Java Code Examples for com.alipay.api.internal.util.AlipaySignature

The following examples show how to use com.alipay.api.internal.util.AlipaySignature. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: yshopmall   Author: guchengwuyue   File: AlipayUtils.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 校验签名
 * @param request HttpServletRequest
 * @param alipay 阿里云配置
 * @return boolean
 */
public boolean rsaCheck(HttpServletRequest request, AlipayConfig alipay){

    // 获取支付宝POST过来反馈信息
    Map<String,String> params = new HashMap<>(1);
    Map requestParams = request.getParameterMap();
    for (Object o : requestParams.keySet()) {
        String name = (String) o;
        String[] values = (String[]) requestParams.get(name);
        String valueStr = "";
        for (int i = 0; i < values.length; i++) {
            valueStr = (i == values.length - 1) ? valueStr + values[i]
                    : valueStr + values[i] + ",";
        }
        params.put(name, valueStr);
    }

    try {
        return AlipaySignature.rsaCheckV1(params,
                alipay.getPublicKey(),
                alipay.getCharset(),
                alipay.getSignType());
    } catch (AlipayApiException e) {
        return false;
    }
}
 
Example #2
Source Project: eladmin   Author: elunez   File: AlipayUtils.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 校验签名
 * @param request HttpServletRequest
 * @param alipay 阿里云配置
 * @return boolean
 */
public boolean rsaCheck(HttpServletRequest request, AlipayConfig alipay){

    // 获取支付宝POST过来反馈信息
    Map<String,String> params = new HashMap<>(1);
    Map<String, String[]> requestParams = request.getParameterMap();
    for (Object o : requestParams.keySet()) {
        String name = (String) o;
        String[] values = requestParams.get(name);
        String valueStr = "";
        for (int i = 0; i < values.length; i++) {
            valueStr = (i == values.length - 1) ? valueStr + values[i]
                    : valueStr + values[i] + ",";
        }
        params.put(name, valueStr);
    }

    try {
        return AlipaySignature.rsaCheckV1(params,
                alipay.getPublicKey(),
                alipay.getCharset(),
                alipay.getSignType());
    } catch (AlipayApiException e) {
        return false;
    }
}
 
Example #3
Source Project: alipay-sdk-java-all   Author: alipay   File: Message.java    License: Apache License 2.0 6 votes vote down vote up
public static boolean checkSign(Message message, String alipayPublicKey) throws IllegalArgumentException {
    if (!("message".equals(message.getxType()) && MsgConstants.MSG_CMD_CONSUME.equals(message.getxCmd()))) {
        return true;
    }

    if (StringUtils.isEmpty(message.getxSignType()) || StringUtils.isEmpty(message.getxSign())
            || StringUtils.isEmpty(message.getxCharset()) || StringUtils.isEmpty(alipayPublicKey)) {
        throw new IllegalArgumentException("can not check sign, miss x-signType or x-sign or x-charset.");
    }
    String signContent = extractSignContent(message.getBody());
    if (StringUtils.isEmpty(signContent)) {
        throw new IllegalArgumentException("can not check sign, miss signContent.");
    }
    try {
        return AlipaySignature.rsaCheck(signContent, message.getxSign(), alipayPublicKey, message.getxCharset(),
                message.getxSignType());
    } catch (Throwable t) {
        throw new IllegalArgumentException("check sign fail. exception:" + t.getCause().getMessage());
    }
}
 
Example #4
Source Project: alipay-sdk-java-all   Author: alipay   File: Message.java    License: Apache License 2.0 6 votes vote down vote up
public static void addSign(Message message, String appPrivateKey) {
    if (!("message".equals(message.getxType()) && MsgConstants.MSG_CMD_PRODUCE.equals(message.getxCmd()))) {
        return;
    }
    if (StringUtils.isEmpty(message.getxSignType()) || StringUtils.isEmpty(message.getxCharset())
            || StringUtils.isEmpty(appPrivateKey)) {
        throw new IllegalArgumentException("can not add sign, miss x-signType or x-charset.");
    }

