java_小程序和Android app开通微信支付

  近段时间我们app增加了几个第三方收费的接口,所以一直免费的app现在要开始收费了,app界面上的改造就是在收费的功能上增加了vip标示,只有充值了vip,这些功能才能查看。

  这款app有Android版、ios版和小程序版,接下来我就切入正题,总结记录一下开发小程序和Android微信支付的过程。

 首先呢就是结合自己业务场景,设计表结构,这就不细说了,业务场景都不同,简单带过。

 其次需要调研微信开放平台,这里贴上官网地址 https://pay.weixin.qq.com/wiki/doc/apiv3/index.shtml  注意:目前文档支持新旧两个版本,我这里是用的旧版V2版

这个是小程序具体开发文档地址 https://pay.weixin.qq.com/wiki/doc/api/wxa/wxa_api.php?chapter=7_7&index=5

下边贴上我的核心代码,具体说一下踩过的坑

注意:有个前提就是开发前,需要先去微信申请 商户号,这个很关键,需要提前申请,这个很耗时

1.首先pom文件加入jar包依赖

       <dependency>
           <groupId>com.github.wxpay</groupId>
           <artifactId>wxpay-sdk</artifactId>
           <version>0.0.3</version>
       </dependency>

2.获取预支付交易会话标识


/**
     * 获取预支付交易会话标识
     * @param username
     * @param openid
     * @return
     */
    @RequestMapping("/getPrepayId")
    @ResponseBody
    public ResponseJSON getPrepayId(String username, String openid, HttpServletRequest request) {
        if(StringUtils.isNotBlank(openid)) {
            return wxpay(username, openid, request); //小程序 需要openid
        }else {
            return apppay(username, request); //Android 不需要openid
        }
    }
    
    /**
     * 小程序支付
     * @return
     */
    private ResponseJSON wxpay(String username, String openid, HttpServletRequest request){
        ResponseJSON responseJSON = ResponseJSON.instance();
        try {
            responseJSON.setSuccess(false);
            Map<String, String> respData; 
            WxpayParam wxpayParam = new WxpayParam();
            OurWxPayConfig ourWxPayConfig = new OurWxPayConfig();
            WXPay wxPay = new WXPay(ourWxPayConfig, SignType.MD5, false);
            //根据微信支付api来设置
            Map<String, String> data = new HashMap<>();
            String seckey = "";
            data.put("nonce_str", RandomUtil.get32Num()); // 随机字符串小于32位
            data.put("trade_type", "JSAPI"); //小程序 JSAPI
            data.put("mch_id", ourWxPayConfig.getMchID()); //商户号
            data.put("appid", ourWxPayConfig.getAppID());//小程序id
            seckey = ourWxPayConfig.getKey();
            data.put("openid", openid);
            data.put("notify_url", notifyUrl); //回调地址 这个是支付成功后回调我们系统的地址,这里有个坑,url必须是http,https调不通
            data.put("spbill_create_ip", IPUtils.getIpAddr(request)); //终端ip
            data.put("total_fee", wxpayParam.getTotalFee()); //订单总金额
            data.put("out_trade_no", RandomUtil.creatid(30)); //交易号
            data.put("body", wxpayParam.getBody());//商品描述
            String s = WXPayUtil.generateSignature(data, seckey); //签名 data必须是这几个字段,不然会提示加密失败
            data.put("sign", s);
            respData = wxPay.unifiedOrder(data);if (respData.get("return_code").equals("SUCCESS")) {
                //返回给小程序端的参数,小程序端再调起支付接口
                Map<String, String> repData = new HashMap<>();
                repData.put("appId", ourWxPayConfig.getAppID());
                repData.put("nonceStr", RandomUtil.get32Num());
                repData.put("package", "prepay_id=" + respData.get("prepay_id"));
                repData.put("signType","MD5");
                repData.put("timeStamp", String.valueOf(System.currentTimeMillis() / 1000));
                String sign = WXPayUtil.generateSignature(repData, seckey); //签名 repData必须也是这几个字段,不然小程序拉起支付会失败
                repData.put("paySign", sign);
                repData.put("prepay_id",  respData.get("prepay_id"));
                repData.put("out_trade_no", data.get("out_trade_no"));
                repData.put("username", username);// 这个参数是我们平台的手机号
                repData.put("amount",  wxpayParam.getTotalFee());
                responseJSON.setSuccess(true);
                responseJSON.setData(repData);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return responseJSON;
    }
    
