杉德支付 · zsq_php小知识

对接杉德支付主要还是看人家给出的demo和文档以下文件都是根据官方给出的demo修改而来的配置类 ___ ``` <?php namespace sandpay; use Exception; use think\Db; class SandConfig { //--------------------------------------------1、基础参数配置------------------------------------------------ const API_HOST = 'https://cashier.sandpay.com.cn/gateway/api'; const PUB_KEY_PATH = __DIR__ .'/cert/sand.cer'; //公钥文件官网可以直接下载 const PRI_KEY_PATH = __DIR__ .'/cert/private_key.pfx'; //私钥文件给出的邮件里面可以使用360浏览器，官方推荐IE浏览器，具体流程可以问客服怎么导出证书，需要导出公钥和私钥证书文件私钥的在这里，公钥的上传到杉德支付的商服后台。 const CERT_PWD = 123456; //私钥证书密码这个秘钥是导出私钥的时候设置的自定义一定要记住密码 const MID = '000000000'; // 商户ID const FRONT_URL = ''; // 前端地址 // 微信appid public $wxappid=null; // 异步地址 public $notify_url=null; public function __construct() { if(is_null($this->wxappid)) $this->wxappid=Db::name('wxconfig')->where(['status'=>1])->value('appid'); if(is_null($this->notify_url)) $this->notify_url=request()->domain().'/api/order/sandNotify'; } //--------------------------------------------end基础参数配置------------------------------------------------ /** * 获取公钥 * @param $path * @return mixed * @throws Exception */ public function loadX509Cert($path) { try { $file = file_get_contents($path); if (!$file) { throw new \Exception('loadx509Cert::file_get_contents ERROR'); } $cert = chunk_split(base64_encode($file), 64, "\n"); $cert = "-----BEGIN CERTIFICATE-----\n" . $cert . "-----END CERTIFICATE-----\n"; $res = openssl_pkey_get_public($cert); $detail = openssl_pkey_get_details($res); openssl_free_key($res); if (!$detail) { throw new \Exception('loadX509Cert::openssl_pkey_get_details ERROR'); } return $detail['key']; } catch (\Exception $e) { throw $e; } } /** * 获取私钥 * @param $path * @param $pwd * @return mixed * @throws Exception */ public function loadPk12Cert($path, $pwd) { try { $file = file_get_contents($path); if (!$file) { throw new \Exception('loadPk12Cert::file _get_contents'); } if (!openssl_pkcs12_read($file, $cert, $pwd)) { throw new \Exception('loadPk12Cert::openssl_pkcs12_read ERROR'); } return $cert['pkey']; } catch (\Exception $e) { throw $e; } } /** * 私钥签名 * @param $plainText * @param $path * @return string * @throws Exception */ public function sign($plainText, $path) { $plainText = json_encode($plainText); try { $resource = openssl_pkey_get_private($path); $result = openssl_sign($plainText, $sign, $resource); openssl_free_key($resource); if (!$result) { throw new \Exception('签名出错' . $plainText); } return base64_encode($sign); } catch (\Exception $e) { throw $e; } } /** * 公钥验签 * @param $plainText * @param $sign * @param $path * @return int * @throws Exception */ public function verify($plainText, $sign, $path) { $resource = openssl_pkey_get_public($path); $result = openssl_verify($plainText, base64_decode($sign), $resource); openssl_free_key($resource); if (!$result) { throw new \Exception('签名验证未通过,plainText:' . $plainText . '。sign:' . $sign, '02002'); } return $result; } /** * 发送请求 * @param $url * @param $param * @return bool|mixed * @throws Exception */ public function http_post_json($url, $param) { if (empty($url) || empty($param)) { return false; } $param = http_build_query($param); try { $ch = curl_init();//初始化curl curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //正式环境时解开注释 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20); #成功连接服务器前等待时长 curl_setopt($ch, CURLOPT_TIMEOUT, 30); # 从服务器接收缓冲完成前需要等待多长时间 $data = curl_exec($ch);//运行curl curl_close($ch); if (!