微信支付 APP支付 Java 服务器端

本文介绍微信支付中APP支付的java服务端。

微信APP支付文档:https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=8_1

编写之前请先浏览文档中的业务流程、API列表中的统一下单和支付结果通知。

调用需要用到微信商户的APPID、商户号、API密钥。请参考微信支付文档申请和获取。

加入微信支付需要的jar.或者配置maven

需要加入

org.jdom

jdom

1.0

下面直接上代码。

一:商户后台收到用户支付单,调用微信支付统一下单接口。

服务器端提供接口,接收APP端传过来的订单id。服务器端根据id查询订单的信息。

注意:

1.微信的价格是需要乘以100的。也就是传过去1元,显示的是0.01元。

2.回调的地址必须是外网可以访问的。我的网是公司内网,所以用了花生壳弄了个映射。至于怎么使用,大家自行百度。

/**

* 微信统一下单接口

* @param request

* @param response

*/

@ResponseBody

@RequestMapping("/wxPrePay.html")

public Map wxPrePay(HttpServletRequest request,HttpServletResponse response){

Map resultMap = new HashMap();

GoodsTrade goodsTrade = goodsTradeService.queryGoodsTradeById(request.getParameter("tradeId"));//获取订单,根据需要自己编写

String price = goodsTrade.getPrice();

int price100 = new BigDecimal(price).multiply(new BigDecimal(100)).intValue();

if(price100<=0){

resultMap.put("msg","付款金额错误")

resultMap.put("code","500");

return resultMap;

}

//设置回调地址-获取当前的地址拼接回调地址

String url = request.getRequestURL().toString();

String domain = url.substring(0, url.length()-13);

//生产环境

String notify_url= domain+"wxNotify.html";

//测试环境

//String notify_url = "http://1f504p5895.51mypc.cn/cia/app/wxNotify.html";

SortedMap parameters = new TreeMap();

parameters.put("appid", ConfigUtil.APPID);

parameters.put("mch_id", ConfigUtil.MCH_ID);

parameters.put("nonce_str", PayCommonUtil.CreateNoncestr());

parameters.put("body", "购买测试");

parameters.put("out_trade_no", goodsTrade.getTid()); //订单id

parameters.put("fee_type", "CNY");

parameters.put("total_fee", String.valueOf(price100));

parameters.put("spbill_create_ip",CommonUtil.toIpAddr(request));

parameters.put("notify_url", notify_url);

parameters.put("trade_type", "APP");

//设置签名

String sign = PayCommonUtil.createSign("UTF-8",parameters);

parameters.put("sign", sign);

//封装请求参数结束

String requestXML = PayCommonUtil.getRequestXml(parameters);

//调用统一下单接口

String result = PayCommonUtil.httpsRequest(ConfigUtil.UNIFIED_ORDER_URL, "POST", requestXML);

System.out.println("\n"+result);

try {

/**统一下单接口返回正常的prepay_id,再按签名规范重新生成签名后,将数据传输给APP。参与签名的字段名为appId,partnerId,prepayId,nonceStr,timeStamp,package。注意:package的值格式为Sign=WXPay**/

Map map = XMLUtil.doXMLParse(result);

SortedMap parameterMap2 = new TreeMap();

parameterMap2.put("appid", ConfigUtil.APPID);

parameterMap2.put("partnerid", ConfigUtil.MCH_ID);

parameterMap2.put("prepayid", map.get("prepay_id"));

parameterMap2.put("package", "Sign=WXPay");

parameterMap2.put("noncestr", PayCommonUtil.CreateNoncestr());

//本来生成的时间戳是13位,但是ios必须是10位,所以截取了一下

parameterMap2.put("timestamp", Long.parseLong(String.valueOf(System.currentTimeMillis()).toString().substring(0,10)));

String sign2 = PayCommonUtil.createSign("UTF-8",parameterMap2);

parameterMap2.put("sign", sign2);

resultMap.put("code","200");

resultMap.put("msg",parameterMap2);

} catch (JDOMException e) {

e.printStackTrace();

} catch (IOException e) {

e.printStackTrace();

}

return resultMap;

}

二:商户后台接收支付通知

接下来是微信的回调。当用户支付后,微信服务器端会给我们的服务器端发送异步回调。

做该步骤值之前,请先详细参考文档https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=9_7&index=3

上代码:

/**

* 微信异步通知

*/

@RequestMapping("/wxNotify.html")

public void wxNotify(HttpServletRequest request,HttpServletResponse response) throws IOException, JDOMException{

//读取参数

InputStream inputStream ;

StringBuffer sb = new StringBuffer();

inputStream = request.getInputStream();

String s ;

BufferedReader in = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));

while ((s = in.readLine()) != null){

sb.append(s);

}

in.close();

inputStream.close();

