Merge branch 'Developer-TenpayV3' into Developer-TenpayV3

michaeljxf · Aug 22, 2021 · 5b6fc56 · 5b6fc56
2 parents b4b351e + 4951df4
commit 5b6fc56
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 17 deletions.
diff --git a/...s/net6-mvc/Senparc.Weixin.Sample.Net6/Controllers/Weixin/TenPay/TenPayRealV3Controller.cs b/...s/net6-mvc/Senparc.Weixin.Sample.Net6/Controllers/Weixin/TenPay/TenPayRealV3Controller.cs
@@ -241,13 +241,13 @@ public async Task<IActionResult> JsApi(int productId, int hc)
         /// JS-SDK支付回调地址（在统一下单接口中设置notify_url）
         /// </summary>
         /// <returns></returns>
-        public IActionResult PayNotifyUrl()
+        public async Task<IActionResult> PayNotifyUrl()
         {
             try
             {
                 //ResponseHandler resHandler = new ResponseHandler(HttpContext);
                 var resHandler = new TenPayNotifyHandler(HttpContext);
-                var orderReturnJson = resHandler.AesGcmDecryptGetObject<OrderReturnJson>();
+                var orderReturnJson = await resHandler.AesGcmDecryptGetObjectAsync<OrderReturnJson>();
 
                 //string return_code = resHandler.GetParameter("return_code");
                 //string return_msg = resHandler.GetParameter("return_msg");
@@ -389,7 +389,7 @@ public async Task<IActionResult> Refund()
         /// 退款通知地址
         /// </summary>
         /// <returns></returns>
-        public IActionResult RefundNotifyUrl()
+        public async Task<IActionResult> RefundNotifyUrl()
         {
             WeixinTrace.SendCustomLog("RefundNotifyUrl被访问", "IP" + HttpContext.UserHostAddress()?.ToString());
 
@@ -399,7 +399,7 @@ public IActionResult RefundNotifyUrl()
             {
                 //ResponseHandler resHandler = new ResponseHandler(null
                 var resHandler = new TenPayNotifyHandler(HttpContext);
-                var refundNotifyJson = resHandler.AesGcmDecryptGetObject<RefundNotifyJson>();
+                var refundNotifyJson = await resHandler.AesGcmDecryptGetObjectAsync<RefundNotifyJson>();
 
                 //string return_code = resHandler.GetParameter("return_code");
                 //string return_msg = resHandler.GetParameter("return_msg");

diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/Apis/BasePay/BasePayApis.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/Apis/BasePay/BasePayApis.cs
@@ -132,8 +132,8 @@ public async Task<PublicKeyCollection> GetPublicKeysAsync(int timeOut = Config.T
 
             foreach (var cert in certificates.data)
             {
-                // 已改成从构造函数配置
-                keys[cert.serial_no] = ApiSecurityHelper.AesGcmDecryptCiphertext(_tenpayV3Setting.TenPayV3_APIv3Key, cert.encrypt_certificate.nonce, cert.encrypt_certificate.associated_data, cert.encrypt_certificate.ciphertext);
+                var publicKey = ApiSecurityHelper.AesGcmDecryptCiphertext(_tenpayV3Setting.TenPayV3_APIv3Key, cert.encrypt_certificate.nonce, cert.encrypt_certificate.associated_data, cert.encrypt_certificate.ciphertext);
+                keys[cert.serial_no] = publicKey;
             }
             return keys;
         }

diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/Helpers/TenPaySignHelper.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/Helpers/TenPaySignHelper.cs
@@ -32,6 +32,7 @@
 
 
 using Senparc.Weixin.Entities;
+using Senparc.Weixin.Helpers;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -98,11 +99,8 @@ public static string CreatePaySign(string timeStamp, string nonceStr, string pac
         /// <param name="content">应答报文主体</param>
         /// <param name="pubKey">平台公钥 可为空</param>
         /// <returns></returns>
-        public static bool VerifyTenpaySign(string wechatpayTimestamp, string wechatpayNonce, string wechatpaySignature, string content, string pubKey = null)
+        public static bool VerifyTenpaySign(string wechatpayTimestamp, string wechatpayNonce, string wechatpaySignature, string content, string pubKey)
         {
-            // TODO: 本方法待测试
-            pubKey ??= new("此处应为平台公钥");//TODO: 不知平台公钥在配置中为何值
-
             string contentForSign = $"{wechatpayTimestamp}\n{wechatpayNonce}\n{content}\n";
 
