V2升级V3 顺便记录一下 ,文档: http://pay.weixin.qq.com/wiki/doc/api/index.html
!!!
- 支付授权目录与测试人的微信帐号白名单(出现access_denied或access_not_allow错误,请检查是否设置正确)
- 微信签名(用于jssdk调用支付,查询订单,异步参数签名等)
- 数字证书,用于微信退款
![微信支付[v3]](http://images0.cnblogs.com/blog/365537/201506/091645376918399.png "微信支付[v3]")
参数签名
对所有传入参数按照字段名的ASCII 码从小到大排序(字典序)后,使用URL 键值对的格式(即key1=value1&key2=value2…)拼接成字符串string1,注意:值为空的参数不参与签名 在string1 最后拼接上key=Key( 商户支付密钥) 得到stringSignTemp 字符串, 并对stringSignTemp 进行md5 运算,再将得到的字符串所有字符转换为大写,得到sign 值signValue /// <summary>
/// 创建微信Sign
/// </summary>
/// <param name="key">微信商户支付密钥</param>
/// <param name="dict">参数字典</param>
/// <returns></returns>
public string GenerateWxSign(string key, SortedDictionary<string, string> dict)
{
try
{
string str = string.Empty;
foreach (var item in dict)
{
if (item.Key != "sign" && item.Value.ToString() != "")
{
str += item.Key + "=" + item.Value + "&";
}
}
str = str.Trim(‘&‘);
//在string后加入API KEY
str += "&key=" + key;
//MD5加密
var md5 = System.Security.Cryptography.MD5.Create();
var bs = md5.ComputeHash(Encoding.UTF8.GetBytes(str));
var sb = new StringBuilder();
foreach (byte b in bs)
{
sb.Append(b.ToString("x2"));
}
//所有字符转为大写
return sb.ToString().ToUpper();
}
catch (Exception)
{
return string.Empty;
}
}
异步通知
基本按照文档来,返回的参数要使用流的方式来读取XML,另外验证参数的合法性可以验证签名或调用一次微信订单查询接口
/// <summary>
/// 微信支付异步回调控制器【V3版本】
/// </summary>
public class WeixinController : Controller
{
private static readonly Logger logger = LogManager.GetCurrentClassLogger();
/// <summary>
/// 订单服务
/// </summary>
private readonly IOrderService _orderService;
/// <summary>
/// 微信服务
/// </summary>
private readonly IWeixinService _weixinService;
/// <summary>
/// 构造函数
/// </summary>
/// <param name="orderService">订单服务</param>
/// <param name="weixinService">微信服务</param>
public WeixinController(IOrderService orderService, IWeixinService weixinService)
{
_orderService = orderService;
_weixinService = weixinService;
}
/// <summary>
/// 微信Wap支付异步通知
/// </summary>
/// <returns></returns>
public async Task<ActionResult> Notify()
{
int intLen = Convert.ToInt32(Request.InputStream.Length);
if (intLen <= 0)
{
return Content(AjaxResult.Error("WeixinController NO Wap Notify PARAMS!").ToStringSafe());
}
try
{
var dict = new SortedDictionary<string, string>();
//dict = @"appid=wxqe353dd942e01&attach=F&bank_type=CFT&cash_fee=1&fee_type=CNY&is_subscribe=Y&mch_id=10036766&nonce_str=e9605038cccbffe5ed2b2eb095345d18&openid=oIO3gjsiGqv7eeuAKhbB_V83V528&out_trade_no=68047857&result_code=SUCCESS&return_code=SUCCESS&sign=85A469F874619EAB924FA5B7EB779444&time_end=20150526183632&total_fee=1&trade_type=JSAPI&transaction_id=1001640542201505260168707842".ConvertStringToSortedDictionary();
var xmlDoc = new XmlDocument();
xmlDoc.Load(Request.InputStream);
var root = xmlDoc.SelectSingleNode("xml");
XmlNodeList xnl = root.ChildNodes;
foreach (XmlNode xnf in xnl)
{
dict.Add(xnf.Name, xnf.InnerText);
}
if (dict.Count <= 0)
{
return Content(AjaxResult.Error("NO Notify PARAMS!").ToStringSafe());
}
logger.Info("【 WeixinController Wap Notify SDKUtil.ConvertDictionaryToString : 请求报文=[" + dict.ConvertDictionaryToString() + "]\n");
//验证参数签名
