常春岛资源网 Design By www.syssdc.com
一、准备阶段
获取私钥
官方文档 https://kf.qq.com/faq/161222N...
获取私钥证书的序列号 https://pay.weixin.qq.com/wik...
openssl x509 -in 1900009191_20180326_cert.pem -noout -serial serial=1DDE55AD98ED71D6EDD4A4A16996DE7B47773A8C
私钥获取后有三个文件
apiclient_key.p12 apiclient_cert.pem apiclient_key.pem
本次示例程序中,使用的是文件 apiclient_key.pem内容
获取公钥(平台证书)
官方文档
更新证书 https://pay.weixin.qq.com/wik...
平台证书会提前10天生成新证书,微信官方推荐在旧证书过期前5-10天部署新证书
获取证书API文档 https://pay.weixin.qq.com/wik...
身份证认证信息生成文档 https://pay.weixin.qq.com/wik...
常量
const appId = "" // 小程序或者公众号的appid const mchId = "" // 微信支付的商户id const privateSerialNo = "" // 私钥证书号 const aesKey = "" // 微信支付aes key
生成数字签名
// 对消息的散列值进行数字签名
func signPKCS1v15(msg, privateKey []byte, hashType crypto.Hash) ([]byte, error) {
block, _ := pem.Decode(privateKey)
if block == nil {
return nil, errors.New("private key decode error")
}
pri, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, errors.New("parse private key error")
}
key, ok := pri.(*rsa.PrivateKey)
if ok == false {
return nil, errors.New("private key format error")
}
sign, err := rsa.SignPKCS1v15(cryptoRand.Reader, key, hashType, msg)
if err != nil {
return nil, errors.New("sign error")
}
return sign, nil
}
// base编码
func base64EncodeStr(src []byte) string {
return base64.StdEncoding.EncodeToString(src)
}
生成身份认证信息
func authorization(method string, paramMap map[string]interface{}, rawUrl string) (token string, err error) {
var body string
if len(paramMap) != 0 {
paramJsonBytes, err := json.Marshal(paramMap)
if err != nil {
return token, err
}
body = string(paramJsonBytes)
}
urlPart, err := url.Parse(rawUrl)
if err != nil {
return token, err
}
canonicalUrl := urlPart.RequestURI()
timestamp := time.Now().Unix()
nonce := getRandomString(32)
message := fmt.Sprintf("%s\n%s\n%d\n%s\n%s\n", method, canonicalUrl, timestamp, nonce, body)
open, err := os.Open("/Users/apple/data/www/go/work/src/study/testwechantpay/private.pem")
if err != nil {
return token, err
}
defer open.Close()
privateKey, err := ioutil.ReadAll(open)
if err != nil {
return token, err
}
signBytes, err := signPKCS1v15(hasha256(message), privateKey, crypto.SHA256)
if err != nil {
return token, err
}
sign := base64EncodeStr(signBytes)
token = fmt.Sprintf("mchid=\"%s\",nonce_str=\"%s\",timestamp=\"%d\",serial_no=\"%s\",signature=\"%s\"",
mchId, nonce, timestamp, privateSerialNo, sign)
return token, nil
}
报文解密
func decryptGCM(aesKey, nonceV, ciphertextV, additionalDataV string) ([]byte, error) {
key := []byte(aesKey)
nonce := []byte(nonceV)
additionalData := []byte(additionalDataV)
ciphertext, err := base64.StdEncoding.DecodeString(ciphertextV)
if err != nil {
return nil, err
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
aesGCM, err := cipher.NewGCM(block)
if err != nil {
return nil, err
}
plaintext, err := aesGCM.Open(nil, nonce, ciphertext, additionalData)
if err != nil {
return nil, err
}
return plaintext, err
}
获取平台证书
// 获取公钥
const publicKeyUrl = "https://api.mch.weixin.qq.com/v3/certificates"
type TokenResponse struct {
Data []TokenResponseData `json:"data"`
}
type TokenResponseData struct {
EffectiveTime string `json:"effective_time"`
EncryptCertificate EncryptCertificate `json:"encrypt_certificate"`
ExpireTime string `json:"expire_time"`
SerialNo string `json:"serial_no"`
}
type EncryptCertificate struct {
Algorithm string `json:"algorithm"`
AssociatedData string `json:"associated_data"`
Ciphertext string `json:"ciphertext"`
Nonce string `json:"nonce"`
}
var publicSyncMap sync.Map
// 获取公钥
func getPublicKey() (key string, err error) {
var prepareTime int64 = 24 * 3600 * 3 // 证书提前三天过期旧证书,获取新证书
nowTime := time.Now().Unix()
// 读取公钥缓存数据
cacheValueKey := fmt.Sprintf("app_id:%s:public_key:value", appId)