             // NOTE： 私钥不包括私钥文件起始的-----BEGIN PRIVATE KEY-----
@@ -118,5 +116,26 @@ public static bool VerifyTenpaySign(string wechatpayTimestamp, string wechatpayN
                 return rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
             }
         }
+
+        /// <summary>
+        /// 检验签名，以确保回调是由微信支付发送。
+        /// 签名规则见微信官方文档 https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay4_1.shtml。
+        /// return bool
+        /// </summary>
+        /// <param name="wechatpayTimestamp">HTTP头中的应答时间戳</param>
+        /// <param name="wechatpayNonce">HTTP头中的应答随机串</param>
+        /// <param name="wechatpaySignature">HTTP头中的应答签名</param>
+        /// <param name="content">应答报文主体</param>
+        /// <param name="pubKey">平台公钥 可为空</param>
+        /// <returns></returns>
+        public static async Task<bool> VerifyTenpaySign(string wechatpayTimestamp, string wechatpayNonce, string wechatpaySignature, string content, ISenparcWeixinSettingForTenpayV3 senparcWeixinSettingForTenpayV3)
+        {
+            string contentForSign = $"{wechatpayTimestamp}\n{wechatpayNonce}\n{content}\n";
+
+            var tenpayV3InfoKey = TenPayHelper.GetRegisterKey(senparcWeixinSettingForTenpayV3.TenPayV3_MchId, senparcWeixinSettingForTenpayV3.TenPayV3_SubMchId);
+            var serialNumber = "";
+            var pubKey = await TenPayV3InfoCollection.Data[tenpayV3InfoKey].GetPublicKeyAsync(serialNumber);
+            return VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, content, pubKey);
+        }
     }
 }
diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/HttpHandlers/TenPayApiRequest.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/HttpHandlers/TenPayApiRequest.cs
@@ -36,6 +36,7 @@
 using Senparc.CO2NET.Helpers;
 using Senparc.CO2NET.Trace;
 using Senparc.Weixin.Entities;
+using Senparc.Weixin.Helpers;
 using Senparc.Weixin.TenPayV3.Apis.BasePay.Entities;
 using Senparc.Weixin.TenPayV3.Helpers;
 using Senparc.Weixin.TenPayV3.HttpHandlers;
@@ -190,12 +191,14 @@ public async Task<T> RequestAsync<T>(string url, object data, int timeOut = Conf
                     var wechatpayTimestamp = responseMessage.Headers.GetValues("Wechatpay-Timestamp").First();
                     var wechatpayNonce = responseMessage.Headers.GetValues("Wechatpay-Nonce").First();
                     var wechatpaySignature = responseMessage.Headers.GetValues("Wechatpay-Signature").First();
+                    var wechatpaySerial = responseMessage.Headers.GetValues("Wechatpay-Serial").First();
 
                     result = content.GetObject<T>();
 
                     try
                     {
-                        //result.Signed = TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, content);
+                        var pubKey = await TenPayV3InfoCollection.GetAPIv3PublicKey(this._tenpayV3Setting, wechatpaySerial);
+                        result.Signed = TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, content, pubKey);
                     }
                     catch (Exception ex)
                     {

diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayNotifyHandler.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayNotifyHandler.cs
@@ -52,6 +52,7 @@
 using Senparc.Weixin.TenPayV3.Apis.BasePay.Entities;
 using Senparc.Weixin.Entities;
 using Senparc.Weixin.TenPayV3.Helpers;
+using System.Threading.Tasks;
 
