(Notice:以下所有经验也是我根据网上的经验整理的,如有侵权可以联系我删除,Wx:IT_Ezra,QQ 654303408。 有问题讨论也可联系我,QQ同上。)
(Tips:我是第一次开发,一个刚毕业的java工程师,我觉得我并非天赋异禀,我能学会,相信聪敏的你,一定可以)
(PS:目前微信拥有无可撼动的人口基数,越来越多的项目开发是基于微信小程序,或者APP。但是支付方式无非两种,一种是支付宝,一种是微信支付。那么我们来了解一下微信支付。(首先去读5遍微信支付开发文档,地址https://pay./wiki/doc/api/wxa/wxa_api.php?chapter=7_3&index=1),了解原理以及它的过程和参数列表。)
(PS:-03-27 代码已经更新。更加优化了。根据业内人士称,支付过程应该下沉到service层。代码目前更新了。回调目前没有下沉。可以加我QQ或者维信沟通,完善后会通知大家)
Controller类
@RestController@RequestMapping("/pay")public class PayController {@RequestMapping(value = "/wxPay", method = RequestMethod.POST)public String wxPay(String openId, String orderNumber ,HttpServletRequest request) {Object result = new Object();try {//获取自己的openId,可以找前端要// String openId = "xxx";//订单号,自己的订单设计,最好用固定长度 20位等等。// String orderNumber = "xxxx";//获取客户端的ip地址String spbill_create_ip = getIpAddr(request);//将支付业务下沉到service层result = OrderService.wxPay(spbill_create_ip, openId, orderNumber ); } catch (Exception e) {e.printStackTrace();}return PayUtil.toJson(result);}//这里是支付回调接口,微信支付成功后会自动调用@RequestMapping(value = "/wxNotify", method = RequestMethod.POST)public void wxNotify(HttpServletRequest request, HttpServletResponse response) throws Exception {BufferedReader br = new BufferedReader(new InputStreamReader(request.getInputStream()));String line = null;StringBuilder sb = new StringBuilder();while ((line = br.readLine()) != null) {sb.append(line);}br.close();//sb为微信返回的xmlString notityXml = sb.toString();String resXml = "";Map map = PayUtil.doXMLParse(notityXml);String returnCode = (String) map.get("return_code");if ("SUCCESS".equals(returnCode)) {//验证签名是否正确Map<String, String> validParams = PayUtil.paraFilter(map); //回调验签时需要去除sign和空值参数String prestr = PayUtil.createLinkString(validParams); //根据微信官网的介绍,此处不仅对回调的参数进行验签,还需要对返回的金额与系统订单的金额进行比对等if (PayUtil.verify(prestr, (String) map.get("sign"), WechatConfig.key, "utf-8")) {/**此处添加自己的业务逻辑代码start**///注意要判断微信支付重复回调,支付成功后微信会重复的进行回调/**此处添加自己的业务逻辑代码end**///通知微信服务器已经支付成功resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";}} else {resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"+ "<return_msg><![CDATA[报文为空]]></return_msg>" + "</xml> ";}BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());out.write(resXml.getBytes());out.flush();out.close();}//获取IPprivate String getIpAddr(HttpServletRequest request) {String ip = request.getHeader("X-Forwarded-For");if (StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {//多次反向代理后会有多个ip值,第一个ip才是真实ipint index = ip.indexOf(",");if (index != -1) {return ip.substring(0, index);} else {return ip;}}ip = request.getHeader("X-Real-IP");if (StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {return ip;}return request.getRemoteAddr();}}
Payservice层
@Service@Transactional(propagation = Propagation.REQUIRED, isolation = Isolation.DEFAULT)public class OrderService {public Map wxPay(String spbill_create_ip, String openId, String orderNumber) {Map<String, Object> payMap = new HashMap<String, Object>();//返回给小程序端需要的参数try {//生成的随机字符串String nonce_str = getRandomStringByLength(32);//商品名称//todoString body = "测试商品名称";//获取客户端的ip地址BigDecimal ¥ = new BigDecimal(100.00);int price = order.getAdjustPrice().multiply(¥).intValue();//组装参数,用户生成统一下单接口的签名logger.info("----------下单接口签名-------");Map<String, String> packageParams = new HashMap<>();packageParams.put("appid", WechatConfig.appid);packageParams.put("mch_id", WechatConfig.mch_id);packageParams.put("nonce_str", nonce_str);packageParams.put("body", body);packageParams.put("out_trade_no", orderNumber);//商户订单号,自己的订单IDpackageParams.put("total_fee", price + "");//支付金额,这边需要转成字符串类型,否则后面的签名会失败packageParams.put("spbill_create_ip", spbill_create_ip);packageParams.put("notify_url", WechatConfig.notify_url);//支付成功后的回调地址packageParams.put("trade_type", WechatConfig.TRADETYPE);//支付方式packageParams.put("openid", openId + "");//用户的openID,自己获取String prestr = PayUtil.createLinkString(packageParams); // 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串logger.info("----------prestr:" + prestr);logger.info("----------调用统一下单接口-------");//MD5运算生成签名,这里是第一次签名,用于调用统一下单接口String