From ecb82d98e523ffa025286ffa617096dfe18c0398 Mon Sep 17 00:00:00 2001
From: liurunyu <lry9898@163.com>
Date: 星期一, 19 八月 2024 21:00:51 +0800
Subject: [PATCH] 把微信证书文件放入resources/wxCert文件夹中,读取证书文件类是pipIrrGlobal模块的WxCertUtil类。
---
pipIrr-platform/pipIrr-global/src/main/resources/wxCert/wxp_cert.pem | 24 ++++
pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/config/RestTemplateWechatCertConfig.java | 14 +
pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_key.pem | 28 ++++
pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PayInfo.java | 7 -
pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/ClientCtrl.java | 1
pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/util/PayHelper.java | 50 ++++++--
pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/util/PayHelper.java | 80 +++++++++++--
pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PaymentCtrl.java | 23 ++-
pipIrr-platform/pipIrr-global/src/main/java/com/dy/pipIrrGlobal/cert/WxCertUtil.java | 32 +++++
pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.pem | 25 ++++
pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PayInfo.java | 8 -
pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PaymentCtrl.java | 22 ++-
pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/PayInfo.java | 7 -
pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.p12 | 0
14 files changed, 252 insertions(+), 69 deletions(-)
diff --git a/pipIrr-platform/pipIrr-global/src/main/java/com/dy/pipIrrGlobal/cert/WxCertUtil.java b/pipIrr-platform/pipIrr-global/src/main/java/com/dy/pipIrrGlobal/cert/WxCertUtil.java
new file mode 100644
index 0000000..c399d3c
--- /dev/null
+++ b/pipIrr-platform/pipIrr-global/src/main/java/com/dy/pipIrrGlobal/cert/WxCertUtil.java
@@ -0,0 +1,32 @@
+package com.dy.pipIrrGlobal.cert;
+
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import java.io.InputStream;
+
+/**
+ * @Author: liurunyu
+ * @Date: 2024/8/19 19:58
+ * @Description
+ */
+public class WxCertUtil {
+
+ public static final String cert_p12 = "classpath:wxCert/apiclient_cert.p12" ;//璇佷功pkcs12鏍煎紡
+ public static final String cert_pem = "classpath:wxCert/apiclient_cert.pem" ;//璇佷功pem鏍煎紡
+ public static final String key_pem = "classpath:wxCert/apiclient_key.pem" ;//璇佷功瀵嗛挜pem鏍煎紡
+ public static final String wxp_cert_pem = "classpath:wxCert/wxp_cert.pem" ;
+
+ public static InputStream getCert_p12InputStream(ResourceLoader resourceLoader) throws Exception{
+ Resource resource = resourceLoader.getResource(cert_p12);
+ InputStream in = resource.getInputStream() ;
+ return in ;
+ }
+
+ public static byte[] getKey_pemBytes(ResourceLoader resourceLoader) throws Exception{
+ Resource resource = resourceLoader.getResource(key_pem);
+ InputStream in = resource.getInputStream() ;
+ byte[] bs = new byte[in.available()] ;
+ return bs ;
+ }
+
+}
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.p12 b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.p12
new file mode 100644
index 0000000..51169eb
--- /dev/null
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.p12
Binary files differ
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.pem b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.pem
new file mode 100644
index 0000000..c140e35
--- /dev/null
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEKDCCAxCgAwIBAgIUUtZapmQFxzhnA3f0ZxePTJUOFgYwDQYJKoZIhvcNAQEL
+BQAwXjELMAkGA1UEBhMCQ04xEzARBgNVBAoTClRlbnBheS5jb20xHTAbBgNVBAsT
+FFRlbnBheS5jb20gQ0EgQ2VudGVyMRswGQYDVQQDExJUZW5wYXkuY29tIFJvb3Qg
+Q0EwHhcNMjMwNDEyMDgzNjQ1WhcNMjgwNDEwMDgzNjQ1WjCBgTETMBEGA1UEAwwK
+MTY0MDcyMTUyMDEbMBkGA1UECgwS5b6u5L+h5ZWG5oi357O757ufMS0wKwYDVQQL
+DCTlpKfnprnoioLmsLTnp5HmioDnoJTnqbbmnInpmZDlhazlj7gxCzAJBgNVBAYM
+AkNOMREwDwYDVQQHDAhTaGVuWmhlbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAL+whdzpweaD3UKZaPpz1mJg29sPrf7+m/DCQpKlVpryEQ15dkBtvugV
+mhzGNoYHZK7Xw55WKhdPMheGWNeeqRSZIPLdz99jTCYKtFjtXyMqB9laod/I4fT1
+zd+sOPnehaFoMKSsJ3+vNIVlgmN27/EUbbGGgupT8AcrhO9KkrRF+dd5LZMyDfcB
+ad8VHzt6nw+MP5LSAUQxWN/Up1/MvTbveAyaokH+p3dRQSB0nhWKq+Br8Vy+mWzk
+qwnqlNoQwYyq5tLGuNMipGUaIKRBTp/zXaF29GL69PYLxsgpvwA/ZtGG1ooKtQAI
+DG/6VrErkzkonxpfb23clwW3CHf0dGsCAwEAAaOBuTCBtjAJBgNVHRMEAjAAMAsG
+A1UdDwQEAwID+DCBmwYDVR0fBIGTMIGQMIGNoIGKoIGHhoGEaHR0cDovL2V2Y2Eu
+aXRydXMuY29tLmNuL3B1YmxpYy9pdHJ1c2NybD9DQT0xQkQ0MjIwRTUwREJDMDRC
