上篇我们记录了手机端的微信支付的大致流程,期间可能会遇到各种各样的错误,但这些问题没有得到官方的重视,所以我们只能一步步自己排查,要有足够的耐心。
这篇内容看标题已经很明确了,由于微信是用xml通讯的,所以这一点比较恶心,各位可能需要在项目里导入一些解析xml的包。
首先放出工具类(包含支付宝用到的工具类),因为现在csdn下载都是扣积分的,因为工具类代码会在文尾贴出。
工具类下载:点击这里
首先我在重新贴一下支付流程图吧,我再重复一遍,一定要认真看流程图,这样对你业务逻辑的处理有很大的提升。
知道了支付的大致流程,接下来就要分析如何支付了。在我的项目里,支付的流程是这样的:
首先,选择商品和数量等,点击下单,此时会在后台生成一张下单表,此表中的任何一条数据,有效期都在半小时内。半小时后该条下单数据就失效了。因此应该在半小时内完成支付。
下单后支付时,后台返回手机端预付单,此时调起微信完成支付。支付后的结果和支付宝一样,依然需要调用后台的数据以确保交易的正确性。虽然很繁琐,但是涉及到金钱的业务,一定要谨慎,作为程序员,我们也要对自己写的代码负责。
接下来,就从预付单开始说起吧,假设现在已经下了单,那么此时支付的话,需要后台返回给手机端预付单,那么代码就来了:(用到的工具类在文章开头或文末)
拉取微信预付单
/**
* 拉取微信预付单
*/
@ValidatePermission(value = PermissionValidateType.Validate)
@Override
public BaseResult<Orders> getWXPay(BaseRequest<Orders> baseRequest)
{
BaseResult<Orders> baseResult = new BaseResult<>();
LogUtil.debugLog(logger, baseRequest);
Orders orders = baseRequest.getData();
Double price = orders.getOrderAmount();
if (price <= 0) // 防止抓包修改订单金额造成损失
{
baseResult.setState(-999);
baseResult.setMsg("付款金额错误!");
baseResult.setSuccess(false);
return baseResult;
}
try
{
SortedMap<Object, Object> parameters = PayCommonUtil.getWXPrePayID(); // 获取预付单,此处已做封装,需要工具类
TravelFly travelFly = new TravelFly(); // 商品对象
travelFly.setId(orders.getProductId());
travelFly = travelFlyMapper.selectById(travelFly);
travelFly.setBusinesser(businesserMapper.selectByPrimaryKey(travelFly.getBusinesserId()));
orders.setTravelFly(travelFly);
parameters.put("body", "xxx产品-" + travelFly.getProductName());
parameters.put("spbill_create_ip", this.request.getRemoteAddr());
parameters.put("out_trade_no", orders.getId() + PayCommonUtil.getDateStr()); // 订单id这里我的订单id生成规则是订单id+时间
parameters.put("total_fee", "1"); // 测试时,每次支付一分钱,微信支付所传的金额是以分为单位的,因此实际开发中需要x100
// parameters.put("total_fee", orders.getOrderAmount()*100+""); // 上线后,将此代码放开
// 设置签名
String sign = PayCommonUtil.createSign("UTF-8", parameters);
parameters.put("sign", sign);
// 封装请求参数结束
String requestXML = PayCommonUtil.getRequestXml(parameters); // 获取xml结果
logger.debug("封装请求参数是:" + requestXML);
// 调用统一下单接口
String result = PayCommonUtil.httpsRequest(PropertyUtil.getInstance().getProperty("WxPay.payURL"), "POST",
requestXML);
logger.debug("调用统一下单接口:" + result);
SortedMap<Object, Object> parMap = PayCommonUtil.startWXPay(result);
logger.debug("最终的map是:" + parMap.toString());
if (parMap != null)
{
orders.setWxPayOrderString(JSON.toJSONString(parMap));
baseResult.setData(orders);
} else
{
baseResult.setState(-999);
baseResult.setMsg("支付出现异常,请稍后重试!");
baseResult.setSuccess(false);
}
} catch (Exception e)
{
e.printStackTrace();
baseResult.setState(-999);
baseResult.setMsg("程序异常!");
baseResult.setSuccess(false);
logger.error(e.getMessage());
}
return baseResult;
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
由于测试的时候一定会在外网测试,因为实际支付结果会通知给后台,所以这里为了调试方便,就将日志保存成了文本。
获取结果
/**
* 微信异步通知
*/
@SuppressWarnings("unchecked")
@ValidatePermission
@RequestMapping("/wx")
@ResponseBody
public void wxNotify(HttpServletRequest request, HttpServletResponse response) throws IOException, JDOMException
{
String result = PayCommonUtil.reciverWx(request); // 接收到异步的参数
Map<String, String> m = new HashMap<String, String>();// 解析xml成map
if (m != null && !"".equals(m))
{
m = XMLUtil.doXMLParse(result);
}
// 过滤空 设置 TreeMap
SortedMap<Object, Object> packageParams = new TreeMap<Object, Object>();
Iterator it = m.keySet().iterator();
while (it.hasNext())
{
String parameter = (String) it.next();
String parameterValue = m.get(parameter);
String v = "";
if (null != parameterValue)
{
v = parameterValue.trim();
}
packageParams.put(parameter, v);
}
// 判断签名是否正确
String resXml = "";
if (PayCommonUtil.isTenpaySign("UTF-8", packageParams))
{
if ("SUCCESS".equals((String) packageParams.get("return_code")))
{
// 如果返回成功
String mch_id = (String) packageParams.get("mch_id"); // 商户号
String out_trade_no = (String) packageParams.get("out_trade_no"); // 商户订单号
