search

Wechat-Group / WxJava

微信开发 Java SDK ,支持包括微信支付,开放平台,小程序,企业微信,视频号,公众号等的后端开发
Apache License 2.0
29.43k stars 8.5k forks source link

v3 支付成功,头部验证签名失败 #2879

Closed pigping88 closed 1 year ago

pigping88 commented 1 year ago

发现头部序列号和商户的证书的序列号不一致,代码扫了下,没看到平台证书获取,配置的地方,导致签名验证失败了

pigping88 commented 1 year ago

com.github.binarywang.wxpay.exception.WxPayException: 非法请求,头部信息验证失败 at com.github.binarywang.wxpay.service.impl.BaseWxPayServiceImpl.parseOrderNotifyV3Result(BaseWxPayServiceImpl.java:350)

pigping88 commented 1 year ago

wx: pay:

微信支付商户号

mchId: xxxxxx
# 微信支付商户密钥
#mchKey: abcdefghijklmn
# path除了classpath也可以用url
keyPath: classpath:cert/apiclient_cert.p12
privateKeyPath: classpath:cert/apiclient_key.pem
privateCertPath: classpath:cert/apiclient_cert.pem
apiV3Key: xxxxxx
certSerialNo: xxxxxx
sandboxEnabled: false
payNotifyUrl: xxxxxx
refundNotifyUrl: xxxxxx
pigping88 commented 1 year ago

@Bean @ConditionalOnMissingBean public WxPayService wxPayService() { if (StringUtils.isBlank(properties.getMchId())) { log.error("微信商户号配置无效,请检查!"); return new WxPayServiceImpl(); }

    WxPayService wxPayService = new WxPayServiceImpl();
    WxPayConfig payConfig = new WxPayConfig();
    payConfig.setMchId(StringUtils.trimToNull(properties.getMchId()));
    payConfig.setMchKey(StringUtils.trimToNull(properties.getMchKey()));
    payConfig.setSubAppId(StringUtils.trimToNull(properties.getSubAppId()));
    payConfig.setSubMchId(StringUtils.trimToNull(properties.getSubMchId()));
    payConfig.setKeyPath(StringUtils.trimToNull(properties.getKeyPath()));
    payConfig.setApiV3Key(StringUtils.trimToNull(properties.getApiV3Key()));
    payConfig.setCertSerialNo(StringUtils.trimToNull(properties.getCertSerialNo()));
    payConfig.setPrivateKeyPath(StringUtils.trimToNull(properties.getPrivateKeyPath()));
    payConfig.setPrivateCertPath(StringUtils.trimToNull(properties.getPrivateCertPath()));
    // 可以指定是否使用沙箱环境
    payConfig.setUseSandboxEnv(BooleanUtils.toBoolean(properties.getSandboxEnabled()));
    wxPayService.setConfig(payConfig);
    return wxPayService;
}
pigping88 commented 1 year ago

certSerialNo给的apiv3证书的序列号,平台证书,看了下实现代码,都是自动获取的,怎么就验证支付回调签名失败呢,支付回调又不怎么好调试,需要https,本地用内网穿透,还差点https,线上源码包,没法给日志,不太好追踪具体啥导致的签名失败

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

lettgers commented 8 months ago

同样的问题

luues commented 8 months ago

我也是,而且是偶尔会报一下,哎 头都麻了

yueyemisi commented 7 months ago

可以看一下signature是否为WECHATPAY/SIGNTEST开头,可能是微信在探测流量

https://pay.weixin.qq.com/docs/partner/development/interface-rules/signature-verification.html