====== 支付窗用户信息获取整理 ======
分两种情况:获取用户支付宝userId(无需授权页面)和获取用户相关信息(需要授权页面,暂无姓名手机身份证等敏感信息,申请中...,不一定能审批下来)
===== 获取用户支付宝userId =====
注意:该种方式无需授权页面
==== 第一步,获取auth_code ====
GET方式请求地址(注意:当前页面有支付宝用户登录会话,没有登录需要先登录,不能从服务器端发起)
https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=2015012700028257&auth_skip=false&scope=auth_base&redirect_uri=http://test.tebon.com.cn
跳转页面,带有%%auth_code%%
http://test.tebon.com.cn/?app_id=2015012700028257&source=alipay_wallet&scope=auth_base&auth_code=144bdfd991494cf09fde489b3febXX37
获取auth_code:144bdfd991494cf09fde489b3febXX37
==== 第二步,获取alipay_user_id ====
POST方式请求(注意:可以服务器端发起)
String code="144bdfd991494cf09fde489b3febXX37";//第一步中获取的auth_code
//根据code获取token和userid
StringBuffer payParams = new StringBuffer();
//生产加密签名明文
payParams.append("app_id").append("=").append("2015012700028257").append("&");
payParams.append("charset").append("=").append("GBK").append("&");
payParams.append("code").append("=").append(code).append("&");
payParams.append("grant_type").append("=").append("authorization_code").append("&");
payParams.append("method").append("=").append("alipay.system.oauth.token").append("&");
//payParams.append("refresh_token").append("=").append("").append("&");
payParams.append("sign_type").append("=").append("RSA").append("&");
payParams.append("timestamp").append("=").append("2016-01-19 08:08:08").append("&");
payParams.append("version").append("=").append("1.0");
String signValue = AlipayRSA.sign(payParams.toString(), PRIVATE_KEY, "GBK");
System.out.println(signValue);
//根据code获取token和userid
Map map = new HashMap();
map.put("app_id", "2015012700028257");
map.put("charset", "GBK");
map.put("code", code);
map.put("grant_type", "authorization_code");
map.put("method", "alipay.system.oauth.token");
//map.put("refresh_token", "");
map.put("sign_type", "RSA");
map.put("timestamp", "2016-01-19 08:08:08");
map.put("version", "1.0");
map.put("sign", signValue);
String content = HttpClientUtils.getWebContentByPost(
"https://openapi.alipay.com/gateway.do",
map, "GBK");
System.out.println(content);
返回%%alipay_user_id%%
{
"alipay_system_oauth_token_response": {
"access_token": "authbseB72299cc47e76495db023f1db89e06E37",
"alipay_user_id": "20880073298825349672116690510937",
"expires_in": 1296000,
"re_expires_in": 31536000,
"refresh_token": "authbseB5d29537f83ce4b25969e98b2b9659F37",
"user_id": "2088302685248372"
},
"sign": "LArk3q7kvL0jcKYxqfkMLHDyF2I5vGM5sBjbye7PW4RLR8oYetc5FAkyHZnHxBITAsdwzIfjzuAmEBu0rv9op9kcwV9fZArjjX6xtYZdsO2Ohp2ocyl5ZbOWLmmIh6llEKXDXn+GPsKk+DoOAFrm/Crjr1ii46b9otBFt+bNYYc="
}
===== 获取用户相关信息 =====
注意:该种方式需要授权页面,暂无姓名、手机、身份证等敏感信息,申请中...,不一定能审批下来
==== 第一步,获取auth_code ====
GET方式请求地址(注意:当前页面有支付宝用户登录会话,没有登录需要先登录,不能从服务器端发起,而且需要授权)
https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=2015012700028257&auth_skip=false&scope=auth_userinfo&redirect_uri=http://test.tebon.com.cn
跳授权页面
{{:分享:技术:支付宝:1.png?800|}}
跳转页面,带有%%auth_code%%
http://test.tebon.com.cn/?app_id=2015012700028257&source=alipay_wallet&scope=auth_userinfo&alipay_token=&userOutputs=basicInfo&auth_code=4c8bb8acbe964e2b9c8e2121f61eYD37
获取auth_code:4c8bb8acbe964e2b9c8e2121f61eYD37
==== 第二步,获取alipay_user_id和access_token ====
POST方式请求(注意:可以服务器端发起)
String code="4c8bb8acbe964e2b9c8e2121f61eYD37";//第一步中获取的auth_code
//根据code获取token和userid
StringBuffer payParams = new StringBuffer();
//生产加密签名明文
payParams.append("app_id").append("=").append("2015012700028257").append("&");
payParams.append("charset").append("=").append("GBK").append("&");
payParams.append("code").append("=").append(code).append("&");
payParams.append("grant_type").append("=").append("authorization_code").append("&");
payParams.append("method").append("=").append("alipay.system.oauth.token").append("&");
//payParams.append("refresh_token").append("=").append("").append("&");
payParams.append("sign_type").append("=").append("RSA").append("&");
payParams.append("timestamp").append("=").append("2016-01-19 08:08:08").append("&");