//解析xml成map

Map m = new HashMap();

m = XMLUtil.doXMLParse(sb.toString());

for(Object keyValue : m.keySet()){

System.out.println(keyValue+"="+m.get(keyValue));

}

//过滤空 设置 TreeMap

SortedMap packageParams = new TreeMap();

Iterator it = m.keySet().iterator();

while (it.hasNext()) {

String parameter = (String) it.next();

String parameterValue = m.get(parameter);

String v = "";

if(null != parameterValue) {

v = parameterValue.trim();

}

packageParams.put(parameter, v);

}

//判断签名是否正确

String resXml = "";

if(PayCommonUtil.isTenpaySign("UTF-8", packageParams)) {

if("SUCCESS".equals((String)packageParams.get("result_code"))){

// 这里是支付成功

//////////执行自己的业务逻辑////////////////

String mch_id = (String)packageParams.get("mch_id"); //商户号

String openid = (String)packageParams.get("openid"); //用户标识

String out_trade_no = (String)packageParams.get("out_trade_no"); //商户订单号

String total_fee = (String)packageParams.get("total_fee");

String transaction_id = (String)packageParams.get("transaction_id"); //微信支付订单号

GoodsTrade gt = new GoodsTrade();

gt.setTid(out_trade_no);

//查询订单 根据订单号查询订单 GoodsTrade -订单实体类

GoodsTrade trade = 订单查询;

if(!ConfigUtil.MCH_ID.equals(mch_id)||trade==null||new BigDecimal(total_fee).compareTo(new BigDecimal(trade.getPrice()).multiply(new BigDecimal(100))) != 0){

logger.info("支付失败,错误信息:" + "参数错误");

resXml = "" + ""

+ "" + " ";

}else{

if("no_pay".equals(trade.getPayStatus()) && "wait_buyer_pay".equals(trade.getStatus())){//支付的价格

//订单状态的修改。根据实际业务逻辑执行

resXml = "" + ""

+ "" + " ";

}else{

resXml = "" + ""

+ "" + " ";

logger.info("订单已处理");

}

}

}else {

logger.info("支付失败,错误信息:" + packageParams.get("err_code"));

resXml = "" + ""

+ "" + " ";

}

} else{

resXml = "" + ""

+ "" + " ";

logger.info("通知签名验证失败");

}

//------------------------------

//处理业务完毕

//------------------------------

BufferedOutputStream out = new BufferedOutputStream(

response.getOutputStream());

out.write(resXml.getBytes());

out.flush();

out.close();

}

接下来提供以上用到代码的工具类.

ConfigUtil.java

package com.cia.util.wxpay;

public class ConfigUtil {

/**

* 服务号相关信息

*/

public final static String APPID = "***";//服务号的应用号

public final static String MCH_ID = "***";//商户号

public final static String API_KEY = "***";//API密钥

public final static String SIGN_TYPE = "MD5";//签名加密方式

public final static String UNIFIED_ORDER_URL = "https://api.mch.weixin.qq.com/pay/unifiedorder";

}

PayCommonUtil.java

package com.cia.util.wxpay;

import java.util.Iterator;

import java.util.Map;

import java.util.Random;

import java.util.Set;

import java.util.SortedMap;

import java.io.BufferedReader;

import java.io.InputStream;

import java.io.InputStreamReader;

import java.io.OutputStream;

import java.io.UnsupportedEncodingException;

import java.net.ConnectException;

import java.net.URL;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.TrustManager;

import com.alibaba.fastjson.JSONObject;

public class PayCommonUtil {

public static String CreateNoncestr(int length) {

String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

String res = "";

for (int i = 0; i < length; i++) {

Random rd = new Random();

res += chars.indexOf(rd.nextInt(chars.length() - 1));

}

return res;

}

public static String CreateNoncestr() {

String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

String res = "";

for (int i = 0; i < 16; i++) {

Random rd = new Random();

res += chars.charAt(rd.nextInt(chars.length() - 1));

}

return res;

}

/**

* 是否签名正确,规则是:按参数名称a-z排序,遇到空值的参数不参加签名。

* @return boolean

*/

public static boolean isTenpaySign(String characterEncoding, SortedMap packageParams) {

StringBuffer sb = new StringBuffer();

Set es = packageParams.entrySet();

Iterator it = es.iterator();

while(it.hasNext()) {

Map.Entry entry = (Map.Entry)it.next();

String k = (String)entry.getKey();

String v = (String)entry.getValue();

if(!"sign".equals(k) && null != v && !"".equals(v)) {

sb.append(k + "=" + v + "&");

}

}

sb.append("key=" + ConfigUtil.API_KEY);

//算出摘要

String mysign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toLowerCase();

String tenpaySign = ((String)packageParams.get("sign")).toLowerCase();

//System.out.println(tenpaySign + " " + mysign);

return tenpaySign.equals(mysign);

