做小程序的支付时,在翻阅了大量的别人分享的代码后,感觉写的简直就是一堆垃圾,不敢苟同,要是代码都那么写,维护性简直了,于是才有了这篇文章。
首先流程是很清楚的,就是先统一下单拼一个xml,然后把有值的参数排序后做计算一个签名,把签名也写到xml中,提交给微信,返回发起支付需要的参数,紧接着进行二次签名,将结果返回给小程序,小程序去调微信api发起支付
1,将需要拼接程xml的参数都写到一个类里边
[Serializable] [XmlRoot(ElementName = "xml", Namespace = "",IsNullable =true,DataType ="")] public class WxUnifiedOrder { [XmlElement(ElementName = "appid")] public string AppId { get; set; } [XmlElement(ElementName = "mch_id")] public string Mch_Id { get; set; } [XmlElement(ElementName = "device_info")] public string Device_Info { get; set; } [XmlElement(ElementName = "nonce_str")] public string Nonce_Str { get; set; } [XmlElement(ElementName = "sign")] public string Sign { get; set; } /// <summary> /// 商品描述 /// </summary> [XmlElement(ElementName = "body")] public string Body { get; set; } /// <summary> /// 商户订单号 /// </summary> [XmlElement(ElementName = "out_trade_no")] public string Out_Trade_No { get; set; } /// <summary> /// 订单金额 /// </summary> [XmlElement(ElementName = "total_fee")] public int Total_Fee { get; set; } /// <summary> /// 终端IP /// </summary> [XmlElement(ElementName = "spbill_create_ip")] public string Spbill_Create_Ip { get; set; } /// <summary> /// 通知地址 /// </summary> [XmlElement(ElementName = "notify_url")] public string Notify_Url { get; set; } /// <summary> /// 交易类型 /// </summary> [XmlElement(ElementName = "trade_type")] public string Trade_Type { get; set; } [XmlElement(ElementName = "openid")] public string OpenId { get; set; }
加上特性,标明最终生成xml的文档结构。
2,写个xml简单的操作类,就是个序列化和反序列化的过程
public static class XMLOption { public static string ToXml<T>(this T obj, Encoding encoding) { string result = string.Empty; try { using (MemoryStream memoryStream = new MemoryStream()) { XmlSerializer xmlSerializer = new XmlSerializer(obj.GetType()); //序列化对象 XmlSerializerNamespaces namespaes = new XmlSerializerNamespaces(); namespaes.Add("", ""); XmlTextWriter xmlTextWriter = new XmlTextWriter(memoryStream, encoding); xmlTextWriter.Formatting = System.Xml.Formatting.None; xmlSerializer.Serialize(xmlTextWriter, obj, namespaes); xmlTextWriter.Flush(); xmlTextWriter.Close(); result = encoding.GetString(memoryStream.ToArray()); } } catch (Exception ex) { } return result; } public static T ToXmlObject<T>(this string str, Encoding encoding) { try { using (MemoryStream memoryStream = new MemoryStream()) { var buffer = encoding.GetBytes(str); memoryStream.Write(buffer, 0, buffer.Length); memoryStream.Position = 0; XmlSerializer xmlSerializer = new XmlSerializer(typeof(T)); var result = xmlSerializer.Deserialize(memoryStream); return (T)result; } } catch (Exception ex) { return default; } } }
3.一个模拟post请求的公用方法
/// <summary> /// 模拟POST提交 /// </summary> /// <param name="url">请求地址</param> /// <param name="xmlParam">xml参数</param> /// <returns>返回结果</returns> public string PostHttpResponse(string url, string xmlParam) { HttpWebRequest myHttpWebRequest = (HttpWebRequest)HttpWebRequest.Create(url); myHttpWebRequest.Method = "POST"; myHttpWebRequest.ContentType = "application/x-www-form-urlencoded;charset=utf-8"; // Encode the data byte[] encodedBytes = Encoding.UTF8.GetBytes(xmlParam); myHttpWebRequest.ContentLength = encodedBytes.Length; // Write encoded data into request stream Stream requestStream = myHttpWebRequest.GetRequestStream(); requestStream.Write(encodedBytes, 0, encodedBytes.Length); requestStream.Close(); HttpWebResponse result; try { result = (HttpWebResponse)myHttpWebRequest.GetResponse(); } catch { return string.Empty; } if (result.StatusCode == HttpStatusCode.OK) { using (Stream mystream = result.GetResponseStream()) { using (StreamReader reader = new StreamReader(mystream)) { return reader.ReadToEnd(); } } } return null; }
4.再来一个扩展方法,计算string字符串的md5值
/// <summary> /// 对字符串进行MD5加密 /// </summary> /// <param name="strIN">需要加密的字符串</param> /// <returns>密文</returns> public static string MD5(this string source) { if (source == null) { return null; } using (MD5 md5 = System.Security.Cryptography.MD5.Create()) { byte[] result = md5.ComputeHash(Encoding.UTF8.GetBytes(source)); string strResult = BitConverter.ToString(result); return strResult.Replace("-", ""); } }
5.填充需要提交的信息,并计算签名
