4 rokov pred · 5a44172777
--- a/app/Http/Controllers/Api/TestController.php
+++ b/app/Http/Controllers/Api/TestController.php
--- a/app/Http/Controllers/Api/v1/NotifyController.php
+++ b/app/Http/Controllers/Api/v1/NotifyController.php
@@ -36,10 +36,15 @@ class NotifyController extends BaseController
 
				     public function pay($scene){
			
 
				         $postData = request()->all();
			
 
				         $sign = request()->headers->get('Wechatpay-Signature');
			
 
				-        $headers = request()->headers->all();
			
 
				-//        $sign = '';
			
 
				+        $nonce = request()->headers->get('Wechatpay-Nonce');
			
 
				+        $timestamp = request()->headers->get('Wechatpay-Timestamp');
			
 
				+       /* $sign = 'JnLbXF3HLEeAVuyVoyedezPV8+mRZ93+rmlbHOIm1I0+YKboBTUmVNwlV9KKOVPXPBQENxjHqT6fR5Qx326uVZryb\/JM+lTdvl3j+XVD0F5NJWZKGu7Zykf69yYMY3wbe1++em\/iiouZLg8\/5KRp7nvNMLL383gemOMRbsYN3+dZ++62qrmVZxo00fHlK+AjxXmV38KRCLtfLWfIsUXw9Zi8hXqHbf+s\/pBthV+Ouasw0Eit4f4E3aDjp4baFD70s\/RsbcqTn8UqxCurRNgm7kCtLphzStPnEUC1dfvIWZQIuJ+BaAqstj9y7RW5CdF7aZPqhXnPETvB8ZynSTYl3Q==';
			
 
				+        $timestamp = '1626663968';
			
 
				+        $nonce = 'yWa6xnLUDyqfVYhjTnWcafDuNzgoXMNa';*/
			
 
				+        $postStr = file_get_contents("php://input");
			
 
				+        $signStr = "{$timestamp}\n{$nonce}\n{$postStr}\n";
			
 
				         $id = isset($postData['id'])? '_'.$postData['id'] : '';
			
 
				-        RedisService::set('caches:payments:'.$scene.':result'.$id.'_'.date('YmdHis'), ['result'=> $postData,'sign'=> $sign,'headers'=> $headers,'date'=> date('Y-m-d H:i:s')], 7200);
			
 
				+        RedisService::set('caches:payments:'.$scene.':result'.$id.'_'.date('YmdHis'), ['result'=> $postData,'sign'=> $sign,'date'=> date('Y-m-d H:i:s')], 7200);
			
 
				         $postData = isset($postData['resource'])? $postData['resource'] : [];
			
 
				         if(empty($scene) || empty($postData)){
			
 
				             return NotifyService::make()->rebackMsg('回调参数错误');
			
@@ -54,14 +59,15 @@ class NotifyController extends BaseController
 
				 
			
 
				         $postData = WechatService::decryptNotifyData($postData);
			
 
				         $postData = $postData? json_decode($postData, true) : [];
			
 
				-        //var_dump($postData);
			
 
				+        var_dump($postData);
			
 
				         $outTradeNo = isset($postData['out_trade_no']) ? $postData['out_trade_no'] : '';
			
 
				         if(empty($postData) || empty($outTradeNo)){
			
 
				             return NotifyService::make()->rebackMsg('获取解密数据失败');
			
 
				         }
			
 
				         $postData['sign'] = $sign;
			
 
				         RedisService::set('caches:payments:'.$scene.':result_'.$outTradeNo, ['result'=> $postData], 7200);
			
 
				-        if (WechatService::checkJsapiNotifyV3($postData) === true) {
			
 
				+        if (WechatService::checkJsapiNotifyV3($signStr, $sign) === true) {
			
 
				+            RedisService::set('caches:payments:'.$scene.':check', ['data'=> $postData,'signStr'=> $signStr,'sign'=> $sign], 3600);
			
 
				             switch($scene){
			
 
				                 case 'index': // 供灯订单
			
 
				                     return NotifyService::make()->notifyGongdeng($postData, $outTradeNo);
			
--- a/app/Services/WechatService.php
+++ b/app/Services/WechatService.php
@@ -8,6 +8,7 @@ use BaconQrCode\Renderer\Image\ImagickImageBackEnd;
 
				 use BaconQrCode\Renderer\ImageRenderer;
			
 
				 use BaconQrCode\Renderer\RendererStyle\RendererStyle;
			
 
				 use BaconQrCode\Writer;
			
 
				+use phpDocumentor\Reflection\Types\Self_;
			
 
				 use Symfony\Component\Console\Input\Input;
			
 
				 use WeChatPay\Builder;
			
 
				 use WeChatPay\Util\PemUtil;
			
@@ -546,7 +547,6 @@ class WechatService extends BaseService
 
				         RedisService::set('caches:orders:'.$scene.':'.$openid.':unifiedSign', $unified, 600);
			
 
				         $url = !empty(self::$apiUrl['unifiedorder']) ? trim(self::$apiUrl['unifiedorder']) : 'https://api.mch.weixin.qq.com/pay/unifiedorder';
			
 
				         $data = WechatService::arrayToXml($unified);
			
 
				-        var_dump($data);
			
 
				         RedisService::set('caches:orders:'.$scene.':'.$openid.':unifiedXml', ['data'=> $unified,'result'=> $data], 600);
			
 
				         $responseXml = WechatService::curlPost($url, $data);
			
 
				         //禁止引用外部xml实体
			
@@ -835,23 +835,15 @@ class WechatService extends BaseService
 
				      * @param $notifyData
			
 
				      * @return array|bool
			
 
				      */
			
 
				-    public static function checkJsapiNotifyV3($notifyData)
			
 
				+    public static function checkJsapiNotifyV3($signStr, $sign)
			
 
				     {
			
 
				-        if (empty($notifyData)) {
			
 
				-            return ['code' => 'error', 'message' => 'parse xml error'];
			
 
				-        }
			
 
				-        $tradeState = isset($notifyData['trade_state']) ? trim($notifyData['trade_state']) : '';
			
 
				-        $nofitySign = isset($notifyData['sign']) ? trim($notifyData['sign']) : '';
			
 
				-        if ($tradeState != 'SUCCESS') {
			
 
				-            $error = isset($notifyData['return_msg']) ? $notifyData['return_msg'] : '';
			
 
				-            return ['code' => 'error', 'message' => $error];
			
 
				-        }
			
 
				-
			
 
				-        // 验证签名
			
 
				-        unset($notifyData['sign']);
			
 
				-        $sign = WechatService::getPaySignV3($notifyData);
			
 
				-        if ($nofitySign == $sign) {
			
 
				-            echo '<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
			
 
				+        $signature = base64_decode($sign);
			
 
				+        var_dump($signature);
			
 
				+var_dump($signStr);
			
 
				+        $publicKey = openssl_pkey_get_public(file_get_contents(self::$certPaths['cert_path']));
			
 
				+        $ok = openssl_verify($signStr, $signature, $publicKey, OPENSSL_ALGO_SHA256);
			
 
				+        openssl_free_key($publicKey);
			
 
				+        if($ok == 1){
			
 
				             return true;
			
 
				         }