From e33de2bd86c23ae8e92b38b43bc854355a19c475 Mon Sep 17 00:00:00 2001 From: egan Date: Sun, 6 May 2018 11:34:09 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E9=A2=84=E8=AE=A2=E5=8D=95?= =?UTF-8?q?=E7=AD=BE=E5=90=8D=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/egzosn/pay/wx/api/WxPayService.java | 54 ++++++++++--------- 1 file changed, 28 insertions(+), 26 deletions(-) diff --git a/pay-java-wx/src/main/java/com/egzosn/pay/wx/api/WxPayService.java b/pay-java-wx/src/main/java/com/egzosn/pay/wx/api/WxPayService.java index 53a15b9..439d8ac 100644 --- a/pay-java-wx/src/main/java/com/egzosn/pay/wx/api/WxPayService.java +++ b/pay-java-wx/src/main/java/com/egzosn/pay/wx/api/WxPayService.java @@ -200,32 +200,34 @@ public class WxPayService extends BasePayService { ////统一下单 JSONObject result = unifiedOrder(order); - //如果是扫码支付或者刷卡付无需处理,直接返回 - if (WxTransactionType.NATIVE == order.getTransactionType() || WxTransactionType.MICROPAY == order.getTransactionType() || WxTransactionType.MWEB == order.getTransactionType()) { - return result; + // 对微信返回的数据进行校验 + if (verify(result)) { + //如果是扫码支付或者刷卡付无需处理,直接返回 + if (WxTransactionType.NATIVE == order.getTransactionType() || WxTransactionType.MICROPAY == order.getTransactionType() || WxTransactionType.MWEB == order.getTransactionType()) { + return result; + } + + SortedMap params = new TreeMap(); + + if (WxTransactionType.JSAPI == order.getTransactionType()) { + params.put("signType", payConfigStorage.getSignType()); + params.put("appId", payConfigStorage.getAppid()); + params.put("timeStamp", System.currentTimeMillis() / 1000); + params.put("nonceStr", result.get("nonce_str")); + params.put("package", "prepay_id=" + result.get("prepay_id")); + } else if (WxTransactionType.APP == order.getTransactionType()) { + params.put("partnerid", payConfigStorage.getPid()); + params.put("appid", payConfigStorage.getAppid()); + params.put("prepayid", result.get("prepay_id")); + params.put("timestamp", System.currentTimeMillis() / 1000); + params.put("noncestr", result.get("nonce_str")); + params.put("package", "Sign=WXPay"); + } + // String paySign = createSign(SignUtils.parameterText(params), payConfigStorage.getInputCharset()); + params.put(SIGN, result.get(SIGN)); + return params; } - - SortedMap params = new TreeMap(); - - - if (WxTransactionType.JSAPI == order.getTransactionType()) { - params.put("signType", payConfigStorage.getSignType()); - params.put("appId", payConfigStorage.getAppid()); - params.put("timeStamp", System.currentTimeMillis() / 1000); - params.put("nonceStr", result.get("nonce_str")); - params.put("package", "prepay_id=" + result.get("prepay_id")); - } else if (WxTransactionType.APP == order.getTransactionType()) { - params.put("partnerid", payConfigStorage.getPid()); - params.put("appid", payConfigStorage.getAppid()); - params.put("prepayid", result.get("prepay_id")); - params.put("timestamp", System.currentTimeMillis() / 1000); - params.put("noncestr", result.get("nonce_str")); - params.put("package", "Sign=WXPay"); - } - String paySign = createSign(SignUtils.parameterText(params), payConfigStorage.getInputCharset()); - params.put(SIGN, paySign); - return params; - + throw new PayErrorException(new WxPayError(result.getString(RETURN_CODE), result.getString("return_msg"), "Invalid sign value")); } @@ -267,7 +269,7 @@ public class WxPayService extends BasePayService { try { return XML.inputStream2Map(is, map); } catch (IOException e) { - throw new PayErrorException(new PayException("IOException", e.getMessage())); + throw new PayErrorException(new PayException("IOException", e.getMessage())); } }