cacheExpireTimeKey := fmt.Sprintf("app_id:%s:public_key:expire_time", appId)
cacheValue, keyValueOk := publicSyncMap.Load(cacheValueKey)
cacheExpireTime, expireTimeOk := publicSyncMap.Load(cacheExpireTimeKey)
if keyValueOk && expireTimeOk {
// 格式化时间
local, _ := time.LoadLocation("Local")
location, _ := time.ParseInLocation(time.RFC3339, cacheExpireTime.(string), local)
// 判断是否过期,证书没有过期直接返回
if location.Unix()-prepareTime > nowTime {
return cacheValue.(string), nil
}
}
token, err := authorization(http.MethodGet, nil, publicKeyUrl)
if err != nil {
return key, err
}
request, err := http.NewRequest(http.MethodGet, publicKeyUrl, nil)
if err != nil {
return key, err
}
request.Header.Add("Authorization", "WECHATPAY2-SHA256-RSA2048 "+token)
request.Header.Add("User-Agent", "用户代理(https://zh.wikipedia.org/wiki/User_agent)")
request.Header.Add("Content-type", "application/json;charset='utf-8'")
request.Header.Add("Accept", "application/json")
client := http.DefaultClient
response, err := client.Do(request)
if err != nil {
return key, err
}
defer response.Body.Close()
bodyBytes, err := ioutil.ReadAll(response.Body)
if err != nil {
return key, err
}
//fmt.Println(string(bodyBytes))
var tokenResponse TokenResponse
if err = json.Unmarshal(bodyBytes, &tokenResponse); err != nil {
return key, err
}
for _, encryptCertificate := range tokenResponse.Data {
// 格式化时间
local, _ := time.LoadLocation("Local")
location, err := time.ParseInLocation(time.RFC3339, encryptCertificate.ExpireTime, local)
if err != nil {
return key, err
}
// 判断是否过期,证书没有过期直接返回
if location.Unix()-prepareTime > nowTime {
decryptBytes, err := decryptGCM(aesKey, encryptCertificate.EncryptCertificate.Nonce, encryptCertificate.EncryptCertificate.Ciphertext,
encryptCertificate.EncryptCertificate.AssociatedData)
if err != nil {
return key, err
}
key = string(decryptBytes)
publicSyncMap.Store(cacheValueKey, key)
publicSyncMap.Store(cacheExpireTimeKey, encryptCertificate.ExpireTime)
return key, nil
}
}
return key, errors.New("get public key error")
}
二、发起微信支付
jsapi 发起支付
调用统一下单接口
统一下单接口文档 https://pay.weixin.qq.com/wik...
// 统一下单接口
func commonPay() (payResMap map[string]string, err error) {
payResMap = make(map[string]string)
amount := 10
paramMap := make(map[string]interface{})
paramMap["appid"] = appId
paramMap["mchid"] = mchId
paramMap["description"] = fmt.Sprintf("微信充值:¥%d", amount)
paramMap["out_trade_no"] = fmt.Sprintf("test%s%s", time.Now().Format("20060102150405"), randNumber())
paramMap["notify_url"] = "http://tools.localhost/notify"
paramMap["amount"] = map[string]interface{}{"total": amount * 100, "currency": "CNY"}
paramMap["payer"] = map[string]string{"openid": "opCO05utXkPQh3Vje13WjEdQpAZ4"}
token, err := authorization(http.MethodPost, paramMap, commonPayUrl)
if err != nil {
return payResMap, err
}
marshal, _ := json.Marshal(paramMap)
request, err := http.NewRequest(http.MethodPost, commonPayUrl, bytes.NewReader(marshal))
if err != nil {
return payResMap, err
}
request.Header.Add("Authorization", "WECHATPAY2-SHA256-RSA2048 "+token)
request.Header.Add("User-Agent", "用户代理(https://zh.wikipedia.org/wiki/User_agent)")
request.Header.Add("Content-type", "application/json;charset='utf-8'")
request.Header.Add("Accept", "application/json")
client := http.DefaultClient
response, err := client.Do(request)
if err != nil {
return payResMap, err
}
defer func() {
response.Body.Close()
}()
bodyBytes, err := ioutil.ReadAll(response.Body)
if err != nil {
return payResMap, err
}
if err = json.Unmarshal(bodyBytes, &payResMap); err != nil {
return payResMap, err
}
if payResMap["prepay_id"] == "" {
return payResMap, errors.New("code:" + payResMap["code"] + "err:" + payResMap["message"])
}
return payResMap, nil
}
生成jsapi发起支付
JSAPI 调起支付接口文档 https://pay.weixin.qq.com/wik...
