tj

center-app/app/base/api/api.base.js

@@ -70,7 +70,7 @@ class APIBase {
                 agent: req.uagent,
                 opTitle: "api服务提供方appKey:" + settings.appKey,
             });
-            rtn.requestId = req.requestId
+            rtn.requestId = req.requestId || ""
             return rtn;
         } catch (e) {
             console.log(e.stack, "api调用出现异常，请联系管理员..........")

center-app/app/base/api/impl/payment/aliPayment.js

@@ -16,7 +16,33 @@ class AliPayment extends APIBase {
     }
     async test(pobj, qobj, req) {
         var pobj = { appInfo: { uapp_id: 22 }, actionBody: { total_fee: 0.01, order_num: "111222", body_desc: "标题描述1" } };
-        var result = await this.utilsAlibankSve.getH5AliDingPayInfo(pobj, pobj.actionBody);
+        var actionBody = {
+            "discount": "0.00",
+            "payment_type": "1",
+            "trade_no": "2020040922001436491431713713",
+            "subject": "888",
+            "buyer_email": "306***@qq.com",
+            "gmt_create": "2020-04-09 19:57:49",
+            "notify_type": "trade_status_sync",
+            "quantity": "1",
+            "out_trade_no": "OT36202004091957Ac7M",
+            "seller_id": "2088001575712426",
+            "notify_time": "2020-04-09 19:57:50",
+            "body": "888",
+            "trade_status": "TRADE_SUCCESS",
+            "is_total_fee_adjust": "N",
+            "total_fee": "0.01",
+            "gmt_payment": "2020-04-09 19:57:49",
+            "seller_email": "2022815690@qq.com",
+            "price": "0.01",
+            "buyer_id": "2088302381536494",
+            "notify_id": "2020040900222195749036491455979554",
+            "use_coupon": "N",
+            "sign_type": "RSA",
+            "sign": "fa3cGcw+Y5VoIruvWtwN3/XPScPbaeXJI9v+p3I82z3Im0PloxZ/wVallZPJnFGqSIbhp6L3Czajbrz2dzdDPiWCpatH7j7CCTYaIxPXBKAcYuBINfQN3UqHLY2Nq1LS1jfCKwMeufGOUqW1+2yDbQB8TFAAApbvHf63l2Cfgc4="
+        };
+        var result = await this.utilsAlibankSve.verifyPayReturnSign(pobj, actionBody);
+        // var result = await this.utilsAlibankSve.getH5AliDingPayInfo(pobj, pobj.actionBody);
         return result;
     }
 }

center-app/app/base/service/app.base.js

@@ -9,6 +9,27 @@ class AppServiceBase {
     this.cacheManager = system.getObject("db.common.cacheManager");
   }
 
+  async getSortSignStr(resultData) {
+    var resultSignArr = [];
+    var keys = Object.keys(resultData).sort();
+    if (keys.length == 0) {
+      rtnResult.status = -330;
+      rtnResult.msg = "返回值参数信息为空，getSortParam";
+      return rtnResult;
+    }
+    for (let k = 0; k < keys.length; k++) {
+      const tKey = keys[k];
+      if (tKey != "sign" && tKey != "sign_type" && resultData[tKey]) {
+        resultSignArr.push(tKey + "=" + resultData[tKey]);
+      }
+    }
+    if (resultSignArr.length == 0) {
+      rtnResult.status = -350;
+      rtnResult.msg = "返回值组装签名参数信息为空，getSortParam";
+      return rtnResult;
+    }
+    return system.getResultSuccess(resultSignArr.join("&"));
+  }
   async getReqBeforeParam(jsonObj, pay_key) {//获取请求前的参数信息
     jsonObj.key = pay_key;
     var reqResult = { status: 0, msg: "success", req_param: null };
@@ -156,7 +177,7 @@ class AppServiceBase {
       return system.getResult(null, "execGet data is empty");
     }
     var result = JSON.parse(rtn.stdout);
-    if(!result.status){
+    if (!result.status) {
       return system.getResultSuccess(result);
     }
     return result;

center-app/app/base/service/impl/utilsSve/utilsAlibankSve.js

 var system = require("../../../system");
-var settings = require("../../../../config/settings");
 const AppServiceBase = require("../../app.base");
-const querystring = require('querystring');
-const md5 = require("MD5");
 const NodeRSA = require('node-rsa');
 
