From de6959d3bb6ba9be80d73daaee4e70736c445cda Mon Sep 17 00:00:00 2001 From: DengBiao <2319963317@qq.com> Date: Fri, 18 Aug 2023 23:54:29 +0800 Subject: [PATCH] update --- .../app/controllers/CallBackController.php | 169 +++++++++++------- .../Service/AliBPass/demo/AliEcoService.php | 2 +- 2 files changed, 110 insertions(+), 61 deletions(-) diff --git a/src/applet/app/controllers/CallBackController.php b/src/applet/app/controllers/CallBackController.php index 8900945..c86cd66 100644 --- a/src/applet/app/controllers/CallBackController.php +++ b/src/applet/app/controllers/CallBackController.php @@ -24,7 +24,34 @@ class CallBackController extends \Phalcon\Mvc\Controller $args = $this->request->get(); } + //加密方法 + function encrypt($input, $key, $iv) + { + + $data = @base64_encode(openssl_encrypt($input, 'AES-256-CBC', base64_decode($key), OPENSSL_RAW_DATA, $iv)); + return $data; + } + +//解密 + function decrypt($input, $key, $iv) + { + return openssl_decrypt(base64_decode($input), 'AES-256-CBC', base64_decode($key), OPENSSL_RAW_DATA, $iv); + } + + + protected function RSA2($data,$pikey){ + $res = "-----BEGIN RSA PRIVATE KEY-----\n" . wordwrap($pikey, 64, "\n", true) . "\n-----END RSA PRIVATE KEY-----"; + // 请注意密钥 是不是有带 -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- + $piKey = openssl_pkey_get_private($res); + if ($piKey) { + $res = openssl_get_privatekey($res); + openssl_sign($data, $sign, $res, 'SHA256'); + $sign = base64_encode($sign); + openssl_free_key($piKey); + return $sign; + } + } /** * 支付宝 - 公共网关回调 */ @@ -33,17 +60,39 @@ class CallBackController extends \Phalcon\Mvc\Controller $args = $this->request->get(); $this->logger($args, 'alipayCommonCallBack', true); if ($this->request->isPost()) { - $args = $this->request->getJsonRawBody(true); $this->logger($_POST, 'alipayCommonCallBack_post', true); } - exit(json_encode( - [ - "response" => [ - "code" => "10000", - "msg" => "Success", - "face_group_key" => "K12_2088323332233424", - ]] - )); + + //获取支付宝行业云公钥 + $alipayrsaPublicKey = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWFuSpwY/2llLhy5Hxkqcc0qQFQOvemkYOI4S43L4qArX4x+DQN1RFuvfGuwOLScBKaoDYHsu9PSoTtcIj4obhhexbWHfelcsouV7Pj4YChrOkOLHAMLDQhGRXaZyXQAJdk2DoBkJ0vBDD/b1gZT8QznPopvuT4Y0rx/a2vK+5B/XV0wUuP2PnpWoPxNSwr7neFWvUdkC7yJJg4zJ1INLYy9TgHH3LKYrsEDbQzPJyMPFhD0zDb36b62q3tQYc1w8JknS6XeXMkX1Tu4zZbAxyIiv3J1FK8y7dtoRi9gLgo0uLsXWDn5AwAlzqfOERgLMWD2r6FE8tOXVbMha6IImQIDAQAB'; + //支付宝提供的密钥 + $secretKey = "HOrPS0V4BthAPfgSdbHWwy0TwPnC8TQAQZIOjc8vOzI="; + //配置应用公私钥 中生成的私钥 + $privateKey = 'MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCSGJ9ob4kmGy6y4YeynjKJc/LSg02EXjLErPZSfVrAOy69FTRfBDbazlxpfl6YCAxDdT5ZcspB5kS2XYOY4dmqqPmF4VywmcjmZM8IxZFl1p7YC8BOlP6JrzDPwVl3hn4z3Em1byj8ANLY/AxAaW9W43FSIX+cSfdJThTlxGcbHZFM3kqu++hgFc/E+ar1nB0garqh03ESjatO4b6tuHM57ou7M+fXsoIf3gaL1IDZpeAoRh5sLCBLIbLz55tF0DcOaFsK7NUImnabJDRtrM1IN0lDZkQYAzL+JFsAq+ncRJm60Vd1jq/pXML/cFVHQQgdnjUd2u2NJTSMiCKCftmdAgMBAAECggEARzt+LduEEXJbeJiCI1MC7QX9tSqUFyAevMpgZ6P7JZM1nLfECzfwzwqjAES/Nn1mDVYTCmXvu+XcRtadnWMxUAaHcwGIwgqZa8xnLa220OKuHETOhQIcgWFL+WAakS6gRgT4Y2BJqWV1aJqsFpPR15mZ3SO8JqXhznolsknqw8sO+DBJu+QXn1HdntSGWrLU4GblPlYAs64y/MzPMUWfA4ShDRn9MZK6ypnh2GB5ezgnFxx1jRGOy96IqikI8f+M/CVdgzErLIl+qTd/IbfL8B6Gccb4ZwimL/x1H1bqYCA6xINMZLo5eDHCvBTU4AW7sItw1Q7MQ8l3wBl7hW62gQKBgQDZT1SEaeBtOJxt3vrK7o/kCWNh/4h9oENFhDIuTvLQk9tirKw0BSiZedjbEHqnqM+bgeuvxazCp9uqoYXgC/dtIooy1P8aso+ZrroC/0vZV7TQBGBjbSSkKPn7ShZM2hfYQFpmLznwpel7KJbP6AJ8atv99wjB6uvqNf6fMU7IbQKBgQCsG3mj0amsYbS5ZQZpl2v65QnlkAxv0dxcstx15kW0hXRugLOu7EGcJNZMhO4gbn8dzMOaJANZPG1VLcFpe/QyP/AW7vDt9vTWdeQkQCD5xcXEDihLLCq0pFaSkmuOHWCI+aepSHUILlJ1P/K/5biD7MTdPg6tyLqyM+rjUd/38QKBgQCNu2fsVQHDOsEMB/qakK3YlSb0q61iAjzeAjKYcXV9BHJ6ERTfeN3Z+9asSjs1TqzZSAtoQQ1EiCaFS4P9dNCTpYttS+52gy+VlJhNjCT0RHfxlGkpb+4OA4vHkbKpvTUAHjjXnMW1ZwC5CugSAchdTXTeV1im4Yms4DqJqacwoQKBgQCocPd7An8qTDIBZMOC4oT29+TYvUO+yMkAHLmx1h4QkLCkWegB4g5QkKkAGPWp3hshAj/KA0cXthFXVUG/SGZ2K6eB+nbon1N+9cDETdM4QXzN5gE/mUlupIxqRU1ouI27YYPbJSQNTrC7OkwNzfnpe/gshEj/gr5eHHvd4UrvMQKBgD2Toow7sfpV0R9rhO8aJ9njlbH15LqUK/AotK3E7zr73Uv5j/BIKS4dVC7T56L2khEUbM/y8+Rig6CdyFf3A4i4GKfbp56Sap/Haa9OP6jfep6VW7Aa1AJxPvIPgPZ2U+EuRxrwrP1EBcL5z6Cern9c9Zzs8BPUacU+Q5e8c87W'; + $publicKey = "xxxxxxx"; + $iv = ""; + + $response = [ + "code" => "10000", + "msg" => "Success", + "face_group_key" => "K12_2088323332233424", + ]; + + // 3、业务处理结果加签,业务返回结果需要进行排序 + ksort($response);//数组排序 + $contentToSign = json_encode($response);//数组转json + $responseSecretText = $this->encrypt($contentToSign, $secretKey, $iv);//加密方法,只有当前调用的业务接口需要加解密时才需要 + + //用 接入准备 > 3.配置应用公私钥 中生成的私钥,对第4步的加密字符串进行加签,放到 sign 参数里。 + $sign1 = $this->RSA2($responseSecretText, $privateKey);//加签 + $result = [ + "sign" => $sign1, + "response" => $responseSecretText + ]; + + exit(json_encode( + $result + )); } /** @@ -55,9 +104,9 @@ class CallBackController extends \Phalcon\Mvc\Controller try { $verify_result = (new EasyAlipayService())->verifyNotify($_POST); logger(json_encode([ - "msg" => "异步回调", + "msg" => "异步回调", "data" => $_POST, - "res" => $verify_result + "res" => $verify_result ], 320), 'common_alipay_sync_notify', true); if ($verify_result) {//验证成功 $self_order_sn = $_POST['out_trade_no']; @@ -70,7 +119,7 @@ class CallBackController extends \Phalcon\Mvc\Controller if (!