'1'

zzjs-admin/src/main/java/com/miaxis/app/controller/film/NotifyController.java

@@ -8,6 +8,7 @@ import com.miaxis.common.constant.Constants;
 import com.miaxis.common.core.domain.Response;
 import com.miaxis.common.exception.CustomException;
 import com.miaxis.common.utils.AesUtil;
+import com.miaxis.common.utils.uuid.CommonUtils;
 import com.miaxis.feign.dto.FilmDTO;
 import com.miaxis.feign.dto.FilmMcpData;
 import com.miaxis.feign.dto.FilmXdResult;
@@ -24,6 +25,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.joda.time.DateTime;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.io.ClassPathResource;
 import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -33,8 +35,10 @@ import org.springframework.web.bind.annotation.RestController;
 
 import javax.servlet.http.HttpServletRequest;
 import java.io.BufferedReader;
+import java.io.File;
 import java.io.IOException;
-import java.security.GeneralSecurityException;
+import java.security.*;
+import java.util.Base64;
 
 import static com.miaxis.common.utils.OrderCodeFactory.getOrderCode;
 
@@ -69,9 +73,10 @@ public class NotifyController {
     @PostMapping(value = "/wxpay")
     @ApiOperation("微信支付回调")
     public WxNotifyReturnDTO wxpayNotify(@RequestBody FilmWxpayDTO filmWxpayDTO, HttpServletRequest request, BufferedReader br) throws GeneralSecurityException, IOException {
+
         String bodyString = getBodyString(br);
         System.out.println(bodyString);
-        Boolean pass =  validate(request);
+        Boolean pass =  validate(request,bodyString);
 
         String resourceString = getSourString(filmWxpayDTO);
         log.info(resourceString);
@@ -105,7 +110,7 @@ public class NotifyController {
         return str;
     }
 
-    private Boolean validate(HttpServletRequest request) {
+    private Boolean validate(HttpServletRequest request, String bodyString) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
         String sign = request.getHeader("Wechatpay-Signature");
         String timestamp = request.getHeader("Wechatpay-Timestamp");
         String nonce = request.getHeader("Wechatpay-Nonce");
@@ -114,19 +119,19 @@ public class NotifyController {
         StringBuffer sb = new StringBuffer();
         sb.append(timestamp + "\n");
         sb.append(nonce + "\n");
-        System.out.println(sb);
-        return true;
-
-//        File file = new ClassPathResource("wechatpay/apiclient_key.pem").getFile();
-//        String realPath =file.getAbsolutePath();
-//        PrivateKey privateKey = CommonUtils.getPrivateKey(realPath);
-//        // 进行签名服务
-//        Signature signature = Signature.getInstance("SHA256withRSA");
-//        signature.initSign(privateKey);
-//        signature.update(sb.toString().getBytes("UTF-8"));
-//        byte[] signedData = signature.sign();
-//        String base64Str =  Base64.getEncoder().encodeToString(signedData);
-
+        sb.append(bodyString + "\n");
+        File file = new ClassPathResource("wechatpay/apiclient_key.pem").getFile();
+        String realPath =file.getAbsolutePath();
+        PrivateKey privateKey = CommonUtils.getPrivateKey(realPath);
+        // 进行签名服务
+        Signature signature = Signature.getInstance("SHA256withRSA");
+        signature.initSign(privateKey);
+        signature.update(sb.toString().getBytes("UTF-8"));
+        byte[] signedData = signature.sign();
+        String base64Str =  Base64.getEncoder().encodeToString(signedData);
+        System.out.println("签名串:"+base64Str);
+        System.out.println("body读取串:"+bodyString);
+        return bodyString.equals(base64Str);
 
     }