微信支付 APP支付 Java 服務器端
本文介紹微信支付中APP支付的java服務端。
微信APP支付文檔:https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=8_1
編寫之前請先瀏覽文檔中的業務流程、API列表中的統一下單和支付結果通知。
調用需要用到微信商戶的APPID、商戶號、API密鑰。請參考微信支付文檔申請和獲取。
加入微信支付需要的jar.或者配置maven
需要加入
<dependency>
<groupId>org.jdom</groupId>
<artifactId>jdom</artifactId>
<version>1.0</version>
</dependency>
下面直接上代碼。
一:商戶後臺收到用戶支付單,調用微信支付統一下單接口。
服務器端提供接口,接收APP端傳過來的訂單id。服務器端根據id查詢訂單的信息。
注意:
1.微信的價格是需要乘以100的。也就是傳過去1元,顯示的是0.01元。
2.回調的地址必須是外網可以訪問的。我的網是公司內網,所以用了花生殼弄了個映射。至於怎麼使用,大家自行百度。
/**
* 微信統一下單接口
* @param request
* @param response
*/
@ResponseBody
@RequestMapping("/wxPrePay.html")
public Map<String,Object> wxPrePay(HttpServletRequest request,HttpServletResponse response){
Map<String, Object> resultMap = new HashMap<String, Object>();
GoodsTrade goodsTrade = goodsTradeService.queryGoodsTradeById(request.getParameter("tradeId"));//獲取訂單,根據需要自己編寫
String price = goodsTrade.getPrice();
int price100 = new BigDecimal(price).multiply(new BigDecimal(100)).intValue();
if(price100<=0){
resultMap.put("msg","付款金額錯誤")
resultMap.put("code","500");
return resultMap;
}
//設置回調地址-獲取當前的地址拼接回調地址
String url = request.getRequestURL().toString();
String domain = url.substring(0, url.length()-13);
//生產環境
String notify_url= domain+"wxNotify.html";
//測試環境
//String notify_url = "http://1f504p5895.51mypc.cn/cia/app/wxNotify.html";
SortedMap<Object,Object> parameters = new TreeMap<Object,Object>();
parameters.put("appid", ConfigUtil.APPID);
parameters.put("mch_id", ConfigUtil.MCH_ID);
parameters.put("nonce_str", PayCommonUtil.CreateNoncestr());
parameters.put("body", "購買測試");
parameters.put("out_trade_no", goodsTrade.getTid()); //訂單id
parameters.put("fee_type", "CNY");
parameters.put("total_fee", String.valueOf(price100));
parameters.put("spbill_create_ip",CommonUtil.toIpAddr(request));
parameters.put("notify_url", notify_url);
parameters.put("trade_type", "APP");
//設置簽名
String sign = PayCommonUtil.createSign("UTF-8",parameters);
parameters.put("sign", sign);
//封裝請求參數結束
String requestXML = PayCommonUtil.getRequestXml(parameters);
//調用統一下單接口
String result = PayCommonUtil.httpsRequest(ConfigUtil.UNIFIED_ORDER_URL, "POST", requestXML);
System.out.println("\n"+result);
try {
/**統一下單接口返回正常的prepay_id,再按簽名規範重新生成簽名後,將數據傳輸給APP。參與簽名的字段名爲appId,partnerId,prepayId,nonceStr,timeStamp,package。注意:package的值格式爲Sign=WXPay**/
Map<String, String> map = XMLUtil.doXMLParse(result);
SortedMap<Object, Object> parameterMap2 = new TreeMap<Object, Object>();
parameterMap2.put("appid", ConfigUtil.APPID);
parameterMap2.put("partnerid", ConfigUtil.MCH_ID);
parameterMap2.put("prepayid", map.get("prepay_id"));
parameterMap2.put("package", "Sign=WXPay");
parameterMap2.put("noncestr", PayCommonUtil.CreateNoncestr());
//本來生成的時間戳是13位,但是ios必須是10位,所以截取了一下
parameterMap2.put("timestamp", Long.parseLong(String.valueOf(System.currentTimeMillis()).toString().substring(0,10)));
String sign2 = PayCommonUtil.createSign("UTF-8",parameterMap2);
parameterMap2.put("sign", sign2);
resultMap.put("code","200");
resultMap.put("msg",parameterMap2);
