mirror of
https://github.com/dromara/payment-spring-boot.git
synced 2026-03-13 21:33:41 +08:00
✨ 微信公钥验签覆盖全场景
This commit is contained in:
xucun
@@ -2,8 +2,9 @@
|
||||
### 微信支付
|
||||
|
||||
- enhance: 增加了通过微信公钥对微信支付相关接口的响应内容或微信回调通知的参数进行验签的支持。
|
||||
- 微信配置项增加了:``` wechat-pay-public-key-id: 微信支付公钥的ID、 wechat-pay-public-key-path:微信支付公钥的路径、wechat-pay-public-key-absolute-path: 微信支付公钥的绝对路径、 switch-verify-sign-method: 是否启用从平台证书切换到微信支公钥```
|
||||
- `wechat-pay-public-key-id ` 与`wechat-pay-public-key-path或wechat-pay-public-key-absolute-path`<font color=red>同时正确配置</font>,才会启用微信支付公钥验签,否则默认使用平台证书进行验签。</font>
|
||||
- 微信配置项增加了:```enable-wechat-pay-public: 是否启用微信支付公钥验签、 wechat-pay-public-key-id: 微信支付公钥的ID、 wechat-pay-public-key-path:微信支付公钥的路径、wechat-pay-public-key-absolute-path: 微信支付公钥的绝对路径、 switch-verify-sign-method: 是否启用从平台证书切换到微信支公钥```
|
||||
- `enable-wechat-pay-public` 与 `wechat-pay-public-key-id ` 、`wechat-pay-public-key-path或wechat-pay-public-key-absolute-path`<font color=red>同时正确配置</font>,才会启用微信支付公钥验签,否则默认使用平台证书进行验签。
|
||||
-
|
||||
- 如果需要[从平台证书切换成微信支付公钥](https://pay.weixin.qq.com/doc/v3/merchant/4012154180#5.-%E6%B2%A1%E6%9C%89%E4%BD%BF%E7%94%A8%E5%BE%AE%E4%BF%A1%E6%94%AF%E4%BB%98SDK%E7%9A%84%E5%95%86%E6%88%B7%E5%A6%82%E4%BD%95%E5%B0%86%E5%B9%B3%E5%8F%B0%E8%AF%81%E4%B9%A6%E5%88%87%E6%8D%A2%E6%88%90%E5%BE%AE%E4%BF%A1%E6%94%AF%E4%BB%98%E5%85%AC%E9%92%A5),请启用`switch-verify-sign-method`参数
|
||||
- enhance: 增加了微信支付V3版本的付款码支付``codePay``与撤销API``reverse``(仅支持普通商户模式,服务商模式暂不支持)
|
||||
- factor: 升级了spring-boot-parent版本从 2.7.7 到2.7.18
|
||||
|
||||
@@ -86,12 +86,14 @@ wechat:
|
||||
mch-id: 1603337223
|
||||
domain: https://felord.cn/miniapp
|
||||
cert-path: miniapp/apiclient_cert.p12
|
||||
# 是否启用微信支付公钥
|
||||
enable-wechat-pay-public: true
|
||||
#微信公钥ID
|
||||
wechat-pay-public-key-id: PUB_KEY_ID_0116278111111115222222501
|
||||
#微信公钥
|
||||
wechat-pay-public-key-path: pub_key.pem
|
||||
wechat-pay-public-key-absolute-path: D:\\felord\\wechat\\cert\\pub_key.pem
|
||||
#是否启用从平台证书切换成微信支付公钥 不填默认为false
|
||||
#是否启用从平台证书切换成微信支付公钥 不填默认为false,
|
||||
switch-verify-sign-method: true
|
||||
```
|
||||
|
||||
|
||||
@@ -77,6 +77,9 @@ public class WechatPayProperties {
|
||||
*/
|
||||
private String domain;
|
||||
|
||||
|
||||
private Boolean enableWechatPayPublic=false;
|
||||
|
||||
/**
|
||||
* wechat pay public key id
|
||||
*/
|
||||
|
||||
@@ -254,8 +254,12 @@ public class SignatureProvider {
|
||||
*/
|
||||
@SneakyThrows
|
||||
private synchronized void refreshCertificate(String tenantId) {
|
||||
String url = WechatPayV3Type.CERT.uri(WeChatServer.CHINA);
|
||||
|
||||
WechatMetaBean wechatMetaBean = wechatMetaContainer.getWechatMeta(tenantId);
|
||||
if (wechatMetaBean.getV3().getEnableWechatPayPublic() && wechatMetaBean.getV3().getSwitchVerifySignMethod()){
|
||||
return;
|
||||
}
|
||||
String url = WechatPayV3Type.CERT.uri(WeChatServer.CHINA);