var wxUnifiedOrder = new WxUnifiedOrder() { AppId = wxsetting.Appid, Body = product.Name, Device_Info = "WEB", Mch_Id = wxsetting.Mch_id, Nonce_Str = Guid.NewGuid().ToString().Replace("-", "").ToUpper(), Notify_Url = _configuration["WechatPaied:Notify_Url"], Out_Trade_No = orderinfo.OrderCode, Sign = null, Spbill_Create_Ip = _configuration["WechatPaied:Spbill_Create_Ip"], Total_Fee = 1,// Convert.ToInt32(orderinfo.TotalPrice * 100) Trade_Type = "JSAPI", OpenId = uinfo.OpenId }; var type = wxUnifiedOrder.GetType(); SortedDictionary<string, string> param = new SortedDictionary<string, string>(); foreach (var item in type.GetProperties()) { if (item.GetValue(wxUnifiedOrder) != null && item.Name != "Sign") { param.Add(item.Name.ToLower(), item.GetValue(wxUnifiedOrder).ToString()); } } List<string> lstparams = new List<string>(); foreach (var item in param) { lstparams.Add(string.Concat(item.Key, "=", item.Value)); } lstparams.Add(string.Concat("key", "=", _configuration["WechatPaied:Api_Key"])); string param_Sign = string.Join("&", lstparams); wxUnifiedOrder.Sign =param_Sign.MD5().ToUpper();//计算签名
这里的 SortedDictionary提供的就是一个排序后的参数列表,紧接着把他们按照排列好的顺序,拼起来,最后把key加上,调用.MD5这个扩展方法计算签名,把model填充起来
6.模拟请求一下微信提供的接口,执行统一下单,拿到返回值
string xmldoc = wxUnifiedOrder.ToXml(Encoding.UTF8); var result = PostHttpResponse("https://api.mch.weixin.qq.com/pay/unifiedorder", xmldoc); var resultData = result.ToXmlObject<WxUnifiedOrderResponse>(Encoding.UTF8);
PostHttpResponse 方法上文已提供 .ToXml .ToXmlObject上文也有提供,就是操作xml序列化的那两
6.1:WxUnifiedOrderResponse model内容:
[System.SerializableAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType = true)] [System.Xml.Serialization.XmlRootAttribute(ElementName = "xml", Namespace = "", IsNullable = false)] public class WxUnifiedOrderResponse { /// <summary> /// 返回状态码 /// </summary> [XmlElement(ElementName = "return_code")] public string Return_Code { get; set; } /// <summary> /// 返回信息 /// </summary> [XmlElement(ElementName = "return_msg")] public string Return_Msg { get; set; } /// <summary> /// 小程序id /// </summary> [XmlElement(ElementName = "appid")] public string Appid { get; set; } /// <summary> /// 商户号 /// </summary> [XmlElement(ElementName = "mch_id")] public string Mch_Id{get;set;} /// <summary> /// 随机字符串 /// </summary> [XmlElement(ElementName = "nonce_str")] public string Nonce_Str { get; set; } /// <summary> /// /// </summary> [XmlElement(ElementName = "openid")] public string Openid { get; set; } /// <summary> /// 微信返回的签名 /// </summary> [XmlElement(ElementName = "sign")] public string Sign { get; set; } /// <summary> /// 业务结果 /// </summary> [XmlElement(ElementName = "result_code")] public string Result_Code { get; set; } /// <summary> /// 预支付交易回话标识 /// </summary> [XmlElement(ElementName = "prepay_id")] public string Prepay_Id { get; set; } /// <summary> /// 交易类型 /// </summary> [XmlElement(ElementName = "trade_type")] public string Trade_Type { get; set; } }
7,再次签名
TimeSpan ts = DateTime.Now - new DateTime(1970, 1, 1, 0, 0, 0, 0); var wxPaidParams = new WxPaidParams() { appId = unifiedOrder.Data.Appid, nonceStr = unifiedOrder.Data.Nonce_Str, package = string.Concat("prepay_id=", unifiedOrder.Data.Prepay_Id), signType = "MD5", timeStamp = Convert.ToInt64(ts.TotalSeconds).ToString() }; var type = wxPaidParams.GetType(); SortedDictionary<string, string> param = new SortedDictionary<string, string>(); foreach (var item in type.GetProperties()) { if (item.GetValue(wxPaidParams) != null && item.Name != "paySign") { param.Add(item.Name, item.GetValue(wxPaidParams).ToString()); } } List<string> lstparams = new List<string>(); foreach (var item in param) { lstparams.Add(string.Concat(item.Key, "=", item.Value)); } lstparams.Add(string.Concat("key", "=", _configuration["WechatPaied:Api_Key"])); string param_paySign = string.Join("&", lstparams); wxPaidParams.paySign = param_paySign.MD5().ToUpper();
7.1 WxPaidParams
public class WxPaidParams { /// <summary> /// appid /// </summary> public string appId { get; set; } /// <summary> /// 时间戳 /// </summary> public string timeStamp { get; set; } /// <summary> /// 随机串 /// </summary> public string nonceStr { get; set; } /// <summary> /// 数据包 /// </summary> public string package { get; set; } /// <summary> /// 签名方式 /// </summary> public string signType { get; set; } /// <summary> /// 签名 /// </summary> public string paySign { get; set; } }
一毛一样,的道理,主逻辑写下来不到100行代码,将来统一下单地方的参数有变化,仅仅需要增加字段,赋值就可以,其他都不动,
再把下边那坨加密的东西再稍微封装一下,用到生产环境妥妥的。