使用微信支付v3实现jsapi和扫码支付

最新推荐文章于 2025-06-11 16:44:27 发布
最新推荐文章于 2025-06-11 16:44:27 发布
阅读量3.3k 收藏 3
点赞数 1
CC 4.0 BY-SA版权
文章标签: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/walkcode/article/details/119416154
本文详细介绍了微信支付V3接口的更新内容,包括数据交互格式改用JSON,接口请求头新增Authorization,接口签名及Token计算,支付回调的AES-256-GCM加密,扫码支付流程简化等。并提供了Java代码示例,涵盖了Token生成、HTTPS请求、回调解密、签名计算、公钥获取和解密响应体等关键步骤。同时展示了JSAPI和扫码支付的实现代码,以及回调逻辑处理。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

一 和旧版的差异

1 数据交互格式由原先的xml改为json

2 接口请求方式由原来的无需额外请求头变为需要Authorization请求头

3 几乎所有接口都需要使用证书计算签名或者Token

4 支付回调使用AES-256-GCM进行加密,安全性提高

5 扫码支付无需再设置扫码回调url

6 无需像之前一样调用长链接转短链接接口提高扫码支付识别成功率

总体来说变化还是挺大的,开发时只需要正确计算token和签名就没什么问题了

开发前必读:https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay-1.shtml

二 分步拆解技术难点

1 token的计算,这一步算是最简单的只需按文档写工具代码即可

public class WxPayTokenUtilV3 {
    /**
     * 生成Token.
     *
     * @param mchId     商户号
     * @param nonceStr  随机字符串
     * @param timestamp 时间戳
     * @param serialNo  证书序列号
     * @param signature 签名
     * @return the string
     */
    public static String token(String mchId, String nonceStr, long timestamp, String serialNo, String signature) {
        String TOKEN_PATTERN = "mchid=\"%s\",nonce_str=\"%s\",timestamp=\"%d\",serial_no=\"%s\",signature=\"%s\"";
        // 生成token
        return String.format(TOKEN_PATTERN, mchId, nonceStr, timestamp, serialNo, signature);
    }

}

2 封装支付接口请求方法

 /**
     * 微信支付发送Https请求通用方法
     *
     * @param requestUrl
     * @param requestMethod
     * @param outputStr
     * @param token
     * @return
     */
    public static JSONObject httpsRequestForWxPay(String requestUrl, String requestMethod, String outputStr, String token) {

        JSONObject jsonObject = null;
        StringBuffer buffer = new StringBuffer();
        try {
            // 创建SSLContext对象,并使用我们指定的信任管理器初始化
            TrustManager[] tm = {new MyX509TrustManager()};
            SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
            sslContext.init(null, tm, new java.security.SecureRandom());
            // 从上述SSLContext对象中得到SSLSocketFactory对象
            SSLSocketFactory ssf = sslContext.getSocketFactory();

            URL url = new URL(requestUrl);
            HttpsURLConnection httpUrlConn = (HttpsURLConnection) url.openConnection();
            httpUrlConn.setSSLSocketFactory(ssf);

            httpUrlConn.setDoOutput(true);
            httpUrlConn.setDoInput(true);
            httpUrlConn.setUseCaches(false);
            // 设置请求方式(GET/POST)
            httpUrlConn.setRequestMethod(requestMethod);
            httpUrlConn.setRequestProperty("Content-type", "application/json");
            httpUrlConn.setRequestProperty("Authorization", " WECHATPAY2-SHA256-RSA2048 " + token);

            if ("GET".equalsIgnoreCase(requestMethod)) {
                httpUrlConn.connect();
            }

            // 当有数据需要提交时
            if (null != outputStr) {
                OutputStream outputStream = httpUrlConn.getOutputStream();
                // 注意编码格式,防止中文乱码
                outputStream.write(outputStr.getBytes("UTF-8"));
                outputStream.close();
            }

            // 将返回的输入流转换成字符串
            InputStream inputStream = httpUrlConn.getInputStream();
            InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "utf-8");
            BufferedReader bufferedReader = new BufferedReader(inputStreamReader);

            String str = null;
            while ((str = bufferedReader.readLine()) != null) {
                buffer.append(str);
            }
            bufferedReader.close();
            inputStreamReader.close();
            // 释放资源
            inputStream.close();
            inputStream = null;
            httpUrlConn.disconnect();

            jsonObject = JSONObject.parseObject(buffer.toString());
        } catch (ConnectException ce) {
            ce.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }
        return jsonObject;
    }