$model) { //未查到訂單 logger(json_encode([ - "msg" => "异步回调失败-訂單未查到", + "msg" => "异步回调失败-訂單未查到", "data" => $_POST, ], 320), 'common_alipay_sync_notify_not_find', true); //验证失败 @@ -80,7 +129,7 @@ class CallBackController extends \Phalcon\Mvc\Controller //商户网站中已经做过处理 if ($model->status != IPay::PAY_STATE_FOR_WAIT) { logger(json_encode([ - "msg" => "异步回调已处理", + "msg" => "异步回调已处理", "data" => $_POST, ], 320), 'alipay_sync_notify_already', true); echo "success"; @@ -88,47 +137,47 @@ class CallBackController extends \Phalcon\Mvc\Controller } $model->return_data = json_encode($_POST); - $model->trade_no = $trade_no; - $model->updated_at = date("Y-m-d H:i:s"); + $model->trade_no = $trade_no; + $model->updated_at = date("Y-m-d H:i:s"); #TODO::回調第三方平台的 notify_url $passback_params = json_decode(urldecode($_POST["passback_params"]), true); - $notify_url = $passback_params["notify_url"]; - $out_trade_no = $passback_params["out_trade_no"]; - $ext_info = $passback_params["ext_info"] ?? []; - $isOk = (new PayService())->commonCurlNotifyUrl($notify_url, ["out_trade_no" => $out_trade_no, - "trade_no" => $trade_no, - "pay_trade_no" => $self_order_sn, - "trade_status" => $trade_status, - "ext_info" => $ext_info + $notify_url = $passback_params["notify_url"]; + $out_trade_no = $passback_params["out_trade_no"]; + $ext_info = $passback_params["ext_info"] ?? []; + $isOk = (new PayService())->commonCurlNotifyUrl($notify_url, ["out_trade_no" => $out_trade_no, + "trade_no" => $trade_no, + "pay_trade_no" => $self_order_sn, + "trade_status" => $trade_status, + "ext_info" => $ext_info ]); if ($isOk) { if ($trade_status == 'TRADE_FINISHED' || $trade_status == 'TRADE_SUCCESS') { $model->status = IPay::PAY_STATE_FOR_ALREADY; if ($model->save() == false) { logger(json_encode([ - "msg" => "异步回调-支付成功-更新訂單失敗", + "msg" => "异步回调-支付成功-更新訂單失敗", "data" => $_POST, ], 320), 'alipay_sync_notify_success_update_fail', true); echo "fail"; die(); } logger(json_encode([ - "msg" => "异步回调支付成功", + "msg" => "异步回调支付成功", "data" => $_POST, ], 320), 'alipay_sync_notify_success', true); } else { $model->status = IPay::PAY_STATE_FOR_FAIL; if ($model->save() == false) { logger(json_encode([ - "msg" => "异步回调-支付失敗-更新訂單失敗", + "msg" => "异步回调-支付失敗-更新訂單失敗", "data" => $_POST, ], 320), 'alipay_sync_notify_fail_update_fail', true); echo "fail"; die(); } logger(json_encode([ - "msg" => "异步回调支付失敗", + "msg" => "异步回调支付失敗", "data" => $_POST, ], 320), 'alipay_sync_notify_fail', true); } @@ -136,7 +185,7 @@ class CallBackController extends \Phalcon\Mvc\Controller die(); } else { logger(json_encode([ - "msg" => "异步回调 - 回調第三方平台失敗", + "msg" => "异步回调 - 回調第三方平台失敗", "data" => $_POST, "isOk" => false ], 320), 'alipay_sync_notify_fail', true); @@ -145,7 +194,7 @@ class