    /**
     * 安卓支付
     * @param username
     * @param request
     * @return
     */
    private ResponseJSON apppay(String username, HttpServletRequest request){
        ResponseJSON responseJSON = ResponseJSON.instance();
        /** wxPay.unifiedOrder 这个方法中调用微信统一下单接口 */
        Map<String, String> respData; 
        try {
            responseJSON.setSuccess(false);
            WxpayParam wxpayParam = new WxpayParam();
            OurAppPayConfig ourAppPayConfig = new OurAppPayConfig();
            WXPay wxPay = new WXPay(ourAppPayConfig, SignType.MD5, false);
            //根据微信支付api来设置
            Map<String, String> data = new HashMap<>();
            String seckey = "";
            data.put("nonce_str", RandomUtil.get32Num()); // 随机字符串小于32位
            data.put("trade_type", "APP"); //小程序 JSAPI
            data.put("mch_id", ourAppPayConfig.getMchID()); //商户号
            data.put("appid", ourAppPayConfig.getAppID());//小程序id 注意:安卓支付 商户号和appID可以用小程序的,但是需要在微信平台绑定并开通
            seckey = ourAppPayConfig.getKey();
            data.put("notify_url", notifyUrl); //回调地址 注意的地方同上
            data.put("spbill_create_ip", IPUtils.getIpAddr(request)); //终端ip
            data.put("total_fee", wxpayParam.getTotalFee()); //订单总金额
            data.put("out_trade_no", RandomUtil.creatid(30)); //交易号
            data.put("body", wxpayParam.getBody());//商品描述
            String s = WXPayUtil.generateSignature(data, seckey); //签名
            data.put("sign", s);
            respData = wxPay.unifiedOrder(data);if (respData.get("return_code").equals("SUCCESS")) {
                //返回给APP端的参数,APP端再调起支付接口
                Map<String, String> repData = new HashMap<>();
                repData.put("appid", ourAppPayConfig.getAppID());
                repData.put("partnerid", ourAppPayConfig.getMchID());
                repData.put("prepayid", respData.get("prepay_id"));
                repData.put("package", "Sign=WXPay");
                repData.put("noncestr", RandomUtil.get32Num());
                repData.put("timestamp", String.valueOf(System.currentTimeMillis() / 1000));
                for(String key :repData.keySet()) {
                    String value1 = repData.get(key);
                }
                String sign = WXPayUtil.generateSignature(repData, seckey); //签名
                repData.put("sign", sign);
                repData.put("prepay_id",  respData.get("prepay_id"));
                repData.put("out_trade_no", data.get("out_trade_no"));
                repData.put("username", username);
                repData.put("amount",  wxpayParam.getTotalFee());
                responseJSON.setSuccess(true);
                responseJSON.setData(repData);
            }else {
                responseJSON.setMessage(respData.get("return_msg"));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return responseJSON;
    }

 


下边添加一下代码中引用的几个工具类

IPUtils.java

import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

public class IPUtils {

    private static Logger logger = LoggerFactory.getLogger(IPUtils.class);

    /**
     * 获取IP地址
     * 
     * 使用Nginx等反向代理软件, 则不能通过request.getRemoteAddr()获取IP地址
     * 如果使用了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP地址,X-Forwarded-For中第一个非unknown的有效IP字符串,则为真实IP地址
     */
    public static String getIpAddr(HttpServletRequest request) {
        String ip = null;
        try {
            ip = request.getHeader("x-forwarded-for");
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("Proxy-Client-IP");
            }
            if (StringUtils.isEmpty(ip) || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("WL-Proxy-Client-IP");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_CLIENT_IP");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_X_FORWARDED_FOR");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getRemoteAddr();
            }
        } catch (Exception e) {
            logger.error("IPUtils ERROR ", e);
        }

        //使用代理,则获取第一个IP地址
        if(StringUtils.isEmpty(ip) && ip.length() > 15) {
          if(ip.indexOf(",") > 0) {
              ip = ip.substring(0, ip.indexOf(","));
          }
      }

        return ip;
    }
}

OurWxPayConfig.java

import java.io.InputStream;

import com.github.wxpay.sdk.WXPayConfig;

public class OurWxPayConfig implements WXPayConfig{

    @Override
    public String getAppID() {
        return "123"; //改成自己的
    }
    
    @Override
    public String getMchID() {
        return "123"; //改成自己的
    }
    
    @Override
    public String getKey() {
        return "123456"; //自己设定 然后同步到微信平台
    }
    