+MDZBRDM5NzU0OTg0NkMwMUMzRThFQkQyJnNnPUhBQ0M0NzFCNjU0MjJFMTJCMjdB
+OUQzM0E4N0FEMUNERjU5MjZFMTQwMzcxMA0GCSqGSIb3DQEBCwUAA4IBAQCpCiju
+jkR5m9DJcu0sqzguxyIgoMLDNTTnNkTumEvXs0Pc3lQyP5P4UhqZ0DGkc6n/YuJi
++cB3aFLbl/aGqflfZTB4l+xdo3ZnAsfr6SIQllJCjPlujPtKb5JxOr4z6KwMnEXR
+yh6V6zohZZ4BhSgMmQ1JFaArmYe5BCuXY8vaweNNarpnAxVLNYI3bF+0nn3Fd2k7
+GK6niXfCsCZySwWfXGPcqsHvPB5WZUXWfgJtt8LOnpDDBYw4DN0XJd3Qmu+RZpsd
+N1bdIWeWF/4zFKbfsiJ2nSznBVuoTsvbCXlZ+2Xi0RVUeVvnVusJrK9TpL88iAa9
+Dfoi2opn4mIKVVKe
+-----END CERTIFICATE-----
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_key.pem b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_key.pem
new file mode 100644
index 0000000..f56647f
--- /dev/null
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/apiclient_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC/sIXc6cHmg91C
+mWj6c9ZiYNvbD63+/pvwwkKSpVaa8hENeXZAbb7oFZocxjaGB2Su18OeVioXTzIX
+hljXnqkUmSDy3c/fY0wmCrRY7V8jKgfZWqHfyOH09c3frDj53oWhaDCkrCd/rzSF
+ZYJjdu/xFG2xhoLqU/AHK4TvSpK0RfnXeS2TMg33AWnfFR87ep8PjD+S0gFEMVjf
+1KdfzL0273gMmqJB/qd3UUEgdJ4Viqvga/Fcvpls5KsJ6pTaEMGMqubSxrjTIqRl
+GiCkQU6f812hdvRi+vT2C8bIKb8AP2bRhtaKCrUACAxv+laxK5M5KJ8aX29t3JcF
+twh39HRrAgMBAAECggEATS3yx96qfnirVoxUEzsen1+mRc5LXTcAbHCaw1akxyAd
+s5IrBYfqbKF9+oXoIBDL/gXLsm245sexQH2MOcydATkiZgbfEm91kn+O25s/SfY7
+UM1IDcVhDPMHID7Edf6dST6dD0BtauCNQgR7+jZCJ4v1GpwxC84d/5ULIhmhdclg
+hoiD3PuAlhA3Phwv61fgDgpmPyDbVBEOy8GcFHbb7S4ZkLPPkZhZOUu+XG9bzz8Q
+txhkk6unOV0gyu9aBqVdbg0XUxWKZ0YZf3utgiUo6j2KEVtQAMRw0QD7W2aXfiJC
+MMCTpfljS0dLJgjekjQW1ad+ZOMkszLCrNvwEJLAgQKBgQDgtpdDMgw+pmolE6yW
+oD21SjbZ3XpCXh86LiTgd3E+VCZyNtuhj4b0ydRpZbNJUjW8pS64Gzz7KR3rnlBT
+CxaoK6VebLv5t2QhDmojmmWrktS5hbPFnDOkfXwU/KTG3yTUZeGprXvjYUWccUoV
+vIbnVyQn+UCTrlGjoGP8arSbwQKBgQDaYN/zsrJw2mV8cMyvOVH4x76ygJVqT1c3
+kjhNMtGjxYPLKSOAICqAvwnXbVGODj/4KkeKL+8pYzxXUekzV91kFBJut2R2qs+c
+F4IKgZmipkvRsDIKhTDByHUH1gleulrhtnekHC580gcNxW25FPuC6jZU9MTFn/qA
+r5/HaC0LKwKBgHrsJu6BECWtTt8dVgnHejoTcNHYz6pCZn6jA1UuwWnBCo7r51UH
+eGGrjmBhW6O+LtsU2OupKsCRi2Z6YaIrrKctyPZQMLu3UDSs9+6l5PvoBCnAM8jj
+W3SdmCS610BajIELglgZKG4HpdagOlCNopYmGwcq1+JxNwN1F3zauhWBAoGAFQTm
+CWrVyg77XbLtwJ/fx/ZR4JSHzSe92Vd1m9icXQsR2GgpRpfR/3pj1BxtkSLF/Xj0
+UdSzTGSE1lLIA20dnhhgfc+hF9rxCLEqjyBSTVl8Sr6O0nxnaP+GZC6x0DBXtwn9
+Egq0XsdIbobmPL5MRxmMCTlWBz+SuPguhN7+FukCgYBgix+SSUqn+8ZfrBQGk3vG
+E3XJ43Q6sAKNUSibv5cGaYPu58hPTIMQ2bqBk+tcMzZcnFVlv5yuTvBQFBpNEFVE
+FXVFO+oRZEiCYiNxJBYfAuXRQuPvqtBpDmD12vwPlctqu4/XBsYGMnQg5+LCKsYH
+nT+8fuGVLh21vzZelPXaNA==
+-----END PRIVATE KEY-----
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/wxp_cert.pem b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/wxp_cert.pem
new file mode 100644
index 0000000..459f3b5
--- /dev/null
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/wxCert/wxp_cert.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEFDCCAvygAwIBAgIUaIg43HtGZi3HO77mPqwzd6yjzIMwDQYJKoZIhvcNAQEL
+BQAwXjELMAkGA1UEBhMCQ04xEzARBgNVBAoTClRlbnBheS5jb20xHTAbBgNVBAsT
+FFRlbnBheS5jb20gQ0EgQ2VudGVyMRswGQYDVQQDExJUZW5wYXkuY29tIFJvb3Qg
+Q0EwHhcNMjMwNDEyMDgzNjQ1WhcNMjgwNDEwMDgzNjQ1WjBuMRgwFgYDVQQDDA9U
+ZW5wYXkuY29tIHNpZ24xEzARBgNVBAoMClRlbnBheS5jb20xHTAbBgNVBAsMFFRl
+bnBheS5jb20gQ0EgQ2VudGVyMQswCQYDVQQGDAJDTjERMA8GA1UEBwwIU2hlblpo
+ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuUv41FcXIwC2nEMC4
+V791Dn4ZTRuSUA0bcGZcPpHudDoqYLbZWcoQ+rYf0l4GKueLNxGAHcr/Lufbq79M
+2MTLllJUm20XWWp1iGxJs+p2xGDEIc9udQpkGwwoMz9/+dvaEEZjhhAo/esoO2mN
+DbJQ2H0K1LwAxro+TNfmu65p37KQYP5lIbhjwXaCBQp9RCh/xLmJHN6Rj0fuHqBl
+fhV/8iZMh7/diHUth7JyrllEVvfDy74jnmX1pFzFHw+sBk9NAxKjh81qAUNypLx8
+d4xgJBbzdBp5Vm4gb4ie/XMZmwoFIeiLwt8zkTjIN3ZW+YOicSh4u3jvDMkcrRVw
+S+O5AgMBAAGjgbkwgbYwCQYDVR0TBAIwADALBgNVHQ8EBAMCA/gwgZsGA1UdHwSB
+kzCBkDCBjaCBiqCBh4aBhGh0dHA6Ly9ldmNhLml0cnVzLmNvbS5jbi9wdWJsaWMv
+aXRydXNjcmw/Q0E9MUJENDIyMEU1MERCQzA0QjA2QUQzOTc1NDk4NDZDMDFDM0U4
+RUJEMiZzZz1IQUNDNDcxQjY1NDIyRTEyQjI3QTlEMzNBODdBRDFDREY1OTI2RTE0
+MDM3MTANBgkqhkiG9w0BAQsFAAOCAQEAPLa6Qqk3gIZZgo7t9NfiKpjjh/Vnw+lD
+M3tdAfZKRn7uSmGfLQ3RbM62VZ7O9S4EgAwY16UN+XZVqwRsjNyv/gn886VgIgsX
+CHg1VcWX597w0x+nrwBxj4Mt9INDwpW3t4wzLWcM7kEB+fUIBKB/L8+5atGOMhZt
+cI5K+WLAMRHk1XcBGMSY4nYGI7smBAI/FIshmHqmgkkcynpstqmroF79QJA1wiFJ
+bRjdmgVqBn4lqzzb4x6tOtnNRrGq0IDqtrywkz9xkt+KCKHeUbSY4YbpvYvkSDki
+/Ej/iy6DPzmg5+pHFVENCijEchBhvElmGyfYR5jTI+/0+Yz8ftBWwg==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/config/RestTemplateWechatCertConfig.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/config/RestTemplateWechatCertConfig.java
