一、微信支付(简单贴一下)
/** 发起微信支付 */
public Map wechatPay(String openid, HttpServletRequest request, String outTradeNo, Integer totalFee) {
//生成的随机32位字符串
String nonce_str = RandomString.generateRandomString(32, RandomString.POSSIBLE_CHARS);
//商品金额 单位分 将原来的金额*100 元->分
Integer total_fee = (totalFee);
//商品名称
String packageName = "杭家订单:" + outTradeNo;
//获取客户端的ip地址
String spbill_create_ip = getIpAddress(request);
//生成商户订单号
String out_trade_no = outTradeNo;
//组装参数,用户生成统一下单接口的签名
Map<String, String> packageParams = new HashMap<String, String>();
packageParams.put("appid", weChatConfig.appId);
packageParams.put("mch_id", weChatConfig.mchId);
packageParams.put("nonce_str", nonce_str);
packageParams.put("body", packageName);
packageParams.put("out_trade_no", out_trade_no);//商户订单号
packageParams.put("total_fee", String.valueOf(total_fee));//支付金额,这边需要转成字符串类型,否则后面的签名会失败
packageParams.put("spbill_create_ip", spbill_create_ip);
packageParams.put("notify_url", weChatConfig.notifyUrl);//支付成功后的回调地址
packageParams.put("trade_type", weChatConfig.tradetype);//支付方式
packageParams.put("openid", openid);
String prestr = PayUtil.createLinkString(packageParams); // 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
//MD5运算生成签名,这里是第一次签名,用于调用统一下单接口
String mysign = PayUtil.sign(prestr, weChatConfig.key, "utf-8").toUpperCase();
//拼接统一下单接口使用的xml数据,要将上一步生成的签名一起拼接进去
String xml = "<xml>" + "<appid>" + weChatConfig.appId + "</appid>"
+ "<body><![CDATA[" + packageName + "]]></body>"
+ "<mch_id>" + weChatConfig.mchId + "</mch_id>"
+ "<nonce_str>" + nonce_str + "</nonce_str>"
+ "<notify_url>" + weChatConfig.notifyUrl + "</notify_url>"
+ "<openid>" + openid + "</openid>"
+ "<out_trade_no>" + out_trade_no + "</out_trade_no>"
+ "<spbill_create_ip>" + spbill_create_ip + "</spbill_create_ip>"
+ "<total_fee>" + total_fee + "</total_fee>"
+ "<trade_type>" + weChatConfig.tradetype + "</trade_type>"
+ "<sign>" + mysign + "</sign>"
+ "</xml>";
//调用统一下单接口,并接受返回的结果
String result = PayUtil.httpRequest(weChatConfig.payUrl, "POST", xml);
System.out.println("调试模式 返回XML数据:" + result);
// 将解析结果存储在HashMap中
Map map = PayUtil.doXMLParse(result);
String return_code = (String) map.get("return_code");//返回状态码
String return_msg = (String) map.get("return_msg");//返回状态信息
//返回给移动端需要的参数
Map<String, Object> response = new HashMap<>();
if ("SUCCESS".equals(return_code)) {
// 业务结果
String prepay_id = (String) map.get("prepay_id");//返回的预付单信息
String sign = (String) map.get("sign");//微信返回的签名值
response.put("sign", sign);
response.put("signType", weChatConfig.signtype);
response.put("nonceStr", nonce_str);
response.put("package", "prepay_id=" + prepay_id);
Long timeStamp = System.currentTimeMillis() / 1000;
response.put("timeStamp", timeStamp + "");//这边要将返回的时间戳转化成字符串,不然小程序端调用wx.requestPayment方法会报签名错误
String stringSignTemp = "appId=" + weChatConfig.appId + "&nonceStr=" + nonce_str + "&package=prepay_id=" + prepay_id + "&signType=" + weChatConfig.signtype + "&timeStamp=" + timeStamp;
//再次签名,这个签名用于小程序端调用wx.requesetPayment方法
String paySign = PayUtil.sign(stringSignTemp, weChatConfig.key, "utf-8").toUpperCase();
log.info("=======================第二次签名:" + paySign + "=====================");
response.put("paySign", paySign);
response.put("totalFee",total_fee);
/**业务代码*/
} else {
throw new BaseException(ResultEnum.WECHAT_PAY_ERROR, return_msg);
}
response.put("appid", weChatConfig.appId);
return response;
}
/** 支付回调 */
@Override
@Transactional
public String wechatPayCallBack(HttpServletRequest request, HttpServletResponse response) {