string signK = _weixinService.GenerateWxSign(WxPayConfig.KEY, dict);
if (signK != dict["sign"])
{
logger.Info("WeixinController Wap Notify Verify WxSign Error : 请求报文=[signK " + signK + " : dict[‘sign‘] " + dict["sign"] + "]\n");
return Content(AjaxResult.Error("WeixinController Wap Notify Verify WxSign Error " + "]\n").ToStringSafe());
}
//验证通信标识
string return_code = dict["return_code"];
if (!return_code.Equals("SUCCESS", StringComparison.OrdinalIgnoreCase))
{
string return_msg = dict["return_msg"];
logger.Info("WeixinController Wap Notify return_code Error : 请求报文=[" + return_code + " : " + return_msg + "]\n");
return Content(AjaxResult.Error("WeixinController Wap Notify return_code Error " + return_code + "]\n").ToStringSafe());
}
//验证交易标识
string result_code = dict["result_code"];
if (!result_code.Equals("SUCCESS", StringComparison.OrdinalIgnoreCase))
{
string err_code = dict["err_code"];
string err_code_des = dict["err_code_des"];
logger.Info("WeixinController Wap Notify return_code Error : 请求报文=[" + err_code + " : " + err_code_des + "]\n");
return Content(AjaxResult.Error("WeixinController Wap Notify return_code Error " + result_code + "]\n").ToStringSafe());
}
//公众账号ID
string appid = dict["appid"];
//商户号
string mch_id = dict["mch_id"];
//随机字符串
string nonce_str = dict["nonce_str"];
//签名
string sign = dict["sign"];
//用户在商户appid 下的唯一标识
string openid = dict["openid"];
//用户是否关注公众账
string is_subscribe = dict["is_subscribe"];
//交易类型
string trade_type = dict["trade_type"];
//付款银行
string bank_type = dict["bank_type"];
//订单总金额,单位为分
string total_fee = dict["total_fee"];
//金额分转元
string total_fee_rmb = (float.Parse(total_fee) / 100).ToString();
//商户订单号
string out_trade_no = dict["out_trade_no"];
//微信支付订单号
string transaction_id = dict["transaction_id"];
//商家数据包
string attach = dict["attach"];
//支付完成时间
string time_end = dict["time_end"];
//支付方式
string paymethod = attach;
//微信订单查询【使用签名验证废弃】
//var wxorder = await _weixinService.Query(WxPayConfig.KEY, WxPayConfig.APPID, WxPayConfig.MCHID, transaction_id, out_trade_no);
//检查订单是否已经支付
var order = await _orderService.Query(out_trade_no);
if (order.IsNull() || order.Total_fee.IsNotNullOrEmpty()){
return Content(AjaxResult.Error("ORDERNO STATUS ERROR !!!").ToStringSafe());
}
//更新支付金额与订单状态
var orderFlag = await _orderService.Update(crsResv);
if (orderFlag.IsError)
{
logger.Fatal("WeixinController Wap Notify Update Order Error crsResv : " + crsResv.SerializeJson(System.Text.Encoding.UTF8));
return Json(new { IsError = true, Msg = "更新订单数据错误", Data = string.Empty }, JsonRequestBehavior.AllowGet);
}
//微信支付发货通知
var wxNotify = await _weixinService.WeixinNotify(openid, transaction_id, out_trade_no);
//记录DB
var save = await _weixinService.Save(wxAsync);
//构造返回成功XML
var wxdict = new SortedDictionary<string, string>();
wxdict.Add("return_code", "SUCCESS");
wxdict.Add("return_msg", "PAY_SUCCESS");
string wxRXml = wxdict.ConvertWxDictToString();
logger.Info("WeixinController Wap Notify Success wxRXml : " + wxRXml + " 】");
return Content(wxRXml);
}
catch (Exception ex)
{
logger.Fatal("WeixinController Wap Notify Exception : " + ex.Message + " 】", ex);
