#320 增加“拉取订单评价数据“接口方法

2026-03-10 00:13:40 +08:00 · 2017-09-02 23:48:33 +08:00
parent 434703327b
commit a5c61268ef
8 changed files with 292 additions and 31 deletions
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/util/SignUtils.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/util/SignUtils.java
@@ -1,9 +1,15 @@
 package com.github.binarywang.wxpay.util;

+import com.github.binarywang.wxpay.constant.WxPayConstants.SignType;
 import me.chanjar.weixin.common.util.BeanUtils;
+import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;

+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
 import java.util.Map;
 import java.util.SortedMap;
 import java.util.TreeMap;
@@ -20,22 +26,24 @@ public class SignUtils {
  /**
   * 微信公众号支付签名算法(详见:https://pay.weixin.qq.com/wiki/doc/api/tools/cash_coupon.php?chapter=4_3)
   *
-   * @param xmlBean Bean需要标记有XML注解
-   * @param signKey 签名Key
+   * @param xmlBean  Bean需要标记有XML注解
+   * @param signKey  签名Key
+   * @param signType 签名类型，如果为空，则默认为MD5
   * @return 签名字符串
   */
-  public static String createSign(Object xmlBean, String signKey) {
-    return createSign(BeanUtils.xmlBean2Map(xmlBean), signKey);
+  public static String createSign(Object xmlBean, String signKey, String signType) {
+    return createSign(BeanUtils.xmlBean2Map(xmlBean), signKey, signType);
  }

  /**
   * 微信公众号支付签名算法(详见:https://pay.weixin.qq.com/wiki/doc/api/tools/cash_coupon.php?chapter=4_3)
   *
-   * @param params  参数信息
-   * @param signKey 签名Key
+   * @param params   参数信息
+   * @param signKey  签名Key
+   * @param signType 签名类型，如果为空，则默认为md5
   * @return 签名字符串
   */
-  public static String createSign(Map<String, String> params, String signKey) {
+  public static String createSign(Map<String, String> params, String signKey, String signType) {
 //    if (this.getConfig().useSandbox()) {
 //      //使用仿真测试环境
 //      //TODO 目前测试发现，以下两行代码都会出问题，所以暂不建议使用仿真测试环境
@@ -48,13 +56,32 @@ public class SignUtils {
    StringBuilder toSign = new StringBuilder();
    for (String key : sortedMap.keySet()) {
      String value = params.get(key);
-      if (StringUtils.isNotEmpty(value) && !"sign".equals(key) && !"key".equals(key)) {
+      if (StringUtils.isNotEmpty(value)
+        && !StringUtils.equalsAny(key, "sign", "key", "sign_type")) {
        toSign.append(key).append("=").append(value).append("&");
      }
    }

    toSign.append("key=").append(signKey);
-    return DigestUtils.md5Hex(toSign.toString()).toUpperCase();
+    if (SignType.HMAC_SHA256.equals(signType)) {
+      return createHMACSha256Sign(toSign.toString(), signKey);
+    } else {
+      return DigestUtils.md5Hex(toSign.toString()).toUpperCase();
+    }
+  }
+
+  private static String createHMACSha256Sign(String message, String key) {
+    try {
+      Mac hmacSHA256 = Mac.getInstance("HmacSHA256");
+      SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(), "HmacSHA256");
+      hmacSHA256.init(secretKeySpec);
+      byte[] bytes = hmacSHA256.doFinal(message.getBytes());
+      return Hex.encodeHexString(bytes).toUpperCase();
+    } catch (NoSuchAlgorithmException | InvalidKeyException e) {
+      e.printStackTrace();
+    }
+
+    return null;
  }

  /**
@@ -78,7 +105,7 @@ public class SignUtils {
   * @see #checkSign(Map, String)
   */
  public static boolean checkSign(Map<String, String> params, String signKey) {
-    String sign = createSign(params, signKey);
+    String sign = createSign(params, signKey, null);
    return sign.equals(params.get("sign"));
  }
 }