PHP:微信支付-电商收付通（APiV3）之图片上传—签名错误

最新推荐文章于 2023-04-07 17:06:21 发布

置顶久隐_

最新推荐文章于 2023-04-07 17:06:21 发布

阅读量1.6k

点赞数 6

分类专栏：微信支付签名错误文章标签： php

本文链接：https://blog.csdn.net/qq_16469571/article/details/105436553

版权

微信支付签名错误专栏收录该内容

1 篇文章 0 订阅

订阅专栏

PHP:微信支付-电商收付通（APiV3）之图片上传—签名错误

APiV3之图片上传—签名错误

最近在使用微信支付电商收付通过程中，需要进行二级商户进件，其中必须完成图片上传，相信很多人会遇到纠缠到令你头皮发麻的困扰：错误的签名，验签失败

下面是我整理的PHP版本的上传图片代码，贡献给即将疯掉的各位同学，希望你们少掉点头发,保重身体

下面代码可直接复用，部分变量自行定义

//上传图片
public function upLoadFile(){
		header("Content-type:text/html;charset=utf-8");

		$url  		= 	'https://api.mch.weixin.qq.com/v3/merchant/media/upload';
		$filePath 	=	'你需要上传的图片';
		$keyPath 	=	'你的私钥绝对路径';

		$mess  		= 	$this->binaryEncodeImage($filePath);
		$filestr 	= 	json_encode(array('filename'=>'mb.png','sha256'=>hash_file("sha256", $filePath)));
		
		#准备参与签名数据
		$time  		= 	time();
		$nonce_str 	=   $this->createNoncestr();
		$pkid 	 	= 	file_get_contents($keyPath);

		$token 	 	= 	$this->sign($url,"POST",$time,$nonce_str,$filestr,$pkid,$this->mchid,$this->serial_no);

		#设置头部信息
	    $header  =[
	    	"Authorization: ".$this->schema.' '.$token,
			"User-Agent:111",
            "Accept:application/json",
            "Content-Type:multipart/form-data;boundary=7derenufded"#切记boundary=后面这里切记这里不要加-- 和 “”
		];
		
		#这里是构造请求body
		$boundary  		=	'7derenufded';
	    $boundarystr 	=	"--{$boundary}\r\n";
 
		$out  =$boundarystr;
		$out .='Content-Disposition:form-data;name="meta"'."\r\n";#name必须是meta
		$out .='Content-Type:image/jpeg; charset=UTF-8'."\r\n";
		$out .="\r\n";
		$out .="".$filestr."\r\n";
		$out .= $boundarystr;
		$out .='Content-Disposition:form-data;name="file";filename="mb.png"'."\r\n";#name必须是file
		$out .='Content-Type: image/png'."\r\n";
		$out .="\r\n";
		$out .=$mess."\r\n";
		$out .="--{$boundary}--";

		$curl  	=	curl_init();
		curl_setopt($curl, CURLOPT_URL, $url);
		curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
		curl_setopt($curl, CURLOPT_POST, true);
	    curl_setopt($curl, CURLOPT_POSTFIELDS,$out);
	    curl_setopt($curl, CURLOPT_HEADER, false);
	    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
	    $response = curl_exec($curl);
	    print_r($response);die;
	}


	//签名
    private function sign($url,$http_method,$timestamp,$nonce,$body,$mch_private_key,$merchant_id,$serial_no){

        $url_parts = parse_url($url);
        $canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : ""));
        $message =
        	$http_method."\n".
            $canonical_url."\n".
            $timestamp."\n".
            $nonce."\n".
            $body.
            "\n";
        openssl_sign($message, $raw_sign, $mch_private_key, 'sha256WithRSAEncryption');
        $sign = base64_encode($raw_sign);
        $schema = $this->schema;
        $token = sprintf('mchid="%s",nonce_str="%s",timestamp="%d",serial_no="%s",signature="%s"',
            $merchant_id, $nonce, $timestamp, $serial_no, $sign);
        return $token;
    }


	/** 
	 * 图片转化为二进制数据流
	 * @desc  图片转化为二进制数据流 
	 * return string 
	 */

	public function binaryEncodeImage($img_file){
		header("Content-type:text/html;charset=utf-8");
	    $p_size = filesize($img_file);
	    $img_binary = fread(fopen($img_file, "rb"), $p_size);
	    return $img_binary;
	}

总结易错：
1、签名数据格式这里需要注意：$body内容

	$message =
    	$http_method."\n".
        $canonical_url."\n".
        $timestamp."\n".
        $nonce."\n".
        $body.
        "\n";

2、设置请求头内容：

$header  =[
	    	"Authorization: ".$this->schema.' '.$token,
			"User-Agent:111",
            "Accept:application/json",
            "Content-Type:multipart/form-data;boundary=7derenufded"#切记boundary=后面这里不要加-- 和 “”
		];