try {
String line = null;
BufferedReader br = new BufferedReader(new InputStreamReader((ServletInputStream) request.getInputStream()));
StringBuilder sb = new StringBuilder();
while ((line = br.readLine()) != null) {
sb.append(line);
}
br.close();
//sb为微信返回的xml
String notityXml = sb.toString();
String resXml = "";
log.info("接收到的报文:" + notityXml);
Map map = PayUtil.doXMLParse(notityXml);
String returnCode = (String) map.get("return_code");
if ("SUCCESS".equals(returnCode)) {
//验证签名是否正确
Map<String, String> validParams = PayUtil.paraFilter(map); //回调验签时需要去除sign和空值参数
String validStr = PayUtil.createLinkString(validParams);//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
String sign = PayUtil.sign(validStr, weChatConfig.key, "utf-8").toUpperCase();//拼装生成服务器端验证的签名
//根据微信官网的介绍,此处不仅对回调的参数进行验签,还需要对返回的金额与系统订单的金额进行比对等
if (sign.equals(map.get("sign"))) {
log.info("sign == sigin 签名通过");
/**此处添加自己的业务逻辑代码start*/
String outTradeNo = (String) map.get("out_trade_no");
String transactionId = (String) map.get("transaction_id");
String ip = getIpAddress(request);
// 支付回调处理
Boolean check = orderService.wechatPayCallBack(outTradeNo,transactionId,ip);
if(check){
// 通知微信服务器已经支付成功
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
} else {
// 通知微信服务器已经支付失败
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[FAIL]]></return_msg>" + "</xml> ";
}
/**此处添加自己的业务逻辑代码end**/
}
} else {
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[报文为空]]></return_msg>" + "</xml> ";
}
log.info(resXml);
log.info("微信支付回调数据结束");
BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());
out.write(resXml.getBytes());
out.flush();
out.close();
return resXml;
} catch (Exception e) {
return null;
}
}
二、微信退款
1.主要代码:
/** 微信退款 */
@Override
public Map<String, String> wechatRefund(int refundMoney, int totalMoney, String out_trade_no) {
//生成的随机32位字符串
String nonce_str = RandomString.generateRandomString(32, RandomString.POSSIBLE_CHARS);
String out_refund_no = SnowflakeIdWorker.getId();//商户退款单号
//签名算法
SortedMap<Object, Object> paramMap = new TreeMap<Object, Object>();
paramMap.put("appid", weChatConfig.appId);
paramMap.put("mch_id", weChatConfig.mchId);
paramMap.put("nonce_str", nonce_str);
paramMap.put("out_trade_no", out_trade_no);
paramMap.put("out_refund_no", out_refund_no);
paramMap.put("total_fee", String.valueOf(totalMoney));
paramMap.put("refund_fee", String.valueOf(refundMoney));
paramMap.put("notify_url", weChatConfig.refundNotifyUrl);
String sign = PayUtil.createSign(weChatConfig.key,paramMap);
//获取最终待发送的数据
String requestXml = "<xml>" +
"<appid>" + weChatConfig.appId + "</appid>" +
"<mch_id>" + weChatConfig.mchId + "</mch_id>" +
"<nonce_str>" + nonce_str + "</nonce_str>" +
"<out_trade_no>" + out_trade_no + "</out_trade_no>" +
"<out_refund_no>" + out_refund_no + "</out_refund_no>" +
"<total_fee>" + String.valueOf(totalMoney) + "</total_fee>" +
"<refund_fee>" + String.valueOf(refundMoney) + "</refund_fee>" +
"<notify_url>" + weChatConfig.refundNotifyUrl + "</notify_url>" +
"<sign>" + sign + "</sign>" +
"</xml>";
//定义本函数返回值:
Map<String,String> returnMap = new HashMap<>();
try {
//建立连接并发送数据
String result = PayUtil.WeixinSendPostToRefund(weChatConfig.refundUrl,requestXml, weChatConfig.mchId);
//解析返回的xml
Map<String,String> resultMap = PayUtil.doXMLParse(result);
//退款返回标志码
String return_code = resultMap.get("return_code").toString();
String result_code = resultMap.get("result_code").toString();
if("SUCCESS".equals(return_code) && "SUCCESS".equals(result_code)){
//code...
