一丶查看官方开发文档,地址为:
链接: https://pay.weixin.qq.com/wiki/doc/api/index.html.
二丶回传前端发起支付的参数
/**
*调用统一下单接口,并接受返回的结果
* @param openid 用户唯一标识(详情请看微信登录)
* @param money 金额
* @param orderNum 订单号
* @return
*/
public static Map<String, String> getPayment(String openid,double money,String orderNum) throws Exception {
//初始化返回值
Map<String,String> payMap = new TreeMap<>();
//获取32位随机字符串
String nonce_str = PayUtil.getRandomStringByLength(32);
//商品描述 这里是避免出现中文乱码
String body = new String(WeChatConfigVo.body.getBytes(StandardCharsets.ISO_8859_1));
//封装数据
SortedMap<String,String> map = new TreeMap<>();
map.put("appid", WeChatConfigVo.appId);
map.put("mch_id", WeChatConfigVo.mch_id);
map.put("nonce_str", nonce_str);
map.put("body", body);
map.put("out_trade_no", orderNum); //商户订单号,自己的订单ID
map.put("total_fee", PayUtil.moneyToIntegerStr(money)); //支付金额,这边需要转成字符串类型,否则后面的签名会失败
map.put("spbill_create_ip", IPUtils.getIpAddr()); //IP地址
map.put("notify_url", WeChatConfigVo.notify_url); //支付成功后的回调地址
map.put("trade_type", WeChatConfigVo.tradeType); //支付方式
map.put("openid", openid);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
String preStr = PayUtil.createLinkString(map);
//MD5运算生成签名,这里是第一次签名,用于调用统一下单接口
String mySign = PayUtil.sign(preStr, WeChatConfigVo.key, "utf-8").toUpperCase();
//放到map集合
map.put("sign",mySign);
//装换为xml
String mapXML = PayUtil.mapToXml(map);
//调用统一下单接口,并接受返回的结果
String result = PayUtil.httpRequest(WeChatConfigVo.pay_url, "POST", mapXML);
//解析xml返回map集合
Map mapResult = PayUtil.xmlToMap(result);
//获取返回状态码和返回结果
String return_code = (String) mapResult.get("return_code");
String result_code = (String) mapResult.get("result_code");
//判断是否成功
if("SUCCESS".equals(return_code) || return_code.equals(result_code)){
//成功返回预订单ID
String prepay_id = (String) mapResult.get("prepay_id");
//获取当前时间戳
String timeStamp = PayUtil.getCurrentTimeStamp();
//封装返回结果
payMap.put("nonceStr", nonce_str);
payMap.put("package", prepay_id);
//要将返回的时间戳转化成字符串,不然小程序端调用wx.requestPayment方法会报签名错误
payMap.put("timeStamp", timeStamp);
//拼接签名需要的参数
String stringSignTemp = "appId=" + WeChatConfigVo.appId + "&nonceStr=" + nonce_str + "&package=prepay_id="
+ prepay_id + "&signType=" + WeChatConfigVo.signType + "&timeStamp=" + timeStamp;
//再次签名,这个签名用于小程序端调用wx.requesetPayment方法
String paySign = PayUtil.sign(stringSignTemp, WeChatConfigVo.key, "utf-8").toUpperCase();
//封装到map集合
payMap.put("paySign",paySign);
}else {
throw new ServiceException("支付失败");
}
payMap.put("appId", WeChatConfigVo.appId);
//数据返回
return payMap;
}
3丶支付后会以流的方式回传数据(回调函数),生命回调函数是要以接口的形式编写,并在外网上可访问,而且接口不可携带参数
@Override
public void wxNotify(HttpServletRequest request, HttpServletResponse response) {
log.info("================回调正在执行===============");
try {
//获取缓冲流
BufferedReader br = new BufferedReader(new InputStreamReader(request.getInputStream()));
String line ;
//获取StringBuilder对象
StringBuilder sb = new StringBuilder();
//拼接字符
while ((line = br.readLine()) != null){
sb.append(line);
}
br.close();
//sb为微信返回的xml
String notifyXml = sb.toString();
//将xml转换为map对象
Map<String,String> map = PayUtil.xmlToMap(notifyXml);
log.info("===============准备读取=================");
//获取return_code值 作为判断条件
String returnCode = map.get("return_code");
log.info("=====参数返回:======="+""+returnCode+""+"===============");
//String resultCode = map.get("result_code");
String preXml ;
//成功返回
if("SUCCESS".equals(returnCode)){
//判断验证签名是否正确
log.info("==============进来了没-===================");
//判断签名是否正确
boolean flag = PayUtil.isSignatureValid(map, WeChatConfigVo.key);
//如果正确进行下一步操作
if(flag){
//订单号
String orderNum = map.get("out_trade_no");
//金额
String money = map.get("total_fee");
log.info("=====钱:===="+money+"=============");
//交易时间
