Alipay docking
Article directory
Brothers, the liver is done. This code can be run completely, you can try it.
1. Outline
First of all, this note is compiled based on Kuangshen’s notes and is for learning only. The following is the original resource address:
Alipay docking learning address
1.1 Overall business flow chart
The main process is as follows:
1.2. Development flow chart
1.3. Core parameters
- APPID
- Merchant private key
- Alipay public key
- Payment callback address
- Gateway address
- Cryptographic signature algorithm RSA2
1.4. Alipay open platform
Official website: https://open.alipay.com/platform/home.htm
Document: https://openhome.alipay.com/docCenter/docCenter.htm?from=openhomemenu
1.5. Payment application scenarios
The use of third-party Alipay payment solves the transaction bottleneck between merchants and consumers, improves the service efficiency and revenue of merchants, and also makes it faster and more convenient for consumers to consume products. The usage scenarios are as follows:
- Online payment for Internet products
- finance
- E-commerce
- Cards and coupons
- Red envelope
- Scan code in offline stores
- Distribution account
- withdraw
- etc……
1.6. Alipay settled in
In order to improve the efficiency and experience when settling on the open platform, developers need to register an Alipay account and complete real-name authentication before settling in.
Register an Alipay account: https://memberprod.alipay.com/account/reg/index.htm
Enterprise Alipay account real-name authentication guide: https://opendocs.alipay.com/open/200/qyzfbsmrz
2. Environment preparation
2.1 First register your own Alipay account
Official website: https://open.alipay.com/platform/home.htm
2.2 Sandbox environment
(Because the enterprise needs to review) The personal development and testing environment is mainly used here, and the Alipay sandbox environment is selected. Obtaining this environment is mainly to obtain the core parameters introduced above, such as appId, merchant private key, Alipay public key, payment callback address, etc. (The Alipay public key in the enterprise environment is exchanged for the application public key)
If you need enterprise environment certification, you can refer to the following articles:
The interface description is as follows (these will be introduced in detail later):
- Interface signing method (step 1) is required.
Developers can choose public key certificate mode or public key mode according to the access product requirements, and ensure that the private key used in the interface matches the public key set here in pairs, otherwise the interface cannot be called. , and the interface parameter sign_type=RSA2. For details, see Generate a key and upload it. - IP whitelisting (step 2) is optional.
In order to improve the security of merchants accessing the open platform and prevent merchants from business damage due to application private key leaks and other reasons, the open platform provides an IP whitelist mechanism. For details, please refer to the IP whitelist access guide. The IP whitelist is designed to ensure the safety of developers' funds, and developers can choose it based on the actual situation. - Applying the gateway (step 3) is optional. Used to receive Alipay asynchronous notifications, developers can fill it in according to actual needs. For example: cash red envelope, alipay.fund.trans.order.changed (transfer document status change notification) triggered after the document status changes in the transfer to Alipay account. alipay.fund.trans.refund.success (fund return success notification) triggered when C2C cash red envelope refund is successful.
- The interface content encryption method (step 4) is optional. That is, the AES key can be used to encrypt and decrypt data information. Access to obtain member mobile phone numbers, sports data and other functions that require decryption of data must be configured. Please refer to the Content Encryption Guidelines for details.
- Authorization callback address (step 5) is required . Callback address after third-party application authorization or user information authorization. The value of redirect_uri configured in the authorization link must be consistent with this value (for example: https://www.alipay.com ). After the user is successfully authorized, the authorization code and other information will be carried after the url and jump to this page.
Important: If you use the sandbox environment to generate a payment QR code, you must use an Android phone to download the Alipay sandbox environment to scan the code! ! ! !
2.3 Supported product list
It means that this sandbox environment provides you with various product payment capabilities, such as mobile website payment, obtaining member information, in-person payment, etc. (For corporate environments, these must be signed)
3. Project realization
First of all, let me briefly introduce what RAS encryption is.
RAS (commonly referred to as RSA, Rivest-Shamir-Adleman) is an asymmetric encryption algorithm named after its founder. The RSA encryption algorithm is a public-key encryption system that uses a pair of keys: a public key and a private key. The following are the basic principles of RSA encryption:
-
Public key and private key: In the RSA algorithm, the public key is used to encrypt data, and the private key is used to decrypt data. The public key is public and can be obtained by anyone, while the private key must be kept secret.