returnMap.put("status","success");
returnMap.put("msg","发起微信退款成功");
returnMap.put("transactionId",resultMap.get("transaction_id"));
returnMap.put("outTradeNo",resultMap.get("out_trade_no"));
returnMap.put("outRefundNo",resultMap.get("out_refund_no"));
return returnMap;
}else if(return_code.equals("SUCCESS") && result_code.equals("FAIL")){
returnMap.put("status","fail");
returnMap.put("msg","微信原路返款失败!");
return returnMap;
}else{
returnMap.put("status","fail");
returnMap.put("msg","微信原路返款失败!");
return returnMap;
}
}catch (Exception e){
e.printStackTrace();
returnMap.put("status","fail");
returnMap.put("msg",e.getMessage());
return returnMap;
}
}
2.证书使用
微信退款是需要证书的,怎么获取证书,微信支付文档比任何人说得都详细
/** 微信退款--向微信端发送post请求 */
public static String WeixinSendPostToRefund(String url,String xmlObj,String mch_id) throws Exception{
ClassPathResource classPathResource = new ClassPathResource("apiclient_cert.p12");//证书路径(此处我用的相对路径,你也可以考虑安全性,放在项目外)
InputStream instream = classPathResource.getInputStream();
KeyStore keyStore = KeyStore.getInstance("PKCS12");
try {
keyStore.load(instream, mch_id.toCharArray());
} catch (Exception e) {
e.printStackTrace();
} finally {
instream.close();
}
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, mch_id.toCharArray()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
String result = "";
try {
HttpPost httpPost = new HttpPost(url);
HttpEntity xmlData = new StringEntity((String) xmlObj, "text/xml", "iso-8859-1");
httpPost.setEntity(xmlData);
CloseableHttpResponse response = httpclient.execute(httpPost);
try {
HttpEntity entity = response.getEntity();
result = EntityUtils.toString(entity, "UTF-8");
System.out.println(response.getStatusLine());
EntityUtils.consume(entity);
} finally {
response.close();
}
} finally {
httpclient.close();
}
//去除空格
return result.replaceAll(" ", "");
}
3.代码中引用的方法
生成随机字符串:你可以用微信提供的javaSDK,其中有这个,而且map转xml和xml转map等都有
商户订单号:我用的SnowflakeIdWorker,这个随你,只要唯一就行了
sign签名:
/**
* 微信退款--sign签名
*/
public static String createSign(String secretKey, SortedMap<Object, Object> parameters) {
StringBuffer sb = new StringBuffer();
Set<Map.Entry<Object, Object>> es = parameters.entrySet();
Iterator<Map.Entry<Object, Object>> it = es.iterator();
while (it.hasNext()) {
Map.Entry<Object, Object> entry = (Map.Entry<Object, Object>) it.next();
String k = (String) entry.getKey();
Object v = entry.getValue();
if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k)) {
sb.append(k + "=" + v + "&");
}
}
sb.append("key=" + secretKey);
String sign = MD5Utils.MD5(sb.toString()).toUpperCase();
parameters.put("sign", sign);
return sign;
}
三、微信退款回调
首先不用多说,在外网地址上开放一个接口
1.主要代码
/** 微信退款回调 */
@Override
@Transactional(rollbackFor = Exception.class)
public String wechatRefundCallback(HttpServletRequest request, HttpServletResponse response) {
log.info("微信回调开始啦!!!!");
try {
BufferedReader br = new BufferedReader(new InputStreamReader((ServletInputStream) request.getInputStream()));
String line = null;
StringBuilder sb = new StringBuilder();
while ((line = br.readLine()) != null) {
sb.append(line);
}
br.close();
//sb为微信返回的xml
Map resultMap = PayUtil.doXMLParse(sb.toString());
if ("SUCCESS".equals(resultMap.get("return_code"))){//通信成功
String req_info = String.valueOf(resultMap.get("req_info"));
String resultXml = AESUtil.decryptData(req_info,weChatConfig.key);
Map<String,Object> reqInfoMap = PayUtil.doXMLParse(resultXml);
//code....