}

/**

* @Description:sign签名

* @param characterEncoding 编码格式

* @param parameters 请求参数

* @return

*/

public static String createSign(String characterEncoding,SortedMap parameters){

StringBuffer sb = new StringBuffer();

Set es = parameters.entrySet();

Iterator it = es.iterator();

while(it.hasNext()) {

Map.Entry entry = (Map.Entry)it.next();

String k = (String)entry.getKey();

Object v = entry.getValue();

if(null != v && !"".equals(v)

&& !"sign".equals(k) && !"key".equals(k)) {

sb.append(k + "=" + v + "&");

}

}

sb.append("key="+ConfigUtil.API_KEY);

String sign = MD5Util.MD5Encode(sb.toString(), characterEncoding).toUpperCase();

return sign;

}

/**

* @Description:将请求参数转换为xml格式的string

* @param parameters 请求参数

* @return

*/

public static String getRequestXml(SortedMap parameters){

StringBuffer sb = new StringBuffer();

sb.append("");

Set es = parameters.entrySet();

Iterator it = es.iterator();

while(it.hasNext()) {

Map.Entry entry = (Map.Entry)it.next();

String k = (String)entry.getKey();

String v = (String)entry.getValue();

if ("attach".equalsIgnoreCase(k)||"body".equalsIgnoreCase(k)) {

sb.append("<"+k+">"+"");

}else {

sb.append("<"+k+">"+v+"");

}

}

sb.append("");

return sb.toString();

}

/**

* @Description:返回给微信的参数

* @param return_code 返回编码

* @param return_msg 返回信息

* @return

*/

public static String setXML(String return_code, String return_msg) {

return "

+ "]]>

+ "]]>";

}

/**

* 发送https请求

* @param requestUrl 请求地址

* @param requestMethod 请求方式(GET、POST)

* @param outputStr 提交的数据

* @return 返回微信服务器响应的信息

*/

public static String httpsRequest(String requestUrl, String requestMethod, String outputStr) {

try {

// 创建SSLContext对象,并使用我们指定的信任管理器初始化

TrustManager[] tm = { new MyX509TrustManager() };

SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");

sslContext.init(null, tm, new java.security.SecureRandom());

// 从上述SSLContext对象中得到SSLSocketFactory对象

SSLSocketFactory ssf = sslContext.getSocketFactory();

URL url = new URL(requestUrl);

HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

//conn.setSSLSocketFactory(ssf);

conn.setDoOutput(true);

conn.setDoInput(true);

conn.setUseCaches(false);

// 设置请求方式(GET/POST)

conn.setRequestMethod(requestMethod);

conn.setRequestProperty("content-type", "application/x-www-form-urlencoded");

// 当outputStr不为null时向输出流写数据

if (null != outputStr) {

OutputStream outputStream = conn.getOutputStream();

// 注意编码格式

outputStream.write(outputStr.getBytes("UTF-8"));

outputStream.close();

}

// 从输入流读取返回内容

InputStream inputStream = conn.getInputStream();

InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");

BufferedReader bufferedReader = new BufferedReader(inputStreamReader);

String str = null;

StringBuffer buffer = new StringBuffer();

while ((str = bufferedReader.readLine()) != null) {

buffer.append(str);

}

// 释放资源

bufferedReader.close();

inputStreamReader.close();

inputStream.close();

inputStream = null;

conn.disconnect();

return buffer.toString();

} catch (ConnectException ce) {

// log.error("连接超时:{}", ce);

} catch (Exception e) {

// log.error("https请求异常:{}", e);

}

return null;

}

/**

* 发送https请求

*

* @param requestUrl 请求地址

* @param requestMethod 请求方式(GET、POST)

* @param outputStr 提交的数据

* @return JSONObject(通过JSONObject.get(key)的方式获取json对象的属性值)

*/

public static JSONObject httpsRequest(String requestUrl, String requestMethod) {

JSONObject jsonObject = null;

try {

// 创建SSLContext对象,并使用我们指定的信任管理器初始化

TrustManager[] tm = { new MyX509TrustManager() };

SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");

sslContext.init(null, tm, new java.security.SecureRandom());

// 从上述SSLContext对象中得到SSLSocketFactory对象

SSLSocketFactory ssf = sslContext.getSocketFactory();

URL url = new URL(requestUrl);

HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

//conn.setSSLSocketFactory(ssf);

conn.setDoOutput(true);

conn.setDoInput(true);

conn.setUseCaches(false);

conn.setConnectTimeout(3000);

// 设置请求方式(GET/POST)

conn.setRequestMethod(requestMethod);

//conn.setRequestProperty("content-type", "application/x-www-form-urlencoded");

// 当outputStr不为null时向输出流写数据

// 从输入流读取返回内容

InputStream inputStream = conn.getInputStream();

InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");

BufferedReader bufferedReader = new BufferedReader(inputStreamReader);

String str = null;

StringBuffer buffer = new StringBuffer();

while ((str = bufferedReader.readLine()) != null) {

buffer.append(str);

}

// 释放资源

bufferedReader.close();

inputStreamReader.close();

inputStream.close();

inputStream = null;

conn.disconnect();

jsonObject = JSONObject.parseObject(buffer.toString());

} catch (ConnectException ce) {

// log.error("连接超时:{}", ce);

} catch (Exception e) {

System.out.println(e);

// log.error("https请求异常:{}", e);

}

return jsonObject;

}

public static String urlEncodeUTF8(String source){

String result = source;

try {

result = java.net.URLEncoder.encode(source,"utf-8");

} catch (UnsupportedEncodingException e) {

e.printStackTrace();

}

return result;

}

}

XMLUtil .java

package com.cia.util.wxpay;

import java.io.ByteArrayInputStream;

import java.io.IOException;

import java.io.InputStream;

import java.util.HashMap;

import java.util.Iterator;

import java.util.List;

import java.util.Map;

import org.jdom.Document;

import org.jdom.Element;

import org.jdom.JDOMException;

import org.jdom.input.SAXBuilder;

public class XMLUtil {

/**

* 解析xml,返回第一级元素键值对。如果第一级元素有子节点,则此节点的值是子节点的xml数据。

* @param strxml

* @return

* @throws JDOMException

* @throws IOException

*/

public static Map doXMLParse(String strxml) throws JDOMException, IOException {

strxml = strxml.replaceFirst("encoding=\".*\"", "encoding=\"UTF-8\"");

if(null == strxml || "".equals(strxml)) {

return null;

}

Map m = new HashMap();

InputStream in = new ByteArrayInputStream(strxml.getBytes("UTF-8"));

SAXBuilder builder = new SAXBuilder();

Document doc = builder.build(in);

Element root = doc.getRootElement();

List list = root.getChildren();

Iterator it = list.iterator();

while(it.hasNext()) {

Element e = (Element) it.next();

String k = e.getName();

String v = "";

List children = e.getChildren();

if(children.isEmpty()) {

v = e.getTextNormalize();

} else {

v = XMLUtil.getChildrenText(children);

}

m.put(k, v);

}

//关闭流

in.close();

return m;

}

/**

* 获取子结点的xml

* @param children

* @return String

*/

public static String getChildrenText(List children) {

StringBuffer sb = new StringBuffer();

if(!children.isEmpty()) {

Iterator it = children.iterator();

while(it.hasNext()) {

Element e = (Element) it.next();

String name = e.getName();

String value = e.getTextNormalize();

List list = e.getChildren();

sb.append("<" + name + ">");

if(!list.isEmpty()) {

sb.append(XMLUtil.getChildrenText(list));

}

sb.append(value);

sb.append("");

}

}

return sb.toString();

}

}

MD5Util.java

package com.cia.util.wxpay;

import java.security.MessageDigest;

public class MD5Util {

private static String byteArrayToHexString(byte b[]) {

StringBuffer resultSb = new StringBuffer();

for (int i = 0; i < b.length; i++)

resultSb.append(byteToHexString(b[i]));

return resultSb.toString();

}

private static String byteToHexString(byte b) {

int n = b;

if (n < 0)

n += 256;

int d1 = n / 16;

int d2 = n % 16;

return hexDigits[d1] + hexDigits[d2];

}

public static String MD5Encode(String origin, String charsetname) {

String resultString = null;

try {

resultString = new String(origin);

MessageDigest md = MessageDigest.getInstance("MD5");

if (charsetname == null || "".equals(charsetname))

resultString = byteArrayToHexString(md.digest(resultString

.getBytes()));

else

resultString = byteArrayToHexString(md.digest(resultString

.getBytes(charsetname)));

} catch (Exception exception) {

}

return resultString;

}

private static final String hexDigits[] = { "0", "1", "2", "3", "4", "5",

"6", "7", "8", "9", "a", "b", "c", "d", "e", "f" };

}

MyX509TrustManager.java

package com.cia.util.wxpay;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.X509TrustManager;

/**

* 信任管理器

*/

public class MyX509TrustManager implements X509TrustManager {

// 检查客户端证书

public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

}

// 检查服务器端证书

public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

}

// 返回受信任的X509证书数组

public X509Certificate[] getAcceptedIssuers() {

return null;

}

}

以上统一下单及回调中的订单的查询,根据自己的实际情况提供service查询,就不写出来了。所以贴上来可能有错,把错误的地方改成自己的代码就行了。

点击入群领取Java架构资料,电子书,2020年面试资料

你可能感兴趣的:(微信支付 APP支付 Java 服务器端)