SimpleDateFormat sf = new SimpleDateFormat("yyyyMMddHHmmss");
Date timeEnd = sf.parse(map.get("time_end"));
//判断金额是否相同
if (money.equals(PayUtil.moneyToIntegerStr(records.getRecordMoney()))){
//处理自己的业务
log.info("================支付成功===============");
}else {
//金额不对
throw new ServiceException("支付失败请重新支付");
}
//通知微信服务器已经支付成功,将不会再次回调
preXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
}else {
//支付失败
preXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[报文为空]]></return_msg>" + "</xml> ";
}
//获取输出缓冲流
BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());
out.write(preXml.getBytes());
out.flush();
out.close();
}
log.info("================回调结束===============");
} catch (Exception e) {
e.printStackTrace();
}
}
4丶查询订单(若一些情况,未回调等原因,需自己去查询订单)
/**
* 订单查询接口
* @param orderNum 商户订单号
* @return
*/
public static Map<String,String> getQueryOrder(String orderNum) throws Exception {
//封装数据
SortedMap<String,String> map = new TreeMap<>();
map.put("appid",WeChatConfigVo.appId);
map.put("mch_id",WeChatConfigVo.mch_id);
map.put("out_trade_no",orderNum);
map.put("nonce_str",PayUtil.getRandomStringByLength(32));
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
String preStr = PayUtil.createLinkString(map);
//MD5运算生成签名
String mySign = PayUtil.sign(preStr, WeChatConfigVo.key, "UTF-8").toUpperCase();
//生成sign
map.put("sign",mySign);
//装换为xml
String mapXML = PayUtil.mapToXml(map);
//请求
String result = PayUtil.httpRequest(WeChatConfigVo.query_url, "POST", mapXML);
//数据返回
return PayUtil.xmlToMap(result);
}
5丶使用到的工具类,可在官方下载
@Slf4j
public class PayUtil {
// HTTP请求器
private static CloseableHttpClient httpClient;
/**
* 针对微信支付生成商户订单号,为了避免微信商户订单号重复(下单单位支付),
*
* @return
*/
public static String generateOrderSN() {
return System.currentTimeMillis() + getRandomStringByLength(7);
}
//获取随机字符串
public static String getRandomStringByLength(int length) {
String base = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
Random random = new Random();
StringBuilder sb = new StringBuilder();
for (int i = 0; i < length; i++) {
int number = random.nextInt(base.length());
sb.append(base.charAt(number));
}
return sb.toString();
}
/**
* 请求地址返回参数
*
* @param requestUrl 请求地址
* @param requestMethod 请求方法
* @param outputStr 参数
*/
public static String httpRequest(String requestUrl, String requestMethod, String outputStr) {
// 创建SSLContext
StringBuffer buffer = null;
try {
URL url = new URL(requestUrl);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod(requestMethod);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.connect();
//往服务器端写内容
if (null != outputStr) {
OutputStream os = conn.getOutputStream();
os.write(outputStr.getBytes(StandardCharsets.UTF_8));
os.close();
}
// 读取服务器端返回的内容
InputStream is = conn.getInputStream();
InputStreamReader isr = new InputStreamReader(is, StandardCharsets.UTF_8);
BufferedReader br = new BufferedReader(isr);
buffer = new StringBuffer();
String line;
while ((line = br.readLine()) != null) {
buffer.append(line);
}
br.close();
} catch (Exception e) {
e.printStackTrace();
}
return buffer.toString();
}
/**
* 解析xml,返回第一级元素键值对。如果第一级元素有子节点,则此节点的值是子节点的xml数据。
*
* @param strxml
* @return
* @throws org.jdom2.JDOMException
* @throws IOException
*/
public static Map<String,String> doXMLParse(String strxml) throws Exception {
if (null == strxml || "".equals(strxml)) {
return null;
}
Map<String,String> m = new HashMap<>();
InputStream in = String2Inputstream(strxml);
SAXBuilder builder = new SAXBuilder();
Document doc = builder.build(in);
Element root = doc.getRootElement();
List list = root.getChildren();
for (Object o : list) {
Element e = (Element) o;
String k = e.getName();
String v;
List children = e.getChildren();
if (children.isEmpty()) {
v = e.getTextNormalize();