String total_fee = (String) packageParams.get("total_fee");
// String transaction_id = (String)
// packageParams.get("transaction_id"); // 微信支付订单号
// 查询订单 根据订单号查询订单
String orderId = out_trade_no.substring(0, out_trade_no.length() - PayCommonUtil.TIME.length());
Orders orders = ordersMapper.selectByPrimaryKey(Integer.parseInt(orderId));
// 验证商户ID 和 价格 以防止篡改金额
if (PropertyUtil.getInstance().getProperty("WxPay.mchid").equals(mch_id) && orders != null
// &&
// total_fee.trim().toString().equals(orders.getOrderAmount())
// // 实际项目中将此注释删掉,以保证支付金额相等
)
{
/** 这里是我项目里的消费状态
* 1.待付款=0 2.付款完成=1
* 3.消费成功=2
* 4.取消=-1
* 5.发起退款=-2
* 6.退款成功=-3
* 7.退款失败=3(由于商户拒绝退款或其他原因导致退款失败)
*/
insertWxNotice(packageParams);
orders.setPayWay("1"); // 变更支付方式为wx
orders.setOrderState("1"); // 订单状态为已付款
ordersMapper.updateByPrimaryKeySelective(orders); // 变更数据库中该订单状态
// ordersMapper.updatePayStatus(Integer.parseInt(orderId));
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
} else
{
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[参数错误]]></return_msg>" + "</xml> ";
}
} else // 如果微信返回支付失败,将错误信息返回给微信
{
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[交易失败]]></return_msg>" + "</xml> ";
}
} else
{
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[通知签名验证失败]]></return_msg>" + "</xml> ";
}
// 处理业务完毕,将业务结果通知给微信
// ------------------------------
BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());
out.write(resXml.getBytes());
out.flush();
out.close();
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
附:工具类代码:
package com.loveFly.utils;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.servlet.http.HttpServletRequest;
import com.alibaba.fastjson.JSONObject;
import com.alipay.api.AlipayClient;
import com.alipay.api.DefaultAlipayClient;
public class PayCommonUtil
{
public static final String TIME = "yyyyMMddHHmmss";
/**
* 创建支付宝交易对象
*/
public static AlipayClient getAliClient()
{
AlipayClient alipayClient = new DefaultAlipayClient(PropertyUtil.getInstance().getProperty("AliPay.payURL"),
PropertyUtil.getInstance().getProperty("AliPay.appId"),
PropertyUtil.getInstance().getProperty("AliPay.privateKey"), "json", "utf-8",
PropertyUtil.getInstance().getProperty("AliPay.publicKey"), "RSA2");
return alipayClient;
}
/**
* 创建微信交易对象
*/
public static SortedMap<Object, Object> getWXPrePayID()
{
SortedMap<Object, Object> parameters = new TreeMap<Object, Object>();
parameters.put("appid", PropertyUtil.getInstance().getProperty("WxPay.appid"));
parameters.put("mch_id", PropertyUtil.getInstance().getProperty("WxPay.mchid"));
parameters.put("nonce_str", PayCommonUtil.CreateNoncestr());
parameters.put("fee_type", "CNY");
parameters.put("notify_url", PropertyUtil.getInstance().getProperty("WxPay.notifyurl"));
parameters.put("trade_type", "APP");
return parameters;
}
/**
* 再次签名,支付
*/
public static SortedMap<Object, Object> startWXPay(String result)
{
try
{
Map<String, String> map = XMLUtil.doXMLParse(result);
SortedMap<Object, Object> parameterMap = new TreeMap<Object, Object>();
parameterMap.put("appid", PropertyUtil.getInstance().getProperty("WxPay.appid"));
parameterMap.put("partnerid", PropertyUtil.getInstance().getProperty("WxPay.mchid"));
parameterMap.put("prepayid", map.get("prepay_id"));
parameterMap.put("package", "Sign=WXPay");
parameterMap.put("noncestr", PayCommonUtil.CreateNoncestr());
// 本来生成的时间戳是13位,但是ios必须是10位,所以截取了一下
parameterMap.put("timestamp",
Long.parseLong(String.valueOf(System.currentTimeMillis()).toString().substring(0, 10)));
String sign = PayCommonUtil.createSign("UTF-8", parameterMap);
parameterMap.put("sign", sign);
return parameterMap;
} catch (Exception e)
{
e.printStackTrace();
}
return null;
}
/**
* 创建随机数
*
* @param length
* @return
*/
public static String CreateNoncestr()
{
String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
String res = "";