|
||||
UriComponents uri = UriComponentsBuilder.fromHttpUrl(url).build();
|
||||
|
||||
String canonicalUrl = uri.getPath();
|
||||
@@ -350,18 +354,42 @@ public class SignatureProvider {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public String encryptRequestMessage(String message, WechatMetaBean wechatMetaBean) {
|
||||
PublicKey publicKey;
|
||||
if (wechatMetaBean.getEnableWechatPayPublicEncrypt()){
|
||||
WeChatPublicKeyInfo info=this.getWechatPublicKeyInfo(wechatMetaBean.getTenantId());
|
||||
publicKey=info.getPublicKey();
|
||||
}else {
|
||||
X509WechatCertificateInfo certificate = getCertificate(wechatMetaBean.getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
publicKey=x509Certificate.getPublicKey();
|
||||
}
|
||||
try {
|
||||
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", BC_PROVIDER);
|
||||
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
|
||||
byte[] data = message.getBytes(StandardCharsets.UTF_8);
|
||||
byte[] cipherData = cipher.doFinal(data);
|
||||
return Base64Utils.encodeToString(cipherData);
|
||||
|
||||
} catch (Exception e) {
|
||||
throw new PayException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 对请求敏感字段进行加密
|
||||
*
|
||||
* @param message the message
|
||||
* @param certificate the certificate
|
||||
* @param publicKey the wechatPubicKey certificate
|
||||
* @return encrypt message
|
||||
* @since 1.0.6.RELEASE
|
||||
*/
|
||||
public String encryptRequestMessage(String message, Certificate certificate) {
|
||||
@Deprecated
|
||||
public String encryptRequestMessage(String message, RSAPublicKey publicKey) {
|
||||
try {
|
||||
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", BC_PROVIDER);
|
||||
cipher.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
|
||||
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
|
||||
|
||||
byte[] data = message.getBytes(StandardCharsets.UTF_8);
|
||||
byte[] cipherData = cipher.doFinal(data);
|
||||
@@ -401,7 +429,7 @@ public class SignatureProvider {
|
||||
* @param tenantId the tenant id
|
||||
* @return the x 509 wechat certificate info
|
||||
*/
|
||||
public X509WechatCertificateInfo getCertificate(String tenantId) {
|
||||
private X509WechatCertificateInfo getCertificate(String tenantId) {
|
||||
|
||||
return CERTIFICATE_SET.stream()
|
||||
.filter(cert -> Objects.equals(tenantId, cert.getTenantId()))
|
||||
@@ -415,6 +443,15 @@ public class SignatureProvider {
|
||||
});
|
||||
}
|
||||
|
||||
private WeChatPublicKeyInfo getWechatPublicKeyInfo(String tenantId) {
|
||||
return PUBLIC_KEY_SET.stream()
|
||||
.filter(publicKeyInfo -> Objects.equals(tenantId, publicKeyInfo.getTenantId()))
|
||||
.findAny()
|
||||
.orElseThrow(
|
||||
() -> new PayException("cannot obtain the public key")
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Wechat meta container.