    @Override
    public InputStream getCertStream() {
        return null;
    }

    @Override
    public int getHttpConnectTimeoutMs() {
        return 0;
    }

    @Override
    public int getHttpReadTimeoutMs() {
        return 0;
    }

}

RandomUtil.java

import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Random;

public class RandomUtil {

    /**
     * 生成32位随机数
     * @return
     */
    public static String get32Num() {
        Random rand = new Random();
        StringBuffer sb=new StringBuffer();
        for (int i=1;i<=31;i++){
            int randNum = rand.nextInt(9)+1;
            String num=randNum+"";
            sb=sb.append(num);
        }
        String random=String.valueOf(sb);
        return random;
    }
    
    /**
     * 生成订单号
     * @param endIndex
     * @return
     */
    public static String creatid(int endIndex){
        String id=""; 
        SimpleDateFormat sf = new SimpleDateFormat("yyyyMMddHHmmss"); 
        String tc = sf.format(new Date()); 
        double du = Math.random();
        String random = String.valueOf(du);
        random = random.length()<18?random+"000":random;
        String sj = random.substring(2, 18);
        id=(tc+sj).substring(0, endIndex);
        return id;
    }
    
    public static void main(String[] args) {
        RandomUtil randomUtil= new RandomUtil();
        System.out.println(randomUtil.creatid(30));
                
    }
    
}

WxpayParam.java

import java.math.BigDecimal;

public class WxpayParam {

    /** 微信支付的金额是String类型 并且是以分为单位
     * 下面举个例子单位是元是怎么转为分的
     * */
    BigDecimal totalPrice  = new BigDecimal(399); //此时的单位是元

    private String body = "VIP会员"; //商品名称
    private String totalFee = totalPrice.multiply(new BigDecimal(100)).toBigInteger().toString();
    /** 随机数字字符串*/
    private String outTradeNo = "4784984230432842944";

    public String getBody() {
        return body;
    }

    public void setBody(String body) {
        this.body = body;
    }

    public String getTotalFee() {
        return totalFee;
    }

    public void setTotalFee(String totalFee) {
        this.totalFee = totalFee;
    }

    public String getOutTradeNo() {
        return outTradeNo;
    }

    public void setOutTradeNo(String outTradeNo) {
        this.outTradeNo = outTradeNo;
    }
}

注意:Android 11系统策略更新,需要开发者适配 这里贴上链接 对应地方需要做改动,否则不能拉起支付 https://open.weixin.qq.com/cgi-bin/announce?action=getannouncement&key=11600155960jI9EY&version=&lang=zh_CN&token=

最后贴上支付成功后回调接口的代码

/**
     * 支付回调
     * @param request
     * @param response
     * @throws Exception
     */
    @RequestMapping("/payNotify")
    @ResponseBody
    public void payNotify(HttpServletRequest request,HttpServletResponse response) throws Exception {
        logger.info("已进入微信支付回调接口-----订单支付完成回调更新订单状态");
        // 读取参数
        InputStream inputStream;
        StringBuffer sb = new StringBuffer();
        inputStream = request.getInputStream();
        String s = "";
        BufferedReader in = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
        while ((s = in.readLine()) != null) {
            sb.append(s);
        }
        in.close();
        inputStream.close();
        // 解析xml成map
        Map<String, String> map = new HashMap<String, String>();
        map = WXPayUtil.xmlToMap(sb.toString());
        // 过滤空 设置TreeMap
        SortedMap<Object, Object> packageParams = new TreeMap<Object, Object>();
        Iterator it = map.keySet().iterator();
        while (it.hasNext()) {
            String parameter = (String) it.next();
            String parameterValue = map.get(parameter);
            String v = "";
            if (null != parameterValue) {
                v = parameterValue.trim();
            }
            packageParams.put(parameter, v);
            logger.info("微信支付回调"+"key:"+parameter +"&&&&&&&&&&&value:"+ v);
            