    String signContent = genDataPart(message);
    if (StringUtils.isEmpty(signContent)) {
        throw new IllegalArgumentException("can not add sign, miss signContent.");
    }
    try {
        message.setxSign(AlipaySignature.rsaSign(signContent, appPrivateKey, message.getxCharset(),
                message.getxSignType()));
    } catch (Throwable t) {
        throw new IllegalArgumentException("add sign fail. exception:" + t.getMessage());
    }
}
 
Example #5
Source Project: alipay-sdk-java-all   Author: alipay   File: JsonConverter.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 获取签名源串内容
 *
 * @param body
 * @param rootNode
 * @param indexOfRootNode
 * @return
 */
private String parseSignSourceData(String body, String rootNode, int indexOfRootNode) throws AlipayApiException {

    //第一个字母+长度+冒号+引号
    int signDataStartIndex = indexOfRootNode + rootNode.length() + 2;

    int indexOfSign = body.indexOf("\"" + AlipayConstants.SIGN + "\"");
    if (indexOfSign < 0) {
        return null;
    }

    SignSourceData signSourceData = AlipaySignature.extractSignContent(body, signDataStartIndex);

    //如果提取的待验签原始内容后还有root
    if (body.lastIndexOf(rootNode) > signSourceData.getEndIndex()) {
        throw new AlipayApiException("检测到响应报文中有重复的" + rootNode + ",验签失败。");
    }

    return signSourceData.getSourceData();
}
 
Example #6
Source Project: alipay-sdk-java-all   Author: alipay   File: RSACheckTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa() throws AlipayApiException {
    //given
    Map<String, String> parameters = new HashMap<String, String>() {};
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("sign_type", "RSA");
    parameters.put("sign",
            "RkEZgdCVF4TF48+tVZlPLEUMgrOoff3TGynWtXRUmzMXxmsCX8Y9YtpZE+NNg/JGpYQ5htTDd8PXVqiG5fqvzE2g4ugDutr"
                    + "++BeQ2eJQ1uhasp6VIPTSAPWHRD7FSXqZfOoWvxeFHF9WGnzXw5eueOdGMZYXdjhR6srj+ZAeJxyR402FVNbRuI"
                    + "/hDZVq27xWi4CQ2ffdV0lf7E2V/HMUPXECbIKkTnLXrwJBmsLgTGbTDGf7pGo0y0rkRvdsg9BmPPswfTeq"
                    + "/o2rlxD0XxrK1MPZ4uSPFhpdWVEyNchtXEfKoVsaYeVXV3cMfZi9zcKc6RCE8ezF9LxRJp1R0BxKEg==");
    //when
    boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA");
    //then
    assertThat(result, is(true));
}
 
Example #7
Source Project: alipay-sdk-java-all   Author: alipay   File: RSACheckTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa2() throws AlipayApiException {
    //given
    Map<String, String> parameters = new HashMap<String, String>();
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("sign_type", "RSA2");
    parameters.put("sign",
            "JzoDc8VxY1/w6yN9WdWV10aipS3YcRpK"
                    + "+jw4xfLybf90ZK9L3AHLUJbNLWVnHW3IuLoJbBeSGVxSbPBhe4ggPklcYUkPowgtlZ6YlthuQDtjF23h2obXuXkQRd"
                    + "+RPbDWvOA5AYQjsKH8uSHil5aRARewPIPhukl9Mn4HEovUccsBR/RirQFSGmGYiMM0zvhVSR7pXZDEhiADzvzAkvVVTI1"
                    + "/HbNqcoBU4ctSPAGsuDPO/mah1+IwGQAuPP6xoEPL"
                    + "+3zQ0wztQCwHT2o8aQmxFJ9a09q8ybRprHaNjCgTaLDeTWE0o1pllZIE8c7wnG3cOuj6quYjTcQyLm6P4M87Zw==");
    //when
    boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA2");
    //then
    assertThat(result, is(true));
}
 