|
||||
@@ -458,4 +495,12 @@ public class SignatureProvider {
|
||||
public String getWechatPublicKeyId(String tenantId) {
|
||||
return wechatMetaContainer.getWechatMeta(tenantId).getV3().getWechatPayPublicKeyId();
|
||||
}
|
||||
|
||||
public String getWechatPaySerial(WechatMetaBean wechatMetaBean) {
|
||||
if (wechatMetaBean.getEnableWechatPayPublicEncrypt()){
|
||||
return this.getWechatPublicKeyInfo(wechatMetaBean.getTenantId()).getPublicKeyId();
|
||||
}else {
|
||||
return this.getCertificate(wechatMetaBean.getTenantId()).getWechatPaySerial();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -77,18 +77,16 @@ public class WechatBatchTransferApi extends AbstractApi {
|
||||
List<CreateBatchTransferParams.TransferDetailListItem> transferDetailList = createBatchTransferParams.getTransferDetailList();
|
||||
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
List<CreateBatchTransferParams.TransferDetailListItem> encrypted = transferDetailList.stream()
|
||||
.peek(transferDetailListItem -> {
|
||||
String userName = transferDetailListItem.getUserName();
|
||||
if (StringUtils.hasText(userName)) {
|
||||
String encryptedUserName = signatureProvider.encryptRequestMessage(userName, x509Certificate);
|
||||
String encryptedUserName = signatureProvider.encryptRequestMessage(userName, this.wechatMetaBean());
|
||||
transferDetailListItem.setUserName(encryptedUserName);
|
||||
}
|
||||
String userIdCard = transferDetailListItem.getUserIdCard();
|
||||
if (StringUtils.hasText(userIdCard)) {
|
||||
String encryptedUserIdCard = signatureProvider.encryptRequestMessage(userIdCard, x509Certificate);
|
||||
String encryptedUserIdCard = signatureProvider.encryptRequestMessage(userIdCard, this.wechatMetaBean());
|
||||
transferDetailListItem.setUserIdCard(encryptedUserIdCard);
|
||||
}
|
||||
}).collect(Collectors.toList());
|
||||
@@ -98,7 +96,7 @@ public class WechatBatchTransferApi extends AbstractApi {
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, createBatchTransferParams, httpHeaders);
|
||||
}
|
||||
|
||||
|
||||
@@ -56,11 +56,8 @@ public class WechatCapitalApi extends AbstractApi{
|
||||
this.client().withType(WechatPayV3Type.CAPITAL_SEARCH, accountNumber)
|
||||
.function((type, param) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(type.uri(WeChatServer.CHINA))
|
||||
.queryParam("account_number", signatureProvider.encryptRequestMessage(param,x509Certificate))
|
||||
.queryParam("account_number", signatureProvider.encryptRequestMessage(param,this.wechatMetaBean()))
|
||||
.build()
|
||||
.toUri();
|
||||
return Get(uri);
|
||||
|
||||
@@ -47,6 +47,8 @@ public class WechatMetaBean {
|
||||
*/
|
||||
private WechatPayProperties.V3 v3;
|
||||
|
||||
private WeChatPublicKeyInfo publicKeyInfo;
|
||||
|
||||
public Boolean getEnableWechatPayPublicEncrypt() {
|
||||
return v3.getEnableWechatPayPublic();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -79,8 +79,6 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
|
||||
.function((wechatPayV3Type, params) -> {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
params.setAppid(v3.getAppId());
|
||||
List<Receiver> receivers = params.getReceivers();
|
||||
if (!CollectionUtils.isEmpty(receivers)) {
|
||||
@@ -88,7 +86,7 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
|
||||
.peek(receiversItem -> {
|
||||
String name = receiversItem.getName();
|
||||
if (StringUtils.hasText(name)) {
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name, x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name,this.wechatMetaBean());
|
||||
receiversItem.setName(encryptedName);
|
||||
}
|
||||
}).collect(Collectors.toList());
|
||||
@@ -98,7 +96,7 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -294,19 +292,17 @@ public class WechatPartnerProfitsharingApi extends AbstractApi {
|
||||
.function((wechatPayV3Type, params) -> {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