mysign = PayUtil.sign(prestr, WechatConfig.key, "utf-8").toUpperCase();logger.info("----------mysign:" + mysign);//拼接统一下单接口使用的xml数据,要将上一步生成的签名一起拼接进去String xml = "<xml>" + "<appid>" + WechatConfig.appid + "</appid>"+ "<attach>" + attach + "</attach>"+ "<body><![CDATA[" + body + "]]></body>"+ "<mch_id>" + WechatConfig.mch_id + "</mch_id>"+ "<nonce_str>" + nonce_str + "</nonce_str>"+ "<notify_url>" + WechatConfig.notify_url + "</notify_url>"+ "<openid>" + openId + "</openid>"+ "<out_trade_no>" + payOrderNumber + "</out_trade_no>"+ "<spbill_create_ip>" + spbill_create_ip + "</spbill_create_ip>"+ "<total_fee>" + price + "</total_fee>"//支付的金额,单位:分+ "<trade_type>" + WechatConfig.TRADETYPE + "</trade_type>"+ "<sign>" + mysign + "</sign>"+ "</xml>";//调用统一下单接口,并接受返回的结果String result = PayUtil.httpRequest(WechatConfig.pay_url, "POST", xml);logger.info("----------result:" + result);// 将解析结果存储在HashMap中Map map = PayUtil.doXMLParse(result);String return_code = (String) map.get("return_code");//返回状态码String result_code = (String) map.get("result_code");//返回状态码String err_code = (String) map.get("err_code");//返回状态码String err_code_des = (String) map.get("err_code_des");//返回状态码if (return_code.equals("SUCCESS") || return_code.equals(result_code)) {String prepay_id = (String) map.get("prepay_id");//返回的预付单信息payMap.put("nonceStr", nonce_str);payMap.put("package", "prepay_id=" + prepay_id);Long timeStamp = System.currentTimeMillis() / 1000;payMap.put("timeStamp", timeStamp + "");//这边要将返回的时间戳转化成字符串,不然小程序端调用wx.requestPayment方法会报签名错误//拼接签名需要的参数String stringSignTemp = "appId=" + WechatConfig.appid + "&nonceStr=" + nonce_str + "&package=prepay_id=" + prepay_id + "&signType=MD5&timeStamp=" + timeStamp;//再次签名,这个签名用于小程序端调用wx.requesetPayment方法String paySign = PayUtil.sign(stringSignTemp, WechatConfig.key, "utf-8").toUpperCase();logger.info("=======================第二次签名:", paySign + "============ ======");payMap.put("paySign", paySign);} else {logger.info("----------统一下单失败-------");return payMap;}//OrderService.insert(payOperation);payMap.put("appid", WechatConfig.appid);} catch (Exception e) {e.printStackTrace();}return payMap;}//获取随机字符串private String getRandomStringByLength(int length) {String base = "abcdefghijklmnopqrstuvwxyz0123456789";Random random = new Random();StringBuffer sb = new StringBuffer();for (int i = 0; i < length; i++) {int number = random.nextInt(base.length());sb.append(base.charAt(number));}return sb.toString();}}
上面代码用到了PayUtil和WechatConfig这两个类,一个是配置类,一个是工具类,代码如下:
public class PayUtil {/*** 签名字符串** @param text需要签名的字符串* @param key 密钥* @param input_charset 编码格式* @return 签名结果*/public static String sign(String text, String key, String input_charset) {text = text + "&key=" + key;return DigestUtils.md5Hex(getContentBytes(text, input_charset));}/*** 签名字符串** @param text需要签名的字符串* @param sign签名结果* @param key 密钥* @param input_charset 编码格式* @return 签名结果*/public static boolean verify(String text, String sign, String key, String input_charset) {text = text +"&key=" key;String mysign = DigestUtils.md5Hex(getContentBytes(text, input_charset)).toUpperCase();if (mysign.equals(sign)) {return true;} else {return false;}}/*** @param content* @param charset* @return* @throws java.security.SignatureException* @throws UnsupportedEncodingException*/public static byte[] getContentBytes(String content, String charset) {if (charset == null || "".equals(charset)) {return content.getBytes();}try {return content.getBytes(charset);} catch (UnsupportedEncodingException e) {throw new RuntimeException("MD5签名过程中出现错误,指定的编码集不对,您目前指定的编码集是:" + charset);}}private static boolean isValidChar(char ch) {if ((ch >= '0' && ch <= '9') || (ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z'))return true;if ((ch >= 0x4e00 && ch <= 0x7fff) || (ch >= 0x8000 && ch <= 0x952f))return true;// 简体中文汉字编码return false;}/*** 除去数组中的空值和签名参数** @param sArray 签名参数组* @return 去掉空值与签名参数后的新签名参数组*/public static Map<String, String> paraFilter(Map<String, String> sArray) {Map<String, String> result = new