准备
1.准备好相对应的证书(普通公钥模式也行,但是B2C打款需要证书,所以在这里我用的是证书模式),文件如下:
2.准备appId(小程序appId)、secret(小程序秘钥)、mchId(商户id)、wechatApiKey(商户支付api秘钥),例如下:
开始
1.创建微信工具类
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
import org.apache.logging.log4j.util.PropertiesUtil;
import org.springframework.util.ResourceUtils;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.net.ssl.SSLContext;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import java.io.*;
import java.net.InetAddress;
import java.net.URL;
import java.net.URLConnection;
import java.net.UnknownHostException;
import java.security.*;
import java.security.cert.CertificateException;
import java.util.*;
public class WxUtils {
/**
* 创建随机字符串
*
* @param i
* @return
*/
public static String createCode(int i) {
return UUID.randomUUID().toString().replaceAll("-", "").substring(0, i);
}
/**
* 创建签名Sign
*
* @param key
* @param parameters
* @return
*/
public static String createSign(SortedMap<String, String> parameters, String key) {
StringBuffer sb = new StringBuffer();
Set es = parameters.entrySet();
Iterator<?> it = es.iterator();
while (it.hasNext()) {
Map.Entry entry = (Map.Entry) it.next();
String k = (String) entry.getKey();
if (entry.getValue() != null || !"".equals(entry.getValue())) {
String v = String.valueOf(entry.getValue());
if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k)) {
sb.append(k + "=" + v + "&");
}
}
}
sb.append("key=" + key);
String sign = md5Password(sb.toString()).toUpperCase();
return sign;
}
/**
* Map转换为 Xml
*
* @param map
* @return Xml
* @throws Exception
*/
public static String mapToXml(SortedMap<String, String> map) throws Exception {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
//防止XXE攻击
documentBuilderFactory.setXIncludeAware(false);
documentBuilderFactory.setExpandEntityReferences(false);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
org.w3c.dom.Document document = documentBuilder.newDocument();
org.w3c.dom.Element root = document.createElement("xml");
document.appendChild(root);
for (String key : map.keySet()) {
String value = map.get(key);
if (value == null) {
value = "";
}
value = value.trim();
org.w3c.dom.Element filed = document.createElement(key);
filed.appendChild(document.createTextNode(value));
root.appendChild(filed);
}
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
DOMSource source = new DOMSource(document);
transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
StringWriter writer = new StringWriter();
StreamResult result = new StreamResult(writer);
transformer.transform(source, result);
String output = writer.getBuffer().toString();
try {
writer.close();
} catch (Exception ex) {
}
return output;
}
/**
* XML格式字符串转换为Map
*
* @param xml XML字符串
* @return XML数据转换后的Map
* @throws Exception
*/
public static Map<String, String> xmlToMap(String xml) {
try {
Map<String, String> data = new HashMap<>();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
InputStream stream = new ByteArrayInputStream(xml.getBytes("UTF-8"));
org.w3c.dom.Document doc = documentBuilder.parse(stream);
doc.getDocumentElement().normalize();
NodeList nodeList = doc.getDocumentElement().getChildNodes();
for (int idx = 0; idx < nodeList.getLength(); ++idx) {
Node node = nodeList.item(idx);
if (node.getNodeType() == Node.ELEMENT_NODE) {
org.w3c.dom.Element element = (org.w3c.dom.Element) node;
data.put(element.getNodeName(), element.getTextContent());
}
}
stream.close();
return data;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 生成32位md5码
*
* @param password
* @return
*/
public static String md5Password(String password) {
try {
// 得到一个信息摘要器
MessageDigest digest = MessageDigest.getInstance("md5");