本段代码可以根据自己的需要改为使用httpclient或者其他形式,本人习惯使用java自带的这套

import javax.net.ssl.X509TrustManager;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class MyX509TrustManager implements X509TrustManager {

    public void checkClientTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
    }

    public void checkServerTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
    }

    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}

3 封装回调请求数据解密代码

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

public class WxPayAesUtilV3 {

    static final int KEY_LENGTH_BYTE = 32;
    static final int TAG_LENGTH_BIT = 128;
    private final byte[] aesKey;

    public WxPayAesUtilV3(byte[] key) {
        if (key.length != KEY_LENGTH_BYTE) {
            throw new IllegalArgumentException("无效的ApiV3Key,长度必须为32个字节");
        }
        this.aesKey = key;
    }

    public String decryptToString(byte[] associatedData, byte[] nonce, String ciphertext)
            throws GeneralSecurityException, IOException {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");

            SecretKeySpec key = new SecretKeySpec(aesKey, "AES");
            GCMParameterSpec spec = new GCMParameterSpec(TAG_LENGTH_BIT, nonce);

            cipher.init(Cipher.DECRYPT_MODE, key, spec);
            cipher.updateAAD(associatedData);

            return new String(cipher.doFinal(Base64.getDecoder().decode(ciphertext)), "utf-8");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new IllegalStateException(e);
        } catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException(e);
        }
    }
}

4 主要工具类的封装,此工具类主要实现签名计算、公钥获取、解密响应体等

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.lg.wx.consts.ConstantsWx;
import com.lg.wx.pojo.SignVerify;

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.stream.Collectors;
import java.util.stream.Stream;

/**
 * 微信V3支付签名工具类
 */
public class WxPaySignUtilV3 extends NoncestrUtil {

    /**
     * V3  SHA256withRSA 签名.
     *
     * @param method       请求方法  GET  POST PUT DELETE 等
     * @param canonicalUrl 例如  https://api.mch.weixin.qq.com/v3/pay/transactions/app?version=1 ——> /v3/pay/transactions/app?version=1
     * @param timestamp    当前时间戳   因为要配置到TOKEN 中所以 签名中的要跟TOKEN 保持一致
     * @param nonceStr     随机字符串  要和TOKEN中的保持一致
     * @param body         请求体 GET 为 "" POST 为JSON
     * @param keyPair      商户API 证书解析的密钥对  实际使用的是其中的私钥
     * @return the string
     */

    public static String sign(String method, String canonicalUrl, long timestamp, String nonceStr, String body, KeyPair keyPair) throws Exception {
        String signatureStr = Stream.of(method, canonicalUrl, String.valueOf(timestamp), nonceStr, body)
                .collect(Collectors.joining("\n", "", "\n"));

        Signature sign = Signature.getInstance("SHA256withRSA");
        sign.initSign(keyPair.getPrivate());
        sign.update(signatureStr.getBytes(StandardCharsets.UTF_8));
        return new String(Base64.getEncoder().encode(sign.sign()));
    }

    /**
     * jsapi计算签名
     *
     * @param appId
     * @param timestamp
     * @param nonceStr
     * @param prepayId
     * @param keyPair
     * @return
     * @throws Exception
     */
    public static String signForJSApi(String appId, long timestamp, String nonceStr, String prepayId, KeyPair keyPair) throws Exception {
        String signatureStr = Stream.of(appId, String.valueOf(timestamp), nonceStr, prepayId)
                .collect(Collectors.joining("\n", "", "\n"));

        Signature sign = Signature.getInstance("SHA256withRSA");
        sign.initSign(keyPair.getPrivate());
        sign.update(signatureStr.getBytes(StandardCharsets.UTF_8));
        return new String(Base64.getEncoder().encode(sign.sign()));
    }

    /**
     * 回调验签
     *
     * @param signVerify
     * @return
     * @throws Exception
     * @para
     */
    public static boolean responseSignVerify(SignVerify signVerify) throws Exception {

        //获取最新的微信支付平台公钥
        X509Certificate certificate = refreshCertificate(signVerify);

        String signatureStr = responseSign(signVerify);
        Signature signer = Signature.getInstance("SHA256withRSA");
        signer.initVerify(certificate);
        signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));

        boolean flag = signer.verify(Base64.getDecoder().decode(signVerify.getWechatpaySignature()));

        return flag;
    }

    /**
     * 构造验签名串.
     *
     * @param signVerify
     * @return the string
     */
    public static String responseSign(SignVerify signVerify) {
        return Stream.of(signVerify.getWechatpayTimestamp(), signVerify.getWechatpayNonce(), signVerify.getBody())
                .collect(Collectors.joining("\n", "", "\n"));
    }

