Java Code Examples for com.alipay.api.internal.util.AlipaySignature#rsaCheckV2()
The following examples show how to use
com.alipay.api.internal.util.AlipaySignature#rsaCheckV2() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: RSACheckTest.java From alipay-sdk-java-all with Apache License 2.0 | 6 votes |
|
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa() throws AlipayApiException {
//given
Map<String, String> parameters = new HashMap<String, String>() {};
parameters.put("method", "koubei.marketing.data.indicator.query");
parameters.put("app_id", "2019090366875133");
parameters.put("sign_type", "RSA");
parameters.put("sign",
"RkEZgdCVF4TF48+tVZlPLEUMgrOoff3TGynWtXRUmzMXxmsCX8Y9YtpZE+NNg/JGpYQ5htTDd8PXVqiG5fqvzE2g4ugDutr"
+ "++BeQ2eJQ1uhasp6VIPTSAPWHRD7FSXqZfOoWvxeFHF9WGnzXw5eueOdGMZYXdjhR6srj+ZAeJxyR402FVNbRuI"
+ "/hDZVq27xWi4CQ2ffdV0lf7E2V/HMUPXECbIKkTnLXrwJBmsLgTGbTDGf7pGo0y0rkRvdsg9BmPPswfTeq"
+ "/o2rlxD0XxrK1MPZ4uSPFhpdWVEyNchtXEfKoVsaYeVXV3cMfZi9zcKc6RCE8ezF9LxRJp1R0BxKEg==");
//when
boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA");
//then
assertThat(result, is(true));
}
Example 2
| Source File: RSACheckTest.java From alipay-sdk-java-all with Apache License 2.0 | 6 votes |
|
@Test
public void should_pass_rsa_check_when_sign_type_is_rsa2() throws AlipayApiException {
//given
Map<String, String> parameters = new HashMap<String, String>();
parameters.put("method", "koubei.marketing.data.indicator.query");
parameters.put("app_id", "2019090366875133");
parameters.put("sign_type", "RSA2");
parameters.put("sign",
"JzoDc8VxY1/w6yN9WdWV10aipS3YcRpK"
+ "+jw4xfLybf90ZK9L3AHLUJbNLWVnHW3IuLoJbBeSGVxSbPBhe4ggPklcYUkPowgtlZ6YlthuQDtjF23h2obXuXkQRd"
+ "+RPbDWvOA5AYQjsKH8uSHil5aRARewPIPhukl9Mn4HEovUccsBR/RirQFSGmGYiMM0zvhVSR7pXZDEhiADzvzAkvVVTI1"
+ "/HbNqcoBU4ctSPAGsuDPO/mah1+IwGQAuPP6xoEPL"
+ "+3zQ0wztQCwHT2o8aQmxFJ9a09q8ybRprHaNjCgTaLDeTWE0o1pllZIE8c7wnG3cOuj6quYjTcQyLm6P4M87Zw==");
//when
boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA2");
//then
assertThat(result, is(true));
}
Example 3
| Source File: RSACheckTest.java From alipay-sdk-java-all with Apache License 2.0 | 5 votes |
|
@Test
public void should_pass_rsa_check_when_charset_is_utf8() throws AlipayApiException {
Map<String, String> parameters = new HashMap<String, String>();
parameters.put("method", "koubei.marketing.data.indicator.query");
parameters.put("app_id", "2019090366875133");
parameters.put("extra", "中文测试");
parameters.put("sign_type", "RSA2");
parameters.put("sign",
"KrRGUY3/2JX3KtlLgus8CbK0xuUIBDCpOdJkVzJDefez6HvlA8RA6uCVj2rrMd7DgVfarG5SROdSnkZbf8MLKHbVoFqi9w0QCvto9mc8n3ezfWejZECJVCZhbJ3OslB+4gij9+F70usrnCNEJZm02ntyNdVzcqMbgdRMB93BJIRC1jjmCotpXgXWrRdTb/SfhIAkoHqgGi2aCUHuLDInLGZCn8NeziGWMnFOic6/sE/nMpwriOmwLb2nyzD0fGiolwuuxlOGMcBHAb22J8XqchFHyCpbs2A/rWdJMjhUfqsErbtZQM93fi1xfL2pUa9RMWX0Q81Qk7iSEeHCR+NGyQ==");
boolean result = AlipaySignature.rsaCheckV2(parameters, publicKey, "utf-8", "RSA2");
assertThat(result, is(true));
}
Example 4
| Source File: PtcPayController.java From paascloud-master with Apache License 2.0 | 5 votes |
|
/**
* 支付宝回调信息.
*
* @param request the request
*
* @return the object
*/
@PostMapping("/alipayCallback")
@ApiOperation(httpMethod = "POST", value = "支付宝回调信息")
public Object alipayCallback(HttpServletRequest request) {
logger.info("收到支付宝回调信息");
Map<String, String> params = Maps.newHashMap();
Map requestParams = request.getParameterMap();
for (Object o : requestParams.keySet()) {
String name = (String) o;
String[] values = (String[]) requestParams.get(name);
String valueStr = "";
for (int i = 0; i < values.length; i++) {
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
params.put(name, valueStr);
}
logger.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());
//非常重要,验证回调的正确性,是不是支付宝发的.并且呢还要避免重复通知.
