In front of the words:
In fact, Tencent has given answers to many questions, but Tencent's documents are not very concentrated and generally cannot be seen. Sort out the official documentation links I see.
http://kf.qq.com/faq/140225MveaUz150413VNj6nm.html 【FAQ】
http://mp.weixin.qq.com/wiki/7/aaa137b55fb2e0456bf8dd9148dd613f.html [JSSDK description and FAQs]
https://mp.weixin.qq.com/wiki/6/01405db0092f76bb96b12a9f954cd866.html [Error troubleshooting guide]
http://mp.weixin.qq.com/wiki/17/fa4e1434e57290788bde25603fa2fcbd.html [Global return code description]
Development steps:
1. Apply for a public account and open payment and other interfaces (for the administrative processing of the company, I just use it)
2. Obtain appid, merchant number, AppSecret and other information
3. Set up the API security key by yourself
1. Log in to the WeChat Merchant Platform (http://pay.weixin.qq.com), go to Account Settings-->API Security-->API Certificate-->Download Certificate Download and save the certificate locally.
2. Account Settings-->API Security-->Set API Key, set a key by yourself, 32 characters. Save it by yourself (it will not be visible after setting, you can only modify it)
4. Preparations for local debugging (for the payment test, an external domain name is required, and the preparation work is mainly to set a domain name accessible from the external network locally)
Method 1, ngrok intranet penetration tool, this tool can easily set an external domain name for this machine, but because it is a foreign product, it may be blocked, refer to http://www.tuicool.com/articles/e63Ebm6
How to use: 1) Unzip the compressed package (eg: d:/ngrok) 2) CMD switch to the d:/ngrok directory, run the command "ngrok -config ngrok.cfg -subdomain the domain name service port you want" 3) Browser Enter http://the domain name you want.ngrok.natapp.cn/ to access the default page.
Method 2. The method officially recommended by WeChat, please refer to the link for details: http://blog.qqbrowser.cc/start/ http://blog.qqbrowser.cc/wei-xin-gong-zhong-hao-ben-di-diao -shi/
Five, related domain name settings
1. For payment directory settings, configure the authorization directory according to https://pay.weixin.qq.com/wiki/doc/api/jsapi.php?chapter=7_3. It should be noted that the directory should be configured to the exact directory, and Not a secondary or tertiary directory, and is case-sensitive. The directory refers to the page directory for confirming payment rather than the interface directory for invoking payment.
For example, the link of the product payment page is http://www.XXX.com.cn/pay/payorder/a.html, which needs to be configured as www.XXX.com.cn/pay/payorder/
2. Authorized callback authority domain name settings. Public Platform--"Development--"Interface Permissions--"Webpage Authorization to Obtain Basic User Information--"Modify Enter the domain name (just enter www.XXX.com.cn)
3. JS interface security domain name settings. Public Platform--"Settings--"Official Account Settings--"Function Settings--"JS Interface Security Domain Name. Same as above, just enter www.XXX.com.cn
Main pits and solutions:
There are many kinds of pits. The more classic reference links for personal collection are as follows:,
1) error: invalid signature
https://segmentfault.com/q/1010000002502269/a-1020000002549180
https://segmentfault.com/q/1010000002520634
Excerpt for backup:
The value of signature is the result of encryption with multiple parameters sha1. The detailed process is:
1. Obtain the access_token of the official account (not the user's access_token) through appid + appsecert. Official document http://mp.weixin.qq.com/wiki/15/54ce45d8d30b6bf6758f68d2e95bc627.html
