在线支付

Posted 第九种格调的人生

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了在线支付相关的知识,希望对你有一定的参考价值。

1.整合提交信息

package com.learning.web.servlet;

import java.io.IOException;
import java.util.ResourceBundle;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.learning.utils.PaymentUtil;

@WebServlet("/payOnline")
public class PayOnline extends HttpServlet {
    private static final long serialVersionUID = 1L;
       
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            doPost(request, response);
    }


    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    
        String orderid = request.getParameter("orderid");
        String money = request.getParameter("money");
        
                // 银行
                String pd_FrpId = request.getParameter("pd_FrpId");

                // 发给支付公司需要哪些数据
                String p0_Cmd = "Buy";
                String p1_MerId = ResourceBundle.getBundle("/WEB-INF/classes/merchantInfo").getString(
                        "p1_MerId");
                String p2_Order = orderid;
                String p3_Amt = money;
                String p4_Cur = "CNY";
                String p5_Pid = "";
                String p6_Pcat = "";
                String p7_Pdesc = "";
                // 支付成功回调地址 ---- 第三方支付公司会访问、用户访问
                // 第三方支付可以访问网址(本项目网址)
                String p8_Url = "http://115.170.37.189/day19pay/callback";
                String p9_SAF = "";
                String pa_MP = "";
                String pr_NeedResponse = "1";
                // 加密hmac 需要密钥
                String keyValue = ResourceBundle.getBundle("merchantInfo").getString(
                        "keyValue");
                String hmac = PaymentUtil.buildHmac(p0_Cmd, p1_MerId, p2_Order, p3_Amt,
                        p4_Cur, p5_Pid, p6_Pcat, p7_Pdesc, p8_Url, p9_SAF, pa_MP,
                        pd_FrpId, pr_NeedResponse, keyValue);
                // 生成url --- url?
                request.setAttribute("pd_FrpId", pd_FrpId);
                request.setAttribute("p0_Cmd", p0_Cmd);
                request.setAttribute("p1_MerId", p1_MerId);
                request.setAttribute("p2_Order", p2_Order);
                request.setAttribute("p3_Amt", p3_Amt);
                request.setAttribute("p4_Cur", p4_Cur);
                request.setAttribute("p5_Pid", p5_Pid);
                request.setAttribute("p6_Pcat", p6_Pcat);
                request.setAttribute("p7_Pdesc", p7_Pdesc);
                request.setAttribute("p8_Url", p8_Url);
                request.setAttribute("p9_SAF", p9_SAF);
                request.setAttribute("pa_MP", pa_MP);
                request.setAttribute("pr_NeedResponse", pr_NeedResponse);
                request.setAttribute("hmac", hmac);

                request.getRequestDispatcher("/confirm.jsp").forward(request, response);
        
        
    }

}

 

2.用户确认提交的信息(confirm.jsp)

 

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>

<%@taglib prefix="p" uri="http://www.itcast.cn/tag"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
    <p:user />
    <!-- 确认支付form -->
    <form action="https://www.yeepay.com/app-merchant-proxy/node"
        method="get">
        <h3>订单号:${p2_Order},付款金额 :${p3_Amt }</h3>
        <input type="hidden" name="pd_FrpId" value="${pd_FrpId }" /> <input
            type="hidden" name="p0_Cmd" value="${p0_Cmd }" /> <input
            type="hidden" name="p1_MerId" value="${p1_MerId }" /> <input
            type="hidden" name="p2_Order" value="${p2_Order }" /> <input
            type="hidden" name="p3_Amt" value="${p3_Amt }" /> <input
            type="hidden" name="p4_Cur" value="${p4_Cur }" /> <input
            type="hidden" name="p5_Pid" value="${p5_Pid }" /> <input
            type="hidden" name="p6_Pcat" value="${p6_Pcat }" /> <input
            type="hidden" name="p7_Pdesc" value="${p7_Pdesc }" /> <input
            type="hidden" name="p8_Url" value="${p8_Url }" /> <input
            type="hidden" name="p9_SAF" value="${p9_SAF }" /> <input
            type="hidden" name="pa_MP" value="${pa_MP }" /> <input type="hidden"
            name="pr_NeedResponse" value="${pr_NeedResponse }" /> <input
            type="hidden" name="hmac" value="${hmac }" /> <input type="submit"
            value="确认支付" />
    </form>
</body>
</html>

 

3.网站获得第三方支付的信息

package com.learning.web.servlet;

import java.io.IOException;
import java.util.ResourceBundle;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.learning.service.OrderService;
import com.learning.utils.PaymentUtil;


/**
 * 该Servlet会在支付成功后 进行调用----- 支付公司 、客户
 * 
 * @author seawind
 * 
 */
public class CallbackServlet extends HttpServlet {