HashMap<String, String>();if (sArray == null || sArray.size() <= 0) {return result;}for (String key : sArray.keySet()) {String value = sArray.get(key);if (value == null || value.equals("") || key.equalsIgnoreCase("sign")|| key.equalsIgnoreCase("sign_type")) {continue;}result.put(key, value);}return result;}/*** 把数组所有元素排序,并按照“参数=参数值”的模式用“&”字符拼接成字符串** @param params 需要排序并参与字符拼接的参数组* @return 拼接后字符串*/public static String createLinkString(Map<String, String> params) {List<String> keys = new ArrayList<>(params.keySet());Collections.sort(keys);String prestr = "";for (int i = 0; i < keys.size(); i++) {String key = keys.get(i);String value = params.get(key);if (i == keys.size() - 1) {// 拼接时,不包括最后一个&字符prestr = prestr + key + "=" + value;} else {prestr = prestr + key + "=" + value + "&";}}return prestr;}/*** @param requestUrl 请求地址* @param requestMethod 请求方法* @param outputStr参数*/public static String httpRequest(String requestUrl, String requestMethod, String outputStr) {// 创建SSLContextStringBuffer buffer = null;try {URL url = new URL(requestUrl);HttpURLConnection conn = (HttpURLConnection) url.openConnection();conn.setRequestMethod(requestMethod);conn.setDoOutput(true);conn.setDoInput(true);conn.connect();//往服务器端写内容if (null != outputStr) {OutputStream os = conn.getOutputStream();os.write(outputStr.getBytes("utf-8"));os.close();}// 读取服务器端返回的内容InputStream is = conn.getInputStream();InputStreamReader isr = new InputStreamReader(is, "utf-8");BufferedReader br = new BufferedReader(isr);buffer = new StringBuffer();String line = null;while ((line = br.readLine()) != null) {buffer.append(line);}br.close();} catch (Exception e) {e.printStackTrace();}return buffer.toString();}public static String urlEncodeUTF8(String source) {String result = source;try {result = .URLEncoder.encode(source, "UTF-8");} catch (UnsupportedEncodingException e) {// TODO Auto-generated catch blocke.printStackTrace();}return result;}/*** 解析xml,返回第一级元素键值对。如果第一级元素有子节点,则此节点的值是子节点的xml数据。** @param strxml* @return* @throws org.jdom2.JDOMException* @throws IOException*/public static Map doXMLParse(String strxml) throws Exception {if (null == strxml || "".equals(strxml)) {return null;}Map m = new HashMap();InputStream in = String2Inputstream(strxml);SAXBuilder builder = new SAXBuilder();Document doc = builder.build(in);Element root = doc.getRootElement();List list = root.getChildren();Iterator it = list.iterator();while (it.hasNext()) {Element e = (Element) it.next();String k = e.getName();String v = "";List children = e.getChildren();if (children.isEmpty()) {v = e.getTextNormalize();} else {v = getChildrenText(children);}m.put(k, v);}//关闭流in.close();return m;}/*** 获取子结点的xml** @param children* @return String*/public static String getChildrenText(List children) {StringBuffer sb = new StringBuffer();if (!children.isEmpty()) {Iterator it = children.iterator();while (it.hasNext()) {Element e = (Element) it.next();String name = e.getName();String value = e.getTextNormalize();List list = e.getChildren();sb.append("<" + name + ">");if (!list.isEmpty()) {sb.append(getChildrenText(list));}sb.append(value);sb.append("</" + name + ">");}}return sb.toString();}public static InputStream String2Inputstream(String str) {return new ByteArrayInputStream(str.getBytes());}/*** java对象转字符串* @param <T> 泛型占位符* @param obj T* @return String*/public static <T> String toJson(T obj) {Gson gson = new GsonBuilder().setDateFormat("yyyy-MM-dd HH:mm:ss").enableComplexMapKeySerialization().create();return gson.toJson(obj);}}
WechatConfig
public class WechatConfig {//小程序appid 开发者自己拥有的public static final String appid = ""; //微信支付的商户id 开发者去问自己id的前端同事或者领导。public static final String mch_id = "";//微信支付的商户密钥 开发者问领导,去微信商户平台去申请(要下插件等等)public static final String key = "";//支付成功后的服务器回调url,这里填PayController里的回调函数地址public static final String notify_url = "";//签名方式,固定值public static final String SIGNTYPE = "MD5";//交易类型,小程序支付的固定值为JSAPIpublic static final String TRADETYPE = "JSAPI";//微信统一下单接口地址public static final String pay_url = "https://api.mch./pay/unifiedorder";}