func jsApi(payResMap map[string]string) (payJson string, err error) {
payMap := make(map[string]string)
timeStamp := time.Now().Unix()
nonce := getRandomString(32)
packageStr := "prepay_id=" + payResMap["prepay_id"]
payMap["appId"] = appId
payMap["timeStamp"] = fmt.Sprintf("%v", timeStamp)
payMap["nonceStr"] = nonce
payMap["package"] = packageStr
// 签名
message := fmt.Sprintf("%s\n%s\n%s\n%s\n", appId, fmt.Sprintf("%v", timeStamp), nonce, packageStr)
open, err := os.Open("/Users/apple/data/www/go/work/src/study/testwechantpay/private.pem")
if err != nil {
return payJson, err
}
defer open.Close()
privateKey, err := ioutil.ReadAll(open)
if err != nil {
return payJson, err
}
signBytes, err := signPKCS1v15(hasha256(message), privateKey, crypto.SHA256)
if err != nil {
return payJson, err
}
sign := base64EncodeStr(signBytes)
payMap["signType"] = sign
payMap["paySign"] = "RSA"
payJsonBytes, err := json.Marshal(payMap)
if err != nil {
return payJson, err
}
payJson = string(payJsonBytes)
return payJson, nil
}
前台发起支付js
需要加载微信js http://res.wx.qq.com/open/js/jweixin-1.6.0.js
调用微信js需要在微信支付平台,设置支付目录
指引文档 https://pay.weixin.qq.com/wik...
<script type="text/javascript" src="/UploadFiles/2021-04-08/jquery.min.js">三、异步通知
签名校验
文档 https://pay.weixin.qq.com/wik...
验证签名
//验证数字签名 func VerifyRsaSign(msg []byte, sign []byte, publicStr []byte, hashType crypto.Hash) bool { //pem解码 block, _ := pem.Decode(publicStr) //x509解码 publicKeyInterface, err := x509.ParseCertificate(block.Bytes) if err != nil { panic(err) } publicKey := publicKeyInterface.PublicKey.(*rsa.PublicKey) //验证数字签名 err = rsa.VerifyPKCS1v15(publicKey, hashType, msg, sign) //crypto.SHA1 return err == nil } // 验证签名 func notifyValidate(timeStamp ,nonce,rawPost,signature string) (bool, error) { signature = base64DecodeStr(signature) message := fmt.Sprintf("%s\n%s\n%s\n", timeStamp, nonce, rawPost) publicKey, err := getPublicKey() if err != nil { return false, err } return VerifyRsaSign(hasha256(message), []byte(signature), []byte(publicKey), crypto.SHA256), nil }报文解密
type NotifyResponse struct { CreateTime string `json:"create_time"` Resource NotifyResource `json:"resource"` } type NotifyResource struct { Ciphertext string `json:"ciphertext"` AssociatedData string `json:"associated_data"` Nonce string `json:"nonce"` } func notifyDecrypt(rawPost string) (decrypt string, err error) { var notifyResponse NotifyResponse if err = json.Unmarshal([]byte(rawPost), ¬ifyResponse); err != nil { return decrypt, err } decryptBytes, err := decryptGCM(aesKey, notifyResponse.Resource.Nonce, notifyResponse.Resource.Ciphertext, notifyResponse.Resource.AssociatedData) if err != nil { return decrypt, err } decrypt = string(decryptBytes) return decrypt, nil }四、查询订单
文档 https://pay.weixin.qq.com/wik...
查询订单
const searchTradeUrl = "https://api.mch.weixin.qq.com/v3/pay/transactions/out-trade-no/%s" // 查询交易 func searchTrade(orderId string) (trade string, err error) { rawUrl := fmt.Sprintf(searchTradeUrl, orderId, mchId) token, err := authorization(http.MethodGet, nil, rawUrl) if err != nil { return trade, err } request, err := http.NewRequest(http.MethodGet, rawUrl, nil) if err != nil { return trade, err } request.Header.Add("Authorization", "WECHATPAY2-SHA256-RSA2048 "+token) request.Header.Add("User-Agent", "用户代理(https://zh.wikipedia.org/wiki/User_agent)") request.Header.Add("Content-type", "application/json;charset='utf-8'") request.Header.Add("Accept", "application/json") client := http.DefaultClient response, err := client.Do(request) if err != nil { return trade, err } defer response.Body.Close() bodyBytes, err := ioutil.ReadAll(response.Body) if err != nil { return trade, err } return string(bodyBytes), nil }五、申请退款
文档 https://pay.weixin.qq.com/wik...