index 5a3c7d4..2f7c259 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/config/RestTemplateWechatCertConfig.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/config/RestTemplateWechatCertConfig.java
@@ -1,10 +1,13 @@
package com.dy.pipIrrSell.config;
+import com.dy.pipIrrGlobal.cert.WxCertUtil;
import com.dy.pipIrrSell.wechatpay.PayInfo;
import okhttp3.OkHttpClient;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.ResourceLoader;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.OkHttp3ClientHttpRequestFactory;
@@ -12,8 +15,7 @@
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
-import java.io.File;
-import java.io.FileInputStream;
+import java.io.InputStream;
import java.security.KeyStore;
/**
@@ -25,16 +27,18 @@
@Configuration
public class RestTemplateWechatCertConfig {
+
String mchid = PayInfo.mchid;
+ @Autowired
+ private ResourceLoader resourceLoader;
@Bean
@ConfigurationProperties(prefix = "org.liurb.core.rest-template.config.connection")
public ClientHttpRequestFactory wechatHttpRequestFactory() throws Exception {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
- //InputStream cp = this.getClass().getResourceAsStream("apiclient_cert.p12");
- FileInputStream instream = new FileInputStream(new File("C:\\webchat\\apiclient_cert.p12"));
- keyStore.load(instream, mchid.toCharArray());
+ InputStream in = WxCertUtil.getCert_p12InputStream(resourceLoader);
+ keyStore.load(in, mchid.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, mchid.toCharArray());
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/util/PayHelper.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/util/PayHelper.java
index 6385700..c001dc1 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/util/PayHelper.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/util/PayHelper.java
@@ -5,6 +5,7 @@
import com.alibaba.fastjson2.JSONObject;
import com.dy.common.webUtil.BaseResponse;
import com.dy.common.webUtil.BaseResponseUtils;
+import com.dy.pipIrrGlobal.cert.WxCertUtil;
import com.dy.pipIrrGlobal.pojoSe.SeVirtualCard;
import com.dy.pipIrrGlobal.voSe.VoOrders;
import com.dy.pipIrrSell.result.SellResultCode;
@@ -15,14 +16,13 @@
import com.dy.pipIrrSell.wechatpay.dto.RefundResponse;
import com.dy.pipIrrSell.wechatpay.dto.ToRefund;
import lombok.RequiredArgsConstructor;
+import org.springframework.core.io.ResourceLoader;
import org.springframework.stereotype.Component;
import javax.crypto.NoSuchPaddingException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-import java.nio.file.Paths;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
@@ -50,7 +50,6 @@
private String resetUserSessionKeyUrl = PayInfo.resetUserSessionKeyUrl;
private String notifyUrl = PayInfo.notifyUrl;
private String schema = PayInfo.schema;
- private String privateCertFileName = PayInfo.privateCertFileName;
private String refundUrl = PayInfo.refundUrl;
// 骞冲彴璇佷功鍏挜
@@ -75,9 +74,31 @@
* @param filename 绉侀挜鏂囦欢璺緞
* @return 绉侀挜瀵硅薄
* @throws IOException
- */
+
public PrivateKey getPrivateKey(String filename) throws IOException {
String content = new String(Files.readAllBytes(Paths.get(filename)), "utf-8");
+ try {
+ String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
+ .replace("-----END PRIVATE KEY-----", "")
+ .replaceAll("\\s+", "");
+ KeyFactory kf = KeyFactory.getInstance("RSA");
+ return kf.generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException("褰撳墠Java鐜涓嶆敮鎸丷SA", e);
+ } catch (InvalidKeySpecException e) {
+ throw new RuntimeException("鏃犳晥鐨勫瘑閽ユ牸寮�");
+ }
+ }
+ */
+
+ /**
+ * 鑾峰彇鍟嗘埛璇佷功绉侀挜瀵硅薄
+ * @param bs 绉侀挜鏂囦欢鍐呭
+ * @return 绉侀挜瀵硅薄
+ * @throws IOException
+ */
+ public PrivateKey getPrivateKey(byte[] bs) throws IOException {
+ String content = new String(bs, "utf-8");
try {
String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
@@ -213,10 +234,25 @@
* @throws InvalidKeyException
* @throws SignatureException
* @throws IOException
- */
public String sign(byte[] message, String certFileName) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException {
Signature sign = Signature.getInstance("SHA256withRSA");
sign.initSign(getPrivateKey(certFileName));
+ sign.update(message);
+ return Base64.getEncoder().encodeToString(sign.sign());
+ }*/