for (int i = 0; i < 16; i++)
{
Random rd = new Random();
res += chars.charAt(rd.nextInt(chars.length() - 1));
}
return res;
}
/**
* 是否签名正确,规则是:按参数名称a-z排序,遇到空值的参数不参加签名。
*
* @return boolean
*/
public static boolean isTenpaySign(String characterEncoding, SortedMap<Object, Object> packageParams)
{
StringBuffer sb = new StringBuffer();
Set es = packageParams.entrySet();
Iterator it = es.iterator();
while (it.hasNext())
{
Map.Entry entry = (Map.Entry) it.next();
String k = (String) entry.getKey();
String v = (String) entry.getValue();
if (!"sign".equals(k) && null != v && !"".equals(v))
{
sb.append(k + "=" + v + "&");
}
}
sb.append("key=" + PropertyUtil.getInstance().getProperty("WxPay.key"));
// 算出摘要
String mysign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toLowerCase();
String tenpaySign = ((String) packageParams.get("sign")).toLowerCase();
// System.out.println(tenpaySign + " " + mysign);
return tenpaySign.equals(mysign);
}
/**
* @Description:创建sign签名
* @param characterEncoding
* 编码格式
* @param parameters
* 请求参数
* @return
*/
public static String createSign(String characterEncoding, SortedMap<Object, Object> parameters)
{
StringBuffer sb = new StringBuffer();
Set es = parameters.entrySet();
Iterator it = es.iterator();
while (it.hasNext())
{
Map.Entry entry = (Map.Entry) it.next();
String k = (String) entry.getKey();
Object v = entry.getValue();
if (null != v && !"".equals(v) && !"sign".equals(k) && !"key".equals(k))
{
sb.append(k + "=" + v + "&");
}
}
sb.append("key=" + PropertyUtil.getInstance().getProperty("WxPay.key"));
String sign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toUpperCase();
return sign;
}
/**
* @Description:将请求参数转换为xml格式的string
* @param parameters
* 请求参数
* @return
*/
public static String getRequestXml(SortedMap<Object, Object> parameters)
{
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
Set es = parameters.entrySet();
Iterator it = es.iterator();
while (it.hasNext())
{
Map.Entry entry = (Map.Entry) it.next();
String k = (String) entry.getKey();
String v = (String) entry.getValue();
if ("attach".equalsIgnoreCase(k) || "body".equalsIgnoreCase(k))
{
sb.append("<" + k + ">" + "<![CDATA[" + v + "]]></" + k + ">");
} else
{
sb.append("<" + k + ">" + v + "</" + k + ">");
}
}
sb.append("</xml>");
return sb.toString();
}
/**
* @Description:返回给微信的参数
* @param return_code
* 返回编码
* @param return_msg
* 返回信息
* @return
*/
public static String setXML(String return_code, String return_msg)
{
return "<xml><return_code><![CDATA[" + return_code + "]]></return_code><return_msg><![CDATA[" + return_msg
+ "]]></return_msg></xml>";
}
/**
* 发送https请求
*
* @param requestUrl
* 请求地址
* @param requestMethod
* 请求方式(GET、POST)
* @param outputStr
* 提交的数据
* @return 返回微信服务器响应的信息
*/
public static String httpsRequest(String requestUrl, String requestMethod, String outputStr)
{
try
{
// 创建SSLContext对象,并使用我们指定的信任管理器初始化
TrustManager[] tm =
{ new TrustManagerUtil() };
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
sslContext.init(null, tm, new java.security.SecureRandom());
// 从上述SSLContext对象中得到SSLSocketFactory对象
SSLSocketFactory ssf = sslContext.getSocketFactory();
URL url = new URL(requestUrl);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
// conn.setSSLSocketFactory(ssf);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
// 设置请求方式(GET/POST)
conn.setRequestMethod(requestMethod);
conn.setRequestProperty("content-type", "application/x-www-form-urlencoded");
// 当outputStr不为null时向输出流写数据
if (null != outputStr)
{
OutputStream outputStream = conn.getOutputStream();
// 注意编码格式
outputStream.write(outputStr.getBytes("UTF-8"));
outputStream.close();
}
// 从输入流读取返回内容
InputStream inputStream = conn.getInputStream();
InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
String str = null;
StringBuffer buffer = new StringBuffer();
while ((str = bufferedReader.readLine()) != null)