params.setAppid(v3.getAppId());
|
||||
|
||||
if (ReceiverType.MERCHANT_ID.equals(params.getType())) {
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(params.getName(), x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(params.getName(), this.wechatMetaBean());
|
||||
params.setName(encryptedName);
|
||||
}
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
|
||||
@@ -63,14 +63,12 @@ public class WechatPartnerSpecialMchApi extends AbstractApi {
|
||||
this.client().withType(WechatPayV3Type.SPEC_MCH_APPLY_PARTNER, params)
|
||||
.function((wechatPayV3Type, applymentParams) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
ApplymentParams applyRequestParams = this.convert(applymentParams, signatureProvider, x509Certificate);
|
||||
ApplymentParams applyRequestParams = this.convert(applymentParams, signatureProvider);
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, applyRequestParams, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -133,17 +131,15 @@ public class WechatPartnerSpecialMchApi extends AbstractApi {
|
||||
this.client().withType(WechatPayV3Type.SPEC_MCH_SUB_MODIFY, params)
|
||||
.function((type, subMchModifyParams) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.expand(subMchModifyParams.getSubMchid())
|
||||
.toUri();
|
||||
|
||||
subMchModifyParams.setSubMchid(null);
|
||||
subMchModifyParams.setAccountNumber(signatureProvider.encryptRequestMessage(subMchModifyParams.getAccountNumber(), x509Certificate));
|
||||
subMchModifyParams.setAccountNumber(signatureProvider.encryptRequestMessage(subMchModifyParams.getAccountNumber(), this.wechatMetaBean()));
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, subMchModifyParams, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -175,55 +171,55 @@ public class WechatPartnerSpecialMchApi extends AbstractApi {
|
||||
return wechatResponseEntity;
|
||||
}
|
||||
|
||||
private ApplymentParams convert(ApplymentParams applymentParams, SignatureProvider signatureProvider, final X509Certificate x509Certificate) {
|
||||
private ApplymentParams convert(ApplymentParams applymentParams, SignatureProvider signatureProvider) {
|
||||
|
||||
ContactInfo contactInfo = applymentParams.getContactInfo();
|
||||
contactInfo.setContactName(signatureProvider.encryptRequestMessage(contactInfo.getContactName(), x509Certificate));
|
||||
contactInfo.setContactName(signatureProvider.encryptRequestMessage(contactInfo.getContactName(), this.wechatMetaBean()));
|
||||
String contactIdNumber = contactInfo.getContactIdNumber();
|
||||
if (contactIdNumber != null) {
|
||||
contactInfo.setContactIdNumber(signatureProvider.encryptRequestMessage(contactIdNumber, x509Certificate));
|
||||
contactInfo.setContactIdNumber(signatureProvider.encryptRequestMessage(contactIdNumber,this.wechatMetaBean()));
|
||||
}
|
||||
String openid = contactInfo.getOpenid();
|
||||
if (openid != null) {
|
||||
contactInfo.setOpenid(signatureProvider.encryptRequestMessage(openid, x509Certificate));
|
||||
contactInfo.setOpenid(signatureProvider.encryptRequestMessage(openid,this.wechatMetaBean()));
|
||||
}
|
||||
contactInfo.setMobilePhone(signatureProvider.encryptRequestMessage(contactInfo.getMobilePhone(), x509Certificate));
|
||||
contactInfo.setContactEmail(signatureProvider.encryptRequestMessage(contactInfo.getContactEmail(), x509Certificate));
|
||||
contactInfo.setMobilePhone(signatureProvider.encryptRequestMessage(contactInfo.getMobilePhone(), this.wechatMetaBean()));
|
||||
contactInfo.setContactEmail(signatureProvider.encryptRequestMessage(contactInfo.getContactEmail(), this.wechatMetaBean()));
|
||||
|
||||
SubjectInfo subjectInfo = applymentParams.getSubjectInfo();
|
||||
IdentityInfo identityInfo = subjectInfo.getIdentityInfo();
|
||||
|
||||
IdCardInfo idCardInfo = identityInfo.getIdCardInfo();
|
||||
