zoukankan      html  css  js  c++  java
  • 微信APP支付Java后端回调处理

    package com.gaoxiao.framework.controller.gaojia;

    import com.gaoxiao.framework.commonfiles.entity.StatusResult;
    import com.gaoxiao.framework.commonfiles.utils.PayCommonUtil;
    import com.gaoxiao.framework.modules.user.entity.MemberOrder;
    import com.gaoxiao.framework.modules.user.enums.StatusEnum;
    import com.gaoxiao.framework.modules.user.service.MemberCouponService;
    import com.gaoxiao.framework.modules.user.service.MemberOrderService;
    import com.tenpay.util.XMLUtil;
    import org.apache.commons.lang3.StringUtils;
    import org.slf4j.Logger;
    import org.slf4j.LoggerFactory;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.stereotype.Controller;
    import org.springframework.transaction.annotation.Transactional;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestParam;
    import org.springframework.web.bind.annotation.ResponseBody;

    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.BufferedReader;
    import java.util.HashMap;
    import java.util.Map;
    import java.util.SortedMap;
    import java.util.TreeMap;
     


    /**
    * Created by xuxiang on 2016/8/23.
    */
    @Controller
    @RequestMapping("pay/aliPay")
    public class GetAliNotifyUrl {

    protected static final Logger LOG = LoggerFactory
    .getLogger(GetAliNotifyUrl.class);
    @Autowired
    private MemberOrderService memberOrderService;

    @Autowired
    private MemberCouponService memberCouponService;


    @RequestMapping(value = "payNotifyUrl", produces = "application/json;charset=UTF-8")
    @ResponseBody
    public String payNotifyUrl(HttpServletRequest request, HttpServletResponse response) throws Exception {
    BufferedReader reader = null;

    reader = request.getReader();
    String line = "";
    String xmlString = null;
    StringBuffer inputString = new StringBuffer();

    while ((line = reader.readLine()) != null) {
    inputString.append(line);
    }
    xmlString = inputString.toString();
    request.getReader().close();
    System.out.println("----接收到的数据如下:---" + xmlString);
    Map<String, String> map = new HashMap<String, String>();
    String result_code = "";
    String return_code = "";
    String out_trade_no = "";
    map = XMLUtil.doXMLParse(xmlString);
    result_code = map.get("result_code");
    out_trade_no = map.get("out_trade_no");
    return_code = map.get("return_code");

    if (checkSign(xmlString)) {
    this.memberOrderService.updateOrderInfo(out_trade_no);
    MemberOrder memberOrder = memberOrderService.get(out_trade_no);
    String couponId = memberOrder.getCouponId();
    if (StringUtils.isNotEmpty(couponId)) {
    memberCouponService.updateStatus(couponId);
    }
    return returnXML(result_code);
    } else {
    return returnXML("FAIL");
    }


    }

    private boolean checkSign(String xmlString) {

    Map<String, String> map = null;

    try {

    map = XMLUtil.doXMLParse(xmlString);

    } catch (Exception e) {
    e.printStackTrace();
    }

    String signFromAPIResponse = map.get("sign").toString();

    if (signFromAPIResponse == "" || signFromAPIResponse == null) {

    System.out.println("API返回的数据签名数据不存在,有可能被第三方篡改!!!");

    return false;

    }
    System.out.println("服务器回包里面的签名是:" + signFromAPIResponse);

    //清掉返回数据对象里面的Sign数据(不能把这个数据也加进去进行签名),然后用签名算法进行签名

    map.put("sign", "");

    //将API返回的数据根据用签名算法进行计算新的签名,用来跟API返回的签名进行比较

    String signForAPIResponse = getSign(map);

    if (!signForAPIResponse.equals(signFromAPIResponse)) {

    //签名验不过,表示这个API返回的数据有可能已经被篡改了

    System.out.println("API返回的数据签名验证不通过,有可能被第三方篡改!!! signForAPIResponse生成的签名为" + signForAPIResponse);

    return false;

    }

    System.out.println("恭喜,API返回的数据签名验证通过!!!");

    return true;

    }


    private String returnXML(String return_code) {

    return "<xml><return_code><![CDATA["

    + return_code

    + "]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>";
    }

    public String getSign(Map<String, String> map) {
    SortedMap<String, String> signParams = new TreeMap<String, String>();
    for (Map.Entry<String, String> stringStringEntry : map.entrySet()) {
    signParams.put(stringStringEntry.getKey(), stringStringEntry.getValue());
    }
    signParams.remove("sign");
    String sign = PayCommonUtil.createSign("UTF-8", signParams);
    return sign;
    }
    }
  • 相关阅读:
    prase arraylist where in to ParamsQuery on sql server 2008 using TVB: tvpdemo.cs(where in 转sql 参数化查询)
    手动依赖性注入 NInject(1) (转载)
    单件(单态,Singleton)模式部分
    详解Javascript中的Url编码/解码
    学习Web应用漏洞最好的教程WebGoat(转载)
    百度网盘 邀请码
    colorbox去除close关闭按钮,附上colorbox的基本使用方法
    P3974 [TJOI2015]组合数学
    P1772 [ZJOI2006]物流运输
    P1434 [SHOI2002]滑雪
  • 原文地址:https://www.cnblogs.com/JOEH60/p/5889621.html
Copyright © 2011-2022 走看看