} catch (JDOMException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return resultMap;
}
二:商戶後臺接收支付通知
接下來是微信的回調。當用戶支付後,微信服務器端會給我們的服務器端發送異步回調。
做該步驟值之前,請先詳細參考文檔https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=9_7&index=3
上代碼:
/**
* 微信異步通知
*/
@RequestMapping("/wxNotify.html")
public void wxNotify(HttpServletRequest request,HttpServletResponse response) throws IOException, JDOMException{
//讀取參數
InputStream inputStream ;
StringBuffer sb = new StringBuffer();
inputStream = request.getInputStream();
String s ;
BufferedReader in = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
while ((s = in.readLine()) != null){
sb.append(s);
}
in.close();
inputStream.close();
//解析xml成map
Map<String, String> m = new HashMap<String, String>();
m = XMLUtil.doXMLParse(sb.toString());
for(Object keyValue : m.keySet()){
System.out.println(keyValue+"="+m.get(keyValue));
}
//過濾空 設置 TreeMap
SortedMap<Object,Object> packageParams = new TreeMap<Object,Object>();
Iterator it = m.keySet().iterator();
while (it.hasNext()) {
String parameter = (String) it.next();
String parameterValue = m.get(parameter);
String v = "";
if(null != parameterValue) {
v = parameterValue.trim();
}
packageParams.put(parameter, v);
}
//判斷簽名是否正確
String resXml = "";
if(PayCommonUtil.isTenpaySign("UTF-8", packageParams)) {
if("SUCCESS".equals((String)packageParams.get("result_code"))){
// 這裏是支付成功
//////////執行自己的業務邏輯////////////////
String mch_id = (String)packageParams.get("mch_id"); //商戶號
String openid = (String)packageParams.get("openid"); //用戶標識
String out_trade_no = (String)packageParams.get("out_trade_no"); //商戶訂單號
String total_fee = (String)packageParams.get("total_fee");
String transaction_id = (String)packageParams.get("transaction_id"); //微信支付訂單號
GoodsTrade gt = new GoodsTrade();
gt.setTid(out_trade_no);
//查詢訂單 根據訂單號查詢訂單 GoodsTrade -訂單實體類
GoodsTrade trade = 訂單查詢;
if(!ConfigUtil.MCH_ID.equals(mch_id)||trade==null||new BigDecimal(total_fee).compareTo(new BigDecimal(trade.getPrice()).multiply(new BigDecimal(100))) != 0){
logger.info("支付失敗,錯誤信息:" + "參數錯誤");
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[參數錯誤]]></return_msg>" + "</xml> ";
}else{
if("no_pay".equals(trade.getPayStatus()) && "wait_buyer_pay".equals(trade.getStatus())){//支付的價格
//訂單狀態的修改。根據實際業務邏輯執行
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
}else{
resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
+ "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
logger.info("訂單已處理");
}
}
}else {
logger.info("支付失敗,錯誤信息:" + packageParams.get("err_code"));
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[報文爲空]]></return_msg>" + "</xml> ";
}
} else{
resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
+ "<return_msg><![CDATA[通知簽名驗證失敗]]></return_msg>" + "</xml> ";
logger.info("通知簽名驗證失敗");
}
//------------------------------
//處理業務完畢
//------------------------------
BufferedOutputStream out = new BufferedOutputStream(
response.getOutputStream());
out.write(resXml.getBytes());
out.flush();
out.close();
}
接下來提供以上用到代碼的工具類.