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 获得回调所有数据
        String p1_MerId = request.getParameter("p1_MerId");
        String r0_Cmd = request.getParameter("r0_Cmd");
        String r1_Code = request.getParameter("r1_Code");
        String r2_TrxId = request.getParameter("r2_TrxId");
        String r3_Amt = request.getParameter("r3_Amt");
        String r4_Cur = request.getParameter("r4_Cur");
        String r5_Pid = request.getParameter("r5_Pid");
        String r6_Order = request.getParameter("r6_Order");
        String r7_Uid = request.getParameter("r7_Uid");
        String r8_MP = request.getParameter("r8_MP");
        String r9_BType = request.getParameter("r9_BType");
        String rb_BankId = request.getParameter("rb_BankId");
        String ro_BankOrderId = request.getParameter("ro_BankOrderId");
        String rp_PayDate = request.getParameter("rp_PayDate");
        String rq_CardNo = request.getParameter("rq_CardNo");
        String ru_Trxtime = request.getParameter("ru_Trxtime");
        // 身份校验 --- 判断是不是支付公司通知你
        String hmac = request.getParameter("hmac");
        String keyValue = ResourceBundle.getBundle("merchantInfo").getString(
                "keyValue");

        // 自己对上面数据进行加密 --- 比较支付公司发过来hamc
        boolean isValid = PaymentUtil.verifyCallback(hmac, p1_MerId, r0_Cmd,
                r1_Code, r2_TrxId, r3_Amt, r4_Cur, r5_Pid, r6_Order, r7_Uid,
                r8_MP, r9_BType, keyValue);
        if (isValid) {
            // 响应数据有效
            if (r9_BType.equals("1")) {
                // 浏览器重定向
                response.setContentType("text/html;charset=utf-8");
                response.getWriter().println("<h1>付款成功!等待商城进一步操作!等待收货...</h1>");
            } else if (r9_BType.equals("2")) {
                // 服务器点对点 --- 支付公司通知你
                System.out.println("付款成功!");
                // 修改订单状态 为已付款
                OrderService orderService=new OrderService();
                orderService.modifyOrderState(p1_MerId);
                
                // 回复支付公司
                response.getWriter().print("success");
            }
        } else {
            // 数据无效
            System.out.println("数据被篡改!");
        }
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}

 

文件:

merchantInfo.properties

p1_MerId=10001126856
keyValue=69cl522AV6q613Ii4W6u8K6XuW8vM1N6bFgyv769220IuYe9u37N4y7rI4Pl
responseURL=http://localhost:8080/onlinepay/servlet/PaymentResponse

工具类:PaymentUtil

package com.learning.utils;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

public class PaymentUtil {

    private static String encodingCharset = "UTF-8";
    
    /**
     * 生成hmac方法
     * 
     * @param p0_Cmd 业务类型
     * @param p1_MerId 商户编号
     * @param p2_Order 商户订单号
     * @param p3_Amt 支付金额
     * @param p4_Cur 交易币种
     * @param p5_Pid 商品名称
     * @param p6_Pcat 商品种类
     * @param p7_Pdesc 商品描述
     * @param p8_Url 商户接收支付成功数据的地址
     * @param p9_SAF 送货地址
     * @param pa_MP 商户扩展信息
     * @param pd_FrpId 银行编码
     * @param pr_NeedResponse 应答机制
     * @param keyValue 商户密钥
     * @return
     */
    public static String buildHmac(String p0_Cmd,String p1_MerId,
            String p2_Order, String p3_Amt, String p4_Cur,String p5_Pid, String p6_Pcat,
            String p7_Pdesc,String p8_Url, String p9_SAF,String pa_MP,String pd_FrpId,
            String pr_NeedResponse,String keyValue) {
        StringBuilder sValue = new StringBuilder();
        // 业务类型
        sValue.append(p0_Cmd);
        // 商户编号
        sValue.append(p1_MerId);
        // 商户订单号
        sValue.append(p2_Order);
        // 支付金额
        sValue.append(p3_Amt);
        // 交易币种
        sValue.append(p4_Cur);
        // 商品名称
        sValue.append(p5_Pid);
        // 商品种类
        sValue.append(p6_Pcat);
        // 商品描述
        sValue.append(p7_Pdesc);
        // 商户接收支付成功数据的地址
        sValue.append(p8_Url);
        // 送货地址
        sValue.append(p9_SAF);
        // 商户扩展信息
        sValue.append(pa_MP);
        // 银行编码
        sValue.append(pd_FrpId);
        // 应答机制
        sValue.append(pr_NeedResponse);
        
