open-source/payment-spring-boot
1
0
Fork 0
mirror of https://github.com/dromara/payment-spring-boot.git synced 2026-03-14 05:43:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor: 证书增加租户指纹

Browse Source
This commit is contained in:
felord
2021-09-08 11:03:02 +08:00
parent 90233b8e32
commit 194937025f
5 changed files with 29 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/SignatureProvider.java
View File

@@ -88,7 +88,7 @@ public class SignatureProvider {
/** /**
* 微信平台证书容器 key = 序列号 value = 证书对象 * 微信平台证书容器 key = 序列号 value = 证书对象
*/ */
private static final Map<String, Certificate> CERTIFICATE_MAP = new ConcurrentHashMap<>(); private static final Map<String, X509WechatCertificateInfo> CERTIFICATE_MAP = new ConcurrentHashMap<>();
/** /**
* 加密算法提供方 - BouncyCastle * 加密算法提供方 - BouncyCastle
*/ */
@@ -181,10 +181,10 @@ public class SignatureProvider {
if (CERTIFICATE_MAP.isEmpty() || !CERTIFICATE_MAP.containsKey(wechatpaySerial)) { if (CERTIFICATE_MAP.isEmpty() || !CERTIFICATE_MAP.containsKey(wechatpaySerial)) {
wechatMetaContainer.getTenantIds().forEach(this::refreshCertificate); wechatMetaContainer.getTenantIds().forEach(this::refreshCertificate);
} }
Certificate certificate = CERTIFICATE_MAP.get(wechatpaySerial); Certificate certificate = CERTIFICATE_MAP.get(wechatpaySerial).getX509Certificate();
final String signatureStr = createSign(true, params.getWechatpayTimestamp(), params.getWechatpayNonce(), params.getBody()); final String signatureStr = createSign(true, params.getWechatpayTimestamp(), params.getWechatpayNonce(), params.getBody());
Signature signer = Signature.getInstance("SHA256withRSA",BC_PROVIDER); Signature signer = Signature.getInstance("SHA256withRSA", BC_PROVIDER);
signer.initVerify(certificate); signer.initVerify(certificate);
signer.update(signatureStr.getBytes(StandardCharsets.UTF_8)); signer.update(signatureStr.getBytes(StandardCharsets.UTF_8));
@@ -241,7 +241,9 @@ public class SignatureProvider {
try { try {
Certificate certificate = certificateFactory.generateCertificate(inputStream); Certificate certificate = certificateFactory.generateCertificate(inputStream);
String responseSerialNo = objectNode.get("serial_no").asText(); String responseSerialNo = objectNode.get("serial_no").asText();
CERTIFICATE_MAP.put(responseSerialNo, certificate); X509WechatCertificateInfo x509WechatCertificateInfo = new X509WechatCertificateInfo();
x509WechatCertificateInfo.setX509Certificate((X509Certificate) certificate);
CERTIFICATE_MAP.put(responseSerialNo, x509WechatCertificateInfo);
} catch (CertificateException e) { } catch (CertificateException e) {
throw new PayException("An error occurred while generating the wechat v3 certificate, reason : " + e.getMessage()); throw new PayException("An error occurred while generating the wechat v3 certificate, reason : " + e.getMessage());
} }
@@ -314,21 +316,23 @@ public class SignatureProvider {
/** /**
* Get certificate x 509 wechat certificate info. * Get certificate x 509 wechat certificate info.
* *
* @param tenantId the tenant id
* @return the x 509 wechat certificate info * @return the x 509 wechat certificate info
*/ */
public X509WechatCertificateInfo getCertificate() { public X509WechatCertificateInfo getCertificate(String tenantId) {
for (String serial : CERTIFICATE_MAP.keySet()) { for (String serial : CERTIFICATE_MAP.keySet()) {
X509Certificate x509Cert = (X509Certificate) CERTIFICATE_MAP.get(serial); X509WechatCertificateInfo wechatCertificateInfo = CERTIFICATE_MAP.get(serial);
try { X509Certificate x509Cert = wechatCertificateInfo.getX509Certificate();
x509Cert.checkValidity(); if (wechatCertificateInfo.getTenantId().equals(tenantId)){
X509WechatCertificateInfo x509WechatCertificateInfo = new X509WechatCertificateInfo(); try {
x509WechatCertificateInfo.setWechatPaySerial(serial); x509Cert.checkValidity();
x509WechatCertificateInfo.setX509Certificate(x509Cert);
return x509WechatCertificateInfo; return wechatCertificateInfo;
} catch (Exception e) { } catch (Exception e) {
log.warn("the wechat certificate is invalid , {}", e.getMessage()); log.warn("the wechat certificate is invalid , {}", e.getMessage());
// Async? // Async?
wechatMetaContainer.getTenantIds().forEach(this::refreshCertificate); wechatMetaContainer.getTenantIds().forEach(this::refreshCertificate);
}
} }
} }
throw new PayException("failed to obtain wechat pay x509Certificate "); throw new PayException("failed to obtain wechat pay x509Certificate ");

