本文共 14212 字,大约阅读时间需要 47 分钟。
@RestController@RequestMapping("/pay")public class PayController { @RequestMapping(value = "/wxPay", method = RequestMethod.POST) public String wxPay(String openId, String orderNumber ,HttpServletRequest request) { Object result = new Object(); try { //获取自己的openId,可以找前端要 // String openId = "xxx"; //订单号,自己的订单设计,最好用固定长度 20位等等。 // String orderNumber = "xxxx"; //获取客户端的ip地址 String spbill_create_ip = getIpAddr(request); //将支付业务下沉到service层 result = OrderService.wxPay(spbill_create_ip, openId, orderNumber ); } catch (Exception e) { e.printStackTrace(); } return PayUtil.toJson(result); } //这里是支付回调接口,微信支付成功后会自动调用 @RequestMapping(value = "/wxNotify", method = RequestMethod.POST) public void wxNotify(HttpServletRequest request, HttpServletResponse response) throws Exception { BufferedReader br = new BufferedReader(new InputStreamReader(request.getInputStream())); String line = null; StringBuilder sb = new StringBuilder(); while ((line = br.readLine()) != null) { sb.append(line); } br.close(); //sb为微信返回的xml String notityXml = sb.toString(); String resXml = ""; Map map = PayUtil.doXMLParse(notityXml); String returnCode = (String) map.get("return_code"); if ("SUCCESS".equals(returnCode)) { //验证签名是否正确 Map validParams = PayUtil.paraFilter(map); //回调验签时需要去除sign和空值参数 String prestr = PayUtil.createLinkString(validParams); //根据微信官网的介绍,此处不仅对回调的参数进行验签,还需要对返回的金额与系统订单的金额进行比对等 if (PayUtil.verify(prestr, (String) map.get("sign"), WechatConfig.key, "utf-8")) { /**此处添加自己的业务逻辑代码start**/ //注意要判断微信支付重复回调,支付成功后微信会重复的进行回调 /**此处添加自己的业务逻辑代码end**/ //通知微信服务器已经支付成功 resXml = " " + " " + " " + " "; } } else { resXml = " " + " " + " " + " "; } BufferedOutputStream out = new BufferedOutputStream( response.getOutputStream()); out.write(resXml.getBytes()); out.flush(); out.close(); } //获取IP private String getIpAddr(HttpServletRequest request) { String ip = request.getHeader("X-Forwarded-For"); if (StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) { //多次反向代理后会有多个ip值,第一个ip才是真实ip int index = ip.indexOf(","); if (index != -1) { return ip.substring(0, index); } else { return ip; } } ip = request.getHeader("X-Real-IP"); if (StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) { return ip; } return request.getRemoteAddr(); }} @Service@Transactional(propagation = Propagation.REQUIRED, isolation = Isolation.DEFAULT)public class OrderService { public Map wxPay(String spbill_create_ip, String openId, String orderNumber) { Map payMap = new HashMap ();//返回给小程序端需要的参数 try { //生成的随机字符串 String nonce_str = getRandomStringByLength(32); //商品名称 //todo String body = "测试商品名称"; //获取客户端的ip地址 BigDecimal ¥ = new BigDecimal(100.00); int price = order.getAdjustPrice().multiply(¥).intValue(); //组装参数,用户生成统一下单接口的签名 logger.info("----------下单接口签名-------"); Map packageParams = new HashMap<>(); packageParams.put("appid", WechatConfig.appid); packageParams.put("mch_id", WechatConfig.mch_id); packageParams.put("nonce_str", nonce_str); packageParams.put("body", body); packageParams.put("out_trade_no", orderNumber);//商户订单号,自己的订单ID packageParams.put("total_fee", price + "");//支付金额,这边需要转成字符串类型,否则后面的签名会失败 packageParams.put("spbill_create_ip", spbill_create_ip); packageParams.put("notify_url", WechatConfig.notify_url);//支付成功后的回调地址 packageParams.put("trade_type", WechatConfig.TRADETYPE);//支付方式 packageParams.put("openid", openId + "");//用户的openID,自己获取 String prestr = PayUtil.createLinkString(packageParams); // 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 logger.info("----------prestr:" + prestr); logger.info("----------调用统一下单接口-------"); //MD5运算生成签名,这里是第一次签名,用于调用统一下单接口 String mysign = PayUtil.sign(prestr, WechatConfig.key, "utf-8").toUpperCase(); logger.info("----------mysign:" + mysign); //拼接统一下单接口使用的xml数据,要将上一步生成的签名一起拼接进去 String xml = " " + " " + WechatConfig.appid + " " + " " + attach + " " + "" + " " + WechatConfig.mch_id + " " + " " + nonce_str + " " + " " + WechatConfig.notify_url + " " + " " + openId + " " + " " + payOrderNumber + " " + " " + spbill_create_ip + " " + " " + price + " "//支付的金额,单位:分 + " " + WechatConfig.TRADETYPE + " " + " " + mysign + " " + " "; //调用统一下单接口,并接受返回的结果 String result = PayUtil.httpRequest(WechatConfig.pay_url, "POST", xml); logger.info("----------result:" + result); // 将解析结果存储在HashMap中 Map map = PayUtil.doXMLParse(result); String return_code = (String) map.get("return_code");//返回状态码 String result_code = (String) map.get("result_code");//返回状态码 String err_code = (String) map.get("err_code");//返回状态码 String err_code_des = (String) map.get("err_code_des");//返回状态码 if (return_code.equals("SUCCESS") || return_code.equals(result_code)) { String prepay_id = (String) map.get("prepay_id");//返回的预付单信息 payMap.put("nonceStr", nonce_str); payMap.put("package", "prepay_id=" + prepay_id); Long timeStamp = System.currentTimeMillis() / 1000; payMap.put("timeStamp", timeStamp + "");//这边要将返回的时间戳转化成字符串,不然小程序端调用wx.requestPayment方法会报签名错误 //拼接签名需要的参数 String stringSignTemp = "appId=" + WechatConfig.appid + "&nonceStr=" + nonce_str + "&package=prepay_id=" + prepay_id + "&signType=MD5&timeStamp=" + timeStamp; //再次签名,这个签名用于小程序端调用wx.requesetPayment方法 String paySign = PayUtil.sign(stringSignTemp, WechatConfig.key, "utf-8").toUpperCase(); logger.info("=======================第二次签名:", paySign + "============ ======"); payMap.put("paySign", paySign); } else { logger.info("----------统一下单失败-------"); return payMap; } // OrderService.insert(payOperation); payMap.put("appid", WechatConfig.appid); } catch (Exception e) { e.printStackTrace(); } return payMap; } //获取随机字符串 private String getRandomStringByLength(int length) { String base = "abcdefghijklmnopqrstuvwxyz0123456789"; Random random = new Random(); StringBuffer sb = new StringBuffer(); for (int i = 0; i < length; i++) { int number = random.nextInt(base.length()); sb.append(base.charAt(number)); } return sb.toString(); }} public class PayUtil { /** * 签名字符串 * * @param text 需要签名的字符串 * @param key 密钥 * @param input_charset 编码格式 * @return 签名结果 */ public static String sign(String text, String key, String input_charset) { text = text + "&key=" + key; return DigestUtils.md5Hex(getContentBytes(text, input_charset)); } /** * 签名字符串 * * @param text 需要签名的字符串 * @param sign 签名结果 * @param key 密钥 * @param input_charset 编码格式 * @return 签名结果 */ public static boolean verify(String text, String sign, String key, String input_charset) { text = text +"&key=" key; String mysign = DigestUtils.md5Hex(getContentBytes(text, input_charset)).toUpperCase(); if (mysign.equals(sign)) { return true; } else { return false; } } /** * @param content * @param charset * @return * @throws java.security.SignatureException * @throws UnsupportedEncodingException */ public static byte[] getContentBytes(String content, String charset) { if (charset == null || "".equals(charset)) { return content.getBytes(); } try { return content.getBytes(charset); } catch (UnsupportedEncodingException e) { throw new RuntimeException("MD5签名过程中出现错误,指定的编码集不对,您目前指定的编码集是:" + charset); } } private static boolean isValidChar(char ch) { if ((ch >= '0' && ch <= '9') || (ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z')) return true; if ((ch >= 0x4e00 && ch <= 0x7fff) || (ch >= 0x8000 && ch <= 0x952f)) return true;// 简体中文汉字编码 return false; } /** * 除去数组中的空值和签名参数 * * @param sArray 签名参数组 * @return 去掉空值与签名参数后的新签名参数组 */ public static Map paraFilter(Map sArray) { Map result = new HashMap (); if (sArray == null || sArray.size() <= 0) { return result; } for (String key : sArray.keySet()) { String value = sArray.get(key); if (value == null || value.equals("") || key.equalsIgnoreCase("sign") || key.equalsIgnoreCase("sign_type")) { continue; } result.put(key, value); } return result; } /** * 