<br /> <input type="radio" name="pd_FrpId" value="ICBC-NET-B2C" checked="checked" />工商银行 <img src="./bank_img/icbc.bmp"align="middle" />
<input type="radio"name="pd_FrpId" value="BOC-NET-B2C" />中国银行 <imgsrc="./bank_img/bc.bmp" align="middle" />
<input type="radio" name="pd_FrpId" value="ABC-NET-B2C" />农业银行 <imgsrc="./bank_img/abc.bmp" align="middle" /> <br /> <br /> .......剩下银行省略
支付流程如下,此处选择易宝支付作为第三方支付平台的接口
其中客户端携带相关参数给网站,网站对数据进行加密(密钥由易宝提供)。将加密后的hmac码给第三方支付平台,将请求参数返回给客户端,由客户端将参数和hamc码携带,重定向到第三方支付平台,第三方支付平台对数据用密钥进行加密,将加密后的hmac和网站给的hmac进行比对。若支付成功,告知网站,同时告知客户端,让客户端去访问网站支付成功的一个接口(CallbackServlet)。这个接口支付平台和客户端各调一次,整个支付流程中开发人员需要编码的地方就只有两处,分别是对用户提交数据进行加密和回调函数CallbackServlet的编码。
以下是易宝支付平台接口的一些信息:
请求参数:
返回参数:
支付的代码:
import java.io.IOException;
import java.util.ResourceBundle;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.itcast.utils.PaymentUtil; ------------------------易宝提供的加密工具
public class PayServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 获得 支付必须基本数据
String orderid = request.getParameter("orderid");
String money = request.getParameter("money");
// 银行
String pd_FrpId = request.getParameter("pd_FrpId");
// 发给支付公司需要哪些数据
String p0_Cmd = "Buy";
String p1_MerId = ResourceBundle.getBundle("merchantInfo").getString("p1_MerId");
String p2_Order = orderid;
String p3_Amt = money;
String p4_Cur = "CNY";
String p5_Pid = "";
String p6_Pcat = "";
String p7_Pdesc = "";
// 支付成功回调地址 ---- 第三方支付公司会访问、用户访问
// 第三方支付可以访问网址
String p8_Url = ResourceBundle.getBundle("merchantInfo").getString("callback");
String p9_SAF = "";
String pa_MP = "";
String pr_NeedResponse = "1";
// 加密hmac 需要密钥
String keyValue = ResourceBundle.getBundle("merchantInfo").getString(
"keyValue");
String hmac = PaymentUtil.buildHmac(p0_Cmd, p1_MerId, p2_Order, p3_Amt,
p4_Cur, p5_Pid, p6_Pcat, p7_Pdesc, p8_Url, p9_SAF, pa_MP,
pd_FrpId, pr_NeedResponse, keyValue);
String url = "https://www.yeepay.com/app-merchant-proxy/node?pd_FrpId="+pd_FrpId+
"&p0_Cmd="+p0_Cmd+
"&p1_MerId="+p1_MerId+
"&p2_Order="+p2_Order+
"&p3_Amt="+p3_Amt+
"&p4_Cur="+p4_Cur+
"&p5_Pid="+p5_Pid+
"&p6_Pcat="+p6_Pcat+
"&p7_Pdesc="+p7_Pdesc+
"&p8_Url="+p8_Url+
"&p9_SAF="+p9_SAF+
"&pa_MP="+pa_MP+
"&pr_NeedResponse="+pr_NeedResponse+
"&hmac="+hmac;
//重定向到第三方支付平台
response.sendRedirect(url);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
merchantInfo.properties 配置文件相关参数:
p1_MerId=10001126856
keyValue=69cl522AV6q613Ii4W6u8K6XuW8vM1N6bFgyv769220IuYe9u37N4y7rI4Pl
callback=http://localhost:8080/xxxxx/callback
CallbackServlet
import java.io.IOException;
import java.util.ResourceBundle;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.itheima.service.ProductService;
import com.itheima.utils.PaymentUtil;
public class CallbackServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 获得回调所有数据
String p1_MerId = request.getParameter("p1_MerId");
String r0_Cmd = request.getParameter("r0_Cmd");
String r1_Code = request.getParameter("r1_Code");
String r2_TrxId = request.getParameter("r2_TrxId");
String r3_Amt = request.getParameter("r3_Amt");
String r4_Cur = request.getParameter("r4_Cur");
String r5_Pid = request.getParameter("r5_Pid");
//订单编号
String r6_Order = request.getParameter("r6_Order");
String r7_Uid = request.getParameter("r7_Uid");
String r8_MP = request.getParameter("r8_MP");
String r9_BType = request.getParameter("r9_BType");
String rb_BankId = request.getParameter("rb_BankId");
String ro_BankOrderId = request.getParameter("ro_BankOrderId");
String rp_PayDate = request.getParameter("rp_PayDate");
String rq_CardNo = request.getParameter("rq_CardNo");
String ru_Trxtime = request.getParameter("ru_Trxtime");
// 身份校验 --- 判断是不是支付公司通知你
String hmac = request.getParameter("hmac");
String keyValue = ResourceBundle.getBundle("merchantInfo").getString(
"keyValue");
// 自己对上面数据进行加密 --- 比较支付公司发过来hamc
boolean isValid = PaymentUtil.verifyCallback(hmac, p1_MerId, r0_Cmd,
r1_Code, r2_TrxId, r3_Amt, r4_Cur, r5_Pid, r6_Order, r7_Uid,
r8_MP, r9_BType, keyValue);
if (isValid) {
// 响应数据有效
if (r9_BType.equals("1")) {
//修改订单状态
ProductService service= new ProductService();
service.updateOrderState(r6_Order);
// 浏览器重定向
response.setContentType("text/html;charset=utf-8");
response.getWriter().println("<h1>付款成功!等待商城进一步操作!等待收货...</h1>");
} else if (r9_BType.equals("2")) {
// 服务器点对点 --- 支付公司通知你
System.out.println("付款成功!");
// 修改订单状态 为已付款
// 回复支付公司
response.getWriter().print("success");
}
} else {
// 数据无效
System.out.println("数据被篡改!");
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
}