公告列表
公告列表
收藏
回答

已解决。匹配了Authorization 提示不合法?

错误的应答

{"statusCode":401,"header":{"server":"nginx","date":"Sat, 31 May 2025 12:55:38 GMT","content-type":"application/json; charset=utf-8","content-length":"125","connection":"keep-alive","keep-alive":"timeout=8","cache-control":"no-cache, must-revalidate","x-content-type-options":"nosniff","request-id":"08CAF8EBC10610950118BCC1EEA30620D2D0042891FB02-270924346","content-language":"zh-CN"},"data":{"code":"SIGN_ERROR","message":"Http头Authorization值格式错误,请参考《微信支付商户REST API签名规则》"}}


已经正则匹配了Authorization ,却依然提示不合法。这是不可能的,所以一定是应答错误。

提示的是:Http头Authorization值格式错误,请参考《微信支付商户REST API签名规则》。不是这个问题,却返回这个难道不是接口的问题吗?


'use strict';
const crypto = require('crypto');//引入加密类
const fs = require('fs');//引入文件类
const path = require('path');//引入路径类
exports.main = async (event, context) => {
//读取私钥文件
	const privateKeyContent = fs.readFileSync(path.join(__dirname, 'private.pem'), 'utf8');
//签名函数(官方规则,无需质疑)
function generateSignature(data, privateKey) {
    const sign = crypto.createSign('SHA256');
    sign.update(data);
    sign.end();
    return sign.sign(privateKey, 'base64');
}
    const mchid = "1633189699";//与证书一致
    const serial_no = "3a26596811a271d68c025fea2e2ad6d9d287051a"; //与证书一致
    const timestamp = Math.floor(Date.now() / 1000);//UTC时间戳
    const nonce_str = crypto.randomBytes(16).toString('hex').toUpperCase(); //32位随机数
	const out_trade_no=crypto.randomBytes(16).toString('hex');//唯一32位订单号
    const data = JSON.stringify({
        appid: "wx78a5fdbf8ffd6197",
        mchid: "1633189699",
        description: "商品秒速",
        out_trade_no: out_trade_no,
        notify_url: "https://env-00jxtk05euxr.dev-hz.cloudbasefunction.cn/auth/",
        amount: { total: 200, currency: "CNY" },
        payer: { openid: "oUpF8uMuAJO_M2pxb1Q9zNjWeS6o" }
    });//mchid已改为证书值,appid已改为绑定值,notify_url已备案
    const urlPath = `/v3/pay/transactions/app`;
      // 签名数据是紧凑型字符串且最后已经额外换行
    const signData = ["POST",urlPath,timestamp.toString(),nonce_str,data].join("\n") + "\n"//生成签名 
    const signature = generateSignature(signData, privateKeyContent);
    const Authorization = `WECHATPAY2-SHA256-RSA2048 mchid="${mchid}",nonce_str="${nonce_str}",signature="${signature}",timestamp="${timestamp}",serial_no="${serial_no}"`;
    console.log("Authorization正则检查:",/^WECHATPAY2-SHA256-RSA2048 mchid="\d+",nonce_str="[\w]{32}",signature="[\w\/+=]+",timestamp="\d+",serial_no="[\w]+"$/.test(Authorization) ); 
//正则检查通过,证明不是签名头的问题    
//发送异步请求
        const response = await uniCloud.request({
            url: `https://api.mch.weixin.qq.com${urlPath}`,
            method: 'POST',
            header: {
                'Accept': 'application/json',
                'Content-Type': 'application/json',
                'Authorization': Authorization
            },
            data: data
        });
        console.log(response);
        return response;


};


最后一次编辑于  2天前
回答关注问题邀请回答
收藏

2 个回答

登录 后发表内容
相关文档