Example #8
Source Project: alipay-sdk-java-all   Author: alipay   File: CertificateRSACheckTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa() throws AlipayApiException {
    //given
    Map<String, String> parameters = new HashMap<String, String>() {};
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("sign_type", "RSA");
    parameters.put("sign",
            "RkEZgdCVF4TF48+tVZlPLEUMgrOoff3TGynWtXRUmzMXxmsCX8Y9YtpZE+NNg/JGpYQ5htTDd8PXVqiG5fqvzE2g4ugDutr"
                    + "++BeQ2eJQ1uhasp6VIPTSAPWHRD7FSXqZfOoWvxeFHF9WGnzXw5eueOdGMZYXdjhR6srj+ZAeJxyR402FVNbRuI"
                    + "/hDZVq27xWi4CQ2ffdV0lf7E2V/HMUPXECbIKkTnLXrwJBmsLgTGbTDGf7pGo0y0rkRvdsg9BmPPswfTeq"
                    + "/o2rlxD0XxrK1MPZ4uSPFhpdWVEyNchtXEfKoVsaYeVXV3cMfZi9zcKc6RCE8ezF9LxRJp1R0BxKEg==");
    //when
    boolean result = AlipaySignature.rsaCertCheckV2(parameters, TestAccount.ProdCert.CERT_PARAMS.getCertPath(), "utf-8", "RSA");
    //then
    assertThat(result, is(true));
}
 
Example #9
Source Project: alipay-sdk-java-all   Author: alipay   File: CertificateRSACheckTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa2() throws AlipayApiException {
    //given
    Map<String, String> parameters = new HashMap<String, String>();
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("sign_type", "RSA2");
    parameters.put("sign",
            "JzoDc8VxY1/w6yN9WdWV10aipS3YcRpK"
                    + "+jw4xfLybf90ZK9L3AHLUJbNLWVnHW3IuLoJbBeSGVxSbPBhe4ggPklcYUkPowgtlZ6YlthuQDtjF23h2obXuXkQRd"
                    + "+RPbDWvOA5AYQjsKH8uSHil5aRARewPIPhukl9Mn4HEovUccsBR/RirQFSGmGYiMM0zvhVSR7pXZDEhiADzvzAkvVVTI1"
                    + "/HbNqcoBU4ctSPAGsuDPO/mah1+IwGQAuPP6xoEPL"
                    + "+3zQ0wztQCwHT2o8aQmxFJ9a09q8ybRprHaNjCgTaLDeTWE0o1pllZIE8c7wnG3cOuj6quYjTcQyLm6P4M87Zw==");
    //when
    boolean result = AlipaySignature.rsaCertCheckV2(parameters, TestAccount.ProdCert.CERT_PARAMS.getCertPath(), "utf-8", "RSA2");
    //then
    assertThat(result, is(true));
}
 
Example #10
Source Project: albedo   Author: somowhere   File: AliPayUtils.java    License: GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * 校验签名
 *
 * @param request HttpServletRequest
 * @param alipay  阿里云配置
 * @return boolean
 */
public boolean rsaCheck(HttpServletRequest request, AlipayConfig alipay) {

	// 获取支付宝POST过来反馈信息
	Map<String, String> params = new HashMap<>(1);
	Map requestParams = request.getParameterMap();
	for (Object o : requestParams.keySet()) {
		String name = (String) o;
		String[] values = (String[]) requestParams.get(name);
		String valueStr = "";
		for (int i = 0; i < values.length; i++) {
			valueStr = (i == values.length - 1) ? valueStr + values[i]
				: valueStr + values[i] + ",";
		}
		params.put(name, valueStr);
	}

	try {
		return AlipaySignature.rsaCheckV1(params,
			alipay.getPublicKey(),
			alipay.getCharset(),
			alipay.getSignType());
	} catch (AlipayApiException e) {
		return false;
	}
}
 