if (idCardInfo != null) {
|
||||
idCardInfo.setIdCardName(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardName(), x509Certificate));
|
||||
idCardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardNumber(), x509Certificate));
|
||||
idCardInfo.setIdCardName(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardName(), this.wechatMetaBean()));
|
||||
idCardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardNumber(), this.wechatMetaBean()));
|
||||
String idCardAddress = idCardInfo.getIdCardAddress();
|
||||
if (StringUtils.hasText(idCardAddress)){
|
||||
idCardInfo.setIdCardAddress(signatureProvider.encryptRequestMessage(idCardAddress, x509Certificate));
|
||||
idCardInfo.setIdCardAddress(signatureProvider.encryptRequestMessage(idCardAddress,this.wechatMetaBean()));
|
||||
}
|
||||
}
|
||||
IdDocInfo idDocInfo = identityInfo.getIdDocInfo();
|
||||
if (idDocInfo != null) {
|
||||
idDocInfo.setIdDocName(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocName(), x509Certificate));
|
||||
idDocInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocNumber(), x509Certificate));
|
||||
idDocInfo.setIdDocName(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocName(), this.wechatMetaBean()));
|
||||
idDocInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocNumber(), this.wechatMetaBean()));
|
||||
String idDocAddress = idDocInfo.getIdDocAddress();
|
||||
if (StringUtils.hasText(idDocAddress)){
|
||||
idDocInfo.setIdDocAddress(signatureProvider.encryptRequestMessage(idDocAddress, x509Certificate));
|
||||
idDocInfo.setIdDocAddress(signatureProvider.encryptRequestMessage(idDocAddress,this.wechatMetaBean()));
|
||||
}
|
||||
}
|
||||
List<UboInfoListItem> uboInfoList = subjectInfo.getUboInfoList();
|
||||
if (!CollectionUtils.isEmpty(uboInfoList)) {
|
||||
uboInfoList.forEach(uboInfoListItem -> {
|
||||
uboInfoListItem.setUboIdDocName(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocName(), x509Certificate));
|
||||
uboInfoListItem.setUboIdDocNumber(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocNumber(), x509Certificate));
|
||||
uboInfoListItem.setUboIdDocAddress(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocAddress(), x509Certificate));
|
||||
uboInfoListItem.setUboIdDocName(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocName(), this.wechatMetaBean()));
|
||||
uboInfoListItem.setUboIdDocNumber(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocNumber(), this.wechatMetaBean()));
|
||||
uboInfoListItem.setUboIdDocAddress(signatureProvider.encryptRequestMessage(uboInfoListItem.getUboIdDocAddress(), this.wechatMetaBean()));
|
||||
});
|
||||
}
|
||||
|
||||
BankAccountInfo bankAccountInfo = applymentParams.getBankAccountInfo();
|
||||
|
||||
bankAccountInfo.setAccountName(signatureProvider.encryptRequestMessage(bankAccountInfo.getAccountName(), x509Certificate));
|
||||
bankAccountInfo.setAccountNumber(signatureProvider.encryptRequestMessage(bankAccountInfo.getAccountNumber(), x509Certificate));
|
||||
bankAccountInfo.setAccountName(signatureProvider.encryptRequestMessage(bankAccountInfo.getAccountName(), this.wechatMetaBean()));
|
||||
bankAccountInfo.setAccountNumber(signatureProvider.encryptRequestMessage(bankAccountInfo.getAccountNumber(), this.wechatMetaBean()));
|
||||
|
||||
return applymentParams;
|
||||
}
|
||||
|
||||
@@ -77,8 +77,6 @@ public class WechatProfitsharingApi extends AbstractApi {
|
||||
.function((wechatPayV3Type, params) -> {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
params.setAppid(v3.getAppId());
|
||||
List<Receiver> receivers = params.getReceivers();
|
||||
if (!CollectionUtils.isEmpty(receivers)) {
|
||||
@@ -86,7 +84,7 @@ public class WechatProfitsharingApi extends AbstractApi {
|
||||
.peek(receiversItem -> {
|
||||
String name = receiversItem.getName();
|
||||
if (StringUtils.hasText(name)) {
