1.導入sdk
<dependency> <groupId>com.alipay.sdk</groupId> <artifactId>alipay-sdk-java</artifactId> <version>4.8.73.ALL</version> </dependency>
2.我用的是證書方式請求
public class AlipayUtil { /** * 處理請求參數 * @param requestParams * @return */ public static Map<String, String> handleParams(Map<String, String[]> requestParams){ Map<String, String> handleMap = new HashMap<>(requestParams.size()); for (Map.Entry<String, String[]> entry : requestParams.entrySet()) { String key = entry.getKey(); String[] value = entry.getValue(); handleMap.put(key, join(value, ",")); } return handleMap; } /** * 數組轉字符串 ["1", "2"] ==> "1,2" * @param os * @param splitString * @return */ public static String join(Object[] os, String splitString){ String s = ""; if (os != null) { StringBuilder sBuffer = new StringBuilder(); for (int i = 0; i < os.length; i++) { sBuffer.append(os[i]).append(splitString); } s = sBuffer.deleteCharAt(sBuffer.length() - 1).toString(); } return s; } /** * 校驗是否支付成功 * @param handleParams * @return */ public static boolean rsaCheck(Map<String, String> handleParams) { boolean checkV1 = false; try { checkV1 = AlipaySignature.rsaCertCheckV1(handleParams, AlipayConfig.ALIPAY_PUBLIC_KEY_PATH, AlipayConfig.CHARSET, AlipayConfig.SIGNTYPE); } catch (AlipayApiException e) { e.printStackTrace(); } return checkV1; } public static String getH5ByPath(String body,String subject,String outTradeNo,String money) throws Exception { //構造client CertAlipayRequest certAlipayRequest = new CertAlipayRequest(); //設置網關地址 certAlipayRequest.setServerUrl(AlipayConfig.URL); //設置應用Id certAlipayRequest.setAppId(AlipayConfig.APPID); //設置應用私鑰 certAlipayRequest.setPrivateKey(RSAUtil.loadKeyFromFile(AlipayConfig.RSA_PRIVATE_KEY_PATH)); //設置請求格式,固定值json certAlipayRequest.setFormat(AlipayConfig.FORMAT); //設置字符集 certAlipayRequest.setCharset(AlipayConfig.CHARSET); //設置簽名類型 certAlipayRequest.setSignType(AlipayConfig.SIGNTYPE); //設置應用公鑰證書路徑 certAlipayRequest.setCertPath(AlipayConfig.RSA_PUBLIC_KEY_PATH); //設置支付寶公鑰證書路徑 certAlipayRequest.setAlipayPublicCertPath(AlipayConfig.ALIPAY_PUBLIC_KEY_PATH); //設置支付寶根證書路徑 certAlipayRequest.setRootCertPath(AlipayConfig.ALIPAY_ROOT_KEY_PATH); //構造client AlipayClient alipayClient = new DefaultAlipayClient(certAlipayRequest); //實例化具體API對應的request類,類名稱和接口名稱對應,當前調用接口名稱:alipay.trade.app.pay AlipayTradeWapPayRequest request = new AlipayTradeWapPayRequest(); //SDK已經封裝掉了公共參數,這裏只需要傳入業務參數。以下方法爲sdk的model入參方式(model和biz_content同時存在的情況下取biz_content)。 AlipayTradeWapPayModel model = new AlipayTradeWapPayModel(); model.setBody(body); model.setSubject(body); model.setOutTradeNo(outTradeNo); model.setTimeoutExpress(AlipayConfig.TIME_OUT); model.setTotalAmount(money); model.setProductCode("QUICK_WAP_PAY"); request.setBizModel(model); request.setNotifyUrl(AlipayConfig.notify_url); request.setReturnUrl(AlipayConfig.return_url); String form=""; try { form = alipayClient.pageExecute(request,"GET").getBody(); //調用SDK生成表單 } catch (AlipayApiException e) { e.printStackTrace(); } return form; } }
因爲我這裏需要獲取url在app做攔截,所以用的是GET請求alipayClient.pageExecute(request,"GET").getBody()
最後驗籤:
@PostMapping(value = "alipay_notify_url") @ApiOperation(value = "alipay_notify_url") public String alipay_notify_url(HttpServletRequest request, HttpServletResponse response) throws Exception { //支付寶 Map<String, String[]> parameterMap = request.getParameterMap(); Map<String, String> handleParams = AlipayUtil.handleParams(parameterMap); //商戶訂單號 String out_trade_no = new String(request.getParameter("out_trade_no").getBytes("ISO-8859-1"),"UTF-8"); //支付寶交易號 String trade_no = new String(request.getParameter("trade_no").getBytes("ISO-8859-1"),"UTF-8"); //交易狀態 String trade_status = new String(request.getParameter("trade_status").getBytes("ISO-8859-1"),"UTF-8"); boolean rsaCheck = AlipayUtil.rsaCheck(handleParams); if (rsaCheck){ if (trade_status.equals("TRADE_FINISHED") || trade_status.equals("TRADE_SUCCESS")) { }else{ log.error("沒有處理支付寶回調業務,支付寶交易狀態:{},handleParams:{}",trade_status,handleParams); } }else { log.info("支付寶回調簽名認證失敗,signVerified=false, handleParams:{}", handleParams); } return rsaCheck ? "success" : "failure"; }