var cloud = require('wx-server-sdk')
crypto = require('crypto')
request = require('request')
NodeRSA = require('node-rsa')
Form = require('./Form.class')
cloud.init({
env: 'xxxxxx'
})
const db = cloud.database()
exports.main = async (event, context) => {
const rq = options =>new Promise((resolve, reject) => {
request(options, (error, response, body) => {
if (error) {
reject(error);
}
resolve(response);
})
})
var mchid ='160xxxxx92'
var appId = 'wx41xxxxxxfd6'
var APIv3Key = 'xxxxxxxxx'
var cert_Doc = 'certificates'
var timeStamp = parseInt(Date.now()/1000)
var nonce_str = Math.random().toString(36).substr(2, 13)
var url = 'https://api.mch.weixin.qq.com'+event.url
var certificates = (await db.collection('a-data').doc(cert_Doc).get()).data
var {serial_no} = certificates
var {wx_serial_no} = certificates
var RSAoaep = (e)=>{
var plaintext = crypto.publicEncrypt({
key: certificates.wx_publicKey,
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
},Buffer.from(e))
return plaintext.toString('base64')
}
const getHeaders = (method,meta)=>{
var signature = new NodeRSA(certificates.apiclient_key).sign(`${method}\n${event.url}\n${timeStamp}\n${nonce_str}\n${meta}\n`, 'base64', 'utf8')
var Authorization = `WECHATPAY2-SHA256-RSA2048 mchid="${mchid}",nonce_str="${nonce_str}",signature="${signature}",timestamp="${timeStamp}",serial_no="${serial_no}"`
return {Authorization,"Content-Type": "application/json",Accept: "application/json","User-Agent": "xxxx.com",}
}
if(event.url=='/v3/applyment4sub/applyment/'){
var {upload} = event
var {post} = upload
post.business_code = upload._id
var {legal_person} = post.subject_info.business_license_info
legal_person = RSAoaep(legal_person)
var id_card_number = RSAoaep(upload.id_card_number)
post.contact_info.contact_name = legal_person
post.contact_info.contact_id_number = id_card_number
post.contact_info.mobile_phone = RSAoaep(upload.mobile_phone)
post.contact_info.contact_email = RSAoaep(upload.contact_email)
post.subject_info.identity_info.id_card_info.id_card_name = legal_person
post.subject_info.identity_info.id_card_info.id_card_number = id_card_number
post.bank_account_info.account_name = (post.bank_account_info.bank_account_type=='BANK_ACCOUNT_TYPE_PERSONAL'?legal_person:RSAoaep(post.subject_info.business_license_info.merchant_name))
post.bank_account_info.account_number =RSAoaep(upload.account_number)
console.log(post)
var method = 'POST'
var meta = JSON.stringify(post)
var res = await rq({url, method,
headers:{
...getHeaders(method,meta),
"Wechatpay-Serial":wx_serial_no
},
body:meta,
})
return res
}
if(event.url=='/v3/merchant/media/upload'){
var file = (await rq({method: 'GET',url:event.imgUrl,encoding: null})).body
var filename = `${nonce_str}${/\.\w+$/.exec(event.imgUrl)[0]}`
var sha256 = crypto.createHash('sha256').update(file).digest('hex')
var meta = JSON.stringify({filename,sha256})
var form = new Form
form.append('file',file,filename).append('meta',meta,'meta.json')
var method = 'POST'
var res = await rq({url, method,
headers:{
...getHeaders(method,meta),
...form.getHeaders(),
},
body:form.getBuffer(),
})
return JSON.parse(res.body)
}
if(event.url.indexOf('/v3/applyment4sub/applyment/business_code')>-1||event.url.indexOf('/v3/applyment4sub/applyment/applyment_id')>-1){
var method = 'GET'
var res = await rq({url,method,
json:true,
headers:{...getHeaders(method,'')}
})
return res.body
}
})
node-rsa 包可以省掉,用如下代码替代:
crypto.createSign('sha256WithRSAEncryption').update(`${method}\n${event.url}\n${timeStamp}\n${nonce_str}\n${meta}\n`).sign(certificates.apiclient_key, 'base64');