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name, x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name,this.wechatMetaBean());
|
||||
receiversItem.setName(encryptedName);
|
||||
}
|
||||
}).collect(Collectors.toList());
|
||||
@@ -96,7 +94,7 @@ public class WechatProfitsharingApi extends AbstractApi {
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -263,19 +261,17 @@ public class WechatProfitsharingApi extends AbstractApi {
|
||||
.function((wechatPayV3Type, params) -> {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
params.setAppid(v3.getAppId());
|
||||
String name = params.getName();
|
||||
if (StringUtils.hasText(name)) {
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name, x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name,this.wechatMetaBean());
|
||||
params.setName(encryptedName);
|
||||
}
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
|
||||
@@ -65,15 +65,13 @@ public class WechatSmartGuideApi extends AbstractApi {
|
||||
this.client().withType(WechatPayV3Type.SMART_GUIDES, params)
|
||||
.function((wechatPayV3Type, smartGuidesParams) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
smartGuidesParams.setName(signatureProvider.encryptRequestMessage(smartGuidesParams.getName(), x509Certificate));
|
||||
smartGuidesParams.setMobile(signatureProvider.encryptRequestMessage(smartGuidesParams.getMobile(), x509Certificate));
|
||||
smartGuidesParams.setName(signatureProvider.encryptRequestMessage(smartGuidesParams.getName(), this.wechatMetaBean()));
|
||||
smartGuidesParams.setMobile(signatureProvider.encryptRequestMessage(smartGuidesParams.getMobile(), this.wechatMetaBean()));
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, smartGuidesParams, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -137,10 +135,8 @@ public class WechatSmartGuideApi extends AbstractApi {
|
||||
String mobile = smartGuidesQueryParams.getMobile();
|
||||
if (mobile != null) {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
queryParams.add("mobile", signatureProvider.encryptRequestMessage(mobile, x509Certificate));
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
queryParams.add("mobile", signatureProvider.encryptRequestMessage(mobile,this.wechatMetaBean()));
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
}
|
||||
String workId = smartGuidesQueryParams.getWorkId();
|
||||
if (workId != null) {
|
||||
@@ -177,15 +173,13 @@ public class WechatSmartGuideApi extends AbstractApi {
|
||||
this.client().withType(WechatPayV3Type.SMART_GUIDES_MODIFY, params)
|
||||
.function((wechatPayV3Type, smartGuidesParams) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
smartGuidesParams.setName(signatureProvider.encryptRequestMessage(smartGuidesParams.getName(), x509Certificate));
|
||||
smartGuidesParams.setMobile(signatureProvider.encryptRequestMessage(smartGuidesParams.getMobile(), x509Certificate));
|
||||
smartGuidesParams.setName(signatureProvider.encryptRequestMessage(smartGuidesParams.getName(), this.wechatMetaBean()));
|
||||
smartGuidesParams.setMobile(signatureProvider.encryptRequestMessage(smartGuidesParams.getMobile(), this.wechatMetaBean()));
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Patch(uri, smartGuidesParams, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
|
||||
@@ -71,12 +71,10 @@ public class ApplymentApi extends AbstractApi {
|
||||
WechatResponseEntity<ObjectNode> wechatResponseEntity = new WechatResponseEntity<>();
|
||||
this.client().withType(WechatPayV3Type.ECOMMERCE_APPLYMENT, params).function((wechatPayV3Type, applymentParams) -> {
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
EcommerceApplymentParams applyRequestParams = this.convert(applymentParams, signatureProvider, x509Certificate);
|
||||
EcommerceApplymentParams applyRequestParams = this.convert(applymentParams, signatureProvider);