byte[] result = digest.digest(password.getBytes());
StringBuffer buffer = new StringBuffer();
// 把每一个byte 做一个与运算 0xff;
for (byte b : result) {
// 与运算
int number = b & 0xff;// 加盐
String str = Integer.toHexString(number);
if (str.length() == 1) {
buffer.append("0");
}
buffer.append(str);
}
// 标准的md5加密后的结果
return buffer.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return "";
}
}
public static String sendPostXml(String urlStr, String param) throws Exception{
//发送xml请求
URL url = new URL(urlStr);
String xml = param;
URLConnection conn = null;
conn = url.openConnection();
conn.setUseCaches(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Content-Length", Integer.toString(xml.length()));
conn.setRequestProperty("Content-Type", "text/xml; charset=utf-8");
OutputStream ops = conn.getOutputStream();
OutputStreamWriter osw = new OutputStreamWriter(ops, "utf-8");
osw.write(xml);
osw.flush();
osw.close();
//发送成功后,获取服务器的响应xml串:
StringBuffer sb = new StringBuffer();
String line = "";
InputStream is = conn.getInputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(is));//三层包装
while ((line = br.readLine()) != null) {
sb.append(line+ "\r\n");
}
System.out.println(sb.toString());
return sb.toString();
}
public static String getHostIp() {
try {
return InetAddress.getLocalHost().getHostAddress();
} catch (UnknownHostException e) {
}
return "127.0.0.1";
}
//连接超时时间,默认10秒
private static int socketTimeout = 10000;
//传输超时时间,默认30秒
private static int connectTimeout = 30000;
//请求器的配置
private static RequestConfig requestConfig;
//HTTP请求器
private static CloseableHttpClient httpClient;
public static String httpsRequest(String url, String xmlObj, String wechatMchId) throws Exception {
//加载证书
initCert(wechatMchId);
String result = null;
HttpPost httpPost = new HttpPost(url);
//得指明使用UTF-8编码,否则到API服务器XML的中文不能被成功识别
StringEntity postEntity = new StringEntity(xmlObj, "UTF-8");
httpPost.addHeader("Content-Type", "text/xml");
httpPost.setEntity(postEntity);
//设置请求器的配置
httpPost.setConfig(requestConfig);
try {
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
result = EntityUtils.toString(entity, "UTF-8");
} catch (Exception e) {
e.printStackTrace();
} finally {
httpPost.abort();
}
return result;
}
/**
* 加载证书
*
* @throws IOException
* @throws KeyStoreException
* @throws UnrecoverableKeyException
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
private static void initCert(String wechatMchId) throws Exception {
//拼接证书的路径
KeyStore keyStore = KeyStore.getInstance("PKCS12");
//加载本地的证书进行https加密传输
String file = "";
if (PropertiesUtil.getSystemProperties().getProperty("os.name").equals("Linux")) {
file = "./weChat/apiclient_cert.p12";
} else {
file = ResourceUtils.getURL("classpath:").getPath() + "/weChat/apiclient_cert.p12";
}
FileInputStream instream = new FileInputStream(new File(file));
try {
keyStore.load(instream, wechatMchId.toCharArray()); //加载证书密码,默认为商户ID
} catch (CertificateException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} finally {
instream.close();
}
// Trust own CA and all self-signed certs
SSLContext sslcontext = SSLContexts.custom()
.loadKeyMaterial(keyStore, wechatMchId.toCharArray()) //加载证书密码,默认为商户ID
.build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build();
//根据默认超时限制初始化requestConfig
requestConfig = RequestConfig.custom().setSocketTimeout(socketTimeout).setConnectTimeout(connectTimeout).build();
}
}
2.创建微信支付的公共类
import java.math.BigDecimal;
import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
public class WxAppletsPay {
private static String weChatAppId = "******";
private static String weChatSecret = "******";