+ /**
+ * 绛惧悕
+ * @param message 琚鍚嶄俊鎭�
+ * @param certFileBs 绉侀挜璇佷功鏂囦欢鍐呭
+ * @return signature绛惧悕鍊硷紝绛惧悕淇℃伅涓殑涓�椤癸紝鍙備笌鐢熸垚绛惧悕淇℃伅
+ * @throws NoSuchAlgorithmException
+ * @throws InvalidKeyException
+ * @throws SignatureException
+ * @throws IOException
+ */
+ public String sign(byte[] message, byte[] certFileBs) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException {
+ Signature sign = Signature.getInstance("SHA256withRSA");
+ sign.initSign(getPrivateKey(certFileBs));
sign.update(message);
return Base64.getEncoder().encodeToString(sign.sign());
}
@@ -229,10 +265,30 @@
* @return 绛惧悕淇℃伅锛孒TTP澶翠腑鐨勭鍚嶄俊鎭�
* HTTP澶达細Authorization: 璁よ瘉绫诲瀷 绛惧悕淇℃伅
* 璁よ瘉绫诲瀷锛學ECHATPAY2-SHA256-RSA2048
- */
public String getToken(String method, String url, String body, String nonceStr, Long timestamp, String certFileName) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, NoSuchPaddingException {
String message = buildMessage_order(method, url, timestamp, nonceStr, body);
String signature = sign(message.getBytes("utf-8"), certFileName);
+
+ return "mchid=\"" + PayInfo.mchid + "\","
+ + "nonce_str=\"" + nonceStr + "\","
+ + "timestamp=\"" + timestamp + "\","
+ + "serial_no=\"" + PayInfo.serial_no + "\","
+ + "signature=\"" + signature + "\"";
+ }
+ */
+
+ /**
+ * 鑾峰彇绛惧悕淇℃伅
+ * @param method
+ * @param url
+ * @param body
+ * @return 绛惧悕淇℃伅锛孒TTP澶翠腑鐨勭鍚嶄俊鎭�
+ * HTTP澶达細Authorization: 璁よ瘉绫诲瀷 绛惧悕淇℃伅
+ * 璁よ瘉绫诲瀷锛學ECHATPAY2-SHA256-RSA2048
+ */
+ public String getToken(String method, String url, String body, String nonceStr, Long timestamp, byte[] certFileBs) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, NoSuchPaddingException {
+ String message = buildMessage_order(method, url, timestamp, nonceStr, body);
+ String signature = sign(message.getBytes("utf-8"), certFileBs);
return "mchid=\"" + PayInfo.mchid + "\","
+ "nonce_str=\"" + nonceStr + "\","
@@ -258,13 +314,13 @@
/**
* 閲嶆柊涓嬭浇璇佷功
*/
- public void refreshCertificate() throws GeneralSecurityException, IOException {
+ public void refreshCertificate(byte[] keyPemBs) throws GeneralSecurityException, IOException, Exception {
String method = "GET";
String httpUrl = "/v3/certificates";
String nonceStr = generateRandomString();
Long timestamp = System.currentTimeMillis() / 1000;
- String header = PayInfo.schema + " " + getToken(method, httpUrl, "", nonceStr, timestamp, PayInfo.privateCertFileName);
+ String header = PayInfo.schema + " " + getToken(method, httpUrl, "", nonceStr, timestamp, keyPemBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -329,10 +385,10 @@
* @throws InvalidKeyException
* @throws SignatureException
*/
- public Boolean responseSignVerify(String wechatpaySerial, String signatureStr, String wechatpaySignature) throws GeneralSecurityException, IOException {
+ public Boolean responseSignVerify(String wechatpaySerial, String signatureStr, String wechatpaySignature, byte[] keyPemBs) throws GeneralSecurityException, IOException, Exception {
if(CERTIFICATE_MAP.isEmpty() || !CERTIFICATE_MAP.containsKey(wechatpaySerial)) {
CERTIFICATE_MAP.clear();
- refreshCertificate();
+ refreshCertificate(keyPemBs);
}
Certificate certificate = (Certificate)CERTIFICATE_MAP.get(wechatpaySerial);
if(certificate == null) {
@@ -456,7 +512,7 @@
* @throws SignatureException
* @throws InvalidKeyException
*/
- public BaseResponse<Boolean> refunds(Refund po) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException {
+ public BaseResponse<Boolean> refunds(Refund po, ResourceLoader resourceLoader) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, Exception {
String tradeNo = po.getTradeNo();
String refundNo = po.getRefundNo();
Integer refund = po.getRefund();
@@ -482,7 +538,7 @@
String httpUrl = "/v3/refund/domestic/refunds";
String body = JSONObject.toJSONString(refundRequest);
- String header = schema + " " + getToken(method, httpUrl, body, nonceStr, timestamp, privateCertFileName);
+ String header = schema + " " + getToken(method, httpUrl, body, nonceStr, timestamp, WxCertUtil.getKey_pemBytes(resourceLoader));
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PayInfo.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PayInfo.java
index 539ca81..f43fdf4 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PayInfo.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PayInfo.java
@@ -142,13 +142,6 @@
*/