return Content(AjaxResult.Error("WeixinController Wap Notify Exception").ToStringSafe());
}
}
/// <summary>
/// 字典转微信返回XML
/// </summary>
/// <typeparam name="TKey"></typeparam>
/// <typeparam name="TValue"></typeparam>
/// <param name="wxdict"></param>
/// <returns></returns>
public static string ConvertWxDictToString<TKey, TValue>(this IDictionary<TKey, TValue> wxdict)
{
try
{
string xml = "<xml>";
wxdict.ForEach(wd =>
{
if (wd.Value.GetType() == typeof(int))
{
xml += "<" + wd.Key + ">" + wd.Value + "</" + wd.Key + ">";
}
else if (wd.Value.GetType() == typeof(string))
{
xml += "<" + wd.Key + ">" + "<![CDATA[" + wd.Value + "]]></" + wd.Key + ">";
}
});
xml += "</xml>";
return xml;
}
catch (Exception)
{
return string.Empty;
}
}
订单查询
/// <summary>
/// 微信订单查询
/// </summary>
/// <param name="appid">公众账号ID</param>
/// <param name="mch_id">商户号</param>
/// <param name="transaction_id">微信的订单号</param>
/// <param name="out_trade_no">商户订单号</param>
/// <param name="nonce_str">随机字符串</param>
/// <param name="sign">签名</param>
/// <returns></returns>
public async Task<WebAPIResponse> Query(string appid, string mch_id, string transaction_id, string out_trade_no, string nonce_str, string sign)
{
if (appid.IsEmpty() || mch_id.IsEmpty() || transaction_id.IsEmpty())
{
return new WebAPIResponse { IsError = true, Msg = "参数有误!!!" };
}
try
{
var dict = new Dictionary<string, string>();
dict.Add("appid", appid);
dict.Add("mch_id", mch_id);
dict.Add("transaction_id", transaction_id);
dict.Add("out_trade_no", out_trade_no);
dict.Add("nonce_str", nonce_str);
dict.Add("sign", sign);
string xml = "<xml>";
foreach (var pair in dict)
{
if (pair.Value.GetType() == typeof(int))
{
xml += "<" + pair.Key + ">" + pair.Value + "</" + pair.Key + ">";
}
else if (pair.Value.GetType() == typeof(string))
{
xml += "<" + pair.Key + ">" + "<![CDATA[" + pair.Value + "]]></" + pair.Key + ">";
}
}
xml += "</xml>";
logger.Info("WeixinRepository WeixinNotify Req xml: " + xml);
var data = await @"https://api.mch.weixin.qq.com/pay/orderquery".PostStringAsync(xml).ReceiveString();
logger.Info("WeixinRepository WeixinNotify Resp xml: " + data);
if (data.IsNotNullOrEmpty() && data.Contains("SUCCESS", StringComparison.OrdinalIgnoreCase))
{
return new WebAPIResponse { IsError = false, Data = "查询订单成功!!!" };
}
return new WebAPIResponse { IsError = true, Msg = "微信订单查询失败!!!" };
}
catch (Exception ex)
{
logger.Error("WeixinRepository WeixinNotify ConvertDictionaryToJson Exception :" + ex.Message, ex);
return new WebAPIResponse { IsError = true, Msg = ex.Message };
}
}
微信退款
!!!需注意签名与证书
/// <summary>
/// 微信申请退款V3
/// </summary>
/// <param name="orderNo">订单号</param>
/// <returns></returns>
public bool RefundWxV3(string orderNo)
{
try
{
//查询支付信息
var orderAsync =await _orderService.Query(orderNo);
var dict = new SortedDictionary<string, string>();
dict.Add("appid", WxPayConfig.APPID);
dict.Add("mch_id", WxPayConfig.MCHID);
dict.Add("nonce_str", ConstantKey.NonceStr);
dict.Add("transaction_id", orderAsync.transaction_id);
dict.Add("out_trade_no", orderAsync.out_trade_no);
dict.Add("out_refund_no", WxPayConfig.GenerateOutTradeNo);
dict.Add("total_fee", orderAsync.total_fee);