Example #11
Source Project: wish-pay   Author: fanqinghui   File: AliPayUtil.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * 返回验签结果
 *
 * @param params
 * @param aliPublicKey
 * @return
 */
public static boolean verifySignWithRSA(Map<String, String> params, String aliPublicKey) {
   /* String content = createStringUrl(params);
    String sign = params.get("sign");*/
    String sign_type = params.get("sign_type");
    try {
        return  AlipaySignature.rsaCheckV1(params, aliPublicKey, "UTF-8", sign_type);
        //return AlipaySignature.rsaCheckV2(params, aliPublicKey, UTF_8);
    } catch (AlipayApiException e) {
        e.printStackTrace();
        return false;
    }
    //String sign_type = params.get("sign_type");
   /* try {
        AlipaySignature.rsaSign(content,aliPublicKey,"UTF-8",sign_type);
    } catch (AlipayApiException e) {
        e.printStackTrace();
    }
    return verify(content, sign, aliPublicKey, "UTF-8");*/
}
 
Example #12
Source Project: pay   Author: 1991wangliang   File: DefaultAlipayClient.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * GET模式下获取跳转链接
 * 
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getRedirectUrl(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuffer urlSb = new StringBuffer(serverUrl);
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(sortedMap, charset);
        String sign = requestHolder.getProtocalMustParams().get(AlipayConstants.SIGN);
        urlSb.append("?");
        urlSb.append(sortedQuery);
        if (sign != null & sign.length() > 0) {
            Map<String, String> signMap = new HashMap<String, String>();
            signMap.put(AlipayConstants.SIGN, sign);
            String signQuery = WebUtils.buildQuery(signMap, charset);
            urlSb.append("&");
            urlSb.append(signQuery);
        }
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #13
Source Project: springboot-pay-example   Author: mengday   File: AlipayController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 校验签名
 * @param request
 * @return
 */
public boolean rsaCheckV1(HttpServletRequest request){
    // https://docs.open.alipay.com/54/106370
    // 获取支付宝POST过来反馈信息
    Map<String,String> params = new HashMap<>();
    Map requestParams = request.getParameterMap();
    for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
        String name = (String) iter.next();
        String[] values = (String[]) requestParams.get(name);
        String valueStr = "";
        for (int i = 0; i < values.length; i++) {
            valueStr = (i == values.length - 1) ? valueStr + values[i]
                    : valueStr + values[i] + ",";
        }
        params.put(name, valueStr);
    }

    try {
        boolean verifyResult = AlipaySignature.rsaCheckV1(params,
                aliPayProperties.getAlipayPublicKey(),
                aliPayProperties.getCharset(),
                aliPayProperties.getSignType());

        return verifyResult;
    } catch (AlipayApiException e) {
        log.debug("verify sigin error, exception is:{}", e);
        return false;
    }
}
 
Example #14
Source Project: springboot-pay-example   Author: mengday   File: AlipayWAPPayController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 支付宝页面跳转同步通知页面
 * @param request
 * @return
 * @throws UnsupportedEncodingException
 * @throws AlipayApiException
 */
@RequestMapping("/returnUrl")
public String returnUrl(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException, AlipayApiException {
    response.setContentType("text/html;charset=" + alipayProperties.getCharset());

    //获取支付宝GET过来反馈信息
    Map<String,String> params = new HashMap<>();
    Map requestParams = request.getParameterMap();
    for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
        String name = (String) iter.next();
        String[] values = (String[]) requestParams.get(name);
        String valueStr = "";
        for (int i = 0; i < values.length; i++) {
            valueStr = (i == values.length - 1) ? valueStr + values[i]
                    : valueStr + values[i] + ",";
        }
        //乱码解决,这段代码在出现乱码时使用。如果mysign和sign不相等也可以使用这段代码转化
        valueStr = new String(valueStr.getBytes("ISO-8859-1"), "utf-8");
        params.put(name, valueStr);
    }

    boolean verifyResult = AlipaySignature.rsaCheckV1(params, alipayProperties.getAlipayPublicKey(), alipayProperties.getCharset(), "RSA2");
    if(verifyResult){
        //验证成功
        //请在这里加上商户的业务逻辑程序代码,如保存支付宝交易号
        //商户订单号
        String out_trade_no = new String(request.getParameter("out_trade_no").getBytes("ISO-8859-1"),"UTF-8");
        //支付宝交易号
        String trade_no = new String(request.getParameter("trade_no").getBytes("ISO-8859-1"),"UTF-8");

        return "wapPaySuccess";