-const crypto = require("crypto");
 class utilsTlBankSve extends AppServiceBase {
   constructor() {
     super();
@@ -44,7 +40,6 @@ class utilsTlBankSve extends AppServiceBase {
     let signParam = await this.getVerifyParams(parameters);
     var signStr = await this.getCreateAliSignStr(pobj, signParam, payParam.privatekey, "sha1");
     // var signStr = await this.getSign(pobj,payParam.privatekey, parameters);
-    // parameters.sign = encodeURIComponent(signStr);
     signParam = signParam + "&sign=\"" + encodeURIComponent(signStr) + "\"&sign_type=\"" + parameters.sign_type + "\"";
     return system.getResultSuccess(signParam);
   }
@@ -55,7 +50,7 @@ class utilsTlBankSve extends AppServiceBase {
     const key = new NodeRSA();
     key.setOptions({ b: 1024, signingScheme: algorith });
     key.importKey(privateKey, 'pkcs8-private');//导入密钥并设定格式
-    const publicDer = key.exportKey('pkcs8-public');
+    // const publicDer = key.exportKey('pkcs8-public');
     let buffer = Buffer.from(signParam);
     let signature = key.sign(buffer).toString('base64');
     this.logCtl.info({
@@ -67,8 +62,6 @@ class utilsTlBankSve extends AppServiceBase {
     });
     return signature;
   }
-
-
   async getVerifyParams(params) {
     var sPara = [];
     if (!params) return null;
@@ -81,7 +74,6 @@ class utilsTlBankSve extends AppServiceBase {
       } else {
         sPara.push([key, "\"" + params[key] + "\""]);
       }
-      // sPara.push([key, "\"" + params[key] + "\""]);
     }
     // sPara = sPara.sort();
     var prestr = '';
@@ -96,25 +88,38 @@ class utilsTlBankSve extends AppServiceBase {
     return prestr;
   }
 
-
-  async getSign(pobj, privateKey, params) {
-    try {
-      var key = "-----BEGIN PRIVATE KEY-----" + privateKey + "-----END PRIVATE KEY-----";
-      var prestr = await this.getVerifyParams(params)
-      var sign = crypto.createSign('RSA-SHA1');
-      sign.update(prestr);
-      sign = sign.sign(key, 'base64');
-      let signature = encodeURIComponent(sign)
-      this.logCtl.info({
-        appid: pobj.appInfo ? pobj.appInfo.uapp_id : "",
-        appkey: pobj.appInfo ? pobj.appInfo.uapp_key : "",
-        op: "center-app/app/base/service/impl/utilsSve/utilsAlibankSve.js/getCreateAliSignStr",
-        content: "参数：" + prestr + "返回结果signStr：" + signature,
-        optitle: "获取钉钉支付签名信息返回-new1",
-      });
-    } catch (err) {
-      console.log('err', err)
+  async verifyPayReturnSign(pobj, actionBody) {
+    var getSignStrResult = await this.getSortSignStr(actionBody);
+    if (getSignStrResult.status != 0) {
+      return getSignStrResult;
+    }
+    var payParam = await this.apppaliparamDao.getItemByUAppId(pobj.appInfo.uapp_id);
+    if (!payParam) {
+      return { status: -310, msg: "应用没有对应的支付凭证,verifyPayReturnSign" };
+    }
+    var verifyResult = await this.getVerifyPaySignStr(pobj, getSignStrResult.data, actionBody.sign, payParam.ali_publickey, "buffer", "base64", "sha1")
+    if (verifyResult) {
+      return system.getResultSuccess();
     }
+    return system.getResult(null, "验签失败，verifyPayReturnSign");
+  }
+
+  async getVerifyPaySignStr(pobj, signParamStr, verifySignStr, publicKey, sourceEncoding, signatureEncoding, algorith) {
+    publicKey = "-----BEGIN PUBLIC KEY-----" + publicKey + "-----END PUBLIC KEY-----";
+    const key = new NodeRSA();
+    key.setOptions({ b: 1024, signingScheme: algorith });
+    key.importKey(publicKey, 'pkcs8-public-pem');//导入密钥并设定格式
+    // const publicDer = key.exportKey('pkcs8-private');
+    let signature = key.verify(Buffer.from(signParamStr), verifySignStr, sourceEncoding, signatureEncoding);
+    // this.logCtl.info({
+    //   appid: pobj.appInfo ? pobj.appInfo.uapp_id : "",
+    //   appkey: pobj.appInfo ? pobj.appInfo.uapp_key : "",
+    //   op: "center-app/app/base/service/impl/utilsSve/utilsAlibankSve.js/getCreateAliSignStr",
+    //   content: "参数：" + paramStr + "返回结果signStr：" + signature,
+    //   optitle: "获取钉钉支付签名信息返回",
+    // });
+    return signature;
+
   }
 
   //-------------------------------------------钉钉h5支付-----------------结束