目录:
前提准备工作:
1、依赖
<dependency>
<groupId>com.alipay.sdkgroupId>
<artifactId>alipay-sdk-javaartifactId>
<version>4.22.113.ALLversion>
dependency>
<dependency>
<groupId>org.bouncycastlegroupId>
<artifactId>bcprov-jdk15onartifactId>
<version>1.62version>
dependency>
2、相关流程配置
https://open.alipay.com/develop/manage
微信小程序可以通过微信授权之后再登录,平台可以拿到微信用户的相关信息。同理支付宝小程序也可以。
流程:
1、获取支付宝小程序授权token
这里相当于调用 alipay.system.oauth.token接口
// 服务端获取access_token、user_id
private AlipaySystemOauthTokenResponse getAccessToken(String authCode) throws Exception {
String code = JSON.parseObject(authCode).getString("authCode");
// 1. 填入appid
String APPID = "2021002147669716";
// 2. 填入应用私钥
String PRIVATE_KEY = "应用私钥";
// 3. 填入支付宝公钥
String ALIPAY_PUBLIC_KEY = "支付宝公钥";
AlipayClient alipayClient = new DefaultAlipayClient("https://openapi.alipay.com/gateway.do",
APPID,
PRIVATE_KEY,
"json",
"GBK",
ALIPAY_PUBLIC_KEY,
"RSA2");
AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
//授权方式:authorization_code,表示换取使用用户授权码code换取授权令牌access_token。
request.setGrantType("authorization_code");
// 4. 填入前端传入的授权码authCode
//授权码,用户对应用授权后得到。本参数在 grant_type 为 authorization_code 时必填
request.setCode(code);
AlipaySystemOauthTokenResponse response = alipayClient.execute(request);
if(response.isSuccess()){
System.out.println("调用成功");
} else {
System.out.println("调用失败");
}
return response;
}
2、获得授权用户的基本信息
我们再调用接口 alipay.user.info.auth
// 获取支付宝用户信息
private AlipayUserInfoShareResponse getAliUserInfo (String accessToken) throws Exception {
// 1. 填入appid
String APPID = "2021002147669716";
// 2. 填入应用私钥
String PRIVATE_KEY = "应用私钥";
// 3. 填入支付宝公钥
String ALIPAY_PUBLIC_KEY = "支付宝公钥";
AlipayClient alipayClient = new DefaultAlipayClient("https://openapi.alipay.com/gateway.do",
APPID ,
PRIVATE_KEY,
"json",
"GBK",
ALIPAY_PUBLIC_KEY,
"RSA2");
AlipayUserInfoShareRequest request = new AlipayUserInfoShareRequest();
AlipayUserInfoShareResponse response = alipayClient.execute(request, accessToken);
if(response.isSuccess()){
System.out.println("获取会员信息 - 调用成功");
return response;
}
return null;
}
遇到的问题:
【支付宝小程序】-【获得支付宝用户详情】-【响应code:20001】-【错误信息:无效的访问令牌】
解决:
解析接口响应加密数据流程:
1、解析接口响应加密数据
/**
* 解密数据
* @return
*/
@ApiOperation(value = "解密数据")
@PostMapping("/findPhone")
public String findPhone(@RequestBody String jsonStr) throws Exception {
//小程序前端提交的加密数据
String response = JSON.parseObject(jsonStr).getString("response");
//1. 获取验签和解密所需要的参数
Map<String, String> openapiResult = JSON.parseObject(response,
new TypeReference<Map<String, String>>() {
}, Feature.OrderedField);
String signType = "RSA2";
String charset = "UTF-8";
String encryptType = "AES";
String sign = openapiResult.get("sign");
String content = openapiResult.get("response");
//如果密文的
boolean isDataEncrypted = !content.startsWith("{");
boolean signCheckPass = false;
//2. 验签
String signContent = content;
//你的小程序对应的支付宝公钥(为扩展考虑建议用appId+signType做密钥存储隔离)
String signVeriKey = "";
//你的小程序对应的加解密密钥(为扩展考虑建议用appId+encryptType做密钥存储隔离)
String decryptKey = "";
//如果是加密的报文则需要在密文的前后添加双引号
if (isDataEncrypted) {
signContent = "\"" + signContent + "\"";
}
try {
signCheckPass = AlipaySignature.rsaCheck(signContent, sign, signVeriKey, charset, signType);
} catch (AlipayApiException e) {
//验签异常, 日志
}
if(!signCheckPass) {
//验签不通过(异常或者报文被篡改),终止流程(不需要做解密)
throw new Exception("验签失败");
}
//3. 解密
String plainData = null;
if (isDataEncrypted) {
try {
plainData = AlipayEncrypt.decryptContent(content, encryptType, decryptKey, charset);
} catch (AlipayApiException e) {
//解密异常, 记录日志
throw new Exception("解密异常");
}
} else {
plainData = content;
}
return plainData;
}