public static String schema = "WECHATPAY2-SHA256-RSA2048";
- /**
- * 绉侀挜鏂囦欢璺緞
- */
- public static String privateCertFileName = "C:\\webchat\\apiclient_key.pem";
-
- public static String publicCertFileName = "C:\\webchat\\wxp_cert.pem";
-
/*
* 寰俊璁㈠崟鍙凤紝浼樺厛浣跨敤
*/
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PaymentCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PaymentCtrl.java
index 4314bed..ce1fb29 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PaymentCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sell/src/main/java/com/dy/pipIrrSell/wechatpay/PaymentCtrl.java
@@ -6,6 +6,7 @@
import com.dy.common.webUtil.BaseResponse;
import com.dy.common.webUtil.BaseResponseUtils;
import com.dy.common.webUtil.ResultCodeMsg;
+import com.dy.pipIrrGlobal.cert.WxCertUtil;
import com.dy.pipIrrGlobal.pojoSe.*;
import com.dy.pipIrrGlobal.voSe.VoClient;
import com.dy.pipIrrSell.client.ClientSv;
@@ -33,6 +34,7 @@
import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.io.ResourceLoader;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.transaction.annotation.Transactional;
@@ -66,13 +68,15 @@
@RequestMapping(path="payment")
@RequiredArgsConstructor
public class PaymentCtrl {
+ private final ResourceLoader resourceLoader;
+
private final PaymentSv paymentSv;
private final RestTemplateUtil restTemplateUtil;
private final PayHelper payHelper;
private final VirtualCardSv virtualCardSv;
private final ClientSv clientSv;
- private final String privateCertFileName = PayInfo.privateCertFileName;
+ //private final String privateCertFileName = PayInfo.privateCertFileName;
private final String appid = PayInfo.appid;
private final String secret = PayInfo.secret;
private final String mchid = PayInfo.mchid;
@@ -171,7 +175,8 @@
String nonceStr = payHelper.generateRandomString();
Long timestamp = System.currentTimeMillis() / 1000;
- String header = schema + " " + payHelper.getToken(method, httpUrl, "", nonceStr, timestamp, privateCertFileName);
+ byte[] keyPemBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
+ String header = schema + " " + payHelper.getToken(method, httpUrl, "", nonceStr, timestamp, keyPemBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -189,7 +194,7 @@
// 鏋勯�犻獙绛惧悕涓�
String signatureStr = payHelper.responseSign(wechatpayTimestamp, wechatpayNonce, job_body.toJSONString());
// 楠岃瘉绛惧悕
- Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature);
+ Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature, keyPemBs);
return BaseResponseUtils.buildSuccess();
}
@@ -212,7 +217,7 @@
@PostMapping(path = "placeOrder")
@Transactional(rollbackFor = Exception.class)
@SsoAop()
- public BaseResponse<Boolean> placeOrder(@RequestBody @Valid DtoOrder order, BindingResult bindingResult) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException {
+ public BaseResponse<Boolean> placeOrder(@RequestBody @Valid DtoOrder order, BindingResult bindingResult) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, Exception {
if(bindingResult != null && bindingResult.hasErrors()){
return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
@@ -273,7 +278,7 @@
String httpUrl = "/v3/pay/transactions/jsapi";
String body = job_body.toJSONString();
- String header = schema + " " + payHelper.getToken(method, httpUrl, body, nonceStr, timestamp, privateCertFileName);
+ String header = schema + " " + payHelper.getToken(method, httpUrl, body, nonceStr, timestamp, WxCertUtil.getKey_pemBytes(resourceLoader));
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -315,7 +320,7 @@
String nonceStr = payHelper.generateRandomString();
String pkg = "prepay_id=" + prepayId;
String message = payHelper.buildMessage_signAgain(appid, timeStamp, nonceStr, pkg);
- String paySign = payHelper.sign(message.getBytes("utf-8"), privateCertFileName);
+ String paySign = payHelper.sign(message.getBytes("utf-8"), WxCertUtil.getKey_pemBytes(resourceLoader));
JSONObject job_result = new JSONObject();
job_result.put("timeStamp", timeStamp);
@@ -348,7 +353,7 @@
@PostMapping(path = "orderNotify", consumes = MediaType.APPLICATION_JSON_VALUE)
@Transactional(rollbackFor = Exception.class)
@SsoAop()
- public JSONObject orderNotify(@RequestHeader HttpHeaders headers, HttpServletRequest request, HttpServletResponse response) throws IOException, GeneralSecurityException {