params.remove("sign_type");
try {
boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());
if (!alipayRSACheckedV2) {
return WrapMapper.error("非法请求,验证不通过,再恶意请求我就报警找网警了");
}
} catch (AlipayApiException e) {
logger.error("支付宝验证回调异常", e);
}
//todo 验证各种数据
Wrapper serverResponse = ptcAlipayService.aliPayCallback(params);
if (serverResponse.success()) {
return PtcApiConstant.AlipayCallback.RESPONSE_SUCCESS;
}
return PtcApiConstant.AlipayCallback.RESPONSE_FAILED;
}
Example 5
| Source File: OrderController.java From MMall_JAVA with GNU General Public License v3.0 | 5 votes |
|
@RequestMapping("alipay_callback.do")
public Object alipayCallback(HttpServletRequest request) {
Map<String, String> params = Maps.newHashMap();
Map requestParams = request.getParameterMap();
for (Iterator iter = requestParams.keySet().iterator(); iter.hasNext(); ) {
String name = (String) iter.next();
String[] values = (String[]) requestParams.get(name);
String valueStr = "";
for (int i = 0; i < values.length; i++) {
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
params.put(name, valueStr);
}
logger.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());
//非常重要的一点,验证回调的正确性(确认是支付宝发送的),并且避免重复通知
params.remove("sign_type");
try {
boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());
if (!alipayRSACheckedV2) {
return ServerResponse.createByErrorMessage("非法结束,验证不通过,再恶意请求将报警。");
}
} catch (AlipayApiException e) {
logger.error("支付宝验证回调异常", e);
}
//todo 验证各种数据
ServerResponse serverResponse = iOrderService.aliCallback(params);
if (serverResponse.isSuccess()) {
return Const.AlipayCallback.RESPONSE_SUCCESS;
}
return Const.AlipayCallback.RESPONSE_FAILED;
}
Example 6
| Source File: AlipayServiceWindowController.java From jeewx with Apache License 2.0 | 5 votes |
|
/**
* 验签
*
* @param request
* @return
*/
private void verifySign(Map<String, String> params) throws AlipayApiException {
if (!AlipaySignature.rsaCheckV2(params, AlipayServiceEnvConstants.ALIPAY_PUBLIC_KEY,
AlipayServiceEnvConstants.SIGN_CHARSET)) {
throw new AlipayApiException("verify sign fail.");
}
}
Example 7
| Source File: OrderController.java From mmall20180107 with Apache License 2.0 | 4 votes |
|
@RequestMapping("alipay_callback.do")
@ResponseBody
public Object alipayCallback(HttpServletRequest request){
Map<String,String> params = Maps.newHashMap();
Map requestParams = request.getParameterMap();
for(Iterator iter = requestParams.keySet().iterator(); iter.hasNext();){
String name = (String)iter.next();
String[] values = (String[]) requestParams.get(name);
String valueStr = "";
for(int i = 0 ; i <values.length;i++){
valueStr = (i == values.length -1)?valueStr + values[i]:valueStr + values[i]+",";
}
params.put(name,valueStr);
}
logger.info("支付宝回调,sign:{},trade_status:{},参数:{}",params.get("sign"),params.get("trade_status"),params.toString());
//非常重要,验证回调的正确性,是不是支付宝发的.并且呢还要避免重复通知.
params.remove("sign_type");
try {
boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(),"utf-8",Configs.getSignType());
if(!alipayRSACheckedV2){
return ServerResponse.createByErrorMessage("非法请求,验证不通过,再恶意请求我就报警找网警了");
}
} catch (AlipayApiException e) {
logger.error("支付宝验证回调异常",e);
}
//todo 验证各种数据
//
ServerResponse serverResponse = iOrderService.aliCallback(params);
if(serverResponse.isSuccess()){
return Const.AlipayCallback.RESPONSE_SUCCESS;
}
return Const.AlipayCallback.RESPONSE_FAILED;
}
Example 8
| Source File: OrderController.java From mmall-kay-Java with Apache License 2.0 | 4 votes |
|
/**
* 支付宝回调处理接口
* @param request
* @return
*/
@RequestMapping("alipay_callback.do")
@ResponseBody
public Object alipayCallback(HttpServletRequest request){
Map<String, String> params = Maps.newHashMap();
Map requestParams = request.getParameterMap();
for (Iterator iterator =requestParams.keySet().iterator();iterator.hasNext();) {
String name = (String) iterator.next();
String[] values = (String[]) requestParams.get(name);
String valueStr="";
for (int i = 0; i < values.length; i++) {
//拼接 valueStr,用逗号拼接,最后一次不加逗号
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
params.put(name, valueStr);
}
log.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());
// todo 根据官方文档验证签名
//todo 非常重要:根据官方文档需要移除 sign ,sign_type 两个参数,但支付宝提供的源码里只移除了sign,故需要我们自己移除 sign_type,否则付款成功却验签会失败
params.remove("sign_type");
try {
boolean alipayRSACheckV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());
if(!alipayRSACheckV2){
return ServerResponse.createByErrorMessage("非法请求,验证不通过,再恶意请求将报警找网警");
}
} catch (AlipayApiException e) {
log.error("支付宝验证回调异常",e);
}
//验证业务数据
ServerResponse response = iOrderService.alipayCallback(params);
if (response.isSuccess()) {
return Const.AlipayCallback.RESPONSE_SUCCESS;
}
return Const.AlipayCallback.RESPONSE_FAILED;
}
Example 9
| Source File: GatewayServlet.java From jeewx with Apache License 2.0 | 4 votes |
|
private void verifySign(Map<String, String> params) throws AlipayApiException {
if (!AlipaySignature.rsaCheckV2(params, AlipayServiceEnvConstants.ALIPAY_PUBLIC_KEY,
AlipayServiceEnvConstants.SIGN_CHARSET)) {
throw new AlipayApiException("verify sign fail.");
}
}
