支付可以通过支付宝验签或者自己的后台验签
App前端
- 2.0 订单串本地签名逻辑
- 注意:本 Demo 仅作为展示用途,实际项目中不能将 RSA_PRIVATE 和签名逻辑放在客户端进行!
*/
{
/**
* 构造授权参数列表
*
* @param pid
* @param app_id
* @param target_id
* @return
*/
public static Map<String, String> buildAuthInfoMap(String pid, String app_id, String target_id, boolean rsa2) {
Map<String, String> keyValues = new HashMap<String, String>();
// 商户签约拿到的app_id,如:2013081700024223
keyValues.put("app_id", app_id);
// 商户签约拿到的pid,如:2088102123816631
keyValues.put("pid", pid);
// 服务接口名称, 固定值
keyValues.put("apiname", "com.alipay.account.auth");
// 商户类型标识, 固定值
keyValues.put("app_name", "mc");
// 业务类型, 固定值
keyValues.put("biz_type", "openservice");
// 产品码, 固定值
keyValues.put("product_id", "APP_FAST_LOGIN");
// 授权范围, 固定值
keyValues.put("scope", "kuaijie");
// 商户唯一标识,如:kkkkk091125
keyValues.put("target_id", target_id);
// 授权类型, 固定值
keyValues.put("auth_type", "AUTHACCOUNT");
// 签名类型
keyValues.put("sign_type", rsa2 ? "RSA2" : "RSA");
return keyValues;
}
/**
* 构造支付订单参数列表
* @param pid
* @param app_id
* @param target_id
* @return
*/
public static Map<String, String> buildOrderParamMap(String app_id, boolean rsa2) {
Map<String, String> keyValues = new HashMap<String, String>();
keyValues.put("app_id", app_id);
keyValues.put("biz_content", "{\"timeout_express\":\"30m\",\"product" +
"_code\":\"QUICK_MSECURITY_PAY\",\"total_amount\":\"0.01\",\"sub" +
"ject\":\"1\",\"body\":\"我是测试数据61616\",\"out_trade" +
"_no\":\"" + getOutTradeNo() + "\"}");
keyValues.put("charset", "utf-8");
keyValues.put("method", "alipay.trade.app.pay");
keyValues.put("sign_type", rsa2 ? "RSA2" : "RSA2");
keyValues.put("timestamp", "2016-07-29 16:55:53");
keyValues.put("version", "1.0");
keyValues.put("notify_url", "http://uq74dv.natappfree.cc/tctr/getAlipayP");
//内网穿透地址
return keyValues;
}
/**
* 构造支付订单参数信息
*
* @param map
* 支付订单参数
* @return
*/
public static String buildOrderParam(Map<String, String> map) {
List<String> keys = new ArrayList<String>(map.keySet());
StringBuilder sb = new StringBuilder();
for (int i = 0; i < keys.size() - 1; i++) {
String key = keys.get(i);
String value = map.get(key);
sb.append(buildKeyValue(key, value, true));
sb.append("&");
}
String tailKey = keys.get(keys.size() - 1);
String tailValue = map.get(tailKey);
sb.append(buildKeyValue(tailKey, tailValue, true));
return sb.toString();
}
/**
* 拼接键值对
*
* @param key
* @param value
* @param isEncode
* @return
*/
private static String buildKeyValue(String key, String value, boolean isEncode) {
StringBuilder sb = new StringBuilder();
sb.append(key);
sb.append("=");
if (isEncode) {
try {
sb.append(URLEncoder.encode(value, "UTF-8"));
} catch (UnsupportedEncodingException e) {
sb.append(value);
}
} else {
sb.append(value);
}
return sb.toString();
}
/**
* 对支付参数信息进行签名
*
* @param map
* 待签名授权信息
*
* @return
*/
public static String getSign(Map<String, String> map, String rsaKey, boolean rsa2) {
List<String> keys = new ArrayList<String>(map.keySet());
// key排序
Collections.sort(keys);
StringBuilder authInfo = new StringBuilder();
for (int i = 0; i < keys.size() - 1; i++) {
String key = keys.get(i);
String value = map.get(key);
authInfo.append(buildKeyValue(key, value, false));
authInfo.append("&");
}
String tailKey = keys.get(keys.size() - 1);
String tailValue = map.get(tailKey);
authInfo.append(buildKeyValue(tailKey, tailValue, false));
String oriSign = SignUtils.sign(authInfo.toString(), rsaKey, rsa2);
String encodedSign = "";
try {
encodedSign = URLEncoder.encode(oriSign, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return "sign=" + encodedSign;
}
/**
* 要求外部订单号必须唯一。
* @return
*/
private static String getOutTradeNo() {
SimpleDateFormat format = new SimpleDateFormat("MMddHHmmss", Locale.getDefault());
Date date = new Date();
String key = format.format(date);
Random r = new Random();
key = key + r.nextInt();
key = key.substring(0, 15);
return key;
}
}
后台验签:
@Data
@Component
@Controller
@RequestMapping("/tctr")
public class tctr {
@Value("${alipay.publicKey}")
private String publicKey;
@Value("${alipay.charset}")
private String charset;
@RequestMapping("/getAlipayP")
@ResponseBody
public String getAlipayP(HttpServletRequest request,HttpServletResponse response) {
//获取支付宝POST过来反馈信息
Map<String,String> params = new HashMap<String,String>();
Map requestParams = request.getParameterMap();
for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
String name = (String) iter.next();
String[] values = (String[]) requestParams.get(name);
String valueStr = "";
for (int i = 0; i < values.length; i++) {
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
//乱码解决,这段代码在出现乱码时使用。
//valueStr = new String(valueStr.getBytes("ISO-8859-1"), "utf-8");
params.put(name, valueStr);
}
boolean flag = false;
try {
//传递id 传递金额 out_trade_no 订单金额 实收金额
System.out.println(params.get("out_trade_no"));
System.out.println(params.get("trade_status"));
System.out.println(params.get("total_amount"));
System.out.println(params.get("receipt_amount"));
System.out.println(params.get("body"));
System.out.println(params.get("gmt_create"));
System.out.println(params.get("gmt_payment"));
/*try {
response.getWriter().write("success");
} catch (IOException e) {
e.printStackTrace();
}*/
flag = AlipaySignature.rsaCheckV1(params, publicKey, charset,"RSA2");
//验签方法
// out.println("success");
// if(flag == true){
// try {
// //response.getWriter().println("success");
// response.getWriter().write("success");
// } catch (IOException e) {
// // TODO Auto-generated catch block
// e.printStackTrace();
// }
// }
System.out.println(flag);
System.out.println("结束");
} catch (AlipayApiException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
/*try {
response.getWriter().write("success");
} catch (IOException e) {
e.printStackTrace();
}*/
// response.getWriter().write("success");
// return flag;
// try {
// response.getWriter().write("success");
// } catch (IOException e) {
// e.printStackTrace();
// }
if(flag){
return "success";
}else{
return "fail";
}
}
}