本篇文章主要解决的问题是:支付宝异步验签失败问题
最近在开发一个安卓app内部带支付宝支付功能,是后端和前端同时开发,在开发过程中遇到个较难解决的问题就是 异步验签
先看下整体流程
在这个流程中需要注意的地方主要两个地方的参数
第一个地方就是图中的1.2 构造支付请求参数时里面的参数
//构造client
AlipayClient alipayClient =
new DefaultAlipayClient(
"https://openapi.alipay.com/gateway.do",
Constant.APP_ID,
Constant.APP_PRIVATE_KEY,
"json",
Constant.CHARSET,
Constant.ALIPAY_PUBLIC_KEY,
"RSA2");
上面代码中主要关注 Constant.ALIPAY_PUBLIC_KEY 这个公钥,这个传的公钥是支付宝公钥,不是应用公钥,我开始一直传的是应用公钥导致出了问题
支付宝公钥如何获取?
https://opendocs.alipay.com/open/291/105971
看下支付宝的文档比较全,
大概流程就是 先通过支付宝工具生成应用公私钥,然后把该应用公钥上传支付宝跟自己的appid绑定,然后支付宝生成一个支付宝公钥给你。
第二个地方就是异步通知里面用于验签时的公钥也是支付宝公钥
AlipaySignature.rsaCheckV1(params, AlipayConfig.ALIPAY_PUBLIC_KEY, AlipayConfig.CHARSET, AlipayConfig.sign_type);
验签方法:
/*
* 验签方法
* */
public boolean mysignVerified(HttpServletRequest request) throws AlipayApiException {
Map<String, String> params = new HashMap<String, String>();
Map<String, String[]> requestParams = request.getParameterMap();
for (Iterator<String> iter = requestParams.keySet().iterator(); iter.hasNext();) {
String name = iter.next();
String[] values = requestParams.get(name);
String valueStr = "";
for (int i = 0; i < values.length; i++) {
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
// 乱码解决,这段代码在出现乱码时使用。如果mysign和sign不相等也可以使用这段代码转化
// valueStr = new String(valueStr.getBytes("ISO-8859-1"), "gbk");
params.put(name, valueStr);
}
//String out_trade_no = request.getParameter("out_trade_no");// 商户订单号
return AlipaySignature.rsaCheckV1(params, AlipayConfig.ALIPAY_PUBLIC_KEY, AlipayConfig.CHARSET, AlipayConfig.sign_type); //调用SDK验证签名
}
相关配置
public class AlipayConfig {
// 应用ID,您的APPID,收款账号既是您的APPID对应支付宝账号,开发时使用沙箱提供的APPID,生产环境改成自己的APPID
public static String APP_ID = "2016101600700789"; //沙箱的
//public static String APP_ID = "2019120669659570";
// 商户私钥,您的PKCS8格式RSA2私钥
public static String APP_PRIVATE_KEY = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCFOj7P1DzSVD2j/DxZrLg3i9siUn47m6xL2yaZZprDNb3UjyNEt31B/q4hdhZ7StJVBx9AEfSsceXzOizbRJgdAboR6XSz66bE9pI3k/Ef2TmSc4v+cEysCKF/Mg4t8Y+uCWpOak+r/K4ZNBla2u45gU1vPcvOzf/uvJiTXmSYbBndKUMCICkF0RbHLOjhMFN8a0Nu0IiCSuGFl8iMSnL9czKnGWT6k5luwHsvxh0ei+lW2V9NZyP56reSylhO8RmOihsDKep7Y4JdNRyGNGzjkiaqGKzbcGU2a/Zx9ztSmo7tzOLVK3eDZEiOX4nBqa0HqczpYEg7S+kYwkIAXT7nAgMBAAECggEANufPNRWRz1i6Ype0Q3zEGtg/gkCfF2/LrSNvH+9CPssqJayr60j3jTgpiU7CayNl1Xbu8Re1T1BNZVUHYYI+ck3g4jrlRrUKcMfxcIg+6lI6wNlvy3d6kbeo3uPBJjwUa7QjpJd5qDalhWuMO35YiUh5oivEj8EkBb6h3rIbIRlrrsjFXN60RJXbQlulj6Cm1xNvzehhr34pSIrEZr1wbyy0bRq/YOpZ0XhnCrpWktZoIXirIQ3DUNu2NQ9PSUoJAaEYdk3DkKc+r+ARM99U1ZLRii1WWDDECZXmf66lKtPun09+obUe8Ly34+7DUsg0xZhpXcBWg0wR/WeWX7vz8QKBgQC+rB2ZsJGfoL4SkMtXJw7atG+ZiGQEILkoBH+CVhgj6ZYdEIy6Dc4NS7o5n/Am14hGmbCdMYSJZkCsypmDjhX7sDzeHQUl0E06aSN0qyotLzWuIDfl90SJL42/lyX4CniBFWJFXv6nPOQmR6JEDB07FjN1/gOgrZSrXagr2ookyQKBgQCy36Q0QVa3sZUFyKbH3VmlN9f1wHiO9crtrP94VAkpbvCCWof2O7z2az9F2EZmhwpbK1PhAFx0IHlSqvH6HuWT89Xi0DCPfbALbuQyaQoIm6K0QvPyVb1SNW0W9tMTGVZtUXaHpmwL+w5qoK6zojLGYMOzs31yblizniPhNVGOLwKBgDmFfQyPeu8YNB8vtVhefRm3k29S+TFRmeobqUftpyy2XEX6Zyn93iqerNiTioR9QyxhUymo9Z3pzhsSp8tLQxCB82rigFoPBC1Z6Ita08d71YrpR1PGC9QDF5U0CQ1SQ1ZV2CaraNGVChMOS0KSEQNxSCcRcZC4rQAhqglIzaIZAoGAJEacu4hAuPJHwauGv2PRqWMg5hMJoByS8g6ypMmOLhv0pMsNZc+JrAPmChkpdeOPIxwvX6M+HML1N+G5PzuC3bWGu//yyTb5O+haWSraQRKnNZ2acZwX0BNLs2uNNQNfdr4dprcGlItuygsaQw3y9C5togUVvN5KGOtKZYL1rjsCgYEAtNwjD9q963DUKDpoAZFCZClCtd8cxUsv8yPAZndWpgujtkOblYn8tQvxx/9yWPJC8NUahnMLrPI36YgAwB5Gs0csU0p2s80otTk3++oInrzTxCYuNlF+HT1RKzJ+JDOxVjJpBu91DJ4OnIhfDIPG8GGr+mtf2bg0sidz7HoL6ng=";
// public static String APP_PRIVATE_KEY ="MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCai3umtojYHJNn3ZbvUivIarG8kGHzWoGbJkuB8Ppo4nKhBmDHXCeO712jrEx4frQMUpoOx85NTmrZS8w96b3JDyt10KYEFNhm/W5CoNcxqAy8tDExiQRlxEoU0rSLNrTzgIRgfZW+uRC34T270itjh59St6U/9fd6y0oThV+PPRcKuZMZg8Qv3LKHYdHxwMyaoo+GT15N76/WYxSOZy4c7njaDo5C62okFdwHK8TzeTJ9y+OqeSuW/YevLxSfnTt1yOtQiIfx2oOOBsFqsqQ+uNvCSpDMl6r8F9LyeVm5lvxGTrzdz+odmyRGUkIfxVZAeSoqrwUSXsmceLvdurcjAgMBAAECggEASY/ZNLqwGoZHl+n+/T2Uv5ohrgrfxPEwvgQVbu2glCotu/4INPzli4Dehpjt8XEGDNOIpz5uMZgA/hu5RUMsZjbFThgZ3dl6RFOflzFuHSHLpkrzG4wHvtUXGiBNdfJ9YWasHC3LCHSYw54AP5XDt2WH7dyiWPagbR+0y+PxX4FMRiVVpjqloRKQqSW/gV+Y1ka8nHvUgU0IyJbi9ZZGbjEz409hWmTExmCuVwCdV/Tdq5q1PDiQHOtkgSf6UVCjMB4Ey5Y1Zn2E9/l7h2fDvZgYXCIwkFnPyNf+3cMnydvS22bks1M9PFp33bPVrV1F3DVltY9d7o8AXxqnFSlp0QKBgQDJbMA+AmpAvn2fUSptVwth39srxFuIY2Cqwx7jApLBeMlfqfw5aY7B6jbMhoIRtKVCy3b6KR7URT9sVqFYrKG2er99WARmHRnMh5vNxQBzrq+hqz5v5WxH9xjh4mHKSPBx4ti6ODGiQjv+wugntpBif45wHubgTUlaowp3uDT4mwKBgQDEawoukIcpMNFigTpmPp+R033xZAz9CyJCVuX8vfgfTMHsQNfngh5FNtCWMpIcrVei6cvCWD+cJqeVuV6LEbUxvqK+OY1bNoZnhnN1K6OjcyziYK//TSf0lHzBy7Uiy3l06youlRt/in3LualY3EDdtx/fUe4Lj244Nj2Cm3pQGQKBgQCiZFg1ZjMN0cZr/L8s+gGGPjlwdtWpBx33bmpncTqqWtxXkS91hiH/OvpFOKiC59ZZHLrmguKFFvNEQC/C0yNpgFsEDkM1pH6ZRDeb1RlBKvQUboBfLGN5PcFE1AQtV1LrLo22zPlPLQE7qx4KbojHsLlAsdlHu2fJeCtHTC8AwwKBgAWnBu38HseirgPlsCaNGs55haBSvsTxcxTxp0C0vtU3wkToQM5awkA/qZUI84d7vY/kpoZ7P6lgu2XlpcDey5YY5FoREe5UDV4hUmVG0ji78ci5+5afQ80YENcK47WSoXYp5lbc16O9+ozIVQVHoV5ADNzCYNVYVVWsyexeSRDRAoGBAJEa+g3rfVEKDzCXA+EgkTDphwEJyVH2csV9cGFLUnPv7fJgsTCj1QSE6PYHddCChKDBuJ5Yw1VhmqBch3Y4bcyV36hybO+vqzUP3AW1LVeu/NAhd3qRULoaiG5dhKJ28RWMZWr7IP1+xA58y/TbUpHdBhvOmvzopiXKe0SgWeSc";
// 支付宝公钥,查看地址:https://openhome.alipay.com/platform/keyManage.htm 对应APPID下的支付宝公钥。
public static String ALIPAY_PUBLIC_KEY="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE5K/L+l166zCpgLZ5EQRf9f32lNII8xtIJzTiBJaRgYAb2HnW3ZAEnpLNeWl8s5PxWsa6tNtqlrjSG8smNHDmbgF9pF1pLjhbCoe1tMizeuUvX6wypnPH3k2dM5Z4ffyLyvXw8rqO28CUegNLnDtc7U6dq5YhSlntTph3DB5EKL6iNSCs8PtblKwAA108I5beV8lvV75QkkXMU1jdpbA013swBAptyLxTsb/NoUB4eUmjr+uwrhavHoWbolFID2v9MuZ0GYb7TpiBEQSns+VaHi7pJpYXsL+bwSoteKAD+cG2vH8NI5HggMn3eXH6hOFtZ5jsm4NOZ0WgKOjo38UwIDAQAB";
//public static String ALIPAY_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvCnEvUMjsa7N1CybrtIdMY74o1JVyspZqv5Q5yj/8uyaE5LSG+7hFhQZpkJgHFNdKJsICfEKpK95MoKAm9uOV4+p7R7i7FMjVKh8yX6bf4auQXQLa3KeTJ/GSQpw1Z+5cSivyzBb2v+d4dt9MgJj04j6cCo2g9wjYsQ/wpRn/BMdDtA7nUaKfa15gJLz4q/1MYlIjALjnMeXIJXqZdDvBLuQ3JMEAgv6jfFxbU6U71L6ayA1OFdc1RFUrz4SXryOk9Ogoz77/DWCF4fcCZenx/zsBhTUXbl5GDy6/KFeMoU2WkVhFC9N/kG5aAiUTihjHQI3w3APAGAbJZkFJg/iwIDAQAB";
// 异步通知页面路径 需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问
public static String notify_url = "http://gojw.xyz/notify";
// 同步通知页面路径 需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问(其实就是支付成功后返回的页面)
public static String return_url = "http://gojw.xyz/return";
// 签名方式
public static String sign_type = "RSA2";
// 字符编码格式
public static String CHARSET = "utf-8";
// 支付宝网关,
public static String gatewayUrl = "https://openapi.alipaydev.com/gateway.do";
// 日志输出地方
public static String log_path = "C:\\";
总结:在整个过程中公钥用到基本都是支付宝公钥,私钥才是应用私钥。
https://blog.csdn.net/qq_39846820/article/details/103491718
上面这个链接文章对整个集成流程讲的比较全面
工作繁忙,流程可能说的不是很清晰,有问题可评论留言