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA)).build().toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, applyRequestParams, httpHeaders);
|
||||
}).consumer(wechatResponseEntity::convert).request();
|
||||
return wechatResponseEntity;
|
||||
@@ -138,50 +136,50 @@ public class ApplymentApi extends AbstractApi {
|
||||
return this.wechatPartnerSpecialMchApi.querySettlement(subMchid);
|
||||
}
|
||||
|
||||
private EcommerceApplymentParams convert(EcommerceApplymentParams applymentParams, SignatureProvider signatureProvider, X509Certificate x509Certificate) {
|
||||
private EcommerceApplymentParams convert(EcommerceApplymentParams applymentParams, SignatureProvider signatureProvider) {
|
||||
EcommerceIdCardInfo idCardInfo = applymentParams.getIdCardInfo();
|
||||
if (idCardInfo != null) {
|
||||
idCardInfo.setIdCardName(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardName(), x509Certificate));
|
||||
idCardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardNumber(), x509Certificate));
|
||||
idCardInfo.setIdCardName(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardName(), this.wechatMetaBean()));
|
||||
idCardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(idCardInfo.getIdCardNumber(), this.wechatMetaBean()));
|
||||
String idCardAddress = idCardInfo.getIdCardAddress();
|
||||
if (StringUtils.hasText(idCardAddress)) {
|
||||
idCardInfo.setIdCardAddress(signatureProvider.encryptRequestMessage(idCardAddress, x509Certificate));
|
||||
idCardInfo.setIdCardAddress(signatureProvider.encryptRequestMessage(idCardAddress,this.wechatMetaBean()));
|
||||
}
|
||||
}
|
||||
EcommerceIdDocInfo idDocInfo = applymentParams.getIdDocInfo();
|
||||
if (idDocInfo != null) {
|
||||
idDocInfo.setIdDocName(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocName(), x509Certificate));
|
||||
idDocInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocNumber(), x509Certificate));
|
||||
idDocInfo.setIdDocName(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocName(), this.wechatMetaBean()));
|
||||
idDocInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(idDocInfo.getIdDocNumber(), this.wechatMetaBean()));
|
||||
String idDocAddress = idDocInfo.getIdDocAddress();
|
||||
if (StringUtils.hasText(idDocAddress)) {
|
||||
idDocInfo.setIdDocAddress(signatureProvider.encryptRequestMessage(idDocAddress, x509Certificate));
|
||||
idDocInfo.setIdDocAddress(signatureProvider.encryptRequestMessage(idDocAddress,this.wechatMetaBean()));
|
||||
}
|
||||
}
|
||||
UboInfo uboInfo = applymentParams.getUboInfo();
|
||||
if (uboInfo != null) {
|
||||
UboInfo.IdCardInfo cardInfo = uboInfo.getIdCardInfo();
|
||||
if (cardInfo != null) {
|
||||
cardInfo.setIdCardName(signatureProvider.encryptRequestMessage(cardInfo.getIdCardName(), x509Certificate));
|
||||
cardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(cardInfo.getIdCardNumber(), x509Certificate));
|
||||
cardInfo.setIdCardName(signatureProvider.encryptRequestMessage(cardInfo.getIdCardName(), this.wechatMetaBean()));
|
||||
cardInfo.setIdCardNumber(signatureProvider.encryptRequestMessage(cardInfo.getIdCardNumber(), this.wechatMetaBean()));
|
||||
}
|
||||
UboInfo.IdDocInfo docInfo = uboInfo.getIdDocInfo();
|
||||
if (docInfo != null) {
|
||||
docInfo.setIdDocName(signatureProvider.encryptRequestMessage(docInfo.getIdDocName(), x509Certificate));
|
||||
docInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(docInfo.getIdDocNumber(), x509Certificate));
|
||||
docInfo.setIdDocName(signatureProvider.encryptRequestMessage(docInfo.getIdDocName(), this.wechatMetaBean()));
|
||||
docInfo.setIdDocNumber(signatureProvider.encryptRequestMessage(docInfo.getIdDocNumber(), this.wechatMetaBean()));
|
||||
}
|
||||
}
|
||||
EcommerceAccountInfo accountInfo = applymentParams.getAccountInfo();
|
||||
if (accountInfo != null) {
|
||||