payParams.append("version").append("=").append("1.0");
String signValue = AlipayRSA.sign(payParams.toString(), PRIVATE_KEY, "GBK");
System.out.println(signValue);
//根据code获取token和userid
Map map = new HashMap();
map.put("app_id", "2015012700028257");
map.put("charset", "GBK");
map.put("code", code);
map.put("grant_type", "authorization_code");
map.put("method", "alipay.system.oauth.token");
//map.put("refresh_token", "");
map.put("sign_type", "RSA");
map.put("timestamp", "2016-01-19 08:08:08");
map.put("version", "1.0");
map.put("sign", signValue);
String content = HttpClientUtils.getWebContentByPost(
"https://openapi.alipay.com/gateway.do",
map, "GBK");
System.out.println(content);
返回%%alipay_user_id%%和%%access_token%%
{
"alipay_system_oauth_token_response": {
"access_token": "composeB7fddb71c31e04d4d8e43f500ee383X37",
"alipay_user_id": "20880073298825349672116690510937",
"expires_in": 500,
"re_expires_in": 300,
"refresh_token": "composeB8dbca7b0886741948c4a1876b71eeB37",
"user_id": "2088302685248372"
},
"sign": "ssCAimDSO+T6KsPOdytU6Zp9+ix5dVo2JtmEkWZoJFNfch3XiNWl8Uii+++rECXrW4XC+umNJw8gbpZ8p5S7hDKCaA7AM63eK1/qU5NEYdzzh5VQsB8LDhF2XEGj5p/YQJxTbr7nX3D/1f2yrE32RsrW9roMniBY+4UBTX/alRw="
}
==== 第三步,获取非敏感信息(暂时) ====
POST方式请求(注意:可以服务器端发起)
String token = "composeB7fddb71c31e04d4d8e43f500ee383X37";//第二步中获取的access_token
StringBuffer payParams = new StringBuffer();
//生产加密签名明文
payParams.append("app_id").append("=").append("2015012700028257").append("&");
payParams.append("auth_token").append("=").append(token).append("&");
payParams.append("charset").append("=").append("GBK").append("&");
payParams.append("method").append("=").append("alipay.user.userinfo.share").append("&");
payParams.append("sign_type").append("=").append("RSA").append("&");
payParams.append("timestamp").append("=").append("2016-01-19 08:08:08").append("&");
payParams.append("version").append("=").append("1.0");
String signValue = AlipayRSA.sign(payParams.toString(), PRIVATE_KEY, "GBK");
System.out.println(signValue);
//根究token获取用户信息 权限不足
Map map = new HashMap();
map.put("app_id", "2015012700028257");
map.put("auth_token", token);
map.put("charset", "GBK");
map.put("method", "alipay.user.userinfo.share");
map.put("sign_type", "RSA");
map.put("timestamp", "2016-01-19 08:08:08");
map.put("version", "1.0");
map.put("sign", signValue);
String content = HttpClientUtils.getWebContentByPost(
"https://openapi.alipay.com/gateway.do",
map, "GBK");
System.out.println(content);
返回非敏感信息
{
"alipay_user_userinfo_share_response": {
"user_type_value": "2",
"is_licence_auth": "F",
"is_certified": "T",
"is_certify_grade_a": "T",
"avatar": "https://tfsimg.alipay.com/images/partner/T1SVhfXfdiXXXXXXXX",
"is_student_certified": "F",
"is_bank_auth": "T",
"is_mobile_auth": "T",
"nick_name": "向辉",
"alipay_user_id": "2088302685248372",
"user_id": "20880073298825349672116690510937",
"user_status": "T",
"is_id_auth": "T"
},
"sign": "TaRLM9pJxLQKjR5AssPiHrgA7y2qlxYiQhfAy50BBYdZtx74ySd1vuuiGk7nLOLBIu3PP2dImvEwQyIdWpuQ30mFZCC/pbmXEiPPHv/O/UIewEGUo84TNiH6dq8h0i1X1cStDOT9u2/PkqhPDlWS3ePu0mQFlAzg42bIZA2/usY="
}
===== API2.0验签 =====
只对json中response的值做验签,一般来说返回的值都是已经做好排序了的,排序规则是节点中的各个json节点key首字母做字典排序。Response的Json值内容需要包含首尾的“{”和“}”两个尖括号,双引号也需要参与验签,如果字符串中包含
http://
的正斜杠,需要先将正斜杠做转义,默认打印出来的字符串是已经做过转义的。建议验签不通过时将正斜杠转义一次后再做一次验签。
如当面付扫码支付获取二维码的返回内容为:
{"alipay_trade_precreate_response":{"code":"10000","msg":"Success","out_trade_no":"6141161365682511","qr_code":"https:\/\/qr.alipay.com\/bax03206ug0kulveltqc80a8"},"sign":"VrgnnGgRMNApB1QlNJimiOt5ocGn4a4pbXjdoqjHtnYMWPYGX9AS0ELt8YikVAl6LPfsD7hjSyGWGjwaAYJjzH1MH7B2/T3He0kLezuWHsikao2ktCjTrX0tmUfoMUBCxKGGuDHtmasQi4yAoDk+ux7og1J5tL49yWiiwgaJoBE="}
则待验签内容为 {"code":"10000","msg":"Success","out_trade_no":"6141161365682511","qr_code":"https:\/\/qr.alipay.com\/bax03206ug0kulveltqc80a8"} ,sign前面的那个逗号不参与验签。
获取sign值时,只需要sign节点的值(不含双引号)。
参考地址:https://support.open.alipay.com/doc2/detail.htm?spm=a219a.7386797.0.0.lavAeV&treeId=115&articleId=104107&docType=1#s0