+ public JSONObject orderNotify(@RequestHeader HttpHeaders headers, HttpServletRequest request, HttpServletResponse response) throws IOException, GeneralSecurityException, Exception {
JSONObject result = new JSONObject();
/**
@@ -386,8 +391,9 @@
// 鏋勯�犻獙绛惧悕涓�
String signatureStr = payHelper.responseSign(wechatpayTimestamp, wechatpayNonce, bodyStr);
+ byte[] keyPemBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
// 楠岃瘉绛惧悕
- Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature);
+ Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature, keyPemBs);
if(!valid) {
response.setStatus(500);
result.put("code", "FAIL");
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/ClientCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/ClientCtrl.java
index 1161ebb..2de7911 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/ClientCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/ClientCtrl.java
@@ -42,7 +42,6 @@
private final ClientSv clientSv;
private final AliyunSmsSv aliyunSmsSv;
private final RestTemplateUtil restTemplateUtil;
- private final String privateCertFileName = PayInfo.privateCertFileName;
private final String appid = PayInfo.appid;
private final String secret = PayInfo.secret;
private final String mchid = PayInfo.mchid;
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/PayInfo.java b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/PayInfo.java
index fe36705..ecb3ac5 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/PayInfo.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/client/PayInfo.java
@@ -142,13 +142,6 @@
*/
public static String schema = "WECHATPAY2-SHA256-RSA2048";
- /**
- * 绉侀挜鏂囦欢璺緞
- */
- public static String privateCertFileName = "C:\\webchat\\apiclient_key.pem";
-
- public static String publicCertFileName = "C:\\webchat\\wxp_cert.pem";
-
/*
* 寰俊璁㈠崟鍙凤紝浼樺厛浣跨敤
*/
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/util/PayHelper.java b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/util/PayHelper.java
index 3aa2522..ea8ed6a 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/util/PayHelper.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/util/PayHelper.java
@@ -51,7 +51,6 @@
private String resetUserSessionKeyUrl = PayInfo.resetUserSessionKeyUrl;
private String notifyUrl = PayInfo.notifyUrl;
private String schema = PayInfo.schema;
- private String privateCertFileName = PayInfo.privateCertFileName;
private String refundUrl = PayInfo.refundUrl;
// 骞冲彴璇佷功鍏挜
@@ -73,12 +72,25 @@
/**
* 鑾峰彇鍟嗘埛璇佷功绉侀挜瀵硅薄
- * @param filename 绉侀挜鏂囦欢璺緞
+ * @param certFileBs 绉侀挜鏂囦欢鍐呭
* @return 绉侀挜瀵硅薄
* @throws IOException
- */
public PrivateKey getPrivateKey(String filename) throws IOException {
String content = new String(Files.readAllBytes(Paths.get(filename)), "utf-8");
+ try {
+ String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
+ .replace("-----END PRIVATE KEY-----", "")
+ .replaceAll("\\s+", "");
+ KeyFactory kf = KeyFactory.getInstance("RSA");
+ return kf.generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException("褰撳墠Java鐜涓嶆敮鎸丷SA", e);
+ } catch (InvalidKeySpecException e) {
+ throw new RuntimeException("鏃犳晥鐨勫瘑閽ユ牸寮�");
+ }
+ }*/
+ public PrivateKey getPrivateKey(byte[] certFileBs) throws IOException {
+ String content = new String(certFileBs, "utf-8");
try {
String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
@@ -208,16 +220,21 @@
/**
* 绛惧悕
* @param message 琚鍚嶄俊鎭�
- * @param certFileName 绉侀挜璇佷功鏂囦欢璺緞
+ * @param certBs 绉侀挜璇佷功鏂囦欢鍐呭
* @return signature绛惧悕鍊硷紝绛惧悕淇℃伅涓殑涓�椤癸紝鍙備笌鐢熸垚绛惧悕淇℃伅
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws SignatureException
* @throws IOException
- */
public String sign(byte[] message, String certFileName) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException {
Signature sign = Signature.getInstance("SHA256withRSA");
sign.initSign(getPrivateKey(certFileName));
+ sign.update(message);
+ return Base64.getEncoder().encodeToString(sign.sign());
+ }*/
+ public String sign(byte[] message, byte[] certBs) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, Exception {
+ Signature sign = Signature.getInstance("SHA256withRSA");
+ sign.initSign(getPrivateKey(certBs));
sign.update(message);
return Base64.getEncoder().encodeToString(sign.sign());
}
@@ -230,10 +247,19 @@
* @return 绛惧悕淇℃伅锛孒TTP澶翠腑鐨勭鍚嶄俊鎭�
* HTTP澶达細Authorization: 璁よ瘉绫诲瀷 绛惧悕淇℃伅