    }else{
        return "wapPayFail";

    }
}
 
Example #15
Source Project: alipay-sdk-java-all   Author: alipay   File: Message.java    License: Apache License 2.0 5 votes vote down vote up
private static String extractSignContent(String str) {
    if (str == null) {
        return null;
    }
    Matcher m = DATA_PATTERN.matcher(str);
    if (!m.find()) {
        return null;
    }
    return AlipaySignature.extractSignContent(str, m.end() - 1).getSourceData();
}
 
Example #16
Source Project: alipay-sdk-java-all   Author: alipay   File: DefaultSignChecker.java    License: Apache License 2.0 5 votes vote down vote up
public boolean check(String sourceContent, String signature, String signType, String charset) {
    boolean success = false;
    try {
        success = AlipaySignature.rsaCheck(sourceContent, signature, alipayPublicKey, charset, signType);
    } catch (AlipayApiException e) {
        throw new RuntimeException(e);
    }
    return success;
}
 
Example #17
Source Project: alipay-sdk-java-all   Author: alipay   File: DefaultSignChecker.java    License: Apache License 2.0 5 votes vote down vote up
public boolean checkCert(String sourceContent, String signature, String signType, String charset, String publicKey) {
    boolean success = false;
    try {
        success = AlipaySignature.rsaCheck(sourceContent, signature, publicKey, charset, signType);
    } catch (AlipayApiException e) {
        throw new RuntimeException(e);
    }
    return success;
}
 
Example #18
Source Project: alipay-sdk-java-all   Author: alipay   File: AbstractAlipayClient.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * GET模式下获取跳转链接
 *
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getRedirectUrl(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuilder urlSb = new StringBuilder(serverUrl);
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(loadTest ?
                LoadTestUtil.getParamsWithLoadTestFlag(sortedMap) : sortedMap, charset);
        urlSb.append("?");
        urlSb.append(sortedQuery);
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #19
Source Project: alipay-sdk-java-all   Author: alipay   File: AbstractAlipayClient.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 拼装sdk调用时所传参数
 *
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getSdkParams(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuilder urlSb = new StringBuilder();
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(loadTest ?
                LoadTestUtil.getParamsWithLoadTestFlag(sortedMap) : sortedMap, charset);
        urlSb.append(sortedQuery);
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #20
Source Project: alipay-sdk-java-all   Author: alipay   File: RSACheckTest.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void should_pass_rsa_check_when_charset_is_utf8() throws AlipayApiException {
    Map<String, String> parameters = new HashMap<String, String>();
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("extra", "中文测试");
    parameters.put("sign_type", "RSA2");
    parameters.put("sign",
            "KrRGUY3/2JX3KtlLgus8CbK0xuUIBDCpOdJkVzJDefez6HvlA8RA6uCVj2rrMd7DgVfarG5SROdSnkZbf8MLKHbVoFqi9w0QCvto9mc8n3ezfWejZECJVCZhbJ3OslB+4gij9+F70usrnCNEJZm02ntyNdVzcqMbgdRMB93BJIRC1jjmCotpXgXWrRdTb/SfhIAkoHqgGi2aCUHuLDInLGZCn8NeziGWMnFOic6/sE/nMpwriOmwLb2nyzD0fGiolwuuxlOGMcBHAb22J8XqchFHyCpbs2A/rWdJMjhUfqsErbtZQM93fi1xfL2pUa9RMWX0Q81Qk7iSEeHCR+NGyQ==");

    boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA2");

