search

alipay / alipay-sdk-nodejs-all

支付宝开放平台 Alipay SDK for Node.js
https://docs.open.alipay.com/54/103419/
Other
410 stars 65 forks source link

使用sdk创建订单的时候报错,验签失败,希望得到帮助 #31

Closed fatetop closed 5 years ago

fatetop commented 5 years ago

`my code

    const alipaySdk = new AlipaySdk({
        appId: appid,
        privateKey: fs.readFileSync(path.join(think.ROOT_PATH, 'key/rsa_private_key.pem'), 'ascii'),
        alipayPublicKey: fs.readFileSync(path.join(think.ROOT_PATH, 'key/rsa_public_key.pem'), 'ascii'),
    });
    const alipayMethod = 'alipay.trade.create';
    const alipayParams = {
        notifyUrl: notify_url,
        appAuthToken: '',
        bizContent: {
            outTradeNo: outTradeId,
            totalAmount: total_fee,
            subject: body,
        },
    };
    const alipayOptions = {
        // validateSign: true,
        log: think.logger,
    };
    try {
        const result = await alipaySdk.exec(alipayMethod, alipayParams, alipayOptions);
        console.log(' ----------------------------------------------------------- ');
        console.log(result);
        console.log(' ----------------------------------------------------------- ');
    } catch (err) {
        console.log(err);
    }

`

fatetop commented 5 years ago

调用的返回结果 result 是 { code: '40002', msg: 'Invalid Arguments', subCode: 'isv.invalid-signature', subMsg: '验签出错,建议检查签名字符串或签名私钥与应用公钥是否匹配,网关生成的验签字符串为:app_id=*****&biz_content={"out_trade_no":"**","total_amount":"0.01","subject":"账号充值0.01元"}&charset=utf-8&method=alipay.trade.create&notify_url=**&sign_type=RSA2&timestamp=2019-05-21 17:28:55&version=1.0' }

tudou527 commented 5 years ago

@fatetop 找到本地 node_modules 下的 /lib/alipay.ts#L316,把 signData 打印出来,和服务端返回的签名字符串做一下比较就知道是哪里出问题了

YuDaChao commented 5 years ago

@tudou527 您好我也遇到这个问题, 这是我的signData: signData: { method: 'alipay.trade.pay', app_id: '2016101000650042', charset: 'utf-8', version: '1.0', sign_type: 'RSA2', timestamp: '2019-08-13 15:04:52', notify_url: 'http://127.0.0.1:7002/notify', app_auth_token: '', biz_content: '{"out_trade_no":"20150320010101001","scene":"bar_code","subject":"Iphone6 16G","auth_code":"248494578278479567","total_amount":"0.01","operator_id":"1"}', sign: 'UkQFe0TfDA8e/X4e8wgUybvhmke/U9xW08b75J4UfGN4HfA+AXSA3qZV+S8Toc0nmcEeXD6o9LN7NWdigpPFYXOS+ri1TuI+nEXqKJGA3WZWWGXE+HAjYa9tqIbOVIcu0T6klthJ83zETAOMBPfxfaGZ6Nxg9+YC1KL3XbcLtni5SBBlxIZywJdWmjOj0sqjJmHthN5gnWlkA7GyKtbxt/yAcC6MlbWkcjVz9MZJOpUsozBCsJ+d6mTaNI6UCgdxoZtsjvB4ZqkW4K0WEiLgajfIkgA2Mv+riyQuOWY4SeoWBjxPB+D7V6POh+xVtfEMdDADhlgk1w3sVnP0jaOOnw==' } 这是服务端返回的签名 Jg09v1ddF6LwdH2WrL4JXy9xipPMeXe4Pf0uVrTkFEZhsz7QtqtF7kfQgY3DGWNF9NOuqr0qyHB0LnEGVSqXdVUDBWdpCc5HgWiW7b5cuqRavggDGaA8sRbqNkZt8VKKgBgFSgvVaMdtjUuOmsPw06395s1Hhd0NOaZi5sW6S3Y5ASkKKX/BMtHk8UoG3htMo6tjJZf/c3R8YMMYGZC9p1L9eJ34dlge/eo91Ipr+8rdEAAoCurCZKz5cdxhNK6Dd9j/QKvqZYioiV7azoHxWwU4V6rwbbUTo288mXtNHUt/Xza1pKqS/ziUcfc2poibBpwa6pdo6Be2oE4GqrkJNQ== 这两个sign确实不一样

tudou527 commented 5 years ago

能否提供个 demo 到 tudou527#gmail.com

04swjxy commented 5 years ago

问题解决了吗? 我也遇到同样的问题.

YuDaChao commented 5 years ago

已经解决了,我传参的时候加了app_auth_token: '',发现加密时会把值为空的字段排除掉,我把它去调就可以了