背景
公司是微服务架构 用docker 容器部署项目的配置文件都是做过配置的(这个配置比较复杂很多机器每次新增文件都得重新配置),于是想了个办法把微信支付证书扔云服务上去读取
实现
/**
* 代理ip地址 10.0.xx.xx
*/
@Value("${proxyHost:}")
private String proxyHost;
/**
* 是否使用代理 开关
*/
@Value("${proxySwitch:}")
private boolean proxySwitch;
/**
* 证书路径 如:https://xxxxx.com.cn/apiclient_cert.p1
*/
@Value("${certificateUrl:}")
private String certificateUrl ;
/**
* 商户id
*/
@Value("${WxPayConfig.mchId:}")
private String mchId;
public static File downLoad(String path) {
String[] temp = path.split("/");
temp = temp[temp.length - 1].split("\\.");
File file = new File(temp[0] + System.currentTimeMillis() + "." + temp[1]);
try {
URL url = new URL(path);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setConnectTimeout(3 * 1000);
InputStream stream = connection.getInputStream();
byte[] buffer = new byte[1024];
int len;
ByteArrayOutputStream bos = new ByteArrayOutputStream();
while ((len = stream.read(buffer)) != -1) {
bos.write(buffer, 0, len);
}
bos.close();
byte[] data = bos.toByteArray();
FileOutputStream fos = new FileOutputStream(file);
fos.write(data);
fos.close();
stream.close();
} catch (Exception e) {
log.error("ImportExcel---downLoad()",e);
}
return file;
}
/**
* 开始退款业务
* @param xmlParam
* @return
* @throws Exception
*/
public String weixingPost(String url ,String xmlParam) throws Exception {
log.info("============proxyHost : "+proxyHost+ "====proxySwitch:"+proxySwitch);
String jsonStr= "";
try {
KeyStore clientStore = KeyStore.getInstance("PKCS12");
log.info("===========证书位置:"+certificateUrl );
// FileInputStream instream = new FileInputStream(certificateUrl);
File file = downLoad(certificateUrl);
FileInputStream instream = new FileInputStream(file);
try {
// 指定PKCS12的密码(商户ID)
clientStore.load(instream, mchId.toCharArray());
} finally {
instream.close();
}
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(clientStore, mchId.toCharArray()).build();
// 指定TLS版本
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[]{"TLSv1"}, null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
// 设置httpclient的SSLSocketFactory
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
try {
HttpPost httpost = new HttpPost(url); // 设置响应头信息
// 设置代理信息
if (proxySwitch) {
HttpHost proxy = new HttpHost(proxyHost,80 , "http");
// 设置请求和传输超时时间
RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(2000).setConnectTimeout(2000).setProxy(proxy).build();
httpost.setConfig(requestConfig);
}
// 参数
httpost.setEntity(new StringEntity(xmlParam, "UTF-8"));
log.info("===========xmlParam:"+xmlParam );
CloseableHttpResponse response = httpclient.execute(httpost);
try {
HttpEntity entity = response.getEntity();
jsonStr = EntityUtils.toString(response.getEntity(), "UTF-8");
EntityUtils.consume(entity);
log.info("=========jsonStr:"+jsonStr);
} finally {
response.close();
}
} finally {
httpclient.close();
}
} catch (Exception e) {
log.info("==================",e);
throw new Exception(e);
}
return jsonStr;
}
知识点:
1、对接微信支付时用的是特约商户的子账号 ,退款的证书 要用父账号的
2、上述代码中有使用代理,不需要的朋友可以注释或设置proxySwitch = false