    /**
     * 解密响应体-取得公钥
     *
     * @param apiV3Key       API V3 KEY  API v3密钥 商户平台设置的32位字符串
     * @param associatedData response.body.data[i].encrypt_certificate.associated_data
     * @param nonce          response.body.data[i].encrypt_certificate.nonce
     * @param ciphertext     response.body.data[i].encrypt_certificate.ciphertext
     * @return the string
     * @throws GeneralSecurityException the general security exception
     */
    public static String decryptResponseBody(String apiV3Key, String associatedData, String nonce, String ciphertext) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");

            SecretKeySpec key = new SecretKeySpec(apiV3Key.getBytes(StandardCharsets.UTF_8), "AES");
            GCMParameterSpec spec = new GCMParameterSpec(128, nonce.getBytes(StandardCharsets.UTF_8));

            cipher.init(Cipher.DECRYPT_MODE, key, spec);
            cipher.updateAAD(associatedData.getBytes(StandardCharsets.UTF_8));

            byte[] bytes;
            try {

                bytes = cipher.doFinal(Base64.getDecoder().decode(ciphertext));
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e);
            }
            return new String(bytes, StandardCharsets.UTF_8);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new IllegalStateException(e);
        } catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException(e);
        }
    }

    /**
     * 网络请求获取微信支付平台公钥
     *
     * @param pair
     * @return
     */
    public static JSONObject getPlatformPubKey(KeyPair pair, String serialNo, String mchId) {

        String nonceStr = createNoncestr();
        long timeStamp = System.currentTimeMillis() / 1000;

        String signStr = "";
        try {
            signStr = sign("GET", "/v3/certificates", timeStamp, nonceStr, "", pair);
        } catch (NumberFormatException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }

        WxPayTokenUtilV3 tk = new WxPayTokenUtilV3();
        String resToken = tk.token(mchId, nonceStr, timeStamp, serialNo, signStr);

        HttpArgs args = HttpArgs.builder(ConstantsWx.WX_CERTIFICATES_URL).method("GET").outputStr(null).build();
        JSONObject result = AdvancedUtil.httpsGetBeanForPay(args, JSONObject.class, resToken);


        return result;
    }

    /**
     * 获取最新的微信支付平台公钥并封装成证书
     *
     * @param signVerify
     * @return
     * @throws Exception
     */
    public static X509Certificate refreshCertificate(SignVerify signVerify) throws Exception {


        KeyPairFactory kp = new KeyPairFactory();
        KeyPair keyPair = kp.createPKCS12(signVerify.getCertUrl(), "Tenpay Certificate", signVerify.getMchId());

        //获取公钥信息
        JSONObject json = getPlatformPubKey(keyPair, signVerify.getSerialNo(), signVerify.getMchId());

        JSONArray arr = json.getJSONArray("data");
        JSONObject child = arr.getJSONObject(0).getJSONObject("encrypt_certificate");
        //associated_data
        String associatedData = child.getString("associated_data");
        //nonce
        String nonce = child.getString("nonce");
        //ciphertext
        String ciphertext = child.getString("ciphertext");

        String publicKey = decryptResponseBody(signVerify.getApiV3Key(), associatedData, nonce, ciphertext);

        CertificateFactory cf = null;
        try {
            cf = CertificateFactory.getInstance("X509");
        } catch (CertificateException e1) {
            e1.printStackTrace();
        }

        ByteArrayInputStream inputStream = new ByteArrayInputStream(publicKey.getBytes(StandardCharsets.UTF_8));
        X509Certificate certificate = null;
        try {
            certificate = (X509Certificate) cf.generateCertificate(inputStream);

        } catch (CertificateException e) {
            e.printStackTrace();
        }

        return certificate;

    }


}

5 JSAPI和扫码支付具体实现代码封装

import com.alibaba.fastjson.JSONObject;
import com.lg.wx.consts.ConstantsWx;
import com.lg.wx.pojo.JsApiOrder;
import com.lg.wx.pojo.RefundsInfo;

import java.security.KeyPair;
import java.util.Date;

/**
 * 微信支付v3版本工具类
 *
 * @author chenruiyin
 * @version 1.0
 */
public class WxPayUtilV3 extends NoncestrUtil {
    /**
     * jsapi下单并取得支付json串
     *
     * @param order
     * @return
     * @throws Exception
     */
    public static JSONObject jsApiCreateOrder(JsApiOrder order) throws Exception {
        JSONObject json = new JSONObject();
        json.put("appid", order.getAppId());
        json.put("mchid", order.getMchId());
        json.put("description", order.getDescription());
        json.put("out_trade_no", order.getOutTradeNo());
        json.put("notify_url", order.getNotifyUrl());

