cn.crushes.cloud.core.pay.wechat.v3

类 SignatureProvider

java.lang.Object

cn.crushes.cloud.core.pay.wechat.v3.SignatureProvider

public class SignatureProvider
extends Object

签名 加签 验签

我方请求微信服务器时，需要根据我方的API证书对参数进行加签；微信服务器会根据我方签名验签以确定请求来自我方服务器；

然后微信服务器响应我方请求并在响应报文中使用【微信平台证书】加签 我方需要根据规则验签是否响应来自微信支付服务器

其中【微信平台证书】定期会进行更新，不受我方管控，我方需要适当的时候获取最新的证书列表。

作者:

youta

字段概要

字段

限定符和类型	字段和说明
private static String	BC_PROVIDER 加密算法提供方 - BouncyCastle
private static Map<String,Certificate>	CERTIFICATE_MAP 微信平台证书容器 key = 序列号 value = 证书对象
private org.springframework.util.IdGenerator	nonceStrGenerator The constant ID_GENERATOR.
private org.springframework.web.client.RestOperations	restOperations The Rest operations.
private static String	SCHEMA The constant SCHEMA.
static String	TOKEN_PATTERN The constant TOKEN_PATTERN.
private WechatMetaContainer	wechatMetaContainer The Wechat meta container.

构造器概要

构造器

构造器和说明
SignatureProvider(WechatMetaContainer wechatMetaContainer) Instantiates a new Signature provider.

方法概要

限定符和类型	方法和说明
private static String	createSign(boolean newLine, String... components) 请求时设置签名 组件
String	decryptResponseBody(String tenantId, String associatedData, String nonce, String ciphertext) 解密响应体.
String	doRequestSign(boolean newLine, PrivateKey privateKey, String... orderedComponents) Do request sign.
String	encryptRequestMessage(String message, Certificate certificate) 对请求敏感字段进行加密
X509WechatCertificateInfo	getCertificate() Get certificate x 509 wechat certificate info.
org.springframework.util.IdGenerator	nonceStrGenerator() Nonce generator.
private void	refreshCertificate(String tenantId) 当我方服务器不存在平台证书或者证书同当前响应报文中的证书序列号不一致时应当刷新 调用/v3/certificates
String	requestSign(boolean newLine, String tenantId, String method, String canonicalUrl, String body) 我方请求前用 SHA256withRSA 加签，使用API证书.
boolean	responseSignVerify(ResponseSignVerifyParams params) 我方对响应验签，和应答签名做比较，使用微信平台证书.
WechatMetaContainer	wechatMetaContainer() Wechat meta container.

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

nonceStrGenerator

private final org.springframework.util.IdGenerator nonceStrGenerator

The constant ID_GENERATOR.

SCHEMA

private static final String SCHEMA

The constant SCHEMA.

另请参阅:

常量字段值

TOKEN_PATTERN

public static final String TOKEN_PATTERN

The constant TOKEN_PATTERN.

另请参阅:

常量字段值

CERTIFICATE_MAP

private static final Map<String,Certificate> CERTIFICATE_MAP

微信平台证书容器 key = 序列号 value = 证书对象

BC_PROVIDER

private static final String BC_PROVIDER

加密算法提供方 - BouncyCastle

另请参阅:

常量字段值

restOperations

private final org.springframework.web.client.RestOperations restOperations

The Rest operations.

wechatMetaContainer

private final WechatMetaContainer wechatMetaContainer

The Wechat meta container.

构造器详细资料

SignatureProvider

public SignatureProvider(WechatMetaContainer wechatMetaContainer)

Instantiates a new Signature provider.

参数:

wechatMetaContainer - the wechat meta container

方法详细资料

requestSign

public String requestSign(boolean newLine,
                          String tenantId,
                          String method,
                          String canonicalUrl,
                          String body)

我方请求前用 SHA256withRSA 加签，使用API证书.

参数:

newLine - the new line

tenantId - the properties key

method - the method

canonicalUrl - the canonical url

body - the body

返回:

the string

doRequestSign

public String doRequestSign(boolean newLine,
                            PrivateKey privateKey,
                            String... orderedComponents)

Do request sign.

参数:

newLine - the has suffix

privateKey - the private key

orderedComponents - the orderedComponents

返回:

the string

responseSignVerify

public boolean responseSignVerify(ResponseSignVerifyParams params)

我方对响应验签，和应答签名做比较，使用微信平台证书.

参数:

params - the params

返回:

the boolean

refreshCertificate

private void refreshCertificate(String tenantId)

当我方服务器不存在平台证书或者证书同当前响应报文中的证书序列号不一致时应当刷新 调用/v3/certificates

参数:

tenantId - tenantId

decryptResponseBody

public String decryptResponseBody(String tenantId,
                                  String associatedData,
                                  String nonce,
                                  String ciphertext)

解密响应体.

参数:

tenantId - the properties key

associatedData - the associated data

nonce - the nonce

ciphertext - the ciphertext

返回:

the string

encryptRequestMessage

public String encryptRequestMessage(String message,
                                    Certificate certificate)

对请求敏感字段进行加密

参数:

message - the message

certificate - the certificate

返回:

encrypt message

getCertificate

public X509WechatCertificateInfo getCertificate()

Get certificate x 509 wechat certificate info.

返回:

the x 509 wechat certificate info

wechatMetaContainer

public WechatMetaContainer wechatMetaContainer()

Wechat meta container.

返回:

the wechat meta container

nonceStrGenerator

public org.springframework.util.IdGenerator nonceStrGenerator()

Nonce generator.

返回:

the id generator

createSign

private static String createSign(boolean newLine,
                                 String... components)

请求时设置签名 组件

参数:

components - the components

返回:

string string