        }
        // 账号信息
        String key = ourWxPayConfig.getKey();
        // 判断签名是否正确
        if (WXPayUtil.isSignatureValid(map, key)) {
            String resXml = "";
            if ("SUCCESS".equals((String) packageParams.get("result_code"))) {
                logger.info("支付成功");
                userVipinfoService.updateByOrderId(packageParams);//这里是更新订单表的状态,改为支付成功
                // 通知微信.异步确认成功.必写.不然会一直通知后台.八次之后就认为交易失败了.
                resXml = "<xml>" + "<return_code><![CDATA[SUCCESS]]></return_code>"
                        + "<return_msg><![CDATA[OK]]></return_msg>" + "</xml> ";
            } else {
                logger.info("支付失败,错误信息:" + packageParams.get("err_code"));
                resXml = "<xml>" + "<return_code><![CDATA[FAIL]]></return_code>"
                        + "<return_msg><![CDATA[报文为空]]></return_msg>" + "</xml>";

            }
            BufferedOutputStream out = new BufferedOutputStream(response.getOutputStream());
            out.write(resXml.getBytes());
            out.flush();
            out.close();
        } else {
            logger.info("通知签名验证失败");
        }
    }

这个是回调用的工具类 WXPayUtil.java

import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.util.*;
import java.security.MessageDigest;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import com.github.wxpay.sdk.WXPayConstants.SignType;


public class WXPayUtil {

    /**
     * XML格式字符串转换为Map
     *
     * @param strXML XML字符串
     * @return XML数据转换后的Map
     * @throws Exception
     */
    public static Map<String, String> xmlToMap(String strXML) throws Exception {
        Map<String, String> data = new HashMap<String, String>();
        DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
        DocumentBuilder documentBuilder= documentBuilderFactory.newDocumentBuilder();
        InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8"));
        org.w3c.dom.Document doc = documentBuilder.parse(stream);
        doc.getDocumentElement().normalize();
        NodeList nodeList = doc.getDocumentElement().getChildNodes();
        for (int idx=0; idx<nodeList.getLength(); ++idx) {
            Node node = nodeList.item(idx);
            if (node.getNodeType() == Node.ELEMENT_NODE) {
                org.w3c.dom.Element element = (org.w3c.dom.Element) node;
                data.put(element.getNodeName(), element.getTextContent());
            }
        }
        try {
            stream.close();
        }
        catch (Exception ex) {

        }
        return data;
    }

    /**
     * 将Map转换为XML格式的字符串
     *
     * @param data Map类型数据
     * @return XML格式的字符串
     * @throws Exception
     */
    public static String mapToXml(Map<String, String> data) throws Exception {
        DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
        DocumentBuilder documentBuilder= documentBuilderFactory.newDocumentBuilder();
        org.w3c.dom.Document document = documentBuilder.newDocument();
        org.w3c.dom.Element root = document.createElement("xml");
        document.appendChild(root);
        for (String key: data.keySet()) {
            String value = data.get(key);
            if (value == null) {
                value = "";
            }
            value = value.trim();
            org.w3c.dom.Element filed = document.createElement(key);
            filed.appendChild(document.createTextNode(value));
            root.appendChild(filed);
        }
        TransformerFactory tf = TransformerFactory.newInstance();
        Transformer transformer = tf.newTransformer();
        DOMSource source = new DOMSource(document);
        transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
        transformer.setOutputProperty(OutputKeys.INDENT, "yes");
        StringWriter writer = new StringWriter();
        StreamResult result = new StreamResult(writer);
        transformer.transform(source, result);
        String output = writer.getBuffer().toString(); //.replaceAll("\n|\r", "");
        try {
            writer.close();
        }
        catch (Exception ex) {
        }
        return output;
    }


    /**
     * 生成带有 sign 的 XML 格式字符串
     *
     * @param data Map类型数据
     * @param key API密钥
     * @return 含有sign字段的XML
     */
    public static String generateSignedXml(final Map<String, String> data, String key) throws Exception {
        return generateSignedXml(data, key, SignType.MD5);
    }

    /**
     * 生成带有 sign 的 XML 格式字符串
     *
     * @param data Map类型数据
     * @param key API密钥
     * @param signType 签名类型
     * @return 含有sign字段的XML
     */
    public static String generateSignedXml(final Map<String, String> data, String key, SignType signType) throws Exception {
        String sign = generateSignature(data, key, signType);
        data.put(WXPayConstants.FIELD_SIGN, sign);
        return mapToXml(data);
    }