} else {
v = getChildrenText(children);
}
m.put(k, v);
}
//关闭流
in.close();
return m;
}
public static InputStream String2Inputstream(String str) {
return new ByteArrayInputStream(str.getBytes());
}
/**
* 获取子结点的xml
*
* @param children
* @return String
*/
public static String getChildrenText(List children) {
StringBuilder sb = new StringBuilder();
if (!children.isEmpty()) {
for (Object child : children) {
Element e = (Element) child;
String name = e.getName();
String value = e.getTextNormalize();
List list = e.getChildren();
sb.append("<").append(name).append(">");
if (!list.isEmpty()) {
sb.append(getChildrenText(list));
}
sb.append(value);
sb.append("</").append(name).append(">");
}
}
return sb.toString();
}
/**
* 签名字符串
*
* @param text 需要签名的字符串
* @param key 密钥
* @param input_charset 编码格式
* @return 签名结果
*/
public static String sign(String text, String key, String input_charset) {
text = text + "&key=" + key;
return DigestUtils.md5Hex(getContentBytes(text, input_charset));
}
/**
* @param content
* @param charset
* @return
*/
public static byte[] getContentBytes(String content, String charset) {
if (charset == null || "".equals(charset)) {
return content.getBytes();
}
try {
return content.getBytes(charset);
} catch (UnsupportedEncodingException e) {
throw new RuntimeException("MD5签名过程中出现错误,指定的编码集不对,您目前指定的编码集是:" + charset);
}
}
/**
* 获取当前的Timestamp
*
* @return
*/
public static String getCurrentTimeStamp() {
return Long.toString(System.currentTimeMillis()/1000);
}
/**
* 转换金额型到整型
* @param money
* @return
*/
public static String moneyToIntegerStr(Double money){
BigDecimal decimal = new BigDecimal(money);
int amount = decimal.multiply(new BigDecimal(100))
.setScale(0, BigDecimal.ROUND_HALF_UP).intValue();
return String.valueOf(amount);
}
/**
* 除去数组中的空值和签名参数
* @param sArray 签名参数组
* @return 去掉空值与签名参数后的新签名参数组
*/
public static Map<String, String> paraFilter(Map<String, String> sArray) {
Map<String, String> result = new HashMap<>();
if (sArray == null || sArray.size() <= 0) {
return result;
}
for (String key : sArray.keySet()) {
String value = sArray.get(key);
if (value == null || value.equals("") || key.equalsIgnoreCase("sign")
|| key.equalsIgnoreCase("sign_type")) {
continue;
}
result.put(key, value);
}
//数据返回
return result;
}
/**
* 把数组所有元素排序,并按照“参数=参数值”的模式用“&”字符拼接成字符串
* @param params 需要排序并参与字符拼接的参数组
* @return 拼接后字符串
*/
public static String createLinkString(Map<String, String> params) {
List<String> keys = new ArrayList<>(params.keySet());
Collections.sort(keys);
StringBuilder prestr = new StringBuilder();
for (int i = 0; i < keys.size(); i++) {
String key = keys.get(i);
String value = (String) params.get(key);
if (i == keys.size() - 1) {//拼接时,不包括最后一个&字符
prestr.append(key).append("=").append(value);
} else {
prestr.append(key).append("=").append(value).append("&");
}
}
return prestr.toString();
}
/**
* 加载证书
*
*/
private static void initCert() throws Exception {
// 证书密码,默认为商户ID
String key = WeChatConfigVo.appId;
// 商户证书的路径
String path = WeChatConfigVo.certificate;
// 指定读取证书格式为PKCS12
KeyStore keyStore = KeyStore.getInstance("PKCS12");
// 读取本机存放的PKCS12证书文件
try (FileInputStream instream = new FileInputStream(new File(path))) {
// 指定PKCS12的密码(商户ID)
keyStore.load(instream, key.toCharArray());
}
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, key.toCharArray()).build();
// 指定TLS版本
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null,SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
// 设置httpclient的SSLSocketFactory
httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
}
/**
* 通过Https往API post xml数据
* @param url API地址
* @param xmlObj 要提交的XML数据对象
* @return
*/
public static String postData(String url, String xmlObj) {
// 加载证书
try {