CallBackController extends \Phalcon\Mvc\Controller } } else { logger(json_encode([ - "msg" => "异步回调驗證失败", + "msg" => "异步回调驗證失败", "data" => $_POST, ], 320), 'alipay_sync_notify_verify_fail', true); //验证失败 @@ -154,8 +203,8 @@ class CallBackController extends \Phalcon\Mvc\Controller } } catch (\Exception $e) { logger(json_encode([ - "msg" => "异步回调處理异常", - "data" => $params ?? [], + "msg" => "异步回调處理异常", + "data" => $params ?? [], "exception" => $e->getMessage() ], 320), 'alipay_sync_notify_exception', true); //回調異常 @@ -178,13 +227,13 @@ class CallBackController extends \Phalcon\Mvc\Controller } $inWechatpaySignature = $_SERVER["HTTP_WECHATPAY_SIGNATURE"] ?? ""; $inWechatpayTimestamp = $_SERVER["HTTP_WECHATPAY_TIMESTAMP"] ?? ""; - $inWechatpaySerial = $_SERVER["HTTP_WECHATPAY_SERIAL"] ?? ""; //暫時未用到 - $inWechatpayNonce = $_SERVER["HTTP_WECHATPAY_NONCE"] ?? ""; + $inWechatpaySerial = $_SERVER["HTTP_WECHATPAY_SERIAL"] ?? ""; //暫時未用到 + $inWechatpayNonce = $_SERVER["HTTP_WECHATPAY_NONCE"] ?? ""; $this->logger([ "inWechatpaySignature" => $inWechatpaySignature, "inWechatpayTimestamp" => $inWechatpayTimestamp, - "inWechatpaySerial" => $inWechatpaySerial, - "inWechatpayNonce" => $inWechatpayNonce, + "inWechatpaySerial" => $inWechatpaySerial, + "inWechatpayNonce" => $inWechatpayNonce, ], 'wx_pay_async_notify_call_back', true); if (empty($post) || $post == null || $post == '') { @@ -235,7 +284,7 @@ class CallBackController extends \Phalcon\Mvc\Controller if (!$model) { //未查到訂單 logger(json_encode([ - "msg" => "异步回调失败-訂單未查到", + "msg" => "异步回调失败-訂單未查到", "data" => $_POST, ], 320), 'common_wx_sync_notify_not_find', true); //验证失败 @@ -244,64 +293,64 @@ class CallBackController extends \Phalcon\Mvc\Controller //商户网站中已经做过处理 if ($model->status != IPay::PAY_STATE_FOR_WAIT) { logger(json_encode([ - "msg" => "异步回调已处理", + "msg" => "异步回调已处理", "data" => $_POST, ], 320), 'wxpay_sync_notify_already', true); $this->wxApi(Msg::WxSuc); } $model->return_data = json_encode($data); - $model->trade_no = $trade_no; - $model->updated_at = date("Y-m-d H:i:s"); + $model->trade_no = $trade_no; + $model->updated_at = date("Y-m-d H:i:s"); #TODO::回調第三方平台的 notify_url - $notify_url = $data["attach"]; + $notify_url = $data["attach"]; $out_trade_no = $model->out_trade_no; - $ext_info = json_decode($model->ext, true) ?? []; - $isOk = (new PayService())->commonCurlNotifyUrl($notify_url, ["out_trade_no" => $out_trade_no, - "trade_no" => $trade_no, - "pay_trade_no" => $self_order_sn, - "trade_status" => $trade_status, - "ext_info" => $ext_info + $ext_info = json_decode($model->ext, true) ?? []; + $isOk = (new