$data) { throw new \Exception('请求出错'); } return $data; } catch (\Exception $e) { throw $e; } } public function parse_result($result) { $arr = array(); $response = urldecode($result); $arrStr = explode('&', $response); foreach ($arrStr as $str) { $p = strpos($str, "="); $key = substr($str, 0, $p); $value = substr($str, $p + 1); $arr[$key] = $value; } return $arr; } /** * 公钥加密AESKey * @param $plainText * @param $puk * @return string * @throws */ public function RSAEncryptByPub($plainText, $puk) { if (!openssl_public_encrypt($plainText, $cipherText, $puk, OPENSSL_PKCS1_PADDING)) { throw new \Exception('AESKey 加密错误'); } return base64_encode($cipherText); } /** * 私钥解密AESKey * @param $cipherText * @param $prk * @return string * @throws */ public function RSADecryptByPri($cipherText, $prk) { if (!openssl_private_decrypt(base64_decode($cipherText), $plainText, $prk, OPENSSL_PKCS1_PADDING)) { throw new \Exception('AESKey 解密错误'); } return (string)$plainText; } /** * AES加密 * @param $plainText * @param $key * @return string * @throws */ public function AESEncrypt($plainText, $key) { $plainText = json_encode($plainText); $result = openssl_encrypt($plainText, 'AES-128-ECB', $key, 1); if (!$result) { throw new \Exception('报文加密错误'); } return base64_encode($result); } /** * AES解密 * @param $cipherText * @param $key * @return string * @throws */ public function AESDecrypt($cipherText, $key) { $result = openssl_decrypt(base64_decode($cipherText), 'AES-128-ECB', $key, 1); if (!$result) { throw new \Exception('报文解密错误', 2003); } return $result; } /** * 生成AESKey * @param int $size * @return string */ public function aes_generate(int $size) { $str = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $arr = array(); for ($i = 0; $i < $size; $i++) { $arr[] = $str[mt_rand(0, 61)]; } return implode('', $arr); } } ``` 支付文件（直接把这个参数给前端就行就是支付需要的参数） ___ ``` <?php namespace sandpay; use think\Request; use \sandpay\SandConfig; /** * Class Pay * @package sandpay */ class Pay{ protected static $error_info='服务器繁忙，请稍后再试!'; protected static $config=null; public function __construct() { if(self::$config == null) self::$config=new SandConfig(); } /** * 杉德支付 * @param $orderCode 商户订单号 * @param $money 订单金额 * @param $userId type=1 微信传递openid type=0 支付宝 userid * @param $type 1 微信 0 支付宝 * @return array * @throws \Exception */ public function start($orderCode,$money,$userId,$type=1){ // $money=0.01; // step1: 拼接data $rand=mt_rand(10,99); $data = array( 'head' => array( 'version' => '1.0', // 版本号默认1.0 'method' => 'sandpay.trade.pay', // "请求地址-method" sandpay.trade.pay 'productId' =>$type ? '00002020' : '00002022', // 产品编码 https://open.sandpay.com.cn/product/detail/43984// // 微信公众号 00002020 'accessType' => '1', // 接入类型 1-普通商户接入 2-平台商户接入 3-核心企业商户接入 'mid' =>SandConfig::MID, // 商户ID 收款方商户号 'channelType' => '07', // 渠道类型 07-互联网 08-移动端 'reqTime' => date('YmdHis', time()) // 请求时间格式：yyyyMMddhhmmss ), 'body' => array( 'orderCode' =>$orderCode.$rand, // 商户订单号长度12位起步，商户唯一，建议订单号有日期 'totalAmount' =>str_pad($money * 100,12,"0",STR_PAD_LEFT), // 订单金额例000000000101代表1.01元 'subject' =>'购买商品',//订单标题 'body' =>'杉德支付',// 订单描述 'payMode' => $type ? 'sand_wx' : 'sand_alipay',// 支付模式 sand_wx 微信公众号/小程序支付 "payExtra"=>json_encode($type ? [ 'subAppid' => self::$config->wxappid, 'userId' => $userId ] : [ 'userId' => $userId ]),// 支付扩展域类型为josn 'clientIp' =>request()->ip(),//客户端IP 127.0.0.1 'notifyUrl' =>self::$config->notify_url, // 异步通知地址 1.https 2.直接可以访问 // 'frontUrl' =>request()->domain().'