    /**
     * 判断签名是否正确
     *
     * @param xmlStr XML格式数据
     * @param key API密钥
     * @return 签名是否正确
     * @throws Exception
     */
    public static boolean isSignatureValid(String xmlStr, String key) throws Exception {
        Map<String, String> data = xmlToMap(xmlStr);
        if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
            return false;
        }
        String sign = data.get(WXPayConstants.FIELD_SIGN);
        return generateSignature(data, key).equals(sign);
    }

    /**
     * 判断签名是否正确,必须包含sign字段,否则返回false。使用MD5签名。
     *
     * @param data Map类型数据
     * @param key API密钥
     * @return 签名是否正确
     * @throws Exception
     */
    public static boolean isSignatureValid(Map<String, String> data, String key) throws Exception {
        return isSignatureValid(data, key, SignType.MD5);
    }

    /**
     * 判断签名是否正确,必须包含sign字段,否则返回false。
     *
     * @param data Map类型数据
     * @param key API密钥
     * @param signType 签名方式
     * @return 签名是否正确
     * @throws Exception
     */
    public static boolean isSignatureValid(Map<String, String> data, String key, SignType signType) throws Exception {
        if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
            return false;
        }
        String sign = data.get(WXPayConstants.FIELD_SIGN);
        return generateSignature(data, key, signType).equals(sign);
    }

    /**
     * 生成签名
     *
     * @param data 待签名数据
     * @param key API密钥
     * @return 签名
     */
    public static String generateSignature(final Map<String, String> data, String key) throws Exception {
        return generateSignature(data, key, SignType.MD5);
    }

    /**
     * 生成签名. 注意,若含有sign_type字段,必须和signType参数保持一致。
     *
     * @param data 待签名数据
     * @param key API密钥
     * @param signType 签名方式
     * @return 签名
     */
    public static String generateSignature(final Map<String, String> data, String key, SignType signType) throws Exception {
        Set<String> keySet = data.keySet();
        String[] keyArray = keySet.toArray(new String[keySet.size()]);
        Arrays.sort(keyArray);
        StringBuilder sb = new StringBuilder();
        for (String k : keyArray) {
            if (k.equals(WXPayConstants.FIELD_SIGN)) {
                continue;
            }
            if (data.get(k).trim().length() > 0) // 参数值为空,则不参与签名
                sb.append(k).append("=").append(data.get(k).trim()).append("&");
        }
        sb.append("key=").append(key);
        if (SignType.MD5.equals(signType)) {
            return MD5(sb.toString()).toUpperCase();
        }
        else if (SignType.HMACSHA256.equals(signType)) {
            return HMACSHA256(sb.toString(), key);
        }
        else {
            throw new Exception(String.format("Invalid sign_type: %s", signType));
        }
    }


    /**
     * 获取随机字符串 Nonce Str
     *
     * @return String 随机字符串
     */
    public static String generateNonceStr() {
        return UUID.randomUUID().toString().replaceAll("-", "").substring(0, 32);
    }


    /**
     * 生成 MD5
     *
     * @param data 待处理数据
     * @return MD5结果
     */
    public static String MD5(String data) throws Exception {
        java.security.MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] array = md.digest(data.getBytes("UTF-8"));
        StringBuilder sb = new StringBuilder();
        for (byte item : array) {
            sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
        }
        return sb.toString().toUpperCase();
    }

    /**
     * 生成 HMACSHA256
     * @param data 待处理数据
     * @param key 密钥
     * @return 加密结果
     * @throws Exception
     */
    public static String HMACSHA256(String data, String key) throws Exception {
        Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
        SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256");
        sha256_HMAC.init(secret_key);
        byte[] array = sha256_HMAC.doFinal(data.getBytes("UTF-8"));
        StringBuilder sb = new StringBuilder();
        for (byte item : array) {
            sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
        }
        return sb.toString().toUpperCase();
    }
}

 以上就是全部核心代码和开发过程中,踩过的坑,希望可以帮到大家,避免踩同样的坑。还提示一点,如果小程序和app没有控制重复点击问题,后端接口需要防止高并发,我这里推荐redis同步锁来解决这一问题。下一篇文章将介绍ios app开发的内容。

这个是支付成功后回调我们系统的地址,这里有个坑,url必须是http,https调不通

posted on 2021-03-17 11:30  boboxing2017  阅读(142)  评论(0编辑  收藏  举报