mirror of
https://gitee.com/binary/weixin-java-tools.git
synced 2026-03-10 00:13:40 +08:00
🆕 #3402 【微信支付】支持配置微信支付公钥
This commit is contained in:
栈烟
@@ -6,6 +6,17 @@ import com.github.binarywang.wxpay.util.ResourcesUtils;
|
||||
import com.github.binarywang.wxpay.v3.WxPayV3HttpClientBuilder;
|
||||
import com.github.binarywang.wxpay.v3.auth.*;
|
||||
import com.github.binarywang.wxpay.v3.util.PemUtils;
|
||||
import java.io.*;
|
||||
import java.net.URL;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.KeyStore;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Base64;
|
||||
import java.util.Optional;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.SneakyThrows;
|
||||
@@ -16,17 +27,6 @@ import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.ssl.SSLContexts;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import java.io.*;
|
||||
import java.net.URL;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.KeyStore;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Base64;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* 微信支付配置
|
||||
*
|
||||
@@ -138,6 +138,25 @@ public class WxPayConfig {
|
||||
*/
|
||||
private byte[] privateCertContent;
|
||||
|
||||
/**
|
||||
* 公钥ID
|
||||
*/
|
||||
private String publicKeyId;
|
||||
|
||||
/**
|
||||
* pub_key.pem证书base64编码
|
||||
*/
|
||||
private String publicKeyString;
|
||||
|
||||
/**
|
||||
* pub_key.pem证书文件的绝对路径或者以classpath:开头的类路径.
|
||||
*/
|
||||
private String publicKeyPath;
|
||||
|
||||
/**
|
||||
* pub_key.pem证书文件内容的字节数组.
|
||||
*/
|
||||
private byte[] publicKeyContent;
|
||||
/**
|
||||
* apiV3 秘钥值.
|
||||
*/
|
||||
@@ -241,7 +260,7 @@ public class WxPayConfig {
|
||||
}
|
||||
|
||||
try (InputStream inputStream = this.loadConfigInputStream(this.keyString, this.getKeyPath(),
|
||||
this.keyContent, "p12证书");) {
|
||||
this.keyContent, "p12证书")) {
|
||||
KeyStore keystore = KeyStore.getInstance("PKCS12");
|
||||
char[] partnerId2charArray = this.getMchId().toCharArray();
|
||||
keystore.load(inputStream, partnerId2charArray);
|
||||
@@ -284,7 +303,6 @@ public class WxPayConfig {
|
||||
this.privateKeyContent, "privateKeyPath")) {
|
||||
merchantPrivateKey = PemUtils.loadPrivateKey(keyInputStream);
|
||||
}
|
||||
|
||||
}
|
||||
if (certificate == null && StringUtils.isBlank(this.getCertSerialNo())) {
|
||||
try (InputStream certInputStream = this.loadConfigInputStream(this.getPrivateCertString(), this.getPrivateCertPath(),
|
||||
@@ -293,13 +311,28 @@ public class WxPayConfig {
|
||||
}
|
||||
this.certSerialNo = certificate.getSerialNumber().toString(16).toUpperCase();
|
||||
}
|
||||
PublicKey publicKey = null;
|
||||
if (this.getPublicKeyString() != null || this.getPublicKeyPath() != null || this.publicKeyContent != null) {
|
||||
try (InputStream pubInputStream =
|
||||
this.loadConfigInputStream(this.getPublicKeyString(), this.getPublicKeyPath(),
|
||||
this.publicKeyContent, "publicKeyPath")) {
|
||||
publicKey = PemUtils.loadPublicKey(pubInputStream);
|
||||
}
|
||||
}
|
||||
|
||||
//构造Http Proxy正向代理
|
||||
WxPayHttpProxy wxPayHttpProxy = getWxPayHttpProxy();
|
||||
|
||||
AutoUpdateCertificatesVerifier certificatesVerifier = new AutoUpdateCertificatesVerifier(
|
||||
new WxPayCredentials(mchId, new PrivateKeySigner(certSerialNo, merchantPrivateKey)),
|
||||
this.getApiV3Key().getBytes(StandardCharsets.UTF_8), this.getCertAutoUpdateTime(), this.getPayBaseUrl(), wxPayHttpProxy);
|
||||
Verifier certificatesVerifier;
|
||||
if (publicKey == null) {
|
||||
certificatesVerifier =
|
||||
new AutoUpdateCertificatesVerifier(
|
||||
new WxPayCredentials(mchId, new PrivateKeySigner(certSerialNo, merchantPrivateKey)),
|
||||
this.getApiV3Key().getBytes(StandardCharsets.UTF_8), this.getCertAutoUpdateTime(),
|
||||
this.getPayBaseUrl(), wxPayHttpProxy);
|
||||
} else {
|
||||
certificatesVerifier = new PublicCertificateVerifier(publicKey, publicKeyId);
|
||||
}
|
||||
|
||||
WxPayV3HttpClientBuilder wxPayV3HttpClientBuilder = WxPayV3HttpClientBuilder.create()
|
||||
.withMerchant(mchId, certSerialNo, merchantPrivateKey)
|
||||
@@ -422,7 +455,7 @@ public class WxPayConfig {
|
||||
|
||||
// 分解p12证书文件
|
||||
try (InputStream inputStream = this.loadConfigInputStream(this.keyString, this.getKeyPath(),
|
||||
this.keyContent, "p12证书");) {
|
||||
this.keyContent, "p12证书")) {
|
||||
KeyStore keyStore = KeyStore.getInstance("PKCS12");
|
||||
keyStore.load(inputStream, key.toCharArray());
|
||||
|
||||
|
||||
Reference in New Issue
Block a user