search

lokielse / omnipay-alipay

Alipay driver for the Omnipay PHP payment processing library
MIT License
565 stars 155 forks source link

RSA2, Non-certificate mode, The signature is not match,同步异步回调验签失败 #175

Open ltq918 opened 4 years ago

ltq918 commented 4 years ago

根据wiki指引,在同步和异步回调时报错 ‘The signature is not match’,最终解决了。 修改 src/Requests/AopNotifyRequest.php

protected function verifySignature(){
        $signer = new Signer($this->params->all());
        $signer->setSort($this->sort);
        $signer->setEncodePolicy($this->encodePolicy);

        $signer->setIgnores(['sign','sign_type']);      //Add this line

        $content = $signer->getContentToSign();
        $sign = $this->params->get('sign');
        $signType = $this->params->get('sign_type');
        if ($signType == 'RSA2') {
            $match = (new Signer)->verifyWithRSA($content, $sign, $this->getAlipayPublicKey(), OPENSSL_ALGO_SHA256);
        } else {
            $match = (new Signer)->verifyWithRSA($content, $sign, $this->getAlipayPublicKey());
        }
        if (! $match) {
            throw new InvalidRequestException('The signature is not match');
        }
    }
chenxi2015 commented 4 years ago

请这个composer包修复了吗?

ZBrettonYe commented 4 years ago

我也是异步回调的时候出现的问题 ‘The signature is not match’,还重新申请了应用私钥。

使用代码基本安装文档来的应该没有什么问题https://github.com/ZBrettonYe/SSRPanel-OtakuMod/blob/master/app/Http/Controllers/Gateway/AopF2F.php

ZBrettonYe commented 4 years ago

143 应该是这个问题

huiyonghkw commented 4 years ago

我也遇到了同样的问题...

之前的项目用的是tag 3.0,整个支付流程是正常的

最近两天更新突然更新了最新版本:3.1,支付OK,不过支付异步回调一直报错:签名不匹配

跟踪了代码,https://github.com/lokielse/omnipay-alipay/commit/d428c9bab1f9785c71e1cc5d48543723cadddfd1

发现很多贡献者也遇到了类似的问题,还做了PR,不过到现在,3.1是不能用的,包括dev-master也不可以用。

另外 3.1 vs 3.0.6 还是有很多调整:https://github.com/lokielse/omnipay-alipay/compare/v3.0.6...v3.1

于是继续回滚版本到3.0


 "name": "lokielse/omnipay-alipay",
            "version": "v3.0.6",
            "source": {
                "type": "git",
                "url": "https://github.com/lokielse/omnipay-alipay.git",
                "reference": "c1a9cbb242162ac1eb3b069a4eeff6a38235a676"
            },
Jackfinal commented 4 years ago

友情提示:支付宝 的异步通知地址,不能使用 ”?“传参数,一定要具体的地址,不要用参数,重要的事情说三遍:不要用参数,不要用参数,不要用参数。

wwnice-max commented 3 years ago

根据wiki指引,在同步和异步回调时报错 ‘The signature is not match’,最终解决了。 修改 src/Requests/AopNotifyRequest.php

protected function verifySignature(){
        $signer = new Signer($this->params->all());
        $signer->setSort($this->sort);
        $signer->setEncodePolicy($this->encodePolicy);

        $signer->setIgnores(['sign','sign_type']);      //Add this line

        $content = $signer->getContentToSign();
        $sign = $this->params->get('sign');
        $signType = $this->params->get('sign_type');
        if ($signType == 'RSA2') {
            $match = (new Signer)->verifyWithRSA($content, $sign, $this->getAlipayPublicKey(), OPENSSL_ALGO_SHA256);
        } else {
            $match = (new Signer)->verifyWithRSA($content, $sign, $this->getAlipayPublicKey());
        }
        if (! $match) {
            throw new InvalidRequestException('The signature is not match');
        }
    }

3.1.2包已经加进去了,但好像还是不行啊

wwnice-max commented 3 years ago

我也遇到了同样的问题...

之前的项目用的是tag 3.0,整个支付流程是正常的

最近两天更新突然更新了最新版本:3.1,支付OK,不过支付异步回调一直报错:签名不匹配

跟踪了代码,d428c9b

发现很多贡献者也遇到了类似的问题,还做了PR,不过到现在,3.1是不能用的,包括dev-master也不可以用。

另外 3.1 vs 3.0.6 还是有很多调整:v3.0.6...v3.1

于是继续回滚版本到3.0

 "name": "lokielse/omnipay-alipay",
            "version": "v3.0.6",
            "source": {
                "type": "git",
                "url": "https://github.com/lokielse/omnipay-alipay.git",
                "reference": "c1a9cbb242162ac1eb3b069a4eeff6a38235a676"
            },

3.06 也不能用 奇了怪了 看了代码 感觉没什么问题 ,除非是核心加密函数的问题了