api:
https://pay.weixin.qq.com/wiki/doc/api/tools/mch_pay.php?chapter=14_2
需要用到的工具类:(xml和map相互转换)
package com.st.project.common;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.util.*;
/**
* xml和map之间转换的工具类
*/
public class XmlUtil {
/**
* 将Map转换为XML格式的字符串
*
* @param data Map类型数据
* @return XML格式的字符串
* @throws Exception
*/
public static String mapToXml(Map<String, String> data) throws Exception {
// TODO 在这里更换
Document document = WXPayXmlUtil.newDocument();
Element root = document.createElement("xml");
document.appendChild(root);
for (String key: data.keySet()) {
String value = data.get(key);
if (value == null) {
value = "";
}
value = value.trim();
org.w3c.dom.Element filed = document.createElement(key);
filed.appendChild(document.createTextNode(value));
root.appendChild(filed);
}
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
DOMSource source = new DOMSource(document);
transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
StringWriter writer = new StringWriter();
StreamResult result = new StreamResult(writer);
transformer.transform(source, result);
String output = writer.getBuffer().toString(); //.replaceAll("\n|\r", "");
try {
writer.close();
}
catch (Exception ex) {
}
return output;
}
/*
* 将SortedMap<Object,Object> 集合转化成 xml格式
*/
public static String getRequestXml(SortedMap<Object,Object> parameters){
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
Set es = parameters.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
String v = (String)entry.getValue();
if ("attach".equalsIgnoreCase(k)||"body".equalsIgnoreCase(k)||"sign".equalsIgnoreCase(k)) {
sb.append("<"+k+">"+"<![CDATA["+v+"]]></"+k+">");
}else {
sb.append("<"+k+">"+v+"</"+k+">");
}
}
sb.append("</xml>");
return sb.toString();
}
/**
* XML格式字符串转换为Map
*
* @param strXML XML字符串
* @return XML数据转换后的Map
* @throws Exception
*/
public static Map<String, String> xmlToMap(String strXML) throws Exception {
try {
Map<String, String> data = new HashMap<String, String>();
// TODO 在这里更换
DocumentBuilder documentBuilder = WXPayXmlUtil.newDocumentBuilder();
InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8"));
org.w3c.dom.Document doc = documentBuilder.parse(stream);
doc.getDocumentElement().normalize();
NodeList nodeList = doc.getDocumentElement().getChildNodes();
for (int idx = 0; idx < nodeList.getLength(); ++idx) {
Node node = nodeList.item(idx);
if (node.getNodeType() == Node.ELEMENT_NODE) {
org.w3c.dom.Element element = (org.w3c.dom.Element) node;
data.put(element.getNodeName(), element.getTextContent());
}
}
try {
stream.close();
} catch (Exception ex) {
// do nothing
}
return data;
} catch (Exception ex) {
// WXPayUtil.getLogger().warn("Invalid XML, can not convert to map. Error message: {}. XML content: {}", ex.getMessage(), strXML);
throw ex;
}
}
}
/**
* XML解析工具类 官方SDK给出(主要是这个来阻止XXE)
*/
final class WXPayXmlUtil {
public static DocumentBuilder newDocumentBuilder() throws ParserConfigurationException {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
documentBuilderFactory.setFeature("http://xml.org/sax/features/external-general-entities", false);
documentBuilderFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
documentBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
documentBuilderFactory.setXIncludeAware(false);
documentBuilderFactory.setExpandEntityReferences(false);
return documentBuilderFactory.newDocumentBuilder();
}
public static Document newDocument() throws ParserConfigurationException {
return newDocumentBuilder().newDocument();
}
}
实现付款工具类:
package com.st.project.common;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;
import javax.net.ssl.SSLContext;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.util.*;
import static com.st.project.common.MD5Utils.MD5Encode;
import static com.st.project.common.XmlUtil.getRequestXml;
import static com.st.project.common.XmlUtil.xmlToMap;
/**
* 微信支付
*/
@Component
public class WechatpayUtil {
// @Autowired
// private Environment env;
// @Value("${wx.url}")
// private String transfers_url; //接口链接
// @Value("${wx.appId}")
// private String appid; //微信公众号的appid
// @Value("${wx.mch_id}")
// private String mch_id; //商户号
// @Value("${wx.private_key}")
// private String private_key; //商户平台设置的密钥key
// @Value("${wx.sslcert_path}")
// private String sslcert_path; //指向你的证书的绝对路径,带着证书去访问
// @Value("${portals.domain}")
// private String spbill_create_ip; //ip地址:该IP同在商户平台设置的IP白名单中的IP没有关联,该IP可传用户端或者服务端的IP
/**
* 微信支付
* @param nonce_str 生成随机数,保证安全性
* @param partner_trade_no 生成商户订单号
* @param openid 支付给用户openid
* @param check_name 是否验证真实姓名;NO_CHECK不校验真实姓名;FORCE_CHECK强校验真实姓名
* @param re_user_name 收款用户姓名;如果check_name设置为FORCE_CHECK,则必填用户真实姓名
* @param amount 企业付款金额,单位为分
* @param desc 企业付款操作说明信息,必填。
* @return
*/
public Map<String,String> balance_out_alipay(String nonce_str,String partner_trade_no,String openid,String check_name,String re_user_name,String amount,String desc,Environment env){
Map<String,String> resultMap=new HashMap<String,String>();
//请求示例
//<xml>
//<mch_appid>wxe062425f740c30d8</mch_appid>
//<mchid>10000098</mchid>
//<nonce_str>3PG2J4ILTKCH16CQ2502SI8ZNMTM67VS</nonce_str>
//<partner_trade_no>100000982014120919616</partner_trade_no>
//<openid>ohO4Gt7wVPxIT1A9GjFaMYMiZY1s</openid>
//<check_name>FORCE_CHECK</check_name>
//<re_user_name>张三</re_user_name>
//<amount>100</amount>
//<desc>节日快乐!</desc>
//<spbill_create_ip>10.2.3.10</spbill_create_ip>
//<sign>C97BDBACF37622775366F38B629F45E3</sign>
//</xml>
//1.0 拼凑企业支付需要的参数
//2.0 生成map集合
SortedMap<Object, Object> packageParams = new TreeMap();
packageParams.put("mch_appid", env.getProperty("wx.appId")); //微信公众号的appid
packageParams.put("mchid", env.getProperty("wx.mch_id")); //商户号
packageParams.put("nonce_str",nonce_str); //随机生成后数字,保证安全性;不长于32位
packageParams.put("partner_trade_no",partner_trade_no); //商户订单号;需保持唯一性(只能是字母或者数字,不能包含有其他字符)
packageParams.put("openid",openid); //支付给用户openid
packageParams.put("check_name",check_name); //是否验证真实姓名呢;NO_CHECK不校验真实姓名;FORCE_CHECK强校验真实姓名
// packageParams.put("re_user_name",re_user_name);//收款用户姓名;如果check_name设置为FORCE_CHECK,则必填用户真实姓名
packageParams.put("amount",amount); //企业付款金额,单位为分
packageParams.put("desc",desc); //企业付款操作说明信息,必填。
packageParams.put("spbill_create_ip",env.getProperty("portals.ip")); //调用接口的机器Ip地址
// packageParams.put("spbill_create_ip","192.168.1.11"); //调用接口的机器Ip地址
//3.0 生成自己的签名