-
Encryption Process: When someone wants to send an encrypted message to another person, they encrypt the message using the recipient's public key. Only the recipient holding the private key can decrypt the message.
-
Decryption process: The receiver uses their private key to decrypt the received encrypted message to obtain the original plaintext data.
RSA encryption is widely used in areas such as secure communications, digital signatures, authentication, and data encryption. It is an important tool in computer security and encrypted communications. However, it should be noted that as computer performance increases, longer key lengths are required to maintain the same level of security, so in practical applications, key lengths are constantly adjusted to cope with evolving security threats.
3.1. Project code address
Connect third-party Alipay payment interface code and sql
I have personally run and tested the code and there is no problem. Run the code first and then look at the business.
3.2. Code level
3.3. Quick start
3.3.1 Environment preparation
Set as Maven project
Modified to jdk1.8
Set up Maven and then clean ->install
3.3.2 Define application.yml and application-dev.yml to configure payment-related parameters
Modify core parameters according to code comments
application.yml
spring:
freemarker:
suffix: .html
profiles:
active: pwd2,dev
jackson:
date-format: yyyy-MM-dd HH:mm:ss
time-zone: GMT+8
locale: zh_CN
# 解决json返回过程中long的精度丢失问题
generator:
write-numbers-as-strings: true
write-bigdecimal-as-plain: true
servlet:
content-type: text/html
multipart:
max-file-size: 2MB
max-request-size: 2MB
mvc:
servlet:
load-on-startup: 1 #SpringBoot的接口第一次访问都很慢,通过日志可以发现,dispatcherServlet不是一开始就加载的,有访问才开始加载的,即懒加载。
main:
allow-bean-definition-overriding: true
# 日志管理
logging:
level:
root: info
# mybatis-plus配置
mybatis-plus:
mapper-locations: classpath*:/mapper/*.xml
type-aliases-package: com.kuangstudy.ksdalipay.entity
application-dev.yml
server:
port: 8989
spring:
datasource:
type: com.zaxxer.hikari.HikariDataSource
driver-class-name: com.mysql.jdbc.Driver
# 修改为自己创建的数据库
url: jdbc:mysql://127.0.0.1:3306/alipay?serverTimezone=GMT%2b8&useUnicode=true&characterEncoding=utf-8&useSSL=false
username: root
password: 123
hikari:
connection-timeout: 60000
validation-timeout: 3000
idle-timeout: 60000
login-timeout: 5
max-lifetime: 60000
maximum-pool-size: 400
minimum-idle: 100
read-only: false
# 支付宝支付参数配置 这些参数都是最开始从官网可以拿得到的
alipay:
# 应用ID,您的APPID,收款账号既是您的APPID对应支付宝账号
app_id: 9021000128671380
# 商户私钥,您的PKCS8格式RSA2私钥
merchant_private_key:
# 支付宝公钥
alipay_public_key:
# 服务器异步通知页面路径 需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问
notify_url: https://www.kuangstudy.com/pay/alipay/notifyUr
# 页面跳转同步通知页面路径 需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问
# return_url: https://api.itbooking.net/admin/alipay/returnUrl
return_url: https://www.kuangstudy.com/pay/alipay/notifyUr
# 签名方式
sign_type: RSA2
# 字符编码格式
charset: utf-8
# 支付宝网关
gatewayUrl: https://openapi-sandbox.dl.alipaydev.com/gateway.do
# 保存支付日志的地址
log_path: d:/all_data/pay_log
3.3.3 Create the database corresponding to the configuration file
The database is in the code sql
3.4.4 Start testing
Visit http://localhost:8989/main
4. General process
First, after the project is running, ask localhost:8989/main
This is the main page of this project,
The initial front-end of the page will call the back-end interface to generate the order prepayment QR code for the first course information in the list. There is a "click to pay" under each course information. After clicking, the course ID will be re-transmitted to refresh the QR code. The QR code is prepayment order information. Calling Alipay's official interface based on the core parameters will generate a QR code. Here, the QR code is spliced into a picture.
After scanning the QR code, the payment callback will be triggered, the order payment information will be obtained, and then the order status will be modified. Remember that the payment callback interface must be accessible from the public network. You can use domain names or intranet penetration (remember to modify the configuration file and sandbox environment address).
For intranet penetration, you can refer to my other blog:
How to use intranet penetration to jointly debug interfaces