        JSONObject childs = new JSONObject();
        childs.put("total", order.getTotalPrice());
        json.put("amount", childs);
        JSONObject childs1 = new JSONObject();
        childs1.put("openid", order.getOpenId());
        json.put("payer", childs1);
        json.put("attach", order.getAttach());


        KeyPairFactory kp = new KeyPairFactory();
        KeyPair res = kp.createPKCS12(order.getCertUrl(), ConstantsWx.KEY_ALIAS, order.getMchId());

        String nonceStr = WxPaySignUtilV3.createNoncestr();
        long timeStamp = System.currentTimeMillis() / 1000;

        //WxPaySignUtilV3 ts=new WxPaySignUtilV3();
        String signStr = "";
        try {
            signStr = WxPaySignUtilV3.sign("POST", "/v3/pay/transactions/jsapi", timeStamp, nonceStr, json.toString(), res);
        } catch (Exception e) {
            e.printStackTrace();
        }

        WxPayTokenUtilV3 tk = new WxPayTokenUtilV3();
        //计算下单token
        String resToken = tk.token(order.getMchId(), nonceStr, timeStamp, order.getSerialNo(), signStr);
        //调用微信下单接口
        HttpArgs args = HttpArgs.builder(ConstantsWx.TRANSACTIONS_JSAPI_URL).method("POST").outputStr(json.toString()).build();
        JSONObject result = AdvancedUtil.httpsGetBeanForPay(args, JSONObject.class, resToken);

        //计算签名
        long timeStamp1 = new Date().getTime();
        String nonceStr1 = WxPaySignUtilV3.createNoncestr();
        String paySign = "";
        try {
            paySign = WxPaySignUtilV3.signForJSApi(order.getAppId(), timeStamp1, nonceStr1, "prepay_id=" + result.getString("prepay_id"), res);
        } catch (Exception e) {
            e.printStackTrace();
        }

        JSONObject payJson = new JSONObject();
        payJson.put("appId", order.getAppId());
        payJson.put("timeStamp", String.valueOf(timeStamp1));
        payJson.put("nonceStr", nonceStr1);
        payJson.put("package", "prepay_id=" + result.getString("prepay_id"));
        payJson.put("signType", "RSA");
        payJson.put("paySign", paySign);

        return payJson;
    }


    /**
     * 微信支付申请退款
     *
     * @param refund
     * @return
     * @throws Exception
     */
    public static boolean refundsMoney(RefundsInfo refund) throws Exception {
        JSONObject json = new JSONObject();
        json.put("out_trade_no", refund.getOutTradeNo());
        json.put("out_refund_no", String.valueOf(new Date().getTime()));

        JSONObject child = new JSONObject();
        child.put("refund", refund.getRefund());
        child.put("total", refund.getTotal());
        child.put("currency", refund.getCurrency());

        json.put("amount", child);

        KeyPairFactory kp = new KeyPairFactory();
        KeyPair res = kp.createPKCS12(refund.getCertUrl(), ConstantsWx.KEY_ALIAS, refund.getMchId());

        long timeStamp = System.currentTimeMillis() / 1000;

        String signStr = "";
        String nonceStr = createNoncestr();
        try {
            signStr = WxPaySignUtilV3.sign("POST", "/v3/refund/domestic/refunds", timeStamp, nonceStr, json.toString(), res);
        } catch (Exception e) {
            e.printStackTrace();
        }


        WxPayTokenUtilV3 tk = new WxPayTokenUtilV3();
        //计算下单token
        String resToken = tk.token(refund.getMchId(), nonceStr, timeStamp, refund.getSerialNo(), signStr);

        JSONObject result = CommonUtil.httpsRequestForWxPay(ConstantsWx.REFUNDS_API_URL, "POST", json.toJSONString(), resToken);

        if (null != result) {
            return true;
        }

        return false;
    }

    /**
     * native扫码支付
     * @param order
     * @return
     * @throws Exception
     */
    public static String nativeCreateOrder(JsApiOrder order) throws Exception {
        JSONObject json = new JSONObject();
        json.put("appid", order.getAppId());
        json.put("mchid", order.getMchId());
        json.put("description", order.getDescription());
        json.put("out_trade_no", order.getOutTradeNo());
        json.put("notify_url", order.getNotifyUrl());