 namespace Senparc.Weixin.TenPayV3
 {
@@ -104,7 +105,7 @@ public TenPayNotifyHandler(HttpContext httpContext, ISenparcWeixinSettingForTenp
         /// <param name="associated_data">附加数据包 可空</param>
         /// <returns></returns>
         // TODO: 本方法待测试
-        public T AesGcmDecryptGetObject<T>(string aes_key = null, string nonce = null, string associated_data = null) where T : ReturnJsonBase, new()
+        public async Task<T> AesGcmDecryptGetObjectAsync<T>(string aes_key = null, string nonce = null, string associated_data = null) where T : ReturnJsonBase, new()
         {
             aes_key ??= _tenpayV3Setting.TenPayV3_APIv3Key;
             nonce ??= NotifyRequest.resource.nonce;
@@ -119,7 +120,7 @@ public T AesGcmDecryptGetObject<T>(string aes_key = null, string nonce = null, s
             var wechatpayNonce = _httpContext.Request.Headers?["Wechatpay-Nonce"];
             var wechatpaySignature = _httpContext.Request.Headers?["Wechatpay-Signature"];
 
-            result.Signed = TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, Body);
+            result.Signed = await TenPaySignHelper.VerifyTenpaySign(wechatpayTimestamp, wechatpayNonce, wechatpaySignature, Body, this._tenpayV3Setting);
             result.ResultCode = null;
 
             return result;

diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayV3Info.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayV3Info.cs
@@ -170,9 +170,9 @@ public TenPayV3Info(ISenparcWeixinSettingForTenpayV3 senparcWeixinSettingForTenp
         }
 
         /// <summary>
-        /// 获取公钥
+        /// 获取当前支付账号下所有公钥信息
         /// </summary>
-        public async Task<PublicKeyCollection> GetPublicKeys()
+        public async Task<PublicKeyCollection> GetPublicKeysAsync()
         {
             //TODO:可以升级为从缓存读取
 
@@ -189,9 +189,9 @@ public async Task<PublicKeyCollection> GetPublicKeys()
         /// </summary>
         /// <param name="serialNumber"></param>
         /// <returns></returns>
-        public async Task<string> GetPublicKey(string serialNumber)
+        public async Task<string> GetPublicKeyAsync(string serialNumber)
         {
-            var keys = await GetPublicKeys();
+            var keys = await GetPublicKeysAsync();
             if (keys.TryGetValue(serialNumber, out string publicKey))
             {
                 return publicKey;

diff --git a/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayV3InfoCollection.cs b/src/Senparc.Weixin.TenPay/Senparc.Weixin.TenPayV3/TenPayV3InfoCollection.cs
@@ -44,6 +44,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Threading.Tasks;
 #if NETSTANDARD2_0 || NETSTANDARD2_1
 using Microsoft.Extensions.DependencyInjection;
 #endif
@@ -91,6 +92,19 @@ public static void Register(TenPayV3Info tenPayV3Info, string name)
             }
         }
 
+        /// <summary>
+        /// 获取 APIv3 的公钥
+        /// </summary>
+        /// <param name="senparcWeixinSettingForTenpayV3"></param>
+        /// <param name="tenpaySerialNumber"></param>
+        /// <returns></returns>
+        public static async Task<string> GetAPIv3PublicKey(ISenparcWeixinSettingForTenpayV3 senparcWeixinSettingForTenpayV3, string tenpaySerialNumber)
+        {
+            var tenpayV3InfoKey = TenPayHelper.GetRegisterKey(senparcWeixinSettingForTenpayV3.TenPayV3_MchId, senparcWeixinSettingForTenpayV3.TenPayV3_SubMchId);
+            var pubKey = await Data[tenpayV3InfoKey].GetPublicKeyAsync(tenpaySerialNumber);
+            return pubKey;
+        }
+
         /// <summary>
         /// 索引 TenPayV3Info
         /// </summary>
@@ -122,5 +136,7 @@ public TenPayV3InfoCollection() : base(StringComparer.OrdinalIgnoreCase)
         {
 
         }
+
+
     }
 }