restful接口返回JSONObject和父类抽象实现类设计,请求头获取sign和支付宝RSA签名验签工具类方法

restful接口返回JSONObject和父类抽象实现类设计,请求头获取sign和支付宝RSA签名验签工具类方法

1.
JSONObject可以通用数据的灵活性，类似Map数据，数据字段不清晰。具体返回类，如：AutoPayResultVo
// http响应结果载体
JSONObject result = new JSONObject();
// 业务处理结果载体
JSONObject response = new JSONObject();

response.put("code", "40004");
response.put("msg", "Business Failed");
response.put("sub_code", "ISV-VERIFICATION-FAILED");
response.put("sub_msg", "验签失败");

result.put("response",response);

2.父类实现通用接口设计，以下伪代码。
//2.1使用父类Object
private void saveSpiAndOpenApiService(Object request, Object result) {
//instanceof判断
if(request instanceof CreateRequest) {

}

}

//2.2使用父类BaseOutResponseVo，获取签名方法
private BaseSignResponseVo getSign(BaseOutResponseVo response) throws AlipayApiException {

}

//子类实现类
CreateResponse extends BaseOutResponseVo
ReleaseResponse extends BaseOutResponseVo
SyncResponse extends BaseOutResponseVo

//调用,调用获取签名
getSign(createResponse);
getSign(releaseResponse);
getSign(syncResponse);

3.HttpServletRequest获取header参数 sign
//接口增加 HttpServletRequest request, 参数，也可以不写，如果需要从请求头中获取参数，则需要该request参数。
@RequestMapping(value = "/public/pay/payBatch",method=RequestMethod.POST)
public Response<AutoPayResultVo> pay(@Valid HttpServletRequest request, @RequestBody PayVo payVo,BindingResult result){

//HttpServletRequest获取header参数 sign
Map<String, String> headers = getHeaders(request);
String signStr = headers.get("byte-signature");

}

//从请求头中获取参数
private static Map<String, String> getHeaders(HttpServletRequest request) {
Map<String, String> headerMap = new HashMap<>();
Enumeration<String> enumeration = request.getHeaderNames();
while (enumeration.hasMoreElements()) {
String name = enumeration.nextElement();
String value = request.getHeader(name);
headerMap.put(name, value);
}
return headerMap;
}

4.
支付宝sdk签名和验签，可以按工具类来使用。

compile("com.alipay.sdk:alipay-sdk-java:4.39.70.ALL")

商户 》》支付宝
//商户私钥签名
String sign = AlipaySignature.rsaSign(contentToSignJson, isvPrivateKey, "UTF-8", "RSA2");
//商户公钥验签
boolean isPass = AlipaySignature.rsaCheck(GsonUtils.toJson(request), sign, alipayPublicKey, "UTF-8","RSA2");

支付宝 》》 商户
//支付宝私钥签名
//支付宝公钥解密