    assertThat(result, is(true));
}
 
Example #21
Source Project: alipay-sdk-java-all   Author: alipay   File: CertificateRSACheckTest.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void should_pass_rsa_check_when_charset_is_utf8() throws AlipayApiException {
    Map<String, String> parameters = new HashMap<String, String>();
    parameters.put("method", "koubei.marketing.data.indicator.query");
    parameters.put("app_id", "2019090366875133");
    parameters.put("extra", "中文测试");
    parameters.put("sign_type", "RSA2");
    parameters.put("sign",
            "KrRGUY3/2JX3KtlLgus8CbK0xuUIBDCpOdJkVzJDefez6HvlA8RA6uCVj2rrMd7DgVfarG5SROdSnkZbf8MLKHbVoFqi9w0QCvto9mc8n3ezfWejZECJVCZhbJ3OslB+4gij9+F70usrnCNEJZm02ntyNdVzcqMbgdRMB93BJIRC1jjmCotpXgXWrRdTb/SfhIAkoHqgGi2aCUHuLDInLGZCn8NeziGWMnFOic6/sE/nMpwriOmwLb2nyzD0fGiolwuuxlOGMcBHAb22J8XqchFHyCpbs2A/rWdJMjhUfqsErbtZQM93fi1xfL2pUa9RMWX0Q81Qk7iSEeHCR+NGyQ==");

    boolean result = AlipaySignature.rsaCertCheckV2(parameters, TestAccount.ProdCert.CERT_PARAMS.getCertPath(), "utf-8", "RSA2");

    assertThat(result, is(true));
}
 
Example #22
Source Project: paascloud-master   Author: paascloud   File: PtcPayController.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 支付宝回调信息.
 *
 * @param request the request
 *
 * @return the object
 */
@PostMapping("/alipayCallback")
@ApiOperation(httpMethod = "POST", value = "支付宝回调信息")
public Object alipayCallback(HttpServletRequest request) {
	logger.info("收到支付宝回调信息");
	Map<String, String> params = Maps.newHashMap();

	Map requestParams = request.getParameterMap();
	for (Object o : requestParams.keySet()) {
		String name = (String) o;
		String[] values = (String[]) requestParams.get(name);
		String valueStr = "";
		for (int i = 0; i < values.length; i++) {

			valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
		}
		params.put(name, valueStr);
	}
	logger.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());

	//非常重要,验证回调的正确性,是不是支付宝发的.并且呢还要避免重复通知.

	params.remove("sign_type");
	try {
		boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());

		if (!alipayRSACheckedV2) {
			return WrapMapper.error("非法请求,验证不通过,再恶意请求我就报警找网警了");
		}
	} catch (AlipayApiException e) {
		logger.error("支付宝验证回调异常", e);
	}

	//todo 验证各种数据
	Wrapper serverResponse = ptcAlipayService.aliPayCallback(params);
	if (serverResponse.success()) {
		return PtcApiConstant.AlipayCallback.RESPONSE_SUCCESS;
	}
	return PtcApiConstant.AlipayCallback.RESPONSE_FAILED;
}
 
Example #23
Source Project: MMall_JAVA   Author: Liweimin0512   File: OrderController.java    License: GNU General Public License v3.0 5 votes vote down vote up
@RequestMapping("alipay_callback.do")
public Object alipayCallback(HttpServletRequest request) {
    Map<String, String> params = Maps.newHashMap();

    Map requestParams = request.getParameterMap();
    for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext(); ) {
        String name = (String) iter.next();
        String[] values = (String[]) requestParams.get(name);
        String valueStr = "";
        for (int i = 0; i < values.length; i++) {
            valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
        }
        params.put(name, valueStr);
    }
    logger.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());

    //非常重要的一点,验证回调的正确性(确认是支付宝发送的),并且避免重复通知
    params.remove("sign_type");
    try {
        boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());

        if (!alipayRSACheckedV2) {
            return ServerResponse.createByErrorMessage("非法结束,验证不通过,再恶意请求将报警。");
        }

    } catch (AlipayApiException e) {
        logger.error("支付宝验证回调异常", e);
    }

    //todo 验证各种数据

    ServerResponse serverResponse = iOrderService.aliCallback(params);
    if (serverResponse.isSuccess()) {
        return Const.AlipayCallback.RESPONSE_SUCCESS;
    }
    return Const.AlipayCallback.RESPONSE_FAILED;
}
 
