步骤:
1.注册微信商户,开通小程序支付业务,获得必要接入参数。(Certificate、PrivateKey、merchantId、SerialNumbe、apiV3Key)
3.java使用接入参数发起下单,获取下单参数。
5.客户支付完成后,java后台接收微信支付回调,完成最后的业务。
一、微信商户注册
注册地址
微信商户注册地址
通过上传企业信息,法人信息等,成为商户
开通小程序支付业务
产品中心--我的产品--JSAPI支付
merchantId获取
其他参数获取
Certificate、PrivateKey、SerialNumbe、apiV3Key参数获取:账户中心-API安全。具体步骤,在申请的时候官方会提醒的。
二、关联小程序
产品中心--AppID账号管理--关联APPID
三、发起下单
java使用接入参数发起下单,直接上代码
package com.ancun.netsign;import com.alibaba.fastjson.JSONObject;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.wechat.pay.contrib.apache.httpclient.WechatPayHttpClientBuilder;
import com.wechat.pay.contrib.apache.httpclient.auth.PrivateKeySigner;
import com.wechat.pay.contrib.apache.httpclient.auth.ScheduledUpdateCertificatesVerifier;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Credentials;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Validator;
import com.wechat.pay.contrib.apache.httpclient.util.PemUtil;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;public class Test {private static final String appId="";private static final String merchantId="";private static final String merchantSerialNumber="";private static final String apiV3Key="";private static final String merchantPrivateKey="";public static void main(String[] args) throws Exception {payNomal();searchOrder();}public static void payNomal() throws Exception {PrivateKey privateKey = PemUtil.loadPrivateKey(new ByteArrayInputStream(merchantPrivateKey.getBytes("utf-8")));PrivateKeySigner signer=new PrivateKeySigner(merchantSerialNumber, privateKey);byte[] bs=apiV3Key.getBytes(StandardCharsets.UTF_8);WechatPay2Credentials cred=new WechatPay2Credentials(merchantId, signer);ScheduledUpdateCertificatesVerifier verifier = new ScheduledUpdateCertificatesVerifier(cred, bs);WechatPayHttpClientBuilder builder = WechatPayHttpClientBuilder.create();builder.withMerchant(merchantId, merchantSerialNumber, privateKey);builder.withValidator(new WechatPay2Validator(verifier));CloseableHttpClient httpClient = builder.build();HttpPost httpPost = new HttpPost("https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi");httpPost.addHeader("Accept", "application/json");httpPost.addHeader("Content-type","application/json; charset=utf-8");ByteArrayOutputStream bos = new ByteArrayOutputStream();ObjectMapper objectMapper = new ObjectMapper();ObjectNode rootNode = objectMapper.createObjectNode();rootNode.put("mchid",merchantId).put("appid", appId).put("description", "测试公司").put("notify_url", "http://回调地址").put("attach","自定义参数").put("out_trade_no", "订单id");rootNode.putObject("amount").put("total", 3);rootNode.putObject("payer").put("openid", "微信openid");objectMapper.writeValue(bos, rootNode);httpPost.setEntity(new StringEntity(bos.toString("UTF-8"), "UTF-8"));CloseableHttpResponse response = httpClient.execute(httpPost);String bodyAsString = EntityUtils.toString(response.getEntity());JSONObject jo=JSONObject.parseObject(bodyAsString);System.out.println("prepay_id = " + jo.getString("prepay_id"));}public static void searchOrder() throws Exception {PrivateKey privateKey = PemUtil.loadPrivateKey(new ByteArrayInputStream(merchantPrivateKey.getBytes("utf-8")));PrivateKeySigner signer=new