search

binarywang / WxJava

微信开发 Java SDK ,支持包括微信支付,开放平台,小程序,企业微信,视频号,公众号等的后端开发
Apache License 2.0
30.06k stars 8.7k forks source link

微信支付相关:新商户不再支持平台证书模式 只支持公钥模式 导致调用https://api.mch.weixin.qq.com/v3/certificates接口返回证书不存在 #3402

Open lin-youming opened 3 weeks ago

lin-youming commented 3 weeks ago

简要描述

微信支付官方的变更导致目前 新商户想入驻平台 调起支付时报错

模块版本情况

详细描述

该方法请求https://api.mch.weixin.qq.com/v3/certificates接口获取平台证书 返回证书不存在 目前因微信官方变更导致新入驻的商户不在支持平台证书模式 转而支持公钥模式
private void autoUpdateCert() throws IOException, GeneralSecurityException { WxPayV3HttpClientBuilder wxPayV3HttpClientBuilder = WxPayV3HttpClientBuilder.create() .withCredentials(credentials) .withValidator(verifier == null ? response -> true : new WxPayValidator(verifier));

//调用自定义扩展设置设置HTTP PROXY对象
HttpProxyUtils.initHttpProxy(wxPayV3HttpClientBuilder,this.wxPayHttpProxy);

//增加自定义扩展点,子类可以设置其他构造参数
this.customHttpClientBuilder(wxPayV3HttpClientBuilder);

CloseableHttpClient httpClient = wxPayV3HttpClientBuilder.build();

HttpGet httpGet = new HttpGet(CERT_DOWNLOAD_PATH);
httpGet.addHeader("Accept", "application/json");

CloseableHttpResponse response = httpClient.execute(httpGet);
int statusCode = response.getStatusLine().getStatusCode();
String body = EntityUtils.toString(response.getEntity());
if (statusCode == HttpStatus.SC_OK) {
  List<X509Certificate> newCertList = deserializeToCerts(apiV3Key, body);
  if (newCertList.isEmpty()) {
    throw new WxRuntimeException("Cert list is empty");
  }
  this.verifier = new CertificatesVerifier(newCertList);
} else {
  log.warn("Auto update cert failed, statusCode = " + statusCode + ",body = " + body);
  throw new WxRuntimeException(this.getErrorMsg(body));
}

}

sp20241030_173902_671 sp20241030_175710_193
lin-youming commented 3 weeks ago

补一下 异常信息

Caused by: com.github.binarywang.wxpay.exception.WxPayException: v3请求构造异常! at com.github.binarywang.wxpay.config.WxPayConfig.initApiV3HttpClient(WxPayConfig.java:303) at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.createApiV3HttpClient(WxPayServiceApacheHttpImpl.java:309) at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.requestV3(WxPayServiceApacheHttpImpl.java:215) at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.getV3(WxPayServiceApacheHttpImpl.java:246) at com.github.binarywang.wxpay.service.impl.BaseWxPayServiceImpl.queryOrderV3(BaseWxPayServiceImpl.java:505) at com.mywl.framework.pay.core.client.impl.weixin.AbstractWxPayClient.doGetOrderV3(AbstractWxPayClient.java:228) at com.mywl.framework.pay.core.client.impl.weixin.AbstractWxPayClient.doGetOrder(AbstractWxPayClient.java:195) at com.mywl.framework.pay.core.client.impl.AbstractPayClient.getOrder(AbstractPayClient.java:122) ... 160 common frames omitted Caused by: me.chanjar.weixin.common.error.WxRuntimeException: 证书不存在 at com.github.binarywang.wxpay.v3.auth.AutoUpdateCertificatesVerifier.autoUpdateCert(AutoUpdateCertificatesVerifier.java:170) at com.github.binarywang.wxpay.v3.auth.AutoUpdateCertificatesVerifier.(AutoUpdateCertificatesVerifier.java:111) at com.github.binarywang.wxpay.config.WxPayConfig.initApiV3HttpClient(WxPayConfig.java:281) ... 167 common frames omitted

cherl commented 3 weeks ago

+1

tekfig commented 3 weeks ago

same issue

fFanloat commented 3 weeks ago

+1

2fx0one commented 3 weeks ago

+1

gaollard commented 3 weeks ago

+1

Derick-L-HQ commented 3 weeks ago

+1

YYQHoro commented 3 weeks ago

本项目是否已经支持了微信支付公钥?我看源码好像没有写这方面的东西,只有加载平台证书。 实在不行我们改用微信官方SDK临时规避一下wechatpay-java

small-redguy commented 3 weeks ago

测试了下,通过修改重写WxPayConfig类可暂时解决:https://blog.csdn.net/qq_37391200/article/details/143508109

Derick-L-HQ commented 3 weeks ago

测试了下,通过修改重写WxPayConfig类可暂时解决:https://blog.csdn.net/qq_37391200/article/details/143508109

![Uploading screenshot_2024-11-05_17-28-21.png…]()

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

binarywang commented 3 weeks ago

欢迎楼上的朋友帮忙提供最新修复代码

HaalandCR commented 2 weeks ago

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

Derick-L-HQ commented 2 weeks ago

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

zhanyan-Ader1y commented 18 hours ago

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

请问有对应的fork了吗, 如果还没开始改的话我可以帮忙修复这个问题

binarywang commented 15 hours ago

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

请问有对应的fork了吗, 如果还没开始改的话我可以帮忙修复这个问题

你开搞吧,大家都等着呢