        JSONObject childs = new JSONObject();
        childs.put("total", order.getTotalPrice());
        json.put("amount", childs);


        KeyPairFactory kp = new KeyPairFactory();
        KeyPair res = kp.createPKCS12(order.getCertUrl(), ConstantsWx.KEY_ALIAS, order.getMchId());

        String nonceStr = WxPaySignUtilV3.createNoncestr();
        long timeStamp = System.currentTimeMillis() / 1000;

        //WxPaySignUtilV3 ts=new WxPaySignUtilV3();
        String signStr = "";
        try {
            signStr = WxPaySignUtilV3.sign("POST", "/v3/pay/transactions/native", timeStamp, nonceStr, json.toString(), res);
        } catch (Exception e) {
            e.printStackTrace();
        }

        WxPayTokenUtilV3 tk = new WxPayTokenUtilV3();
        //计算下单token
        String resToken = tk.token(order.getMchId(), nonceStr, timeStamp, order.getSerialNo(), signStr);
        //调用微信下单接口
        HttpArgs args = HttpArgs.builder(ConstantsWx.TRANSACTIONS_NATIVEAPI_URL).method("POST").outputStr(json.toString()).build();
        JSONObject result = AdvancedUtil.httpsGetBeanForPay(args, JSONObject.class, resToken);
        //System.out.println(result);
        String codeUrl = result.getString("code_url");
        return codeUrl;
    }

JsApiOrder是支付重要的实体类,里面主要有调用支付接口需要的各种字段,封装起来目的是方便使用

import lombok.Data;

/**
 * TODO
 *
 * @author Administrator
 * @version 1.0
 * @date 2021/3/30 15:02
 */
@Data
public class JsApiOrder {
    /**
     * appId
     */
    private String appId;
    /**
     * 商户号
     */
    private String mchId;
    /**
     * 订单描述
     */
    private String description;
    /**
     * 订单号
     */
    private String outTradeNo;
    /**
     * 支付成功回调
     */
    private String notifyUrl;
    /**
     * 订单金额(单位为分)
     */
    private Integer totalPrice;
    /**
     * 支付用户openId
     */
    private String openId;
    /**
     * 诊所ID
     */
    private Long clinicId;
    /**
     * 支付p12证书url
     */
    private String certUrl;
    /**
     * 支付证书序列号
     */
    private String serialNo;

    /**
     * 额外参数
     */
    private String attach;

}

AdvancedUtil这个工具类则是把调用支付接口返回的数据二次封装,这一步可有可无,代码大致如下

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import lombok.Builder;

@Builder
public class AdvancedUtil {

    private String method = "get";
    private String url;

    /**
     * 通过https请求获取返回json的数据,并把数据格式化为相应的bean
     * @param httpArgs 请求参数列表使用方式  HttpArgs.builder().url("xxxurl").method("post").build()
     * @param clazz    需要构建的数据对象
     */
    public static <T> T httpsGetBean(HttpArgs httpArgs, Class<T> clazz) {
        JSONObject jsonObject = CommonUtil.httpsRequest(httpArgs.getUrl(), httpArgs.getMethod(), httpArgs.getOutputStr());
        //System.out.println("请求链接:"+httpArgs.getUrl());
        //System.out.println("返回结果:"+jsonObject.toString());
        return JSON.toJavaObject(jsonObject, clazz);
    }

    /**
     * 通过https请求获取返回json的数据,并把数据格式化为相应的bean
     *
     * @param httpArgs 请求参数列表使用方式  HttpArgs.builder().url("xxxurl").method("post").build()
     * @param clazz    需要构建的数据对象
     * @return
     * @Date 2021/03/13 15:32
     */
    public static <T> T httpsGetBeanForPay(HttpArgs httpArgs, Class<T> clazz, String token) {
        JSONObject jsonObject = CommonUtil.httpsRequestForWxPay(httpArgs.getUrl(), httpArgs.getMethod(), httpArgs.getOutputStr(), token);
        return JSON.toJavaObject(jsonObject, clazz);
    }


}

HttpArgs这个把代码调用改为连缀的形式,也可根据喜好选择用或者不用
import lombok.Builder;
import lombok.Data;

import java.util.Map;

/**
 * @description: http接口请求参数, 构建请求参数
 **/
@Data
public class HttpArgs {

    public final static String GET = "GET";

    public final static String POST = "POST";

    private final static String UTF8 = "UTF-8";

    private final static String GBK = "GBK";

    private final static String DEFAULT_MEDIA_TYPE = "application/json";


    private String url;