Example #24
Source Project: AppServiceRestFul   Author: wanliyang1990   File: PayAction.java    License: GNU General Public License v3.0 5 votes vote down vote up
/**
 * 支付宝回调接口
 * @param request
 * @param resp
 * @return
 */
@ResponseBody
@RequestMapping(value="/verifyalipayresult.do", method=RequestMethod.POST)
public String verifyAliPayRight(HttpServletRequest request, HttpServletResponse resp)
{
    synchronized (alilock) {
        Map<String,String> params = new HashMap<String,String>();
        Map requestParams = request.getParameterMap();
        for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
            String name = (String) iter.next();
            String[] values = (String[]) requestParams.get(name);
            String valueStr = "";
            for (int i = 0; i < values.length; i++) {
                valueStr = (i == values.length - 1) ? valueStr + values[i]
                        : valueStr + values[i] + ",";
            }
            params.put(name, valueStr);
        }
        try {
            boolean flag = AlipaySignature.rsaCheckV1(params, PayService.ALI_PUBLIC_KEY, "utf-8", "RSA2");
            if(flag)
            {
                if(params.get("trade_status").equals("TRADE_SUCCESS") && params.get("app_id").equals(PayService.ALI_APPID) && params.get("seller_id").equals("****************"))
                {
                    return payService.verifyAliPay(params);
                }
            }
        } catch (AlipayApiException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            return "fail";
        }
    }
    return "fail";
}
 
Example #25
Source Project: AppServiceRestFul   Author: wanliyang1990   File: PayAction.java    License: GNU General Public License v3.0 5 votes vote down vote up
/**
 * 支付宝回调接口
 * @param request
 * @param resp
 * @return
 */
@ResponseBody
@RequestMapping(value="/verifyalipayresult.do", method=RequestMethod.POST)
public String verifyAliPayRight(HttpServletRequest request, HttpServletResponse resp)
{
    synchronized (alilock) {
        Map<String,String> params = new HashMap<String,String>();
        Map requestParams = request.getParameterMap();
        for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
            String name = (String) iter.next();
            String[] values = (String[]) requestParams.get(name);
            String valueStr = "";
            for (int i = 0; i < values.length; i++) {
                valueStr = (i == values.length - 1) ? valueStr + values[i]
                        : valueStr + values[i] + ",";
            }
            params.put(name, valueStr);
        }
        try {
            boolean flag = AlipaySignature.rsaCheckV1(params, PayService.ALI_PUBLIC_KEY, "utf-8", "RSA2");
            if(flag)
            {
                if(params.get("trade_status").equals("TRADE_SUCCESS") && params.get("app_id").equals(PayService.ALI_APPID) && params.get("seller_id").equals("****************"))
                {
                    return payService.verifyAliPay(params);
                }
            }
        } catch (AlipayApiException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            return "fail";
        }
    }
    return "fail";
}
 
Example #26
Source Project: AppServiceRestFul   Author: wanliyang1990   File: PayAction.java    License: GNU General Public License v3.0 5 votes vote down vote up
/**
 * 支付宝回调接口
 * @param request
 * @param resp
 * @return
 */
@ResponseBody
@RequestMapping(value="/verifyalipayresult.do", method=RequestMethod.POST)
public String verifyAliPayRight(HttpServletRequest request, HttpServletResponse resp)
{
    synchronized (alilock) {
        Map<String,String> params = new HashMap<String,String>();
        Map requestParams = request.getParameterMap();
        for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext();) {
            String name = (String) iter.next();
            String[] values = (String[]) requestParams.get(name);
            String valueStr = "";
            for (int i = 0; i < values.length; i++) {
                valueStr = (i == values.length - 1) ? valueStr + values[i]
                        : valueStr + values[i] + ",";
            }
            params.put(name, valueStr);
        }
        try {
            boolean flag = AlipaySignature.rsaCheckV1(params, PayService.ALI_PUBLIC_KEY, "utf-8", "RSA2");
            if(flag)
            {
                if(params.get("trade_status").equals("TRADE_SUCCESS") && params.get("app_id").equals(PayService.ALI_APPID) && params.get("seller_id").equals("2088621136650617"))
                {
                    return payService.verifyAliPay(params);
                }
            }
        } catch (AlipayApiException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            return "fail";
        }
    }
    return "fail";
}
 
