String accessToken = "86_K5ysiq0CNLb662dxUYjHt-UduesOD99RUqcisuMsSePoQiCjwYUcdSqyeZxyyDVfsX25khhmEoIoEccy2odwsml3PB_uIaue9wNYaimNIjWTkFdv9WeCTEfclmS2nkBgCkGY5H0kUJ1zLyAfBJEcAEDKSN";
HashMap map = new HashMap<>();
map.put("mchid", "1697798151");
map.put("out_trade_no", "1217752501201407033233368018");
map.put("env", 0);
String paySign = WechatMiniProgramSignUtil.sign("/retail/B2b/getorder", map, APP_PROD_KEY);
String jsonString = FastJsonUtils.toJsonString(map);
System.out.println("paySign:" + paySign);
System.out.println("body:" + jsonString);
String url = "https://api.weixin.qq.com/retail/B2b/getorder?access_token=" + accessToken + "&pay_sig=" + paySign;
System.out.println("url:" + url);
HttpRequestHeaders headers = (new HttpRequestHeaders()).contentType("application/json");
HttpResponse post = HttpUtils.post(url, headers, jsonString);
String content = post.getContent();
System.out.println(content);

调用小程序b2b门店助手里面的b2b支付相关接口。渠道返回的错误：

调用的是查询订单接口：/retail/B2b/getorder

请求响应报文：

paySign:4900a058bcfe734166a7dd1a866ce266681c99054965dcc1ee5138e2fe3efc40

body:{"mchid":"1697798151","out_trade_no":"1217752501201407033233368018","env":0}

url:https://api.weixin.qq.com/retail/B2b/getorder?access_token=86_K5ysiq0CNLb662dxUYjHt-UduesOD99RUqcisuMsSePoQiCjwYUcdSqyeZxyyDVfsX25khhmEoIoEccy2odwsml3PB_uIaue9wNYaimNIjWTkFdv9WeCTEfclmS2nkBgCkGY5H0kUJ1zLyAfBJEcAEDKSN&pay_sig=4900a058bcfe734166a7dd1a866ce266681c99054965dcc1ee5138e2fe3efc40

响应报文：

{"errcode":9403200,"errmsg":"参数为空或非法 detail:[支付签名[pay_sig]校验失败] rid: 672ae6ea-6971f120-76724ca5"}

签名方法（java语言）：

package com.ursa.middle.channel.wechat.mini.program.b2b.store.util;

import com.ursa.base.serialize.json.FastJsonUtils;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/**
 * @author xxx
 * @version 1.0.0
 * @Description
 * @date 2024/10/22
 */
public class WechatMiniProgramSignUtil {

    private final static String SHA256 = "HmacSHA256";

    public static String sign(String uri, Map signBody, String appKey) throws SignatureException {
        String bodyStr = FastJsonUtils.toJsonString(signBody).replace("\":\"", "\": \"");
        String signMsg = uri + "&" + bodyStr;
        return hmacSHA256(signMsg, appKey);
    }

    public static String sign(Map signBody, String sessionKey) throws SignatureException {
        String bodyStr = FastJsonUtils.toJsonString(signBody).replace("\":\"", "\": \"");
        return hmacSHA256(bodyStr, sessionKey);
    }

    private static String hmacSHA256(String data, String key) throws SignatureException {
        try {
            Mac sha256_HMAC = Mac.getInstance(SHA256);
            SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), SHA256);
            sha256_HMAC.init(keySpec);
            byte[] bytes = sha256_HMAC.doFinal(data.getBytes());
            return byteArrayToHexString(bytes);
        } catch (NoSuchAlgorithmException | InvalidKeyException e) {
            throw new SignatureException("加签异常：" + e.getMessage());
        }
    }

    private static String byteArrayToHexString(byte[] b) {
        StringBuilder sb = new StringBuilder(b.length * 2);
        for (byte value : b) {
            sb.append(String.format("%02x", value));
        }
        return sb.toString();
    }
}