支付-支付宝APP支付

沙箱环境太坑爹，没跑起来，直接上线测了。

集成支付宝提供的SDK，参照开发文档，基本上没什么问题

1、生成支付请求参数，用于调起支付宝APP

 

    public function toPay($body,$title,$out_trade_no, $price){

        $aop = new AopClient;
        $aop->gatewayUrl = self::ALIPAY_URL;
        $aop->appId = self::APP_ID;
        $aop->rsaPrivateKey = self::PRIVATE_KEY ;
        $aop->format = "json";
        $aop->charset = "UTF-8";
        $aop->signType = "RSA2";
        $aop->alipayrsaPublicKey = self::ALIPAY_PUBLIC_KEY;
        //实例化具体API对应的request类,类名称和接口名称对应,当前调用接口名称：alipay.trade.app.pay
        $request = new AlipayTradeAppPayRequest();

        $bizcontent = json_encode([
            "body"       => $body,
            "subject"   => $title,
            "out_trade_no"  => $out_trade_no,
            "timeout_express"   => self::EXPIRE,
            "product_code"  => "QUICK_MSECURITY_PAY",
            "total_amount"  => $price
        ]);
        $request->setNotifyUrl($this->notify_url);
        $request->setBizContent($bizcontent);
        //这里和普通的接口调用不同，使用的是sdkExecute
        $response = $aop->sdkExecute($request);

        return $response;
    }

 

 

 

2、验签

 

public function checkSign($postParams){

    $aop = new AopClient;
    $aop->alipayrsaPublicKey = self::ALIPAY_PUBLIC_KEY;
    $flag = $aop->rsaCheckV1($postParams, NULL, "RSA2");

    return $flag;
}

 

 

 

3、处理异步通知

 

public function endOrder($postParams){

    if(!$this->checkSign($postParams)){//验签
        return false;
    }

    //验证app_id是否为该商户本身
    if(self::APP_ID != $postParams['app_id']){
        return false;
    }

    //校验通知中的seller_id（或者seller_email) 是否为out_trade_no这笔单据的对应的操作方
    if((isset($postParams['seller_id']) && self::SELLER_ID != $postParams['seller_id']) ||
        ( isset($postParams['seller_email']) && self::SELLER_MAIL != $postParams['seller_email']) ){

        return false;
    }

    //商户需要验证该通知数据中的out_trade_no是否为商户系统中创建的订单号
    $orderInfo = “取订单信息”
    if(empty($orderInfo)){
        return false;
    }
    //判断total_amount是否确实为该订单的实际金额（即商户订单创建时的金额）
    if ($postParams['total_amount'] != $orderInfo['price']){

        return false;
    }

    if( 0==$orderInfo["pay_status"] && ($postParams['trade_status']=="TRADE_SUCCESS" || $postParams['trade_status']=="TRADE_FINISHED")){
	//处理订单

    }

    return true;
}

 

 

 

4、处理客户端支付返回

 

public function clientPayEnd($resultStatus, $result){

    $res = json_decode($result, true);
    $sign = $res["sign"];
    $sign_type = $res["sign_type"];
    $data = $res["alipay_trade_app_pay_response"];
    $orderNo = $data["out_trade_no"];
    $total_amount = $data["total_amount"];

    //验签
   $aop = new AopClient;
    $aop->alipayrsaPublicKey = self::ALIPAY_PUBLIC_KEY;
    $flag = $aop->verify(json_encode($data), $sign, NULL, $sign_type);
    if(!$flag){
        return ["flag"=>false, "errMsg"=>"非法签名"];
    }

    $orderInfo = "订单信息";

    //商户需要验证该通知数据中的out_trade_no是否为商户系统中创建的订单号
    if (empty($orderInfo)){
        return ["flag"=>false, "errMsg"=>"未知错误."];
    }

    //判断total_amount是否确实为该订单的实际金额（即商户订单创建时的金额）
    if ($total_amount != $orderInfo["price"]){
        return ["flag"=>false, "errMsg"=>"支付金额异常"];
    }

    //校验通知中的seller_id（或者seller_email) 是否为out_trade_no这笔单据对应的操作方
    if((isset($data['seller_id']) && self::SELLER_ID != $data['seller_id']) ||
        ( isset($data['seller_email']) && self::SELLER_MAIL != $data['seller_email']) ){
        return ["flag"=>false, "errMsg"=>"未知错误.."];
    }

    //验证app_id是否为该商户本身
    if ($data["app_id"] != self::APP_ID){
        return ["flag"=>false, "errMsg"=>"未知错误..."];
    }

    //订单支付成功
    if (1 == $orderInfo['pay_status'] && in_array($resultStatus, ["9000","8000","6004"])){
        return ["flag"=>true, "msg"=>"支付成功"];
    }elseif(in_array($resultStatus, ["9000","8000","6004"])){//支付结果未知,发起查询
     $flag = $this->queryTradeStatus($orderNo);
        if ($flag){
            return ["flag"=>true, "msg"=>"支付成功"];
        }
    }

    return ["flag"=>false, "errMsg"=>"支付失败"];
}

 

 

 

5、查询支付状态

 

    public function queryTradeStatus($orderNo){

        $aop = new AopClient ();
        $aop->gatewayUrl = self::ALIPAY_URL;
        $aop->appId = self::APP_ID;
        $aop->rsaPrivateKey = self::PRIVATE_KEY;
        $aop->alipayrsaPublicKey=self::ALIPAY_PUBLIC_KEY;
        $aop->apiVersion = '1.0';
        $aop->signType = 'RSA2';
        $aop->postCharset='UTF-8';
        $aop->format='json';
        $request = new AlipayTradeQueryRequest ();

        $request->setBizContent(json_encode([
            "out_trade_no"  => $orderNo
        ]));
        $result = $aop->execute ( $request);

        $responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response";
        $resultCode = $result->$responseNode->code;

        if(!empty($resultCode)&&$resultCode == 10000){
            $trade_status = $result->$responseNode->trade_status;
            if($trade_status == "TRADE_SUCCESS" || $trade_status == "TRADE_FINISHED"){
                return true;
            }

        }

        return false;
    }

 

 

 

6、交易关闭

 

    public function closeTrade($orderNo){

        $aop = new AopClient ();
        $aop->gatewayUrl = self::ALIPAY_URL;
        $aop->appId = self::APP_ID;
        $aop->rsaPrivateKey = self::PRIVATE_KEY;
        $aop->alipayrsaPublicKey=self::ALIPAY_PUBLIC_KEY;
        $aop->apiVersion = '1.0';
        $aop->signType = 'RSA2';
        $aop->postCharset='utf-8';
        $aop->format='json';
        $request = new AlipayTradeCloseRequest ();

        $request->setBizContent(json_encode([
            "out_trade_no"  => $orderNo
        ]));
        $result = $aop->execute ( $request);

        $responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response";
        $resultCode = $result->$responseNode->code;

        if(!empty($resultCode)&&$resultCode == 10000){

            return true;
        } else {

            return false;
        }
    }