ConfigUtil.java
package com.cia.util.wxpay;
public class ConfigUtil {
/**
* 服務號相關信息
*/
public final static String APPID = "***";//服務號的應用號
public final static String MCH_ID = "***";//商戶號
public final static String API_KEY = "***";//API密鑰
public final static String SIGN_TYPE = "MD5";//簽名加密方式
public final static String UNIFIED_ORDER_URL = "https://api.mch.weixin.qq.com/pay/unifiedorder";
}
PayCommonUtil.java
package com.cia.util.wxpay;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import java.util.SortedMap;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.URL;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import com.alibaba.fastjson.JSONObject;
public class PayCommonUtil {
public static String CreateNoncestr(int length) {
String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
String res = "";
for (int i = 0; i < length; i++) {
Random rd = new Random();
res += chars.indexOf(rd.nextInt(chars.length() - 1));
}
return res;
}
public static String CreateNoncestr() {
String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
String res = "";
for (int i = 0; i < 16; i++) {
Random rd = new Random();
res += chars.charAt(rd.nextInt(chars.length() - 1));
}
return res;
}
/**
* 是否簽名正確,規則是:按參數名稱a-z排序,遇到空值的參數不參加簽名。
* @return boolean
*/
public static boolean isTenpaySign(String characterEncoding, SortedMap<Object, Object> packageParams) {
StringBuffer sb = new StringBuffer();
Set es = packageParams.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
String v = (String)entry.getValue();
if(!"sign".equals(k) && null != v && !"".equals(v)) {
sb.append(k + "=" + v + "&");
}
}
sb.append("key=" + ConfigUtil.API_KEY);
//算出摘要
String mysign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toLowerCase();
String tenpaySign = ((String)packageParams.get("sign")).toLowerCase();
//System.out.println(tenpaySign + " " + mysign);
return tenpaySign.equals(mysign);
}
/**
* @Description:sign簽名
* @param characterEncoding 編碼格式
* @param parameters 請求參數
* @return
*/
public static String createSign(String characterEncoding,SortedMap<Object,Object> parameters){
StringBuffer sb = new StringBuffer();
Set es = parameters.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
Object v = entry.getValue();
if(null != v && !"".equals(v)
&& !"sign".equals(k) && !"key".equals(k)) {
sb.append(k + "=" + v + "&");
}
}
sb.append("key="+ConfigUtil.API_KEY);
String sign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toUpperCase();
return sign;
}
/**
* @Description:將請求參數轉換爲xml格式的string
* @param parameters 請求參數
* @return
*/
public static String getRequestXml(SortedMap<Object,Object> parameters){
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
Set es = parameters.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
String v = (String)entry.getValue();
if ("attach".equalsIgnoreCase(k)||"body".equalsIgnoreCase(k)) {
sb.append("<"+k+">"+"<![CDATA["+v+"]]></"+k+">");
}else {
sb.append("<"+k+">"+v+"</"+k+">");
}
}
sb.append("</xml>");
return sb.toString();
}
/**
* @Description:返回給微信的參數
* @param return_code 返回編碼
* @param return_msg 返回信息
* @return
*/
public static String setXML(String return_code, String return_msg) {
return "<xml><return_code><![CDATA[" + return_code
+ "]]></return_code><return_msg><![CDATA[" + return_msg
+ "]]></return_msg></xml>";
}
/**
* 發送https請求
* @param requestUrl 請求地址
* @param requestMethod 請求方式(GET、POST)
* @param outputStr 提交的數據
* @return 返回微信服務器響應的信息
*/
public static String httpsRequest(String requestUrl, String requestMethod, String outputStr) {
try {
// 創建SSLContext對象,並使用我們指定的信任管理器初始化
TrustManager[] tm = { new MyX509TrustManager() };
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
sslContext.init(null, tm, new java.security.SecureRandom());
// 從上述SSLContext對象中得到SSLSocketFactory對象
SSLSocketFactory ssf = sslContext.getSocketFactory();
URL url = new URL(requestUrl);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
//conn.setSSLSocketFactory(ssf);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
// 設置請求方式(GET/POST)
conn.setRequestMethod(requestMethod);
conn.setRequestProperty("content-type", "application/x-www-form-urlencoded");
// 當outputStr不爲null時向輸出流寫數據
if (null != outputStr) {
OutputStream outputStream = conn.getOutputStream();
// 注意編碼格式
outputStream.write(outputStr.getBytes("UTF-8"));
outputStream.close();
}
// 從輸入流讀取返回內容
InputStream inputStream = conn.getInputStream();
InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
String str = null;
StringBuffer buffer = new StringBuffer();
while ((str = bufferedReader.readLine()) != null) {
buffer.append(str);
}
// 釋放資源
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
inputStream = null;
conn.disconnect();
return buffer.toString();
} catch (ConnectException ce) {
// log.error("連接超時:{}", ce);
} catch (Exception e) {
// log.error("https請求異常:{}", e);
}
return null;
}
/**
* 發送https請求
*
