先是统一下单
//统一下单 public function wechartAddOrder($name,$ordernumber,$money,$openid){ $url = https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi; $urlarr = parse_url($url); $appid = config('config.appId');//appID $mchid = config('config.mchid');//商户ID $xlid = config('config.apiXL');//API序列号 $data = array(); $randstr = getRanStr(16,false);//随机字符串长度不超过32 $time = time(); $data['appid'] = $appid; $data['mchid'] = $mchid; $data['description'] = $name;//商品描述 $data['out_trade_no'] = $ordernumber;//订单编号 $data['notify_url'] = https://www.xffly.cn/api/admin/order/wechartCallback;//回调接口 // $data['amount']['total'] = $money;//金额 $data['amount']['total'] = 1; $data['payer']['openid'] = $openid;//用户openID $data = json_encode($data); $key = $this->getSign($data,$urlarr['path'],$randstr,$time);//签名 $token = sprintf('mchid=%s,serial_no=%s,nonce_str=%s,timestamp=%d,signature=%s',$mchid,$xlid,$randstr,$time,$key);//头部信息 $header = array( 'Content-Type:'.'application/json; charset=UTF-8', 'Accept:application/json', 'User-Agent:*/*', 'Authorization: WECHATPAY2-SHA256-RSA2048 '.$token ); $ret = curl_post_https($url,$data,$header); return $ret; }
计算签名, 也是按照文档弄了好多遍
//微信支付签名 public function getSign($data=array(),$url,$randstr,$time){ $str = POST.\n.$url.\n.$time.\n.$randstr.\n.$data.\n; $key = file_get_contents('apiclient_key.pem');//在商户平台下载的秘钥 $str = getSha256WithRSA($str,$key); return $str; }
通过统一下单接口得到prepay_id
在小程序里面用他的wx.requestPayment接口调起支付,没啥含量,不贴代码了,照着文档写
其中调起支付还需要一个签名,同理
//调起支付的签名 public function getWechartSign($post){ $data = array(); $data['timeStamp'] = $post['timeStamp']; $data['nonceStr'] = $post['str']; $data['package'] = $post['package']; $str = config('config.appId').\n.$data['timeStamp'].\n.$data['nonceStr'].\n.$data['package'].\n; $key = file_get_contents('apiclient_key.pem'); $str = getSha256WithRSA($str,$key); return $str; }
重点是支付成功的回调,简直有毒
返回回来的json信息, json_decode解析就成了空, 复制出来再解析是可以解析的,说是他有bom信息吧, 弄了也不好使, 用htmlspecialchars_decode转义一下, 调试工具可以成功, 可是真实微信支付,还是不行,最后没办法, 存的log里面, 自己再取一下,就可以用了
//微信回调写入日志文件并返回 public function writeWechartLog($post){ if(!is_dir(upload/log)){ mkdir(upload/log,0777,true); } $log = fopen(upload/log/wechart.txt, a+); if(is_array($post)){ $post = json_encode($post); } fwrite($log, $post.\n); fclose($log); $read = fopen(upload/log/wechart.txt, r); fseek($read, -1, SEEK_END); $s = ''; while (($c = fgetc($read)) !== false) { if ($c == \n && $s) break; $s = $c . $s; fseek($read, -2, SEEK_CUR); } fclose($read); return $s;//取刚刚存的最后一条回调信息 }
回调信息里面,有个加密的东西,还得解密一下,这个传入的是自己又从log里面取出来的数据
sodium_crypto_aead_aes256gcm_decrypt 这个解密密方法需要php扩展 sodium
//微信回调解密 public function wechartDecrypt($str) { $str = htmlspecialchars_decode($str,ENT_COMPAT); $post = json_decode($str,true); $key = config(config.apiv3Key);//商户平台设置的api v3 密码 $text = base64_decode($post['resource']['ciphertext']); $str = sodium_crypto_aead_aes256gcm_decrypt($text,$post['resource']['associated_data'],$post['resource']['nonce'],$key); return json_decode($str,true); }
然后就是取到回调信息后的业务处理了
又看到这个文章的朋友, 如果知道为什么 微信回调回来的 json信息, 没办法直接使用的, 麻烦告告我,谢谢啦, 研究一天没研究出来, 只能先这样处理了...