String sign = createSign("utf-8",packageParams,env);
//4.0 封装退款对象
packageParams.put("sign", sign);
//5.0将当前的map结合转化成xml格式
String reuqestXml = getRequestXml(packageParams);
System.out.println(reuqestXml);
//6.0获取需要发送的url地址
// String wxUrl = env.getProperty("wx.transfers_url"); //获取退款的api接口
try {
String weixinPost = doRefund(env.getProperty("wx.transfers_url"),reuqestXml,env);
System.out.println(weixinPost);
//7.0 解析返回的xml数据
Map<String,String> refundResult = xmlToMap(weixinPost);
if("SUCCESS".equalsIgnoreCase(refundResult.get("result_code")) && "SUCCESS".equalsIgnoreCase(refundResult.get("return_code"))){
//成功示例
//<xml>
//<return_code><![CDATA[SUCCESS]]></return_code>
//<return_msg><![CDATA[]]></return_msg>
//<mch_appid><![CDATA[wxec38b8ff840bd989]]></mch_appid>
//<mchid><![CDATA[10013274]]></mchid>
//<device_info><![CDATA[]]></device_info>
//<nonce_str><![CDATA[lxuDzMnRjpcXzxLx0q]]></nonce_str>
//<result_code><![CDATA[SUCCESS]]></result_code>
//<partner_trade_no><![CDATA[10013574201505191526582441]]></partner_trade_no>
//<payment_no><![CDATA[1000018301201505190181489473]]></payment_no>
//<payment_time><![CDATA[2015-05-19 15:26:59]]></payment_time>
//</xml>
//8表示退款成功
//TODO 执行成功付款后的业务逻辑
resultMap.put("success", "true");
resultMap.put("payment_no", refundResult.get("payment_no"));//企业付款成功,返回的微信付款单号
resultMap.put("msg", "转账成功");
}else{
//错误示例
//<xml>
//<return_code><![CDATA[FAIL]]></return_code>
//<return_msg><![CDATA[系统繁忙,请稍后再试.]]></return_msg>
//<result_code><![CDATA[FAIL]]></result_code>
//<err_code><![CDATA[SYSTEMERROR]]></err_code>
//<err_code_des><![CDATA[系统繁忙,请稍后再试.]]></err_code_des>
//</xml>
//9 表示退款失败
//TODO 调用service的方法 ,存储失败提现的记录咯
resultMap.put("success", "false");
resultMap.put("msg", refundResult.get("return_code")+refundResult.get("return_msg"));//返回信息,如非空,为错误原因;签名失败;参数格式校验错误
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return resultMap;
}
/**
* 根据微信签名算法生成自己的签名sign
* @param characterEncoding 编码格式 eg:utf-8
* @param parameters 用于生成sign的参数集合(SortedMap:保证按照键的升序排列的映射)
* @return
*/
public String createSign(String characterEncoding,SortedMap<Object, Object> parameters,Environment env){
StringBuffer sb = new StringBuffer();
StringBuffer sbkey = new StringBuffer();
Set es = parameters.entrySet(); //将集合M内非空参数值的参数按照参数名ASCII码从小到大排序(字典序)
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
Object v = entry.getValue();
//空值不传递,不参与签名组串
if(null != v && !"".equals(v)) {
//使用URL键值对的格式(即key1=value1&key2=value2…)拼接成字符串stringA
sb.append(k + "=" + v + "&");
sbkey.append(k + "=" + v + "&");
}
}
sbkey=sbkey.append("key="+env.getProperty("wx.private_key"));//注:key为商户平台设置的密钥key
String sign=MD5Encode(sbkey.toString(),characterEncoding).toUpperCase(); //注:MD5签名方式
return sign;
}
/**
* Post请求+证书
* @param url
* @param data
* @return
* @throws Exception
*/
@SuppressWarnings("deprecation")
public String doRefund(String url,String data,Environment env) throws Exception {
/**
* 注意PKCS12证书 是从微信商户平台-》账户设置-》 API安全 中下载的
*/
KeyStore keyStore = KeyStore.getInstance("PKCS12");
/**
*此处要改
*wxconfig.SSLCERT_PATH : 指向你的证书的绝对路径,带着证书去访问
*/
FileInputStream instream = new FileInputStream(new File(env.getProperty("wx.sslcert_path")));//P12文件目录
