收藏
回答

V3支付回调验签失败?

求大侠帮忙看看原因,卡三天了,使用的是官方SDK验签

报文主体

{  

  "id": "EV-2018022511223320873",  

  "create_time": "2015-05-20T13:29:35+08:00",  

  "resource_type": "encrypt-resource",  

  "event_type": "TRANSACTION.SUCCESS",  

  "summary": "支付成功",  

  "resource": {  

    "original_type": "transaction",  

    "algorithm": "AEAD_AES_256_GCM",  

    "ciphertext": "3TxpOF8YqF5Zy2cYQWrZNnmC1FWrxwIPvIv4WejUr+8ctmM6L3kxqQ6JS56S7JkVFMiCvfcMGkQFMtUifq09Wrt6+bNwMUNLKQ52zLyMLwS9uML2Y2Qmi1obactel3rwwTs+IXGir505F2eLBG9ruqtJxGd2dlsLQ+0Sl7OUA/mMCnxMXUhfwJC84lv2oZDC3T827Mzy0BQ5YmXfdpgOA0OCTl+OwokWMXJz2DiGafE1n0pqH/R0VgDyUCEAOb6l+dFRR7S0I1yVe7/6czAYp+i7mTgNrmudG7EgDoOVfGga9Wq9epO6PEew1ypK5M8PmIopNSzg34WEouFhOqvPZfi2paqib2gxexcqtniQQbdechavr4SH/3JSpg8Zbnnbeo3ClFDU7eRVO2FCAPQaMlcSmjU4zv2H98dvB9TnIyon/so+QwSo/ZwWMnTKeztviuYd5ICbrtzAPoeeDrPlYlB0pwlFT8Tz3lqC0QZWKvL0+FIj0+9P+2/JvZpr5aVrFosMI1Afb17P7zx69jnLFPFX0ph4AgBK/N8oRNg12uVqvJM3E07/4P7LWLKyrf9FySovQplbhlasAyOf5PWb3aBwEv19hr71uMvAyuCll39zhIZ9M1CZTcSLpuyeWDOUwt3Y7ww0mOMruvK5a5mREuowqfP/OVv73yX/mf/7MEo9wAvz2bNqAuS0c9xc2yn5EHN4rNSTgApcJh2OTNUVEZXu7sL04S/pKpApS4eXxTS1bnLeqVfk5rePQagXFXwMFJVfAPmLyMRLsBLpdc2lO2LIof+nx8HnqjHvKYnolRgJYAlUuHx1mdjsPrZreDjK12b3cBznrfC7gac+3VW4r42f2b533RCAvchchxb7l+sdzQSFImbxZ1IAZFO/ZozZEFFko2FypOh2SdZYigW6Rq6hxw8EFOrvp6GwKpkhGbb4xnQsGHupDAMte5QmiMb9M8KUP5DSIo7gCsO7FMWtXFrdetyQfLXsZ/CidA+JOlSGKL+8s/ISyajpl8YseGNhlq39Zci53GoQCETs/ixLPz4BOTeTLC9FASUoEGPKet+OvYhdo4Xlopbhs95jl6jjgZcT6Bkr5ivG2ocqi2aP5hpnnVDXq/OwXvdofTHxlp2oydlYo9xqXhg+emzSQ8woub6XXO22KOKuEcWMSCiSMWYm9gsP2v0QkCw54ZmJHuDoivV2jVrFQjdH9nO2m68SHj9I9PBj4eSbDG235d/gSxp6VrrH+UaP5b4fjZi4xZ+9Nr1oUAc1Z6RRqqvCVLY1DTMpp2H/aXr9gNUs8fL8kkfuiWEKTkcoW/JKTZjiizzbHEkXSU3+dm4AITiKWrdvSUs80OGg==",  

    "associated_data": "certificate",  

    "nonce": "4de73afd28b6"  