/index.html#/',//前台通知地址 'extend'=>$type, ) ); // step2: 私钥签名 $prikey =self::$config->loadPk12Cert(SandConfig::PRI_KEY_PATH, SandConfig::CERT_PWD); $sign = self::$config->sign($data, $prikey); // step3: 拼接post数据 $post = array( 'charset' => 'utf-8', 'signType' => '01', 'data' => json_encode($data), 'sign' => $sign ); // step4: post请求 $result =self::$config->http_post_json(SandConfig::API_HOST . '/order/pay', $post); $arr = self::$config->parse_result($result); //step5: 公钥验签 $pubkey =self::$config->loadX509Cert(SandConfig::PUB_KEY_PATH); try { self::$config->verify($arr['data'], $arr['sign'], $pubkey); } catch (\Exception $e) { return $e->getMessage(); } // step6：获取credential $data = json_decode($arr['data'], true); if ($data['head']['respCode'] == "000000") { $datas=json_decode($data['body']['credential'],true); if(!isset($datas['params'])){ throw new \Exception("字符串解析错误"); } // $data = json_decode($data['params'],true); // $result = substr($data['payInfo']['trade_no'],-28,28); return json_decode($datas['params'],true); } else { return self::$error_info; } } } ``` 代付文件 ___ ``` <?php namespace sandpay; use Exception; use think\Db; use \sandpay\SandConfig; class Withdrawal { protected static $url='https://caspay.sandpay.com.cn/agent-main/openapi/agentpay'; protected static $error_info='服务器繁忙，请稍后再试!'; protected static $config=null; public function __construct() { if(self::$config == null) self::$config=new SandConfig(); } /** * 付款到银行卡 * @param $params * @return bool */ public function start($params) { $info = array( 'transCode' => 'RTPM', // 实时代付 'merId' => SandConfig::MID, // 此处更换商户号 'url' => '/agentpay', 'pt' => array( 'orderCode' => $params['order_sn'], 'version' => '01', 'productId' => '00000004', 'tranTime' => date('YmdHis', time()), // 'timeOut' => '20181024120000',//不填默认24小时 'tranAmt' => str_pad($params['amount'] * 100,12,"0",STR_PAD_LEFT), 'currencyCode' => '156', 'accAttr' => '0', 'accNo' => $params['bank_no'], 'accType' => '4', 'accName' => $params['bank_real_name'], // 'provNo' => 'sh', // 'cityNo' => 'sh', // 'bankName' => 'cbc',//对公代付必填 // 'bankType' => '1',//对公代付必填 'remark' => $params['bank_real_name'], 'payMode' => 'desc', 'channelType' => '07' ) ); // step1: 拼接报文及配置 $transCode = $info['transCode']; // 交易码 $accessType = '0'; // 接入类型 0-商户接入，默认；1-平台接入 $merId = $info['merId']; // 此处更换商户号 $path = $info['url']; // 服务地址 $pt = $info['pt']; // 报文 try { // step2: 生成AESKey并使用公钥加密 $AESKey = self::$config->aes_generate(16); $pubKey = self::$config->loadX509Cert(SandConfig::PUB_KEY_PATH); $priKey = self::$config->loadPk12Cert(SandConfig::PRI_KEY_PATH,SandConfig::CERT_PWD); $encryptKey = self::$config->RSAEncryptByPub($AESKey, $pubKey); // step3: 使用AESKey加密报文 $encryptData = self::$config->AESEncrypt($pt, $AESKey); // step4: 使用私钥签名报文 $sign = self::$config->sign($pt,$priKey); // step5: 拼接post数据 $post = array( 'transCode' => $transCode, 'accessType' => $accessType, 'merId' => $merId, 'encryptKey' => $encryptKey, 'encryptData' => $encryptData, 'sign' => $sign ); // step6: post请求 $result = self::$config->http_post_json(self::$url, $post); parse_str($result, $arr); // step7: 使用私钥解密AESKey $decryptAESKey = self::$config->RSADecryptByPri($arr['encryptKey'], $priKey); // step8: 使用解密后的AESKey解密报文 $decryptPlainText = self::$config->AESDecrypt($arr['encryptData'], $decryptAESKey); // step9: 使用公钥验签报文 self::$config->verify($decryptPlainText, $arr['sign'],$pubKey); $decryptPlainText = json_decode($decryptPlainText,true); if((int)$decryptPlainText['respCode'] > 2 && $decryptPlainText['resultFlag'] == 1){ throw new \Exception($decryptPlainText['respDesc']); } return ['code'=>1,'info'=>'ok']; } catch (\Exception $e) { return ['code'=>0,'info'=>$e->getMessage()]; } } } ```