{
buffer.append(str);
}
// 释放资源
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
inputStream = null;
conn.disconnect();
return buffer.toString();
} catch (ConnectException ce)
{
// log.error("连接超时:{}", ce);
} catch (Exception e)
{
// log.error("https请求异常:{}", e);
}
return null;
}
/**
* 发送https请求
*
* @param requestUrl
* 请求地址
* @param requestMethod
* 请求方式(GET、POST)
* @param outputStr
* 提交的数据
* @return JSONObject(通过JSONObject.get(key)的方式获取json对象的属性值)
*/
public static JSONObject httpsRequest(String requestUrl, String requestMethod)
{
JSONObject jsonObject = null;
try
{
// 创建SSLContext对象,并使用我们指定的信任管理器初始化
TrustManager[] tm =
{ new TrustManagerUtil() };
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
sslContext.init(null, tm, new java.security.SecureRandom());
// 从上述SSLContext对象中得到SSLSocketFactory对象
SSLSocketFactory ssf = sslContext.getSocketFactory();
URL url = new URL(requestUrl);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
// conn.setSSLSocketFactory(ssf);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
conn.setConnectTimeout(3000);
// 设置请求方式(GET/POST)
conn.setRequestMethod(requestMethod);
// conn.setRequestProperty("content-type",
// "application/x-www-form-urlencoded");
// 当outputStr不为null时向输出流写数据
// 从输入流读取返回内容
InputStream inputStream = conn.getInputStream();
InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
String str = null;
StringBuffer buffer = new StringBuffer();
while ((str = bufferedReader.readLine()) != null)
{
buffer.append(str);
}
// 释放资源
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
inputStream = null;
conn.disconnect();
jsonObject = JSONObject.parseObject(buffer.toString());
} catch (ConnectException ce)
{
// log.error("连接超时:{}", ce);
} catch (Exception e)
{
System.out.println(e);
// log.error("https请求异常:{}", e);
}
return jsonObject;
}
public static String urlEncodeUTF8(String source)
{
String result = source;
try
{
result = java.net.URLEncoder.encode(source, "utf-8");
} catch (UnsupportedEncodingException e)
{
e.printStackTrace();
}
return result;
}
/**
* 接收微信的异步通知
*
* @throws IOException
*/
public static String reciverWx(HttpServletRequest request) throws IOException
{
InputStream inputStream;
StringBuffer sb = new StringBuffer();
inputStream = request.getInputStream();
String s;
BufferedReader in = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
while ((s = in.readLine()) != null)
{
sb.append(s);
}
in.close();
inputStream.close();
return sb.toString();
}
/**
* 产生num位的随机数
*
* @return
*/
public static String getRandByNum(int num)
{
String length = "1";
for (int i = 0; i < num; i++)
{
length += "0";
}
Random rad = new Random();
String result = rad.nextInt(Integer.parseInt(length)) + "";
if (result.length() != num)
{
return getRandByNum(num);
}
return result;
}
/**
* 返回当前时间字符串
*
* @return yyyyMMddHHmmss
*/
public static String getDateStr()
{
SimpleDateFormat sdf = new SimpleDateFormat(TIME);
return sdf.format(new Date());
}
/**
* 将日志保存至指定路径
*
* @param path
* @param str
*/
public static void saveLog(String path, String str)
{
File file = new File(path);
FileOutputStream fos = null;
try
{
fos = new FileOutputStream(path);
fos.write(str.getBytes());
fos.close();
} catch (FileNotFoundException e)
{
e.printStackTrace();
} catch (IOException e)
{
e.printStackTrace();
}
}
public static void saveE(String path, Exception exception)
{
try {
int i = 1 / 0;
} catch (final Exception e) {
try {
new PrintWriter(new BufferedWriter(new FileWriter(
path, true)), true).println(new Object() {
public String toString() {
StringWriter stringWriter = new StringWriter();
PrintWriter writer = new PrintWriter(stringWriter);
e.printStackTrace(writer);
StringBuffer buffer = stringWriter.getBuffer();
return buffer.toString();
}
});
} catch (IOException e1) {
e1.printStackTrace();
}
}
}
}至此。一套完整的支付流程跑完了。可以直接拷贝到项目里面用了。