* 璁よ瘉绫诲瀷锛學ECHATPAY2-SHA256-RSA2048
- */
public String getToken(String method, String url, String body, String nonceStr, Long timestamp, String certFileName) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, NoSuchPaddingException {
String message = buildMessage_order(method, url, timestamp, nonceStr, body);
String signature = sign(message.getBytes("utf-8"), certFileName);
+
+ return "mchid=\"" + PayInfo.mchid + "\","
+ + "nonce_str=\"" + nonceStr + "\","
+ + "timestamp=\"" + timestamp + "\","
+ + "serial_no=\"" + PayInfo.serial_no + "\","
+ + "signature=\"" + signature + "\"";
+ }*/
+ public String getToken(String method, String url, String body, String nonceStr, Long timestamp, byte[] certFileBs) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, Exception {
+ String message = buildMessage_order(method, url, timestamp, nonceStr, body);
+ String signature = sign(message.getBytes("utf-8"), certFileBs);
return "mchid=\"" + PayInfo.mchid + "\","
+ "nonce_str=\"" + nonceStr + "\","
@@ -259,13 +285,13 @@
/**
* 閲嶆柊涓嬭浇璇佷功
*/
- public void refreshCertificate() throws GeneralSecurityException, IOException {
+ public void refreshCertificate(byte[] certFileBs) throws GeneralSecurityException, IOException , Exception {
String method = "GET";
String httpUrl = "/v3/certificates";
String nonceStr = generateRandomString();
Long timestamp = System.currentTimeMillis() / 1000;
- String header = PayInfo.schema + " " + getToken(method, httpUrl, "", nonceStr, timestamp, PayInfo.privateCertFileName);
+ String header = PayInfo.schema + " " + getToken(method, httpUrl, "", nonceStr, timestamp, certFileBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -330,10 +356,10 @@
* @throws InvalidKeyException
* @throws SignatureException
*/
- public Boolean responseSignVerify(String wechatpaySerial, String signatureStr, String wechatpaySignature) throws GeneralSecurityException, IOException {
+ public Boolean responseSignVerify(String wechatpaySerial, String signatureStr, String wechatpaySignature, byte[] certFileBs) throws Exception {
if(CERTIFICATE_MAP.isEmpty() || !CERTIFICATE_MAP.containsKey(wechatpaySerial)) {
CERTIFICATE_MAP.clear();
- refreshCertificate();
+ refreshCertificate(certFileBs);
}
Certificate certificate = (Certificate)CERTIFICATE_MAP.get(wechatpaySerial);
if(certificate == null) {
@@ -457,7 +483,7 @@
* @throws SignatureException
* @throws InvalidKeyException
*/
- public BaseResponse<Boolean> refunds(Refund po) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException {
+ public BaseResponse<Boolean> refunds(Refund po, byte[] certFileBs) throws SignatureException, InvalidKeyException, Exception{
String tradeNo = po.getTradeNo();
String refundNo = po.getRefundNo();
Integer refund = po.getRefund();
@@ -483,7 +509,7 @@
String httpUrl = "/v3/refund/domestic/refunds";
String body = JSONObject.toJSONString(refundRequest);
- String header = schema + " " + getToken(method, httpUrl, body, nonceStr, timestamp, privateCertFileName);
+ String header = schema + " " + getToken(method, httpUrl, body, nonceStr, timestamp, certFileBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PayInfo.java b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PayInfo.java
index 017b530..9a87cee 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PayInfo.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PayInfo.java
@@ -141,14 +141,6 @@
* HTTP澶磋璇佺被鍨�
*/
public static String schema = "WECHATPAY2-SHA256-RSA2048";
-
- /**
- * 绉侀挜鏂囦欢璺緞
- */
- public static String privateCertFileName = "C:\\webchat\\apiclient_key.pem";
-
- public static String publicCertFileName = "C:\\webchat\\wxp_cert.pem";
-
/*
* 寰俊璁㈠崟鍙凤紝浼樺厛浣跨敤
*/
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PaymentCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PaymentCtrl.java
index 356ac1f..622d58d 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PaymentCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-wechat/src/main/java/com/dy/pipIrrWechat/wechatpay/PaymentCtrl.java
@@ -6,6 +6,7 @@
import com.dy.common.webUtil.BaseResponse;
import com.dy.common.webUtil.BaseResponseUtils;
import com.dy.common.webUtil.ResultCodeMsg;
+import com.dy.pipIrrGlobal.cert.WxCertUtil;
import com.dy.pipIrrGlobal.pojoSe.*;
import com.dy.pipIrrGlobal.voSe.VoClient;
import com.dy.pipIrrWechat.result.WechatResultCode;