  }  

}

Wechatpay-Serial:71DE68330BFF41E22EB2E5DC6FBCFDB2B129991D

Wechatpay-Timestamp:1432099775

Wechatpay-Nonce:c5ac7061fccab6bf3e254dcf98995b8c

Wechatpay-Signature:a/JwSTUexccPzfrVDSsoGiozTRtFnAzsBjtCkSysUemFEpogr0ZSLRbAZlUrfnlqUALigms6JcnXnUinocooHQR6I1zn38H8n02r/GrBKHpqfHr6/YEdDrC/AlMs6O4ktiOYUwFatEKorexNYFwiDptyUW5beEFAFwNw4reCz99pj4/k/oLlhCFViBs775qQKiy4FTgzdJxHAw+6cbSU2/nHyB6F9gXwM9+IFBtjVwAPXkStXNLZOKvgGpmiYxTrw5wAiEJLijo6a9S+L6rU0B6oVX+nBKd61mV1v4tvHaRJs/dxe8hPlPApHVWqt6ntx7UC4+ChXZSg/JuJKzLY8w==

验签方法如下

    @ApiOperation("支付通知")
    @PostMapping("/jsapiPay/notify")
    public String jsapiPayNotify(HttpServletRequest request, HttpServletResponse response) {

        // 应答对象
        Map<String, String> map = new HashMap<>();

        try {

            // 处理参数
            String serialNumber = request.getHeader("Wechatpay-Serial");
            String nonce = request.getHeader("Wechatpay-Nonce");
            String timestamp = request.getHeader("Wechatpay-Timestamp");
            String signature = request.getHeader("Wechatpay-Signature");// 请求头Wechatpay-Signature
            // 获取请求体
            String body = HttpUtils.readData(request);

            // 构造微信请求体
            NotificationRequest wxRequest = new NotificationRequest.Builder().withSerialNumber(serialNumber)
                    .withNonce(nonce)
                    .withTimestamp(timestamp)
                    .withSignature(signature)
                    .withBody(body)
                    .build();
            Notification notification = null;

            try {

                /**
                 * 使用微信支付回调请求处理器解析构造的微信请求体
                 * 在这个过程中会进行签名验证,并解密加密过的内容
                 * 签名源码:  com.wechat.pay.contrib.apache.httpclient.cert; 271行开始
                 * 解密源码:  com.wechat.pay.contrib.apache.httpclient.notification 76行
                 *           com.wechat.pay.contrib.apache.httpclient.notification 147行 使用私钥获取AesUtil
                 *           com.wechat.pay.contrib.apache.httpclient.notification 147行 使用Aes对称解密获得原文
                 */
                notification = notificationHandler.parse(wxRequest);
            } catch (Exception e) {
                logger.error("通知验签失败");
                //失败应答
                response.setStatus(500);
                map.put("code", "ERROR");
                map.put("message", "通知验签失败");
                return JSON.toJSONString(map);
            }

            // 从notification中获取解密报文,并解析为HashMap
//            String plainText = notification.getDecryptData();
            logger.info("通知验签成功");

            //处理订单
//            wxPayService.processOrder(plainText);
            wxPayService.processOrder(notification);

            //成功应答
            response.setStatus(200);
            map.put("code", "SUCCESS");
            map.put("message", "成功");
            return JSON.toJSONString(map);

        } catch (Exception e) {
            e.printStackTrace();
            //失败应答
            response.setStatus(500);
            map.put("code", "ERROR");
            map.put("message", "失败");
            return JSON.toJSONString(map);
        }

    }


回答关注问题邀请回答
收藏

1 个回答

  • Memory
    Memory
    09-13

    2015年的通知拿来验签?

    09-13
    有用
    回复 8
    • 时光之遥
      时光之遥
      09-13
      这是直接复制官方用例的,创建时间会影响吗?
      09-13
      回复
    • 时光之遥
      时光之遥
      09-13
      改了创建时间和时间戳(秒)重新生成签名还是失败
      09-13
      回复
    • Memory
      Memory
      09-13回复时光之遥
      你用示例的通知有啥用,要你自己接收到的支付结果通知,直接抄readme的示例就能跑通
      09-13
      回复
    • Jerreo Chan
      Jerreo Chan
      09-26回复Memory
      已经像readme示例的测试了,还是验签失败,请问我卡在哪里了
      09-26
      回复
    • Memory
      Memory
      09-26回复Jerreo Chan
      09-26
      回复
    查看更多(3)
登录 后发表内容