PrivateKeySigner(merchantSerialNumber, privateKey);byte[] bs=apiV3Key.getBytes(StandardCharsets.UTF_8);WechatPay2Credentials cred=new WechatPay2Credentials(merchantId, signer);ScheduledUpdateCertificatesVerifier verifier = new ScheduledUpdateCertificatesVerifier(cred, bs);WechatPayHttpClientBuilder builder = WechatPayHttpClientBuilder.create();builder.withMerchant(merchantId, merchantSerialNumber, privateKey);builder.withValidator(new WechatPay2Validator(verifier));CloseableHttpClient httpClient = builder.build();HttpGet httpget = new HttpGet("https://api.mch.weixin.qq.com/v3/pay/transactions/id/交易号?mchid=");httpget.addHeader("Accept", "application/json");httpget.addHeader("Content-type","application/json; charset=utf-8");CloseableHttpResponse response = httpClient.execute(httpget);String bodyAsString = EntityUtils.toString(response.getEntity());System.out.println(bodyAsString);JSONObject jo=JSONObject.parseObject(bodyAsString);System.out.println(jo);}}
下单接口返回:
{"prepay_id":"wx2310065247629669c55d9ec38dxxxxxx"}
//组装小程序需要的参数:packageInfo、NonceStr、AppId、PaySign、TimeStampString NonceStr= RandomUtil.enUuId();Long timeStamp = System.currentTimeMillis() / 1000;String packageInfo = "prepay_id=" + prepayId;CreateSign02 sign = new CreateSign02();String paySign = sign.getToken(appId, packageInfo, NonceStr, timeStamp, merchantPrivateKey);String signType="RSA"
package jnpf.utils;import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Base64;public class CreateSign02 {public String getToken(String appid,String prepay_id,String nonceStr,long timestamp,String privateKey) throws IOException, SignatureException, NoSuchAlgorithmException, InvalidKeyException {//从下往上依次生成String message = buildMessage(appid, timestamp, nonceStr, prepay_id);//签名String signature = sign(message.getBytes("utf-8"),privateKey);return signature;}String sign(byte[] message,String privateKey) throws NoSuchAlgorithmException, SignatureException, IOException, InvalidKeyException {//签名方式Signature sign = Signature.getInstance("SHA256withRSA");//私钥,通过MyPrivateKey来获取,这是个静态类可以接调用方法 ,需要的是_key.pem文件的绝对路径配上文件名sign.initSign(MyPrivatekey.getPrivateKey(privateKey));sign.update(message);return Base64.getEncoder().encodeToString(sign.sign());}/*** 按照前端签名文档规范进行排序,\n是换行* @param appid* @param timestamp* @param nonceStr* @param prepay_id* @return*/String buildMessage(String appid, long timestamp,String nonceStr,String prepay_id) {return appid + "\n"+ timestamp + "\n"+ nonceStr + "\n"+ prepay_id + "\n";}}
四、小程序拉起支付
//小程序拉起支付方法
uni.requestPayment({provider: 'wxpay',timeStamp: timeStamp,nonceStr: nonceStr,package: package,signType: signType,paySign: paySign,success: res => {//成功后的操作},fail: err => {},complete: () => {}})
效果
五、接收回调
业务代码就不贴了,直接上验签和解密代码
private String checkSignAndDecrypt(HttpServletRequest request) throws Exception {StringBuffer xmlStr = new StringBuffer();BufferedReader reader = request.getReader();String line;while ((line = reader.readLine()) != null) {xmlStr.append(line);}//支付回调通知:// {// "id":"ff9ce7d0-6d60-520a-bb79-ba98aadaef58",// "create_time":"2022-01-26T10:07:46+08:00",// "resource_type":"encrypt-resource",// "event_type":"TRANSACTION.SUCCESS",// "summary":"支付成功",// "resource":{// "original_type":"transaction",// "algorithm":"AEAD_AES_256_GCM",// "ciphertext":"bHsdM/qkwb+dU0aani3s0TO+HzD4W0AbQ1TyOBL4VFKDN2IEJx9FPFWWpAwywi/5llfPkf4DoyMMc6KDSkVf3U1bk1y6rKcC+XTFg6jPpsMj/H9kqmrLTYXohtJ6PtmUijnJyEKtyjr7Z6scMEY0oRAAOMZlz3IxheXwNc1AO14zUohS3jppF7wS8lgasVTRiGnk8WRzGLyJTH7lo0bUKYtL2Asq9ARESZbDzJAUcfl8ywZTVFGIlItTXte4CT529cRl+oQtbOFXhlW4kRM7k1QVFhQ3I5FOX58+oPf5aOMaUTzh5HMbpxOAHNB6Yr0JR0QmX1qMwRbeaS45aWhd8BBYJPRFk2MuPalAK3oWqHHYTwa9lEHEJHofSRMZDdUVD3gCCEyzDJpeR0bmQlm1oxnkV4CzBQQeoPg/7Dn2VBUjyX2kKpdVMSdiCb7h1HGesl1BuFurcbZ6rayMfX1Nbq9a7C+oofGauKtdAY1tfQOkee2+NfWTKTc3cfwrWB90aYV2uV9G3tCXeD/XRS2VkXsXiU2UljeVnI1Qv7+9eHWtQDpboQ8q2G2pc4MalhXV2g==",// "associated_data":"transaction",// "nonce":"EzVTGRqlF6GM"// }// }log.info("支付回调通知接收的body参数:" + xmlStr);try {log.info("开始验签===========================");// 验签String Signature = request.getHeader("Wechatpay-Signature");String Serial = request.getHeader("Wechatpay-Serial");String Timestamp = request.getHeader("Wechatpay-Timestamp");String Nonce = request.getHeader("Wechatpay-Nonce");PrivateKey privateKey = PemUtil.loadPrivateKey(new ByteArrayInputStream(pro.getMerchantPrivateKey().getBytes("utf-8")));//加载官方自动更新证书AutoUpdateCertificatesVerifier verifier = new AutoUpdateCertificatesVerifier(//商户平台查看 //不是API密钥new WechatPay2Credentials(pro.getMerchantId(), new PrivateKeySigner(pro.getMerchantSerialNumbe(), privateKey)), pro.getApiV3Key().getBytes("utf-8"));String s1 = xmlStr.toString();//按照文档要求拼接验签串String VerifySignature = Timestamp + "\n" + Nonce + "\n" + s1 + "\n";log.info("拼接后的验签串=" + VerifySignature);//使用官方验签工具进行验签boolean verify1 = verifier.verify(Serial, VerifySignature.getBytes(), Signature);log.info("验签结果=" + verify1);if (!verify1) {return "验签失败";}} catch (Exception e) {e.printStackTrace();}log.info("开始解密=========================");//解密JSONObject jo = JSONObject.parseObject(xmlStr.toString());JSONObject jodata = jo.getJSONObject("resource");String associated_data = jodata.getString("associated_data");String nonce = jodata.getString("nonce");String ciphertext = jodata.getString("ciphertext");AesUtil aesUtil = new AesUtil(pro.getApiV3Key().getBytes());String aes = aesUtil.decryptToString(associated_data.getBytes(), nonce.getBytes(), ciphertext);log.info("解密结果=========================" + aes);return aes;}
回调方法定义:
/*** 微信支付回调** @param request* @param response* @throws Exception*/@PostMapping(value = "/wxPayNotify")public String wxPayNotify(HttpServletRequest request, HttpServletResponse response) throws Exception {log.info("进入微信支付回调");String aes="";try {WeCharPayProperties pro = new WeCharPayProperties();aes = this.checkSignAndDecrypt(pro, request);log.info("解密后参数:" + aes);if (aes.equals("验签失败")) {return "{" +'"' + "code" + '"' + ":" + '"' + "FAIL" + '"' + "," +'"' + "message" + '"' + ":" + '"' + "失败,验签失败" + '"' +"}";}//=============解析参数开始=======================================省略代码//============解析参数结束=======================================业务代码} catch (Exception e) {log.error("微信支付回调出错", e);}log.info("微信支付回调完成====================================================");return "{" +'"' + "code" + '"' + ":" + '"' + "SUCCESS" + '"' + "," +'"' + "message" + '"' + ":" + '"' + "成功" + '"' +"}";}
至此完成开发,后续的对账就不贴了。根据自己的业务进行对账。