把数组所有元素排序,并按照“参数=参数值”的模式用“&”字符拼接成字符串 * * @param params 需要排序并参与字符拼接的参数组 * @return 拼接后字符串 */ public static String createLinkString(Map params) { List keys = new ArrayList<>(params.keySet()); Collections.sort(keys); String prestr = ""; for (int i = 0; i < keys.size(); i++) { String key = keys.get(i); String value = params.get(key); if (i == keys.size() - 1) {// 拼接时,不包括最后一个&字符 prestr = prestr + key + "=" + value; } else { prestr = prestr + key + "=" + value + "&"; } } return prestr; } /** * @param requestUrl 请求地址 * @param requestMethod 请求方法 * @param outputStr 参数 */ public static String httpRequest(String requestUrl, String requestMethod, String outputStr) { // 创建SSLContext StringBuffer buffer = null; try { URL url = new URL(requestUrl); HttpURLConnection conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod(requestMethod); conn.setDoOutput(true); conn.setDoInput(true); conn.connect(); //往服务器端写内容 if (null != outputStr) { OutputStream os = conn.getOutputStream(); os.write(outputStr.getBytes("utf-8")); os.close(); } // 读取服务器端返回的内容 InputStream is = conn.getInputStream(); InputStreamReader isr = new InputStreamReader(is, "utf-8"); BufferedReader br = new BufferedReader(isr); buffer = new StringBuffer(); String line = null; while ((line = br.readLine()) != null) { buffer.append(line); } br.close(); } catch (Exception e) { e.printStackTrace(); } return buffer.toString(); } public static String urlEncodeUTF8(String source) { String result = source; try { result = java.net.URLEncoder.encode(source, "UTF-8"); } catch (UnsupportedEncodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } return result; } /** * 解析xml,返回第一级元素键值对。如果第一级元素有子节点,则此节点的值是子节点的xml数据。 * * @param strxml * @return * @throws org.jdom2.JDOMException * @throws IOException */ public static Map doXMLParse(String strxml) throws Exception { if (null == strxml || "".equals(strxml)) { return null; } Map m = new HashMap(); InputStream in = String2Inputstream(strxml); SAXBuilder builder = new SAXBuilder(); Document doc = builder.build(in); Element root = doc.getRootElement(); List list = root.getChildren(); Iterator it = list.iterator(); while (it.hasNext()) { Element e = (Element) it.next(); String k = e.getName(); String v = ""; List children = e.getChildren(); if (children.isEmpty()) { v = e.getTextNormalize(); } else { v = getChildrenText(children); } m.put(k, v); } //关闭流 in.close(); return m; } /** * 获取子结点的xml * * @param children * @return String */ public static String getChildrenText(List children) { StringBuffer sb = new StringBuffer(); if (!children.isEmpty()) { Iterator it = children.iterator(); while (it.hasNext()) { Element e = (Element) it.next(); String name = e.getName(); String value = e.getTextNormalize(); List list = e.getChildren(); sb.append("<" + name + ">"); if (!list.isEmpty()) { sb.append(getChildrenText(list)); } sb.append(value); sb.append(" "); } } return sb.toString(); } public static InputStream String2Inputstream(String str) { return new ByteArrayInputStream(str.getBytes()); } /** * java对象转字符串 * @param 泛型占位符 * @param obj T * @return String */ public static String toJson(T obj) { Gson gson = new GsonBuilder().setDateFormat("yyyy-MM-dd HH:mm:ss").enableComplexMapKeySerialization().create(); return gson.toJson(obj); }} public class WechatConfig { //小程序appid 开发者自己拥有的 public static final String appid = ""; //微信支付的商户id 开发者去问自己id的前端同事或者领导。 public static final String mch_id = ""; //微信支付的商户密钥 开发者问领导,去微信商户平台去申请(要下插件等等) public static final String key = ""; //支付成功后的服务器回调url,这里填PayController里的回调函数地址 public static final String notify_url = ""; //签名方式,固定值 public static final String SIGNTYPE = "MD5"; //交易类型,小程序支付的固定值为JSAPI public static final String TRADETYPE = "JSAPI"; //微信统一下单接口地址 public static final String pay_url = "https://api.mch.weixin.qq.com/pay/unifiedorder";} 转载地址:http://avcii.baihongyu.com/