initCert();
} catch (Exception e) {
e.printStackTrace();
}
String result = null;
HttpPost httpPost = new HttpPost(url);
// 得指明使用UTF-8编码,否则到API服务器XML的中文不能被成功识别
StringEntity postEntity = new StringEntity(xmlObj, "UTF-8");
httpPost.addHeader("Content-Type", "text/xml");
httpPost.setEntity(postEntity);
// 根据默认超时限制初始化requestConfig
// 请求器的配置
RequestConfig requestConfig = RequestConfig.custom()
.setSocketTimeout(WeChatConfigVo.socketTimeout)
.setConnectTimeout(WeChatConfigVo.connectTimeout)
.build();
// 设置请求器的配置
httpPost.setConfig(requestConfig);
try {
HttpResponse response = null;
try {
response = httpClient.execute(httpPost);
} catch (IOException e) {
e.printStackTrace();
}
assert response != null;
HttpEntity entity = response.getEntity();
try {
result = EntityUtils.toString(entity, "UTF-8");
} catch (IOException e) {
e.printStackTrace();
}
} finally {
httpPost.abort();
}
return result;
}
private static final String SYMBOLS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
private static final Random RANDOM = new SecureRandom();
/**
* XML格式字符串转换为Map
*
* @param strXML XML字符串
* @return XML数据转换后的Map
* @throws Exception
*/
public static Map<String, String> xmlToMap(String strXML) throws Exception {
try {
Map<String, String> data = new HashMap<String, String>();
DocumentBuilder documentBuilder = WXPayXmlUtil.newDocumentBuilder();
InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8"));
org.w3c.dom.Document doc = documentBuilder.parse(stream);
doc.getDocumentElement().normalize();
NodeList nodeList = doc.getDocumentElement().getChildNodes();
for (int idx = 0; idx < nodeList.getLength(); ++idx) {
Node node = nodeList.item(idx);
if (node.getNodeType() == Node.ELEMENT_NODE) {
org.w3c.dom.Element element = (org.w3c.dom.Element) node;
data.put(element.getNodeName(), element.getTextContent());
}
}
try {
stream.close();
} catch (Exception ex) {
// do nothing
}
return data;
} catch (Exception ex) {
PayUtil.getLogger().warn("Invalid XML, can not convert to map. Error message: {}. XML content: {}", ex.getMessage(), strXML);
throw ex;
}
}
/**
* 将Map转换为XML格式的字符串
*
* @param data Map类型数据
* @return XML格式的字符串
* @throws Exception
*/
public static String mapToXml(Map<String, String> data) throws Exception {
org.w3c.dom.Document document = WXPayXmlUtil.newDocument();
org.w3c.dom.Element root = document.createElement("xml");
document.appendChild(root);
for (String key: data.keySet()) {
String value = data.get(key);
if (value == null) {
value = "";
}
value = value.trim();
org.w3c.dom.Element filed = document.createElement(key);
filed.appendChild(document.createTextNode(value));
root.appendChild(filed);
}
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
DOMSource source = new DOMSource(document);
transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
StringWriter writer = new StringWriter();
StreamResult result = new StreamResult(writer);
transformer.transform(source, result);
String output = writer.getBuffer().toString(); //.replaceAll("\n|\r", "");
try {
writer.close();
}
catch (Exception ex) {
}
return output;
}
/**
* 生成带有 sign 的 XML 格式字符串
*
* @param data Map类型数据
* @param key API密钥
* @return 含有sign字段的XML
*/
public static String generateSignedXml(final Map<String, String> data, String key) throws Exception {
return generateSignedXml(data, key, SignType.MD5);
}
/**
* 生成带有 sign 的 XML 格式字符串
*
* @param data Map类型数据
* @param key API密钥
* @param signType 签名类型
* @return 含有sign字段的XML
*/
public static String generateSignedXml(final Map<String, String> data, String key, SignType signType) throws Exception {
String sign = generateSignature(data, key, signType);
data.put(WXPayConstants.FIELD_SIGN, sign);
return mapToXml(data);
}
/**
* 判断签名是否正确
*
* @param xmlStr XML格式数据