@@ -32,13 +33,13 @@
import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.io.ResourceLoader;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
-import javax.crypto.NoSuchPaddingException;
import java.io.BufferedReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
@@ -65,11 +66,11 @@
@RequestMapping(path="payment")
@RequiredArgsConstructor
public class PaymentCtrl {
+ private final ResourceLoader resourceLoader;
private final PaymentSv paymentSv;
private final RestTemplateUtil restTemplateUtil;
private final PayHelper payHelper;
private final VirtualCardSv virtualCardSv;
- private final String privateCertFileName = com.dy.pipIrrWechat.wechatpay.PayInfo.privateCertFileName;
private final String appid = com.dy.pipIrrWechat.wechatpay.PayInfo.appid;
private final String secret = com.dy.pipIrrWechat.wechatpay.PayInfo.secret;
private final String mchid = com.dy.pipIrrWechat.wechatpay.PayInfo.mchid;
@@ -166,7 +167,8 @@
String nonceStr = payHelper.generateRandomString();
Long timestamp = System.currentTimeMillis() / 1000;
- String header = schema + " " + payHelper.getToken(method, httpUrl, "", nonceStr, timestamp, privateCertFileName);
+ byte[] certFileBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
+ String header = schema + " " + payHelper.getToken(method, httpUrl, "", nonceStr, timestamp, certFileBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -184,7 +186,7 @@
// 鏋勯�犻獙绛惧悕涓�
String signatureStr = payHelper.responseSign(wechatpayTimestamp, wechatpayNonce, job_body.toJSONString());
// 楠岃瘉绛惧悕
- Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature);
+ Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature, certFileBs);
return BaseResponseUtils.buildSuccess();
}
@@ -197,7 +199,7 @@
*/
@PostMapping(path = "placeOrder")
@Transactional(rollbackFor = Exception.class)
- public BaseResponse<Boolean> placeOrder(@RequestBody @Valid DtoOrder order, BindingResult bindingResult) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException {
+ public BaseResponse<Boolean> placeOrder(@RequestBody @Valid DtoOrder order, BindingResult bindingResult) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, SignatureException, InvalidKeyException, Exception {
if(bindingResult != null && bindingResult.hasErrors()){
return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
@@ -287,7 +289,8 @@
String httpUrl = "/v3/pay/transactions/jsapi";
String body = job_body.toJSONString();
- String header = schema + " " + payHelper.getToken(method, httpUrl, body, nonceStr, timestamp, privateCertFileName);
+ byte[] certFileBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
+ String header = schema + " " + payHelper.getToken(method, httpUrl, body, nonceStr, timestamp, certFileBs);
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", header);
@@ -328,7 +331,8 @@
String nonceStr = payHelper.generateRandomString();
String pkg = "prepay_id=" + prepayId;
String message = payHelper.buildMessage_signAgain(appid, timeStamp, nonceStr, pkg);
- String paySign = payHelper.sign(message.getBytes("utf-8"), privateCertFileName);
+ byte[] certFileBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
+ String paySign = payHelper.sign(message.getBytes("utf-8"), certFileBs);
JSONObject job_result = new JSONObject();
job_result.put("timeStamp", timeStamp);
@@ -360,7 +364,7 @@
})
@PostMapping(path = "orderNotify", consumes = MediaType.APPLICATION_JSON_VALUE)
@Transactional(rollbackFor = Exception.class)
- public JSONObject orderNotify(@RequestHeader HttpHeaders headers, HttpServletRequest request, HttpServletResponse response) throws IOException, GeneralSecurityException {
+ public JSONObject orderNotify(@RequestHeader HttpHeaders headers, HttpServletRequest request, HttpServletResponse response) throws IOException, GeneralSecurityException, Exception {
JSONObject result = new JSONObject();
/**
@@ -398,8 +402,9 @@
// 鏋勯�犻獙绛惧悕涓�
String signatureStr = payHelper.responseSign(wechatpayTimestamp, wechatpayNonce, bodyStr);
+ byte[] certFileBs = WxCertUtil.getKey_pemBytes(resourceLoader) ;
// 楠岃瘉绛惧悕
- Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature);
+ Boolean valid = payHelper.responseSignVerify(wechatpaySerial, signatureStr, wechatpaySignature, certFileBs);
if(!valid) {
response.setStatus(500);
result.put("code", "FAIL");
--
Gitblit v1.8.0