    @Builder.Default
    private String method = GET;

    private String data;

    private Map<String, Object> queryMap;

    private String outputStr;

    HttpArgs(final String url, final String method, final String data, final Map<String, Object> queryMap, final String outputStr) {
        this.url = url;
        this.method = method;
        this.data = data;
        this.queryMap = queryMap;
        this.outputStr = outputStr;
    }

    public static HttpArgsBuilder builder(String url) {
        return new HttpArgsBuilder(url);
    }

    public static class HttpArgsBuilder {
        private String url;
        private String method = GET;
        private String data;
        private Map<String, Object> queryMap;
        private String outputStr;

        HttpArgsBuilder(String url) {
            this.url = url;
        }

        public HttpArgsBuilder url(final String url) {
            this.url = url;
            return this;
        }

        public HttpArgsBuilder method(final String method) {
            this.method = method;
            return this;
        }


        public HttpArgsBuilder queryMap(final Map<String, Object> queryMap) {
            this.queryMap = queryMap;
            return this;
        }

        public HttpArgsBuilder outputStr(final String outputStr) {
            this.outputStr = outputStr;
            return this;
        }

        public HttpArgs build() {
            String method = this.method;

            return new HttpArgs(this.url, method, this.data, this.queryMap, this.outputStr);
        }
    }


}

6 回调逻辑代码

 @RequestMapping("/notify")
    public void notify(HttpServletRequest request, HttpServletResponse response) throws Exception {
        InputStream inStream = request.getInputStream();
        ByteArrayOutputStream outSteam = new ByteArrayOutputStream();
        byte[] buffer = new byte[1024];
        int len = 0;
        while ((len = inStream.read(buffer)) != -1) {
            outSteam.write(buffer, 0, len);
        }

        outSteam.close();
        inStream.close();
        String result = new String(outSteam.toByteArray(), "utf-8");//获取微信调用我们notify_url的返回信息

        //System.out.println("result="+result);

        JSONObject resJson = JSONObject.parseObject(result);

        String wechatpayTimestamp = request.getHeader("Wechatpay-Timestamp");
        String wechatpayNonce = request.getHeader("Wechatpay-Nonce");
        String wechatpaySignature = request.getHeader("Wechatpay-Signature");

        JSONObject resources = resJson.getJSONObject("resource");
        //associated_data
        String associated_data = resources.getString("associated_data");
        //nonce
        String nonce = resources.getString("nonce");
        //ciphertext
        String ciphertext = resources.getString("ciphertext");

        JSONObject returnRes = new JSONObject();


        WxPayAesUtilV3 aesUtil = new WxPayAesUtilV3(WxPayConfig.APIV3KEY.getBytes());
        String decryptResources = aesUtil.decryptToString(associated_data.getBytes(), nonce.getBytes(), ciphertext);
        //System.out.println("decryptResources=" + decryptResources);

        //获取订单号
        JSONObject decryptResourcesJson = JSONObject.parseObject(decryptResources);
        String out_trade_no = decryptResourcesJson.getString("out_trade_no");
        String trade_state = decryptResourcesJson.getString("trade_state");
        //获取订单金额信息
        JSONObject ammountJson = decryptResourcesJson.getJSONObject("amount");
        //总金额
        Integer total = ammountJson.getInteger("total");
        //用户支付金额
        Integer payerTotal = ammountJson.getInteger("payer_total ");

        SignVerify signVerify = new SignVerify();
        signVerify.setSerialNo(WxPayConfig.SERIALNO);
        signVerify.setApiV3Key(WxPayConfig.APIV3KEY);
        signVerify.setMchId(WxPayConfig.MCHID);
        signVerify.setCertUrl(WxPayConfig.CERTURL);
        signVerify.setWechatpaySignature(wechatpaySignature);
        signVerify.setWechatpayTimestamp(wechatpayTimestamp);
        signVerify.setWechatpayNonce(wechatpayNonce);
        signVerify.setBody(result);

        try {
            if (WxPaySignUtilV3.responseSignVerify(signVerify)) {

                if ("SUCCESS".equalsIgnoreCase(trade_state)) {
                    //此处可根据实际情况编写处理逻辑
                    //例如修改订单状态,积分操作,发消息等等
                    returnRes.put("code", "SUCCESS");
                    returnRes.put("message", "成功");
                } else {
                    returnRes.put("code", "500");
                    returnRes.put("message", "交易未完成");