* @param key API密钥
* @return 签名是否正确
* @throws Exception
*/
public static boolean isSignatureValid(String xmlStr, String key) throws Exception {
Map<String, String> data = xmlToMap(xmlStr);
if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
return false;
}
String sign = data.get(WXPayConstants.FIELD_SIGN);
return generateSignature(data, key).equals(sign);
}
/**
* 判断签名是否正确,必须包含sign字段,否则返回false。使用MD5签名。
*
* @param data Map类型数据
* @param key API密钥
* @return 签名是否正确
* @throws Exception
*/
public static boolean isSignatureValid(Map<String, String> data, String key) throws Exception {
return isSignatureValid(data, key, SignType.MD5);
}
/**
* 判断签名是否正确,必须包含sign字段,否则返回false。
*
* @param data Map类型数据
* @param key API密钥
* @param signType 签名方式
* @return 签名是否正确
* @throws Exception
*/
public static boolean isSignatureValid(Map<String, String> data, String key, SignType signType) throws Exception {
if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
return false;
}
String sign = data.get(WXPayConstants.FIELD_SIGN);
return generateSignature(data, key, signType).equals(sign);
}
/**
* 生成签名
*
* @param data 待签名数据
* @param key API密钥
* @return 签名
*/
public static String generateSignature(final Map<String, String> data, String key) throws Exception {
return generateSignature(data, key, SignType.MD5);
}
/**
* 生成签名. 注意,若含有sign_type字段,必须和signType参数保持一致。
*
* @param data 待签名数据
* @param key API密钥
* @param signType 签名方式
* @return 签名
*/
public static String generateSignature(final Map<String, String> data, String key, SignType signType) throws Exception {
Set<String> keySet = data.keySet();
String[] keyArray = keySet.toArray(new String[keySet.size()]);
Arrays.sort(keyArray);
StringBuilder sb = new StringBuilder();
for (String k : keyArray) {
if (k.equals(WXPayConstants.FIELD_SIGN)) {
continue;
}
if (data.get(k).trim().length() > 0) // 参数值为空,则不参与签名
sb.append(k).append("=").append(data.get(k).trim()).append("&");
}
sb.append("key=").append(key);
if (SignType.MD5.equals(signType)) {
return MD5(sb.toString()).toUpperCase();
}
else if (SignType.HMACSHA256.equals(signType)) {
return HMACSHA256(sb.toString(), key);
}
else {
throw new Exception(String.format("Invalid sign_type: %s", signType));
}
}
/**
* 获取随机字符串 Nonce Str
*
* @return String 随机字符串
*/
public static String generateNonceStr() {
char[] nonceChars = new char[32];
for (int index = 0; index < nonceChars.length; ++index) {
nonceChars[index] = SYMBOLS.charAt(RANDOM.nextInt(SYMBOLS.length()));
}
return new String(nonceChars);
}
/**
* 生成 MD5
*
* @param data 待处理数据
* @return MD5结果
*/
public static String MD5(String data) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] array = md.digest(data.getBytes("UTF-8"));
StringBuilder sb = new StringBuilder();
for (byte item : array) {
sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
}
return sb.toString().toUpperCase();
}
/**
* 生成 HMACSHA256
* @param data 待处理数据
* @param key 密钥
* @return 加密结果
* @throws Exception
*/
public static String HMACSHA256(String data, String key) throws Exception {
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256");
sha256_HMAC.init(secret_key);
byte[] array = sha256_HMAC.doFinal(data.getBytes("UTF-8"));
StringBuilder sb = new StringBuilder();
for (byte item : array) {
sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
}
return sb.toString().toUpperCase();
}
/**
* 日志
* @return
*/
public static Logger getLogger() {
Logger logger = LoggerFactory.getLogger("wxpay java sdk");
return logger;
}
/**
* 获取当前时间戳,单位秒
* @return
*/
public static long getCurrentTimestamp() {
return System.currentTimeMillis()/1000;
}
/**
* 获取当前时间戳,单位毫秒
* @return
*/
public static long getCurrentTimestampMs() {
return System.currentTimeMillis();
}
}