNyITgsy9R00w3OH92UInCD8Z6c5BAsQNySqFK8N52y38AlIWTtKROHmJtu+kHbt+nMOU0kbB5bZcPAptsnVYpp9KMmjMrmyjiKtHZb2TGIWiN/L+bgceyN3g==";
+ if(signature.contains("WECHATPAY/SIGNTEST")){
+ System.out.println(1);
+ }
+
+// JCEUtil.removeCryptographyRestrictions();
+// String body = "{\"id\":\"5fb7f522-466f-5c99-a325-0eb4001f1ec3\",\"create_time\":\"2024-01-17T15:38:33+08:00\",\"resource_type\":\"encrypt-resource\",\"event_type\":\"FAPIAO.USER_APPLIED\",\"summary\":\"用户已申请开票\",\"resource\":{\"original_type\":\"fapiao\",\"algorithm\":\"AEAD_AES_256_GCM\",\"ciphertext\":\"bBOs5WTUV1AhwiYSIUugaw9z4EHXxC28ZVsGHOppCNP4qpxYgnR+W+l983UyETmD/Wgu8ukJhe/xYkSsF947pgDP1ElTXC8MJA3lCc8NlsXQ1csPfWTS6A0XrxBoNMgwGEsYFo/7tPW/zDrEpzRZL/GgEwEtK6X1Y4Ci9IofzeI=\",\"associated_data\":\"fapiao\",\"nonce\":\"7a5dzuYqStef\"}}";
+// JSONObject jsonObject = JSONUtil.parseObj(body);
+// log.info("微信电子发票回调接口....解析请求体:"+jsonObject);
+//
+// String id = jsonObject.getStr("id");//可能是支付业务的回调数据
+// String create_time = jsonObject.getStr("create_time");//可能是支付业务的回调数据
+// String resource_type = jsonObject.getStr("resource_type");//可能是支付业务的回调数据
+// String event_type = jsonObject.getStr("event_type");//可能是支付业务的回调数据
+// String resource = jsonObject.getStr("resource");//可能是支付业务的回调数据
+// log.info("微信电子发票回调接口....id:"+ id);
+// log.info("微信电子发票回调接口....create_time:"+ create_time);
+// log.info("微信电子发票回调接口....resource_type:"+ resource_type);
+// log.info("微信电子发票回调接口....event_type:"+ event_type);
+// log.info("微信电子发票回调接口....resource:"+ resource);
+//
+// if ("FAPIAO.USER_APPLIED".equals(event_type)//用户发票抬头填写完成类型:FAPIAO.USER_APPLIED
+// && !"encryptresource".equals(resource_type)) {//通知的资源数据类型,确认成功通知为encryptresource。
+// //解密
+// AesUtil aesUtil = new AesUtil("daL341aN5orDt13puXadsAf2rpuX12v3".getBytes("utf-8"));
+// JSONObject jsonObjectResource = JSONUtil.parseObj(resource);
+//// String original_type = jsonObjectResource.getStr("original_type");//可能是支付业务的回调数据
+//// String algorithm = jsonObjectResource.getStr("algorithm");//可能是支付业务的回调数据
+// String ciphertext = jsonObjectResource.getStr("ciphertext");//可能是支付业务的回调数据
+// String associated_data = jsonObjectResource.getStr("associated_data");//可能是支付业务的回调数据
+// String nonce = jsonObjectResource.getStr("nonce");//可能是支付业务的回调数据
+// String decryptToString = aesUtil.decryptToString(
+// associated_data.getBytes("utf-8"),
+// nonce.getBytes("utf-8"),
+// ciphertext);
+// log.info("微信电子发票回调接口....resource解密:"+decryptToString);
+//
+// JSONObject parseObj = JSONUtil.parseObj(decryptToString);
+// log.info("微信电子发票回调接口....resource解密-JSONObject:"+parseObj);
+// String fapiao_apply_id = parseObj.getStr("fapiao_apply_id");
+// log.info("微信电子发票回调接口....resource解密-fapiao_apply_id:"+fapiao_apply_id);
+//
+// }
}
}
--
Gitblit v1.9.1