accountInfo.setAccountName(signatureProvider.encryptRequestMessage(accountInfo.getAccountName(), x509Certificate));
|
||||
accountInfo.setAccountNumber(signatureProvider.encryptRequestMessage(accountInfo.getAccountNumber(), x509Certificate));
|
||||
accountInfo.setAccountName(signatureProvider.encryptRequestMessage(accountInfo.getAccountName(), this.wechatMetaBean()));
|
||||
accountInfo.setAccountNumber(signatureProvider.encryptRequestMessage(accountInfo.getAccountNumber(), this.wechatMetaBean()));
|
||||
}
|
||||
EcommerceContactInfo contactInfo = applymentParams.getContactInfo();
|
||||
contactInfo.setContactName(signatureProvider.encryptRequestMessage(contactInfo.getContactName(), x509Certificate));
|
||||
contactInfo.setContactIdCardNumber(signatureProvider.encryptRequestMessage(contactInfo.getContactIdCardNumber(), x509Certificate));
|
||||
contactInfo.setMobilePhone(signatureProvider.encryptRequestMessage(contactInfo.getMobilePhone(), x509Certificate));
|
||||
contactInfo.setContactName(signatureProvider.encryptRequestMessage(contactInfo.getContactName(), this.wechatMetaBean()));
|
||||
contactInfo.setContactIdCardNumber(signatureProvider.encryptRequestMessage(contactInfo.getContactIdCardNumber(), this.wechatMetaBean()));
|
||||
contactInfo.setMobilePhone(signatureProvider.encryptRequestMessage(contactInfo.getMobilePhone(), this.wechatMetaBean()));
|
||||
String contactEmail = contactInfo.getContactEmail();
|
||||
if (contactEmail != null) {
|
||||
contactInfo.setContactEmail(signatureProvider.encryptRequestMessage(contactEmail, x509Certificate));
|
||||
contactInfo.setContactEmail(signatureProvider.encryptRequestMessage(contactEmail,this.wechatMetaBean()));
|
||||
}
|
||||
return applymentParams;
|
||||
}
|
||||
|
||||
@@ -77,15 +77,13 @@ public class ProfitsharingApi extends AbstractApi {
|
||||
.function((wechatPayV3Type, params) -> {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
params.setAppid(v3.getAppId());
|
||||
List<Receiver> receivers = params.getReceivers();
|
||||
if (!CollectionUtils.isEmpty(receivers)) {
|
||||
receivers.forEach(receiversItem -> {
|
||||
String name = receiversItem.getReceiverName();
|
||||
if (StringUtils.hasText(name)) {
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name, x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name,this.wechatMetaBean());
|
||||
receiversItem.setReceiverName(encryptedName);
|
||||
}
|
||||
});
|
||||
@@ -94,7 +92,7 @@ public class ProfitsharingApi extends AbstractApi {
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
@@ -256,20 +254,17 @@ public class ProfitsharingApi extends AbstractApi {
|
||||
WechatPayProperties.V3 v3 = this.wechatMetaBean().getV3();
|
||||
params.setAppid(v3.getAppId());
|
||||
SignatureProvider signatureProvider = this.client().signatureProvider();
|
||||
X509WechatCertificateInfo certificate = signatureProvider.getCertificate(this.wechatMetaBean().getTenantId());
|
||||
final X509Certificate x509Certificate = certificate.getX509Certificate();
|
||||
|
||||
String name = params.getName();
|
||||
if (ReceiverType.PERSONAL_OPENID.equals(params.getType()) && StringUtils.hasText(name)) {
|
||||
// 个人应该必传
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name, x509Certificate);
|
||||
String encryptedName = signatureProvider.encryptRequestMessage(name,this.wechatMetaBean());
|
||||
params.setEncryptedName(encryptedName);
|
||||
}
|
||||
URI uri = UriComponentsBuilder.fromHttpUrl(wechatPayV3Type.uri(WeChatServer.CHINA))
|
||||
.build()
|
||||
.toUri();
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.add("Wechatpay-Serial", certificate.getWechatPaySerial());
|
||||
httpHeaders.add("Wechatpay-Serial", signatureProvider.getWechatPaySerial(this.wechatMetaBean()));
|
||||
return Post(uri, params, httpHeaders);
|
||||
})
|
||||
.consumer(wechatResponseEntity::convert)
|
||||
|
||||
Reference in New Issue
Block a user