Example #27
Source Project: alipay-sdk   Author: wendal   File: DefaultAlipayClient.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * GET模式下获取跳转链接
 * 
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getRedirectUrl(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuffer urlSb = new StringBuffer(serverUrl);
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(sortedMap, charset);
        urlSb.append("?");
        urlSb.append(sortedQuery);
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #28
Source Project: alipay-sdk   Author: wendal   File: DefaultAlipayClient.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 拼装sdk调用时所传参数
 * 
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getSdkParams(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuffer urlSb = new StringBuffer();
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(sortedMap, charset);
        urlSb.append(sortedQuery);
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #29
Source Project: pay   Author: 1991wangliang   File: DefaultAlipayClient.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 拼装sdk调用时所传参数
 * 
 * @param requestHolder
 * @return
 * @throws AlipayApiException
 */
private String getSdkParams(RequestParametersHolder requestHolder) throws AlipayApiException {
    StringBuffer urlSb = new StringBuffer();
    try {
        Map<String, String> sortedMap = AlipaySignature.getSortedMap(requestHolder);
        String sortedQuery = WebUtils.buildQuery(sortedMap, charset);
        urlSb.append(sortedQuery);
    } catch (IOException e) {
        throw new AlipayApiException(e);
    }

    return urlSb.toString();
}
 
Example #30
Source Project: roncoo-pay   Author: roncoo   File: RpTradePaymentManagerServiceImpl.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 支付成功后,又是会出现页面通知早与后台通知 现页面通知,暂时不做数据处理功能,只生成页面通知URL
 *
 * @param payWayCode
 * @param resultMap
 * @return
 */
@Override
public OrderPayResultVo completeScanPayByResult(String payWayCode, Map<String, String> resultMap) {

    OrderPayResultVo orderPayResultVo = new OrderPayResultVo();

    String bankOrderNo = resultMap.get("out_trade_no");
    // 根据银行订单号获取支付信息
    RpTradePaymentRecord rpTradePaymentRecord = rpTradePaymentRecordDao.getByBankOrderNo(bankOrderNo);
    if (rpTradePaymentRecord == null) {
        throw new TradeBizException(TradeBizException.TRADE_ORDER_ERROR, ",非法订单,订单不存在");
    }

    orderPayResultVo.setOrderPrice(rpTradePaymentRecord.getOrderAmount());// 订单金额
    orderPayResultVo.setProductName(rpTradePaymentRecord.getProductName());// 产品名称

    RpTradePaymentOrder rpTradePaymentOrder = rpTradePaymentOrderDao.selectByMerchantNoAndMerchantOrderNo(rpTradePaymentRecord.getMerchantNo(), rpTradePaymentRecord.getMerchantOrderNo());

    // 计算得出通知验证结果
    boolean verify_result = false;

    try {
        verify_result = AlipaySignature.rsaCheckV1(resultMap, AlipayConfigUtil.ali_public_key, "UTF-8", "RSA2");
    } catch (AlipayApiException e) {
        LOG.error("签名异常:" , e);
    }

    if (verify_result) {// 验证成功

        TradeStatusEnum tradeStatusEnum = TradeStatusEnum.getEnum(rpTradePaymentOrder.getStatus());

            String resultUrl = getMerchantNotifyUrl(rpTradePaymentRecord, rpTradePaymentOrder, rpTradePaymentRecord.getReturnUrl(), tradeStatusEnum);
            orderPayResultVo.setReturnUrl(resultUrl);
            orderPayResultVo.setStatus(tradeStatusEnum.name());

    } else {
        throw new TradeBizException(TradeBizException.TRADE_ALIPAY_ERROR, "支付宝签名异常");
    }
    return orderPayResultVo;
}