String resultStr = "<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>";
return resultStr;
}
}catch (Exception e){
e.printStackTrace();
}
throw new RuntimeException("微信回调失败");
}
2.解密方法
AESUtil
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class AESUtil {
/** 密钥算法 */
private static final String ALGORITHM = "AES";
/** 加解密算法/工作模式/填充方式 */
private static final String ALGORITHM_MODE_PADDING = "AES/ECB/PKCS5Padding";
/** AES加密 */
public static String encryptData(String data,String password) throws Exception {
// 创建密码器
Cipher cipher = Cipher.getInstance(ALGORITHM_MODE_PADDING);
SecretKeySpec key = new SecretKeySpec(MD5Utils.MD5(password).toLowerCase().getBytes(), ALGORITHM);
// 初始化
cipher.init(Cipher.ENCRYPT_MODE, key);
return Base64Util.encode(cipher.doFinal(data.getBytes()));
}
/** AES解密 */
public static String decryptData(String base64Data,String password) throws Exception {
Cipher cipher = Cipher.getInstance(ALGORITHM_MODE_PADDING);
SecretKeySpec key = new SecretKeySpec(MD5Utils.MD5(password).toLowerCase().getBytes(), ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decode = Base64Util.decode(base64Data);
byte[] doFinal = cipher.doFinal(decode);
return new String(doFinal,"utf-8");
}
}
Base64Util
import java.util.Base64;
public class Base64Util {
/** 解码 */
public static byte[] decode(String encodedText){
final Base64.Decoder decoder = Base64.getDecoder();
return decoder.decode(encodedText);
}
/** 编码 */
public static String encode(byte[] data){
final Base64.Encoder encoder = Base64.getEncoder();
return encoder.encodeToString(data);
}
}
MD5Utils
/** 普通MD5 */
public static String MD5(String input) {
MessageDigest md5 = null;
try {
md5 = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
return "check jdk";
} catch (Exception e) {
e.printStackTrace();
return "";
}
char[] charArray = input.toCharArray();
byte[] byteArray = new byte[charArray.length];
for (int i = 0; i < charArray.length; i++) {
byteArray[i] = (byte) charArray[i];
}
byte[] md5Bytes = md5.digest(byteArray);
StringBuffer hexValue = new StringBuffer();
for (int i = 0; i < md5Bytes.length; i++) {
int val = ((int) md5Bytes[i]) & 0xff;
if (val < 16) {
hexValue.append("0");
}
hexValue.append(Integer.toHexString(val));
}
return hexValue.toString();
}
ps:很多教程说要替换jre的两个jar包,我这里没照这一步,在AES解密的时候
SecretKeySpec key = new SecretKeySpec(MD5Utils.MD5(password).toLowerCase().getBytes(), ALGORITHM);
这步将商户key加密串转成小写了,这样就解决了"JAVA运行环境默认不允许256位密钥的AES加解密""的问题
有啥不懂得,或者我贴的代码有啥缺漏的,可以留言
参考:https://blog.csdn.net/zhangxing52077/article/details/80269999
1591
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