PayService())->commonCurlNotifyUrl($notify_url, ["out_trade_no" => $out_trade_no, + "trade_no" => $trade_no, + "pay_trade_no" => $self_order_sn, + "trade_status" => $trade_status, + "ext_info" => $ext_info ]); if ($isOk) { if ($trade_status == 'FINISHED' || $trade_status == 'TRADE_SUCCESS') { $model->status = IPay::PAY_STATE_FOR_ALREADY; if ($model->save() == false) { logger(json_encode([ - "msg" => "异步回调-支付成功-更新訂單失敗", + "msg" => "异步回调-支付成功-更新訂單失敗", "data" => $_POST, ], 320), 'wxpay_sync_notify_success_update_fail', true); $this->wxApi(Msg::WxErr); } logger(json_encode([ - "msg" => "异步回调支付成功", + "msg" => "异步回调支付成功", "data" => $_POST, ], 320), 'wxpay_sync_notify_success', true); } else { $model->status = IPay::PAY_STATE_FOR_FAIL; if ($model->save() == false) { logger(json_encode([ - "msg" => "异步回调-支付失敗-更新訂單失敗", + "msg" => "异步回调-支付失敗-更新訂單失敗", "data" => $_POST, ], 320), 'wxpay_sync_notify_fail_update_fail', true); $this->wxApi(Msg::WxErr); } logger(json_encode([ - "msg" => "异步回调支付失敗", + "msg" => "异步回调支付失敗", "data" => $_POST, ], 320), 'wxpay_sync_notify_fail', true); } $this->wxApi(Msg::WxSuc); } else { logger(json_encode([ - "msg" => "异步回调 - 回調第三方平台失敗", - "url" => $notify_url, - "data" => ["out_trade_no" => $out_trade_no, - "trade_no" => $trade_no, - "pay_trade_no" => $self_order_sn, - "trade_status" => $trade_status, - "ext_info" => $ext_info + "msg" => "异步回调 - 回調第三方平台失敗", + "url" => $notify_url, + "data" => ["out_trade_no" => $out_trade_no, + "trade_no" => $trade_no, + "pay_trade_no" => $self_order_sn, + "trade_status" => $trade_status, + "ext_info" => $ext_info ], "isOk" => false ], 320), 'wxpay_sync_notify_fail', true); @@ -309,7 +358,7 @@ class CallBackController extends \Phalcon\Mvc\Controller } } else { logger(json_encode([ - "msg" => "异步回调驗證失败", + "msg" => "异步回调驗證失败", "data" => $_POST, ], 320), 'wxpay_sync_notify_verify_fail', true); //验证失败 @@ -317,8 +366,8 @@ class CallBackController extends \Phalcon\Mvc\Controller } } catch (\Exception $e) { logger(json_encode([ - "msg" => "异步回调處理异常", - "data" => $params ?? [], + "msg" => "异步回调處理异常", + "data" => $params ?? [], "exception" => $e->getMessage() ], 320), 'wxpay_sync_notify_exception', true); //回調異常 diff --git a/src/common/Service/AliBPass/demo/AliEcoService.php b/src/common/Service/AliBPass/demo/AliEcoService.php index d3cd4aa..4a89728 100644 --- a/src/common/Service/AliBPass/demo/AliEcoService.php +++ b/src/common/Service/AliBPass/demo/AliEcoService.php @@ -72,7 +72,7 @@ class AliEcoService extends BaseService $params["utc_timestamp"] = "" . msectime(); //获取签名 -// $sign = $client->generateSign($params, $this->signType); + $sign = $client->generateSign($params, $this->signType); // 调用ECOAPI $result = $client->call($params);