申请退款
const refundUrl = "https://api.mch.weixin.qq.com/v3/refund/domestic/refunds" func refundTrade(orderId string, amount float64) (trade string, err error) { paramMap := make(map[string]interface{}) paramMap["out_trade_no"] = orderId paramMap["out_refund_no"] = orderId + "-1" paramMap["amount"] = map[string]interface{}{"refund": amount * 100, "total": amount * 100, "currency": "CNY"} token, err := authorization(http.MethodPost, paramMap, refundUrl) if err != nil { return trade, err } marshal, _ := json.Marshal(paramMap) request, err := http.NewRequest(http.MethodPost, refundUrl, bytes.NewReader(marshal)) if err != nil { return trade, err } request.Header.Add("Authorization", "WECHATPAY2-SHA256-RSA2048 "+token) request.Header.Add("User-Agent", "用户代理(https://zh.wikipedia.org/wiki/User_agent)") request.Header.Add("Content-type", "application/json;charset='utf-8'") request.Header.Add("Accept", "application/json") client := http.DefaultClient response, err := client.Do(request) if err != nil { return trade, err } defer func() { response.Body.Close() }() bodyBytes, err := ioutil.ReadAll(response.Body) if err != nil { return trade, err } return string(bodyBytes), nil }
常春岛资源网 Design By www.syssdc.com
广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件! 如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件! 如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
常春岛资源网 Design By www.syssdc.com
暂无评论...
《魔兽世界》大逃杀!60人新游玩模式《强袭风暴》3月21日上线
暴雪近日发布了《魔兽世界》10.2.6 更新内容,新游玩模式《强袭风暴》即将于3月21 日在亚服上线,届时玩家将前往阿拉希高地展开一场 60 人大逃杀对战。
艾泽拉斯的冒险者已经征服了艾泽拉斯的大地及遥远的彼岸。他们在对抗世界上最致命的敌人时展现出过人的手腕,并且成功阻止终结宇宙等级的威胁。当他们在为即将于《魔兽世界》资料片《地心之战》中来袭的萨拉塔斯势力做战斗准备时,他们还需要在熟悉的阿拉希高地面对一个全新的敌人──那就是彼此。在《巨龙崛起》10.2.6 更新的《强袭风暴》中,玩家将会进入一个全新的海盗主题大逃杀式限时活动,其中包含极高的风险和史诗级的奖励。
《强袭风暴》不是普通的战场,作为一个独立于主游戏之外的活动,玩家可以用大逃杀的风格来体验《魔兽世界》,不分职业、不分装备(除了你在赛局中捡到的),光是技巧和战略的强弱之分就能决定出谁才是能坚持到最后的赢家。本次活动将会开放单人和双人模式,玩家在加入海盗主题的预赛大厅区域前,可以从强袭风暴角色画面新增好友。游玩游戏将可以累计名望轨迹,《巨龙崛起》和《魔兽世界:巫妖王之怒 经典版》的玩家都可以获得奖励。
更新日志
2025年11月02日
2025年11月02日
- 小骆驼-《草原狼2(蓝光CD)》[原抓WAV+CUE]
- 群星《欢迎来到我身边 电影原声专辑》[320K/MP3][105.02MB]
- 群星《欢迎来到我身边 电影原声专辑》[FLAC/分轨][480.9MB]
- 雷婷《梦里蓝天HQⅡ》 2023头版限量编号低速原抓[WAV+CUE][463M]
- 群星《2024好听新歌42》AI调整音效【WAV分轨】
- 王思雨-《思念陪着鸿雁飞》WAV
- 王思雨《喜马拉雅HQ》头版限量编号[WAV+CUE]
- 李健《无时无刻》[WAV+CUE][590M]
- 陈奕迅《酝酿》[WAV分轨][502M]
- 卓依婷《化蝶》2CD[WAV+CUE][1.1G]
- 群星《吉他王(黑胶CD)》[WAV+CUE]
- 齐秦《穿乐(穿越)》[WAV+CUE]
- 发烧珍品《数位CD音响测试-动向效果(九)》【WAV+CUE】
- 邝美云《邝美云精装歌集》[DSF][1.6G]
- 吕方《爱一回伤一回》[WAV+CUE][454M]