dict.Add("refund_fee", orderAsync.total_fee);
dict.Add("op_user_id", WxPayConfig.MCHID);
string sign = GenerateWxSign(WxPayConfig.KEY, dict);
dict.Add("sign", sign);
string xml = "<xml>";
foreach (var pair in dict)
{
if (pair.Value.GetType() == typeof(int))
{
xml += "<" + pair.Key + ">" + pair.Value + "</" + pair.Key + ">";
}
else if (pair.Value.GetType() == typeof(string))
{
xml += "<" + pair.Key + ">" + "<![CDATA[" + pair.Value + "]]></" + pair.Key + ">";
}
}
xml += "</xml>";
logger.Info("RefundWxV3 Req xml: " + xml);
var data = HttpWxCert(@"https://api.mch.weixin.qq.com/secapi/pay/refund", "POST", xml, "text/xml", isUseCert: true);
logger.Info("RefundWxV3 Resp xml: " + data);
if (data.IsNotEmpty() && data.Contains("SUCCESS", StringComparison.OrdinalIgnoreCase))
{
return true;
}
return false;
}
catch (Exception ex)
{
logger.Error("CancelResvForWeb RefundWxV3 Exception :" + ex.Message, ex);
return false;
}
}
/// <summary>
/// 创建HTTP请求
/// </summary>
/// <param name="url">请求URL</param>
/// <param name="method">请求方式</param>
/// <param name="data">请求参数</param>
/// <param name="contentType">设置HTTP contentType类型</param>
/// <param name="isUseCert">是否使用证书</param>
/// <param name="timeout">请求超时时间</param>
/// <returns></returns>
public static string HttpWxCert(string url, string method = "GET", string data = null, string contentType = "application/x-www-form-urlencoded", bool isUseCert = false, int timeout = 15000)
{
if (url.IsEmpty())
throw new ArgumentNullException("url");
HttpWebRequest req = null;
HttpWebResponse resp = null;
StreamReader sr = null;
Stream stream = null;
try
{
if (url.StartsWith("https", StringComparison.OrdinalIgnoreCase))
{
System.Net.ServicePointManager.ServerCertificateValidationCallback += (se, cert, chain, sslError) =>
{
return true;
};
}
//设置最大连接数
System.Net.ServicePointManager.DefaultConnectionLimit = 200;
req = (HttpWebRequest)WebRequest.Create(url);
req.Method = method.ToUpper();
req.Timeout = timeout;
req.ContentType = contentType;
//是否使用证书
if (isUseCert)
{
string pfxPath = WxPayConfig.SSLCERT_PATH;
logger.Info("wxV3.signCert.path pfxPath : " + pfxPath + " File Exists: " + File.Exists(pfxPath));
//string path = HttpContext.Current.Request.PhysicalApplicationPath;
//调用证书
var cert = new X509Certificate2(pfxPath, WxPayConfig.SSLCERT_PASSWORD, X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.MachineKeySet);
req.ClientCertificates.Add(cert);
}
if (method.ToUpper() == "POST" && !data.IsEmpty())
{
byte[] postBytes = UTF8Encoding.UTF8.GetBytes(data);
req.ContentLength = postBytes.Length;
using (stream = req.GetRequestStream())
{
stream.Write(postBytes, 0, postBytes.Length);
}
}
resp = (HttpWebResponse)req.GetResponse();
using (sr = new StreamReader(resp.GetResponseStream(), Encoding.UTF8))
{
return sr.ReadToEnd().Trim();
}
}
catch (Exception ex)
{
logger.Error(string.Format("HttpWxCert Exception url: {0} \r\n data: {1}", url, data), ex);
return string.Empty;
}
finally
{
if (sr != null)
{
sr.Close();
sr = null;
}
if (stream != null)
{
stream.Close();
stream = null;
}
if (resp != null)
{
resp.Close();
resp = null;
}
if (req != null)
{
req.Abort();
req = null;
}
}
}