* @param requestUrl 請求地址
* @param requestMethod 請求方式(GET、POST)
* @param outputStr 提交的數據
* @return JSONObject(通過JSONObject.get(key)的方式獲取json對象的屬性值)
*/
public static JSONObject httpsRequest(String requestUrl, String requestMethod) {
JSONObject jsonObject = null;
try {
// 創建SSLContext對象,並使用我們指定的信任管理器初始化
TrustManager[] tm = { new MyX509TrustManager() };
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
sslContext.init(null, tm, new java.security.SecureRandom());
// 從上述SSLContext對象中得到SSLSocketFactory對象
SSLSocketFactory ssf = sslContext.getSocketFactory();
URL url = new URL(requestUrl);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
//conn.setSSLSocketFactory(ssf);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
conn.setConnectTimeout(3000);
// 設置請求方式(GET/POST)
conn.setRequestMethod(requestMethod);
//conn.setRequestProperty("content-type", "application/x-www-form-urlencoded");
// 當outputStr不爲null時向輸出流寫數據
// 從輸入流讀取返回內容
InputStream inputStream = conn.getInputStream();
InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
String str = null;
StringBuffer buffer = new StringBuffer();
while ((str = bufferedReader.readLine()) != null) {
buffer.append(str);
}
// 釋放資源
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
inputStream = null;
conn.disconnect();
jsonObject = JSONObject.parseObject(buffer.toString());
} catch (ConnectException ce) {
// log.error("連接超時:{}", ce);
} catch (Exception e) {
System.out.println(e);
// log.error("https請求異常:{}", e);
}
return jsonObject;
}
public static String urlEncodeUTF8(String source){
String result = source;
try {
result = java.net.URLEncoder.encode(source,"utf-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return result;
}
}
XMLUtil .java
package com.cia.util.wxpay;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.jdom.Document;
import org.jdom.Element;
import org.jdom.JDOMException;
import org.jdom.input.SAXBuilder;
public class XMLUtil {
/**
* 解析xml,返回第一級元素鍵值對。如果第一級元素有子節點,則此節點的值是子節點的xml數據。
* @param strxml
* @return
* @throws JDOMException
* @throws IOException
*/
public static Map doXMLParse(String strxml) throws JDOMException, IOException {
strxml = strxml.replaceFirst("encoding=\".*\"", "encoding=\"UTF-8\"");
if(null == strxml || "".equals(strxml)) {
return null;
}
Map m = new HashMap();
InputStream in = new ByteArrayInputStream(strxml.getBytes("UTF-8"));
SAXBuilder builder = new SAXBuilder();
Document doc = builder.build(in);
Element root = doc.getRootElement();
List list = root.getChildren();
Iterator it = list.iterator();
while(it.hasNext()) {
Element e = (Element) it.next();
String k = e.getName();
String v = "";
List children = e.getChildren();
if(children.isEmpty()) {
v = e.getTextNormalize();
} else {
v = XMLUtil.getChildrenText(children);
}
m.put(k, v);
}
//關閉流
in.close();
return m;
}
/**
* 獲取子結點的xml
* @param children
* @return String
*/
public static String getChildrenText(List children) {
StringBuffer sb = new StringBuffer();
if(!children.isEmpty()) {
Iterator it = children.iterator();
while(it.hasNext()) {
Element e = (Element) it.next();
String name = e.getName();
String value = e.getTextNormalize();
List list = e.getChildren();
sb.append("<" + name + ">");
if(!list.isEmpty()) {
sb.append(XMLUtil.getChildrenText(list));
}
sb.append(value);
sb.append("</" + name + ">");
}
}
return sb.toString();
}
}
MD5Util.java
package com.cia.util.wxpay;
import java.security.MessageDigest;
public class MD5Util {
private static String byteArrayToHexString(byte b[]) {
StringBuffer resultSb = new StringBuffer();
for (int i = 0; i < b.length; i++)
resultSb.append(byteToHexString(b[i]));
return resultSb.toString();
}
private static String byteToHexString(byte b) {
int n = b;
if (n < 0)
n += 256;
int d1 = n / 16;
int d2 = n % 16;
return hexDigits[d1] + hexDigits[d2];
}
public static String MD5Encode(String origin, String charsetname) {
String resultString = null;
try {
resultString = new String(origin);
MessageDigest md = MessageDigest.getInstance("MD5");
if (charsetname == null || "".equals(charsetname))
resultString = byteArrayToHexString(md.digest(resultString
.getBytes()));
else
resultString = byteArrayToHexString(md.digest(resultString
.getBytes(charsetname)));
} catch (Exception exception) {
}
return resultString;
}
private static final String hexDigits[] = { "0", "1", "2", "3", "4", "5",
"6", "7", "8", "9", "a", "b", "c", "d", "e", "f" };
}
MyX509TrustManager.java
package com.cia.util.wxpay;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
/**
* 信任管理器
*/
public class MyX509TrustManager implements X509TrustManager {
// 檢查客戶端證書
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
// 檢查服務器端證書
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
// 返回受信任的X509證書數組
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
以上統一下單及回調中的訂單的查詢,根據自己的實際情況提供service查詢,就不寫出來了。所以貼上來可能有錯,把錯誤的地方改成自己的代碼就行了。