微信支付ApiV3回调验签失败?按照官方Demo写的
/**
* 商户号
*/
@Value("${merchant_id}")
private String merchantId;
/**
* 商户API私钥路径
*/
@Value("${apiclient_key_path}")
private String privateKeyPath;
/**
* 商户证书序列号
*/
@Value("${merchant_serial_number}")
private String merchantSerialNumber;
/**
* 平台证书序列号
*/
@Value("${wechat_pay_cert_serial_number}")
private String wechatPayCertSerialNumber;
/**
* 商户APIV3密钥
*/
@Value("${api_v3_key}")
private String apiV3Key;
private Verifier verifier; // 验签器
@PostConstruct
public void init() throws GeneralSecurityException, IOException, HttpCodeException, NotFoundException {
PrivateKey merchantPrivateKey = PemUtil.loadPrivateKey("-----BEGIN PRIVATE KEY-----\n" +
这里是我自己配置的私钥,商户的私钥(省略)
"-----END PRIVATE KEY-----\n");
// 平台证书管理器
CertificatesManager certificatesManager = CertificatesManager.getInstance();
// 向证书管理器增加需要自动更新平台证书的商户信息
certificatesManager.putMerchant(merchantId, new WechatPay2Credentials(merchantId,
new PrivateKeySigner(merchantSerialNumber, merchantPrivateKey)),
apiV3Key.getBytes(StandardCharsets.UTF_8));
// 从证书管理器中获取verifier
verifier = certificatesManager.getVerifier(merchantId);
// System.out.println(verifier.getValidCertificate());
}
public void notificationHandlerTest(String nonce, String timestamp, String signature, String body) throws Exception {
// 构建request,传入必要参数
NotificationRequest request = new NotificationRequest.Builder()
.withSerialNumber(wechatPayCertSerialNumber)
.withNonce(nonce)
.withTimestamp(timestamp)
.withSignature(signature)
.withBody(body)
.build();
NotificationHandler handler = new NotificationHandler(verifier, apiV3Key.getBytes(StandardCharsets.UTF_8));
// System.out.println(verifier.verify(merchantSerialNumber,request.getMessage(),request.getSignature()));
// 验签和解析请求体
Notification notification = handler.parse(request);
System.out.println(notification.toString());
}
在调用以后就提示以下错误
com.wechat.pay.contrib.apache.httpclient.exception.ValidationException: 验签失败:serial=[4FDB32320031C557EBDE89F20E0F25050846EDBE] message=[1735464766
4FDB32320031C557EBDE89F20E0F25050846EDBE
{"id":"6a817831-4fbd-5805-a6ed-23404f8f612e","create_time":"2024-12-29T17:32:45+08:00","resource_type":"encrypt-resource","event_type":"TRANSACTION.SUCCESS","summary":"支付成功","resource":{"original_type":"transaction","algorithm":"AEAD_AES_256_GCM","ciphertext":"ykhdq6bAoC8pAdYqZD18ZrWXIIGtw0epq314mxCKscNym6CWwzpzNTd5nql2bl2O8PKfyn4Esbp2Gd8Fw8GreJ88GApvVgUWorbP14Th+FCM2MWkIXOmexLcWoqoBYVdpXK7xDQn6VbMMiKWEbnqNAnOxtreaIpuFZD6ZTPV9pnsQcbXGjjTwCYXLQ1sCcmtF+uilU75uTQHrtJfTvJ/sNGObRrKp/yqpDbUU9CimIUG6yPW8MHMmVPP3c9t8ONcbGlqCNAw/zdQJQI6boLyqtMgEO0Yp9CKWogXgXeO5JTAs/TIeusDluMt/JaLBoo8bleMw/YaxibHMwIF2ISCRRYxzMXmJJ6452dubd2q91Q0cV+wHGlnYNt7rfOxGHe/UBcTmxqPuiFSR4mVGzzAuK0HWCJfu2d8rQ3y+puR966Jv2mcjNK4dzYgs0v6+QnBYFUWkrDqxJhcFXx2MH9EtPyAr+CS+pavP5ALBzMMV0mdm5g5HvhuGHUEGdUtcw/wixmIuWe7VoDd5CAWWjmufN6CiMs1DGYob9JjsPOlVtOk13YcK3w6U1XhlKRrmoIY1fvRH6lRq1BKHGM=","associated_data":"transaction","nonce":"SdZ6UszfuvZD"}}
] sign=[SleTeLLBwM86W9B8boODwkOTvy8cX4VugpmxkFrthiTMj08I6Fb4e2c/UB9zklUUEvDnhCrk/MWirEDnu7MKBWCEui5r7oY4uOVoPrEYnOaGaSOnrmlYk+ItSdafseClvFMHnb3avzDoZNG6n1zU2OElxr6NQzWD45PvlReKHwKf+8oVempe4NUxn+OABlAuhfReAInxVOy8P9pXbs74PpFN+KOeE2SCBjKbIzN1oW2nlawGYhtgo5xxuH3hFX6Q+ao4jrU/byzMQ3R5iJqPMgHCywwQGA/Y+f4x8nFy/OSGfQdLKUUoM2xyTzDXUKrneKom6b+mN7iSSsHYfSEOPw==]
我的controller是这样写的
public HashMap<String, Object> receivePayData(HttpServletRequest httpServletRequest, @RequestBody String requestData) throws Exception {
System.out.println("----------verify-----------");
weChatPayNotificationHandler.notificationHandlerTest(
httpServletRequest.getHeader("Wechatpay-Serial"),
httpServletRequest.getHeader("Wechatpay-Timestamp"),
httpServletRequest.getHeader("Wechatpay-Signature"),
requestData);
}