2. Obtain jsapi_ticket according to the access_token of 1.
3. Generate A random string nonceStr (16) bit
4, generate a current time suffix timestamp
5, get the current web page URL (do not need after the # sign)
After obtaining the above 5 steps, jsapi_ticket, nonceStr, timestamp, URL form a Query String (GET parameter), namely:
$queryString = "jsapi_ticket=XXX&noncestr=XXX×tamp=XXX&url=XXX";
When generating a Query String, pay attention to:
1. The order of the Query String cannot be changed (according to the example I gave)
2. The key in the Query String should be all lowercase
3, the value in the Query String should be case-sensitive
4, and the URL should make sure that only the # sign is obtained The previous part (if there is a # sign)
5, Query String to ensure that it is not urlencode (if you use http_build_query, you need to urldecode once)
The value of signature is the result of sha1 encryption, namely:
$signature = sha1($queryString);
For details, please refer to the official WeChat document - JS-SDK using permission signature algorithm:
http://mp.weixin.qq.com/wiki/7/aaa137b55fb2e0456bf8dd
In my opinion, the key points are: random strings and timestamps, preferably consistent with the payment signature.
"errMsg":"chooseWXPay:fail"
Reference link list:
http://tieba.baidu.com/p/3961646394
http://www.liball.me/wxpay-is-shit/
This problem is mainly caused by incorrect configuration of the payment directory or incorrect parameters. The main solutions collected online are as follows:
1. When configuring the authorization test directory, the capitalization of the address should be consistent with that in the code.
2. The test cannot be run, and the apk package must be officially opened to use it
. 3. One is the configuration of the payment authorization directory, and the other is to use timeStamp when generating the signature. js uses timestamp.
4. It is not acceptable to assign the payment directory to the second or third level. It must be assigned to the last level
. 5. Quote WeChat js <script src="http://res.wx.qq.com/open/js/jweixin- 1.0.0.js"></script>
6. You need to set the test path on the WeChat public platform---"WeChat payment----"development configuration---below.
7. Developer Center-"Webpage Authorization to obtain basic user information - "js secure domain name
8. The reason for this problem is likely to be that the WeChat authorized domain name and the WeChat payment domain name are set differently. For example, one has www and the other does not.
9. The payment directory refers to the payment page directory, not the background payment link directory.
The final front-end calling code is as follows:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
// js-sdk配置<
br
>wx.config({
debug: true,
appId: '', // 必填,公众号的唯一标识
timestamp: '', // 必填,生成签名的时间戳,后端注意返回string类型
nonceStr: '', // 必填,生成签名的随机串,自己生成,最长32位。
signature: '', // 必填,微信签名,这个签名,和下面的paySign,所需用到的随机字符串和时间戳,最好和生成paySgin的保持一致。不是同一个。生成方法参考 http://mp.weixin.qq.com/wiki/7/aaa137b55fb2e0456bf8dd9148dd613f.html,可在页面 http://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=jsapisign 进行校验。
jsApiList: [
'chooseWXPay'
] // 必填,需要使用的JS接口列表,列表可选参数,参考 http://mp.weixin.qq.com/wiki/7/aaa137b55fb2e0456bf8dd9148dd613f.html 附录2.
});<
br
>// js-sdk配置验证成功
wx.ready(function(){<
br
> // 调用支付函数
wx.chooseWXPay({
timestamp: '', // 支付签名时间戳,注意微信jssdk中的所有使用timestamp字段均为小写。但最新版的支付后台生成签名使用的timeStamp字段名需大写其中的S字符
nonceStr: '', // 支付签名随机串,不长于 32 位
package: '', // 统一支付接口返回的prepay_id参数值,提交格式如:prepay_id=***)
signType: 'MD5', // 签名方式,默认为'SHA1',使用新版支付需传入'MD5'
paySign: '', // 支付签名
success: function (res) {
// 支付成功后的回调函数
alert('pay success');
},
cencel:function(res){<
br
> // 支付取消回调函数
alert('cencel pay');
},
fail: function(res){<
br
> // 支付失败回调函数
alert('pay fail');
alert(JSON.stringify(res));
}
});
});<
br
>// js-sdk调用异常回调函数
wx.error(function(res){
alert(res.err_msg);
});
|
Call the unified order interface and throw a timeout exception (28,'Rosolving timed out after 30014 milliseconds')
Solution: Set DNS to 182.254.116.116, reference link: https://mp.weixin.qq.com/wiki/6/01405db0092f76bb96b12a9f954cd866.html