        return PaymentUtil.hmacSign(sValue.toString(), keyValue);
    }
    
    /**
     * 返回校验hmac方法
     * 
     * @param hmac 支付网关发来的加密验证码
     * @param p1_MerId 商户编号
     * @param r0_Cmd 业务类型
     * @param r1_Code 支付结果
     * @param r2_TrxId 易宝支付交易流水号
     * @param r3_Amt 支付金额
     * @param r4_Cur 交易币种
     * @param r5_Pid 商品名称
     * @param r6_Order 商户订单号
     * @param r7_Uid 易宝支付会员ID
     * @param r8_MP 商户扩展信息
     * @param r9_BType 交易结果返回类型
     * @param keyValue 密钥
     * @return
     */
    public static boolean verifyCallback(String hmac, String p1_MerId,
            String r0_Cmd, String r1_Code, String r2_TrxId, String r3_Amt,
            String r4_Cur, String r5_Pid, String r6_Order, String r7_Uid,
            String r8_MP, String r9_BType, String keyValue) {
        StringBuilder sValue = new StringBuilder();
        // 商户编号
        sValue.append(p1_MerId);
        // 业务类型
        sValue.append(r0_Cmd);
        // 支付结果
        sValue.append(r1_Code);
        // 易宝支付交易流水号
        sValue.append(r2_TrxId);
        // 支付金额
        sValue.append(r3_Amt);
        // 交易币种
        sValue.append(r4_Cur);
        // 商品名称
        sValue.append(r5_Pid);
        // 商户订单号
        sValue.append(r6_Order);
        // 易宝支付会员ID
        sValue.append(r7_Uid);
        // 商户扩展信息
        sValue.append(r8_MP);
        // 交易结果返回类型
        sValue.append(r9_BType);
        String sNewString = PaymentUtil.hmacSign(sValue.toString(), keyValue);
        return sNewString.equals(hmac);
    }
    
    /**
     * @param aValue
     * @param aKey
     * @return
     */
    public static String hmacSign(String aValue, String aKey) {
        byte k_ipad[] = new byte[64];
        byte k_opad[] = new byte[64];
        byte keyb[];
        byte value[];
        try {
            keyb = aKey.getBytes(encodingCharset);
            value = aValue.getBytes(encodingCharset);
        } catch (UnsupportedEncodingException e) {
            keyb = aKey.getBytes();
            value = aValue.getBytes();
        }

        Arrays.fill(k_ipad, keyb.length, 64, (byte) 54);
        Arrays.fill(k_opad, keyb.length, 64, (byte) 92);
        for (int i = 0; i < keyb.length; i++) {
            k_ipad[i] = (byte) (keyb[i] ^ 0x36);
            k_opad[i] = (byte) (keyb[i] ^ 0x5c);
        }

        MessageDigest md = null;
        try {
            md = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException e) {

            return null;
        }
        md.update(k_ipad);
        md.update(value);
        byte dg[] = md.digest();
        md.reset();
        md.update(k_opad);
        md.update(dg, 0, 16);
        dg = md.digest();
        return toHex(dg);
    }

    public static String toHex(byte input[]) {
        if (input == null)
            return null;
        StringBuffer output = new StringBuffer(input.length * 2);
        for (int i = 0; i < input.length; i++) {
            int current = input[i] & 0xff;
            if (current < 16)
                output.append("0");
            output.append(Integer.toString(current, 16));
        }

        return output.toString();
    }

    /**
     * 
     * @param args
     * @param key
     * @return
     */
    public static String getHmac(String[] args, String key) {
        if (args == null || args.length == 0) {
            return (null);
        }
        StringBuffer str = new StringBuffer();
        for (int i = 0; i < args.length; i++) {
            str.append(args[i]);
        }
        return (hmacSign(str.toString(), key));
    }

    /**
     * @param aValue
     * @return
     */
    public static String digest(String aValue) {
        aValue = aValue.trim();
        byte value[];
        try {
            value = aValue.getBytes(encodingCharset);
        } catch (UnsupportedEncodingException e) {
            value = aValue.getBytes();
        }
        MessageDigest md = null;
        try {
            md = MessageDigest.getInstance("SHA");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
        return toHex(md.digest(value));

    }
    
//    public static void main(String[] args) {
//        System.out.println(hmacSign("AnnulCard1000043252120080620160450.0http://localhost/SZXpro/callback.asp杩?4564868265473632445648682654736324511","8UPp0KE8sq73zVP370vko7C39403rtK1YwX40Td6irH216036H27Eb12792t"));
//    }
}

 

以上是关于在线支付的主要内容,如果未能解决你的问题,请参考以下文章

如何在片段中使用 GetJsonFromUrlTask​​.java

有人可以解释啥是 SVN 平分算法吗?理论上和通过代码片段[重复]

如何在片段中填充列表视图?

Vue在线编译器

刷新同一活动中剩余的当前片段(ListView 数据)

44. CSRF 攻击与防御