try {
/**
* 此处要改
*
* 下载证书时的密码、默认密码是你的MCHID mch_id
* */
keyStore.load(instream, env.getProperty("wx.mch_id").toCharArray());//这里写密码
} finally {
instream.close();
}
// Trust own CA and all self-signed certs
/**
* 此处要改
* 下载证书时的密码、默认密码是你的MCHID mch_id
* */
SSLContext sslcontext = SSLContexts.custom()
.loadKeyMaterial(keyStore, env.getProperty("wx.mch_id").toCharArray())//这里也是写密码的
.build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
new String[] { "TLSv1" },
null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build();
try {
HttpPost httpost = new HttpPost(url); // 设置响应头信息
httpost.addHeader("Connection", "keep-alive");
httpost.addHeader("Accept", "*/*");
httpost.addHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
httpost.addHeader("Host", "api.mch.weixin.qq.com");
httpost.addHeader("X-Requested-With", "XMLHttpRequest");
httpost.addHeader("Cache-Control", "max-age=0");
httpost.addHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0) ");
httpost.setEntity(new StringEntity(data, "UTF-8"));
CloseableHttpResponse response = httpclient.execute(httpost);
try {
HttpEntity entity = response.getEntity();
String jsonStr = EntityUtils.toString(response.getEntity(), "UTF-8");
EntityUtils.consume(entity);
return jsonStr;
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
/**
* MD5加密
* @param origin
* @param characterEncoding 编码格式 eg:utf-8
* @return
*/
public String MD5Encode(String origin,String characterEncoding) {
String result = null;
try {
result = new String(origin);
MessageDigest md = MessageDigest.getInstance("MD5");
result = byteArrayToHexString(md.digest(result.getBytes(characterEncoding)));
} catch (Exception exception) {
}
return result;
}
}
传入参数实现付款:
//微信
WechatpayUtil wechatpayUtil = new WechatpayUtil();
String nonce_str = getUUID(); //生成随机数,保证安全性
String partner_trade_no = getUUID(); //生成商户订单号
String openid = customerEntity.getOpenId(); //支付给用户openid
String check_name = "NO_CHECK"; //是否验证真实姓名;NO_CHECK不校验真实姓名;FORCE_CHECK强校验真实姓名
String re_user_name = ""; //收款用户姓名;如果check_name设置为FORCE_CHECK,则必填用户真实姓名
String amount = (int) ((Double.parseDouble(blance) + Double.parseDouble(blance_distribution)) * 100) + ""; //企业付款金额,单位为分
String desc = "用户余额申请提现到钱包"; //企业付款操作说明信息,必填
Map<String, String> wechatPayMap = wechatpayUtil.balance_out_alipay(nonce_str, partner_trade_no, openid, check_name, re_user_name, amount, desc, env);
if ("true".equals(wechatPayMap.get("success"))) {
orderRefunds.setCode(partner_trade_no);
orderRefunds.setTradeNo(wechatPayMap.get("payment_no"));
orderRefunds.setStatus(1);
orderRefundsRepository.save(orderRefunds);
//用户减去相应的余额或分销余额
customerEntity.setBalance(customerEntity.getBalance().subtract(BigDecimal.valueOf(Double.parseDouble(blance))));
customerEntity.setBalanceDistribut(customerEntity.getBalanceDistribut().subtract(BigDecimal.valueOf(Double.parseDouble(blance_distribution))));
customerRepository.saveAndFlush(customerEntity);
map.put("success", "true");
map.put("msg", "微信提现成功");
} else {
orderRefunds.setCode(partner_trade_no);
orderRefunds.setStatus(2);
orderRefundsRepository.save(orderRefunds);
map.put("success", "false");
map.put("msg", "微信提现失败:" + wechatPayMap.get("msg"));
}