                }

            } else {
                returnRes.put("code", "500");
                returnRes.put("message", "签名校验失败");
            }
        } catch (Exception e) {

            e.printStackTrace();
        }

        response.getWriter().write(returnRes.toString());
    }

7  公钥私钥获取

import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;

/**
 * KeyPairFactory
 *
 * @author dax
 * @since 13:41
 **/
public class KeyPairFactory {

    private final Object lock = new Object();
    private KeyStore store;

    /**
     * 获取公私钥.
     *
     * @param keyPath  the key path
     * @param keyAlias the key alias
     * @param keyPass  password
     * @return the key pair
     */
    public KeyPair createPKCS12(String keyPath, String keyAlias, String keyPass) throws Exception {
        //ClassPathResource resource = new ClassPathResource(keyPath);
        URL url = new URL(keyPath);
        HttpURLConnection httpUrlConn = (HttpURLConnection) url.openConnection();
        httpUrlConn.setDoOutput(true);
        httpUrlConn.setDoInput(true);
        httpUrlConn.setUseCaches(false);
        // 设置请求方式(GET/POST)
        httpUrlConn.setRequestMethod("GET");
        httpUrlConn.connect();

        InputStream in = httpUrlConn.getInputStream();
        //in.close();
        //httpUrlConn.disconnect();
        char[] pem = keyPass.toCharArray();
        try {
            synchronized (lock) {
                if (store == null) {
                    synchronized (lock) {
                        store = KeyStore.getInstance("PKCS12");
                        store.load(in, pem);
                    }
                }
            }
            X509Certificate certificate = (X509Certificate) store.getCertificate(keyAlias);
            certificate.checkValidity();
            // 证书的序列号 也有用
            String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
            // 证书的 公钥
            PublicKey publicKey = certificate.getPublicKey();
            // 证书的私钥
            PrivateKey storeKey = (PrivateKey) store.getKey(keyAlias, pem);

            return new KeyPair(publicKey, storeKey);

        } catch (Exception e) {
            throw new IllegalStateException("Cannot load keys from store: " + keyPath, e);
        }
    }

}

此处秘钥获取需要使用商户平台的证书,这里把p12证书放到的oss上然后通过get请求获取

备注:微信支付的证书别名为Tenpay Certificate写错代码将会报错

    /**
     * 支付p12证书别名
     */
    String KEY_ALIAS = "Tenpay Certificate";