2
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/WechatBatchTransferApi.java
View File

@@ -77,7 +77,7 @@ public class WechatBatchTransferApi extends AbstractApi {
List<CreateBatchTransferParams.TransferDetailListItem> transferDetailList = createBatchTransferParams.getTransferDetailList(); List<CreateBatchTransferParams.TransferDetailListItem> transferDetailList = createBatchTransferParams.getTransferDetailList();
SignatureProvider signatureProvider = this.client().signatureProvider(); SignatureProvider signatureProvider = this.client().signatureProvider();
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(); X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
final X509Certificate x509Certificate = certificate.getX509Certificate(); final X509Certificate x509Certificate = certificate.getX509Certificate();
List<CreateBatchTransferParams.TransferDetailListItem> encrypted = transferDetailList.stream() List<CreateBatchTransferParams.TransferDetailListItem> encrypted = transferDetailList.stream()
.peek(transferDetailListItem -> { .peek(transferDetailListItem -> {

4
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/WechatPartnerProfitsharingApi.java
View File

@@ -56,7 +56,7 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
.function((wechatPayV3Type, params) -> { .function((wechatPayV3Type, params) -> {
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3(); WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
SignatureProvider signatureProvider = this.client().signatureProvider(); SignatureProvider signatureProvider = this.client().signatureProvider();
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(); X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
final X509Certificate x509Certificate = certificate.getX509Certificate(); final X509Certificate x509Certificate = certificate.getX509Certificate();
params.setAppid(v3.getAppId()); params.setAppid(v3.getAppId());
List<Receiver> receivers = params.getReceivers(); List<Receiver> receivers = params.getReceivers();
@@ -272,7 +272,7 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
.function((wechatPayV3Type, params) -> { .function((wechatPayV3Type, params) -> {
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3(); WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
SignatureProvider signatureProvider = this.client().signatureProvider(); SignatureProvider signatureProvider = this.client().signatureProvider();
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(); X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
final X509Certificate x509Certificate = certificate.getX509Certificate(); final X509Certificate x509Certificate = certificate.getX509Certificate();
params.setAppid(v3.getAppId()); params.setAppid(v3.getAppId());
String name = params.getName(); String name = params.getName();

4
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/WechatProfitsharingApi.java
View File

@@ -53,7 +53,7 @@ public class WechatProfitsharingApi extends AbstractApi {
.function((wechatPayV3Type, params) -> { .function((wechatPayV3Type, params) -> {
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3(); WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
SignatureProvider signatureProvider = this.client().signatureProvider(); SignatureProvider signatureProvider = this.client().signatureProvider();
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(); X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
final X509Certificate x509Certificate = certificate.getX509Certificate(); final X509Certificate x509Certificate = certificate.getX509Certificate();
params.setAppid(v3.getAppId()); params.setAppid(v3.getAppId());
List<Receiver> receivers = params.getReceivers(); List<Receiver> receivers = params.getReceivers();
@@ -239,7 +239,7 @@ public class WechatProfitsharingApi extends AbstractApi {
.function((wechatPayV3Type, params) -> { .function((wechatPayV3Type, params) -> {
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3(); WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
SignatureProvider signatureProvider = this.client().signatureProvider(); SignatureProvider signatureProvider = this.client().signatureProvider();
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(); X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
final X509Certificate x509Certificate = certificate.getX509Certificate(); final X509Certificate x509Certificate = certificate.getX509Certificate();
params.setAppid(v3.getAppId()); params.setAppid(v3.getAppId());
String name = params.getName(); String name = params.getName();

4
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/X509WechatCertificateInfo.java
View File

@@ -33,6 +33,10 @@ public class X509WechatCertificateInfo {
* wechatPaySerial * wechatPaySerial
*/ */
private String wechatPaySerial; private String wechatPaySerial;
/**
* tenantId
*/
private String tenantId;
/** /**
* X509Certificate * X509Certificate
*/ */