今天在做项目时, 需要用到微信支付的对账接口, 看了好多人的反馈, 加上自己的测试, 在用API V3生成了Sign后,对download_url进行Get请求访问时, 依然会出现问题, 就是Nginx报错400 Bad Request
看了好多人的文章, 基本上都是用的调用sdk生成的httpClient再次进行调用, 如下图
经过测试后发现, 如果是使用普通的httpClient进行访问, 比如hutool的HttpUtil进行访问header中加上Authorization参数的话, 就可以正常访问到对账单了,详细例子如下
另附微信支付API V3版本 获取签名的方法
public String getToken(String method, HttpUrl url, String body) {
Long timestamp = System.currentTimeMillis() / 1000;
String nonceStr = UUID.randomUUID().toString().replace("-", "");
String message = buildMessage(method, url, timestamp, nonceStr, body);
String signature = message;
try {
signature = sign(message.getBytes("utf-8"));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
// 商户号
return "mchid=\"" + WechatPayConfig.MCH_ID + "\","
+ "timestamp=\"" + timestamp + "\","
+ "nonce_str=\"" + nonceStr + "\","
//商户证书序列号
+ "serial_no=\"" + WechatPayConfig.MCH_SERIAL_NO + "\","
+ "signature=\"" + signature + "\"";
}
public String sign(byte[] message) {
try {
Signature sign = Signature.getInstance("SHA256withRSA");
//私钥文件地址
sign.initSign(PemUtil.loadPrivateKey(new FileInputStream(privateKeyPath)));
sign.update(message);
return Base64.getEncoder().encodeToString(sign.sign());
} catch (SignatureException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
}
return null;
}