本地内网穿透获取微信支付回调,jsapi,获取openId,prepayId,调起支
qq_42403906的博客
01-12 2149
微信jsapi是通过后,直接进入微信支付页说明一下,,需要在公众号上配置域名才可以回调获取openID,当然你可以直接配置回调在你上面的地址,前置条件(申请jsapi ,公共号配置回调域名)正常流程是:编写接口->下载并配置ngrok实现内网穿透(获取到公网ip)->接口生成二维->手机微信,接口配置回调接口(ngrok获取到的公网ip)->回调接口收到通知,通过code获取到openId。
微信码支付,网页微信码支付demo +js+php+版
03-04
微信码支付,网页微信码支付demo +js+php+版
PHP微信小程序支接入APIv3版本
最新发布
weixin_39218464的博客
06-11 327
这篇文章介绍了微信支付PHP SDK的配置使用方法。主要内容包括: SDK安装:通过Composer安装最新版的微信支付SDK 回调地址配置:只需配置域名,具体回调接口在调用时拼接 完整配置示例:包含小程序ID、商户号、API密钥、证书路径等关键信息 控制器实现:详细展示了如何初始化支客户端实例,包含: 加载商户私钥微信支付公钥 构建APIv3客户端 处理JSAPI/小程序支请求 订单验证金额处理 文章提供了完整的代示例,包括参数验证、用户认证、订单状态检查金额处理等关键步骤,对开发者接入微信
jsapi微信支付v3
绮罗郁金香的博客
05-27 464
jsapiV3
V3jsapi微信支付流程(Springboot)
qq_37243341的博客
06-25 5631
微信支付流程总结 1.签名生成 学习内容: 提示:这里可以添加要学的内容 例如: 1、 搭建 Java 开发环境 2、 掌握 Java 基本语法 3、 掌握条件语句 4、 掌握循环语句 学习时间: 提示:这里可以添加计划学习的时间 例如: 1、 周一至周五晚上 7 点—晚上9点 2、 周六上午 9 点-上午 11 点 3、 周日下午 3 点-下午 6 点 学习产出: 提示:这里统计学习计划的总量 例如: 1、 技术笔记 2 遍 2、优快云 技术博客 33、 学习的 vlog 视频 1 个
php微信支付之V3版本jsapi(微信环境内H5支
munchmills的博客
12-24 1563
微信环境里jsapi H5支!!!!
c# .net 实现微信支付v3 JSAPI下单
橙-极纪元-JJYCheng
12-03 3728
转载:c# .net 实现微信支付jsapi v3接口(JSAPI下单) 接口地址 : https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi 需要引用 using System.Security.Cryptography; 发起请求、加密、签名代如下 /// <summary> /// /// </summary> /// <param name="url">..
微信支付V3 Java jsApi 码支付 Demo
04-01
最近抽时间整理出来包括码支付jsapi的版本的demo,代非常的详细,很多容易出错的地方我都注释了出来,报错后台代前台代的demo,前台包括二维生成demo,另外增加了java版本处理微信支付回调通知的...
微信支付V3 Java jsApi 码支付(网上资料参考
11-18
微信支付V3 Java jsApi 码支付(网上资料参考微信支付V3
基于C#实现微信支付码支付功能
08-25
本文将详细介绍如何使用C#实现微信码支付功能,并提供了相关的代实现微信支付是一个非常流行的支方式,许多企业都需要集成微信支付来满足业务需求。本文将分为两部分,第一部分介绍微信支付实现,...
PHP 微信V3微信支付 案例
03-22
- `WxPay.JsApiPay.php`、`WxPay.NativePay.php`:分别对应JSAPINative码支付方式的类。 - `WxPay.Order.php`、`WxPay.Refund.php`:订单创建退款操作的类。 - `logs`:日志文件夹,记录支过程中的重要信息...
微信支付V3版Demo实现JSAPI码支付示例
微信支付V3版demo的知识点主要包括微信支付的基础概念、微信支付V3版的特点、JSAPI方式NATIVE(码支付)方式的具体实现方法等。以下将对这些知识点进行详细说明: 一、微信支付基础概念 微信支付是微信...
微信小程序支V3-jsapiJava
weixin_47008625的博客
10-18 526
(自行添加的一个支按钮做测试使用,具体业务做调整,只有支,没做退款回调等)7:小程序上线必须要域名(本地测试不需要,可在微信开发者工具中将。WxV3PayConfig:这些参数哪里找可以自行百度,相当好找。商户系统先调用该接口在微信支付服务后台生成预支交易单。5:对公银行账户信息(税号,开户名,开户行,账号)第二个接口:“/paymentForGoods”点击款手机下方弹出一个支,展示支金额。第一个接口:“/appLogin”3:小程序管理者身份证电子版。1:邮箱(自行注册)
SpringBoot 整合微信小程序微信支付V3 jsapi (支、退款)
L
02-27 6000
登录商户平台 => 选择 账户中心 => 安全中心 => API安全 => 申请API证书 包括商户证书商户私钥。登录商户平台 => 选择 账户中心 => 安全中心 => API安全 => 设置APIv3密钥。微信公众平台 注册服务号 => 服务号认证 => 获取APPID => 绑定商户号。微信商户平台 申请成为商户 => 提交资料 => 签署协议 => 获取商户号。小程序内需要多个参数才可以唤起微信支付,就是输入密码支付的那个支页面。我使用的是Jsapi,别的支方式可以在刚才的枚举类中“
微信支付V3版本-JSAPI
小白菜
06-05 686
二、需要先自行申请如下信息。这个版本只需要引入这一个。
微信中JSAPI V3
mwj6881606的博客
03-14 774
微信JSAPI 微信V3版本支后端教程 java
SSM项目————整合微信支付
weixin_42858422的博客
02-22 5671
一、准备页面1、第一个页面,购票页面2、第二个页面,详情支页面3、第三个页面,支成功跳转页面二、准备二维(测试一下)三、准备微信参数、环境、HttpClient工具类、雪花算法工具类。四、开始支功能编(下单)五、开始支功能编(查询订单状态)————————创作不易,如觉不错,随手点赞,关注,收藏(* ̄︶ ̄),谢谢~~ 我们这里只看支,其他跟支无关的东西不看 一、准备页面 主要有三个页面 1、第一个页面,购票页面 2、第二个页面,详情支页面 紫色的三个是跟我们支有关的 3、第三个页.
微信JSAPI之V3版本支踩坑
weixin_42575720的博客
06-01 2113
微信JSAPIV3版本开发过程中碰到的那些天坑
Java 接入APIV3 微信支付 (一) JSAPI下单
weixin_43879445的博客
12-27 4998
Java 接入APIV3版本的微信支付_JSAPI/小程序支
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值