评论

创建微信请求APIv3Authorization签名

03-08
438浏览
0评论

创建微信APIv3签名

//认证类型
public static final String schema = "WECHATPAY2-SHA256-RSA2048";

/**
 * 生成微信APIv3签名Authorization
 *
 * @param method             请求接口的请求方式
 * @param url                请求接口的地址
 * @param body               请求体
 * @param mchId              商户号
 * @param serialNo           证书号
 * @param certificateAddress 证书地址
 */
public static String getToken(String method, HttpUrl url, String body, String mchId, String serialNo, String certificateAddress) throws Exception {
    String nonceStr = RandomUtil.randomStringUpper(20);
    long timestamp = System.currentTimeMillis() / 1000;
    String message = buildMessage(method, url, timestamp, nonceStr, body);
    String signature = sign(message.getBytes("utf-8"), certificateAddress);
    return schema + " " + "mchid=\"" + mchId + "\","
            + "nonce_str=\"" + nonceStr + "\","
            + "timestamp=\"" + timestamp + "\","
            + "serial_no=\"" + serialNo + "\","
            + "signature=\"" + signature + "\"";
}

/**
 * 读取私钥
 */
public static PrivateKey getPrivateKey(String filename) throws IOException {
    String content = new String(Files.readAllBytes(Paths.get(filename)), "utf-8");
    try {
        String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
                .replace("-----END PRIVATE KEY-----", "")
                .replaceAll("\\s+", "");

        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePrivate(
                new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException("当前Java环境不支持RSA", e);
    } catch (InvalidKeySpecException e) {
        throw new RuntimeException("无效的密钥格式");
    }
}

/**
 * 加密
 */
public static String sign(byte[] message, String certificateAddress) throws Exception {
    Signature sign = Signature.getInstance("SHA256withRSA");
    //配置私钥地址读取私钥
    sign.initSign(getPrivateKey(certificateAddress));
    sign.update(message);
    return Base64.getEncoder().encodeToString(sign.sign());
}

public static String buildMessage(String method, HttpUrl url, long timestamp, String nonceStr, String body) {
    String canonicalUrl = url.encodedPath();
    if (url.encodedQuery() != null) {
        canonicalUrl += "?" + url.encodedQuery();
    }
    return method + "\n"
            + canonicalUrl + "\n"
            + timestamp + "\n"
            + nonceStr + "\n"
            + body + "\n";
}


最后一次编辑于  03-08  
点赞 0
收藏
评论
登录 后发表内容
作者介绍

文章标签