jczz_manager.git

package org.springblade.common.config;
 
import com.wechat.pay.contrib.apache.httpclient.WechatPayHttpClientBuilder;
import com.wechat.pay.contrib.apache.httpclient.auth.PrivateKeySigner;
import com.wechat.pay.contrib.apache.httpclient.auth.ScheduledUpdateCertificatesVerifier;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Credentials;
import com.wechat.pay.contrib.apache.httpclient.auth.WechatPay2Validator;
import com.wechat.pay.contrib.apache.httpclient.util.PemUtil;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.impl.client.CloseableHttpClient;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
 
import java.io.FileInputStream;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
 
 
@Configuration
@ConfigurationProperties(prefix = "wxpay") //读取wxpay节点
@Data //使用set方法将wxpay节点中的值填充到当前类的属性中
@Slf4j
public class WxPayConfig {
 
    // 商户号
    private String mchId;
 
    // 商户API证书序列号
    private String mchSerialNo;
 
    // 商户私钥文件
    private String privateKeyPath;
 
    private String privateCertPath;
 
    // APIv3密钥
    private String apiV3Key;
 
    // APPID
    private String appid;
 
    // 微信服务器地址
    private String domain;
 
    // 接收结果通知地址
    private String notifyDomain;
 
    // APIv2密钥
    private String partnerKey;
 
    /**
     * 获取商户的私钥文件
     *
     * @param filename
     * @return
     */
    private PrivateKey getPrivateKey(String filename) {
 
        try {
            // FileInputStream fileInputStream = new FileInputStream(filename);
            // log.info("文件内容：" + fileInputStream);
            return PemUtil.loadPrivateKey(getFileInputStream(filename));
        } catch (Exception e) {
            log.info("私钥文件不存在", e);
            throw new RuntimeException("私钥文件不存在", e);
        }
    }
 
 
    /**
     * 获取商户的文件
     *
     * @param filename
     * @return
     */
    public static FileInputStream getFileInputStream(String filename) {
 
        try {
            FileInputStream fileInputStream = new FileInputStream(filename);
            return fileInputStream;
        } catch (Exception e) {
            log.info("读取文件不存在", e);
            throw new RuntimeException("读取文件不存在", e);
        }
    }
 
    /**
     * 获取商户的文件
     *
     * @return
     */
    // @Bean
    // public KeyStore keyStore() {
    //     try {
    //         InputStream certStream = WxPayConfig.class.getClassLoader().getResourceAsStream(privateCertPath);
    //         KeyStore ks = KeyStore.getInstance("PKCS12");
    //         ks.load(certStream, mchId.toCharArray());
    //         return ks;
    //     } catch (Exception e) {
    //         log.info("读取文件不存在", e);
    //         throw new RuntimeException("读取文件不存在", e);
    //     }
    // }
 
 
    /**
     * 获取签名验证器
     *
     * @return
     */
//    @Bean
    public ScheduledUpdateCertificatesVerifier getVerifier() {
 
        log.info("获取签名验证器");
 
        //获取商户私钥
        PrivateKey privateKey = getPrivateKey(privateKeyPath);
 
        //私钥签名对象
        PrivateKeySigner privateKeySigner = new PrivateKeySigner(mchSerialNo, privateKey);
 
        //身份认证对象
        WechatPay2Credentials wechatPay2Credentials = new WechatPay2Credentials(mchId, privateKeySigner);
 
        // 使用定时更新的签名验证器，不需要传入证书
        ScheduledUpdateCertificatesVerifier verifier = new ScheduledUpdateCertificatesVerifier(
            wechatPay2Credentials,
            apiV3Key.getBytes(StandardCharsets.UTF_8));
 
        return verifier;
    }
 
 
    /**
     * 获取http请求对象
     *
     * @param verifier
     * @return
     */
//    @Bean(name = "wxPayClient")
    public CloseableHttpClient getWxPayClient(ScheduledUpdateCertificatesVerifier verifier) {
 
        log.info("获取httpClient");
 
        //获取商户私钥
        PrivateKey privateKey = getPrivateKey(privateKeyPath);
 
        WechatPayHttpClientBuilder builder = WechatPayHttpClientBuilder.create()
            .withMerchant(mchId, mchSerialNo, privateKey)
            .withValidator(new WechatPay2Validator(verifier));
        // ... 接下来，你仍然可以通过builder设置各种参数，来配置你的HttpClient
 
        // 通过WechatPayHttpClientBuilder构造的HttpClient，会自动的处理签名和验签，并进行证书自动更新
        CloseableHttpClient httpClient = builder.build();
 
        return httpClient;
    }
 
    /**
     * 获取HttpClient，无需进行应答签名验证，跳过验签的流程
     */
//    @Bean(name = "wxPayNoSignClient")
    public CloseableHttpClient getWxPayNoSignClient() {
 
        //获取商户私钥
        PrivateKey privateKey = getPrivateKey(privateKeyPath);
 
        //用于构造HttpClient
        WechatPayHttpClientBuilder builder = WechatPayHttpClientBuilder.create()
            //设置商户信息
            .withMerchant(mchId, mchSerialNo, privateKey)
            //无需进行签名验证、通过withValidator((response) -> true)实现
            .withValidator((response) -> true);
 
        // 通过WechatPayHttpClientBuilder构造的HttpClient，会自动的处理签名和验签，并进行证书自动更新
        CloseableHttpClient httpClient = builder.build();
 
        log.info("== getWxPayNoSignClient END ==");
 
        return httpClient;
    }
 
 
}