private static String wechatMchId = "******";
private static String wechatApiKey = "******";
private static String notifyUrl = "******";
/**
* 小程序创建订单
* @param body
* @param orderSn
* @param payAmount
* @param openid
* @return
* @throws Exception
*/
public static Map<String, String> weChatCreateOrder(String body, String orderSn, BigDecimal payAmount, String openid) throws Exception {
//封装参数
SortedMap<String, String> paramMap = new TreeMap<>();
paramMap.put("appid", weChatAppId);
paramMap.put("mch_id", wechatMchId);
paramMap.put("nonce_str", WxUtils.createCode(32));
paramMap.put("body", body);//商品描述
paramMap.put("out_trade_no", orderSn);
paramMap.put("total_fee", payAmount.toString());
paramMap.put("spbill_create_ip", WxUtils.getHostIp());
paramMap.put("notify_url", notifyUrl);
paramMap.put("trade_type", "JSAPI");
paramMap.put("openid", openid);
paramMap.put("sign", WxUtils.createSign(paramMap, wechatApiKey));
System.out.println(paramMap);
String xmlData = WxUtils.mapToXml(paramMap);
String resXml = WxUtils.sendPostXml("https://api.mch.weixin.qq.com/pay/unifiedorder", xmlData);
return WxUtils.xmlToMap(resXml);
}
/**
* 二次签名
* @param packageStr
* @return
*/
public static Map<String, String> payAgainSign(String packageStr){
SortedMap<String, String> paramMap = new TreeMap<>();
paramMap.put("appId", weChatAppId);
paramMap.put("nonceStr", WxUtils.createCode(32));
paramMap.put("package", packageStr);
paramMap.put("signType", "MD5");
paramMap.put("timeStamp", System.currentTimeMillis()/1000+"");
paramMap.put("sign", WxUtils.createSign(paramMap, wechatApiKey));
return paramMap;
}
}
3.这是支付的controller核心代码
Map<String, String> stringStringMap = WxAppletsPay.weChatCreateOrder(order.getSpecs() + "*" + order.getNums(), order.getOrderSn(), new BigDecimal(order.getPayPrice()), user.get(0).getOpenId());
Map<String, String> map = WxAppletsPay.payAgainSign("prepay_id=" + stringStringMap.get("prepay_id"));
return map ;
4.这是回调的controller
/**
* 微信异步通知
*
* @param request
* @param response
* @throws Exception
*/
@PostMapping(value = "xcxNotify")
public void xcxNotify(HttpServletRequest request, HttpServletResponse response) throws Exception {
Long startDate = System.currentTimeMillis();
InputStream inputStream = request.getInputStream();
//获取请求输入流
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int len = 0;
while ((len = inputStream.read(buffer)) != -1) {
outputStream.write(buffer, 0, len);
}
outputStream.close();
inputStream.close();
Map<String, String> map = WeChatServiceImpl.xmlToMap(new String(outputStream.toByteArray(), "utf-8"));
logger.info("【小程序支付回调】 回调数据: \n" + map);
String resXml = "";
String returnCode = (String) map.get("return_code");
if ("SUCCESS".equalsIgnoreCase(returnCode)) {
String returnmsg = (String) map.get("result_code");
if ("SUCCESS".equals(returnmsg)) {
String outTradeNo = map.get("out_trade_no");
//主动查询
boolean isSuccess = weChatService.weChartQueryOrder(outTradeNo);
if (!isSuccess) {
return;
}
//更新数据
//你的业务逻辑
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml>";
} else {
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[报文为空]></return_msg>" + "</xml>";
logger.info("支付失败:" + resXml);
}
} else {
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[报文为空]></return_msg>" + "</xml>";
logger.info("【订单支付失败】");
}
response.getWriter().print(resXml);
}
5.这是小程序端的核心代码
wx.requestPayment(
{
'timeStamp': res.data.timeStamp,
'nonceStr': res.data.nonceStr,
'package': res.data.package,
'signType': 'MD5',
'paySign': res.data.sign,
'success':function(res){
wx.navigateTo({
url:"../paySuccess/paySuccess"
})
},
'fail':function(res){},
'complete':function(res){}
})