首頁 探索 說明
登入
yonge
/
edu-saas
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
瀏覽代碼

Merge remote-tracking branch 'origin/master'

Joburgess 5 年之前
父節點
0556c07fba fad4c59d24
當前提交
ff1a9577e4
共有 2 個文件被更改,包括 22 次插入3 次删除
分割檢視 顯示文件統計
  1. 3 2
      edu-thirdparty/src/main/java/com/keao/edu/thirdparty/adapay/Payment.java
  2. 19 1
      edu-user/edu-user-server/src/main/java/com/keao/edu/user/controller/ExamOrderController.java

+ 3 - 2
edu-thirdparty/src/main/java/com/keao/edu/thirdparty/adapay/Payment.java
查看文件 

@@ -7,6 +7,7 @@ import org.springframework.util.DigestUtils;
 
 
 import java.math.BigDecimal;
 
 import java.util.HashMap;
 
+import java.util.LinkedHashMap;
 
 import java.util.List;
 
 import java.util.Map;
 
 
@@ -177,9 +178,9 @@ public class Payment extends ConfigInit {
 
 
 
     public static Map<String, Object> getPayMap(BigDecimal amount, String orderNo, String notifyUrl, String returnUrl, String orderSubject, String orderBody) throws Exception {
 
-        Map<String, Object> paymentParams = new HashMap<>(10);
 
+        Map<String, Object> paymentParams = new LinkedHashMap<>();
 
         paymentParams.put("appId", appId);
 
-        paymentParams.put("amount", amount);
 
+        paymentParams.put("amount", amount.setScale(2,BigDecimal.ROUND_HALF_UP));
 
         paymentParams.put("orderNo", orderNo);
 
         paymentParams.put("notifyUrl", notifyUrl);
 
         paymentParams.put("returnUrl", returnUrl);

+ 19 - 1
edu-user/edu-user-server/src/main/java/com/keao/edu/user/controller/ExamOrderController.java
查看文件 

@@ -1,6 +1,7 @@
 
 package com.keao.edu.user.controller;
 
 
 import com.alibaba.fastjson.JSON;
 
+import com.alibaba.fastjson.JSONObject;
 
 import com.keao.edu.auth.api.client.SysUserFeignService;
 
 import com.keao.edu.auth.api.entity.SysUser;
 
 import com.keao.edu.common.controller.BaseController;
 
@@ -25,6 +26,7 @@ import io.swagger.annotations.ApiImplicitParams;
 
 import io.swagger.annotations.ApiOperation;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.util.DigestUtils;
 
 import org.springframework.web.bind.annotation.*;
 
 
 import java.math.BigDecimal;
 
@@ -79,7 +81,23 @@ public class ExamOrderController extends BaseController {
 
             @ApiImplicitParam(name = "sign", value = "sign", required = true, dataType = "String"),
 
             @ApiImplicitParam(name = "code", value = "code", required = true, dataType = "String")
 
     })
 
-    public Object executePayment(BigDecimal amount, String orderNo, String payChannel, String returnUrl, String orderSubject, String orderBody, String sign, String code, String platform) throws Exception {
 
+    public Object executePayment(BigDecimal amount, String orderNo, String payChannel, String returnUrl,String notifyUrl, String orderSubject, String orderBody, String sign, String code, String platform) throws Exception {
 
+        Map<String, Object> signParams = new LinkedHashMap<>();
 
+        signParams.put("appId", ConfigInit.appId);
 
+        signParams.put("amount", amount);
 
+        signParams.put("orderNo", orderNo);
 
+        signParams.put("notifyUrl", notifyUrl);
 
+        signParams.put("returnUrl", returnUrl);
 
+        signParams.put("orderSubject", orderSubject);
 
+        signParams.put("orderBody", orderBody);
 
+        signParams.put("wxAppId", ConfigInit.wxAppId);
 
+
 
+        String originalStr = JSONObject.toJSONString(signParams);
 
+        String newSign = DigestUtils.md5DigestAsHex(originalStr.getBytes());
 
+        if(sign != newSign){
 
+            return failed("请勿非法请求");
 
+        }
 
+
 
         String openId = "";
 
         if (payChannel.equals("wx_pub")) {
 
             if (code == null || code.isEmpty()) {