==== 测试代码 ====
/**支付宝公钥-从支付宝服务窗获取*/
public static final String ALIPAY_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDI6d306Q8fIfCOaTXyiUeJHkrIvYISRcc73s3vF1ZT7XN8RNPwJxo8pWaJMmvyTn9N4HQ632qJBVHf8sxHi/fEsraprwCtzvzQETrNRwVxLO5jVmRGi60j8Ue1efIlzPXV9je9mkjzOmdssymZkh2QhUrCmZYI/FCEa3/cNMW0QIDAQAB";
public static void main(String[] str) throws Exception {
/**{
"alipay_trade_precreate_response":{
"code":"10000",
"msg":"Success",
"out_trade_no":"6141161365682511",
"qr_code":"https:\/\/qr.alipay.com\/bax03206ug0kulveltqc80a8"
},
"sign":"VrgnnGgRMNApB1QlNJimiOt5ocGn4a4pbXjdoqjHtnYMWPYGX9AS0ELt8YikVAl6LPfsD7hjSyGWGjwaAYJjzH1MH7B2/T3He0kLezuWHsikao2ktCjTrX0tmUfoMUBCxKGGuDHtmasQi4yAoDk+ux7og1J5tL49yWiiwgaJoBE="
}*/
//根据code获取token和userid
StringBuffer payParams = new StringBuffer();
//生产加密签名明文
payParams.append("{\"code\":\"10000\",\"msg\":\"Success\",\"out_trade_no\":\"6141161365682511\",\"qr_code\":\"https:\\/\\/qr.alipay.com\\/bax03206ug0kulveltqc80a8\"}");
String sign = "VrgnnGgRMNApB1QlNJimiOt5ocGn4a4pbXjdoqjHtnYMWPYGX9AS0ELt8YikVAl6LPfsD7hjSyGWGjwaAYJjzH1MH7B2/T3He0kLezuWHsikao2ktCjTrX0tmUfoMUBCxKGGuDHtmasQi4yAoDk+ux7og1J5tL49yWiiwgaJoBE=";
boolean signValue = AlipayRSA.verify(payParams.toString(), sign, ALIPAY_PUBLIC_KEY, "GBK");
System.out.println(signValue);
}
===== 相关代码 =====
==== AlipayBase64.java ====
/*
* Copyright (C) 2010 The MobileSecurePay Project
* All right reserved.
* author: shiqun.shi@alipay.com
*/
package com.gxx.record.utils.alipay;
public final class AlipayBase64 {
static private final int BASELENGTH = 128;
static private final int LOOKUPLENGTH = 64;
static private final int TWENTYFOURBITGROUP = 24;
static private final int EIGHTBIT = 8;
static private final int SIXTEENBIT = 16;
static private final int FOURBYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASELENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
static {
for (int i = 0; i < BASELENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}
for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}
base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;
for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}
for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}
for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';
}
private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}
private static boolean isPad(char octect) {
return (octect == PAD);
}
private static boolean isData(char octect) {
return (octect < BASELENGTH && base64Alphabet[octect] != -1);
}
/**
* Encodes hex octects into Base64
*
* @param binaryData Array containing binaryData
* @return Encoded Base64 array
*/
public static String encode(byte[] binaryData) {
if (binaryData == null) {
return null;
}
int lengthDataBits = binaryData.length * EIGHTBIT;
if (lengthDataBits == 0) {
return "";
}
int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;
encodedData = new char[numberQuartet * 4];
byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}
for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];
if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}
// form integral number of 6-bit groups
if (fewerThan24bits == EIGHTBIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEENBIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}
return new String(encodedData);
}
/**
* Decodes Base64 data into octects
*
* @param encoded string containing Base64 data
* @return Array containind decoded data.
*/
public static byte[] decode(String encoded) {
if (encoded == null) {
return null;
}
char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);
if (len % FOURBYTE != 0) {
return null;//should be divisible by four
}
int numberQuadruple = (len / FOURBYTE);
if (numberQuadruple == 0) {
return new byte[0];
}
byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];
for (; i < numberQuadruple - 1; i++) {
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++]))
|| !isData((d4 = base64Data[dataIndex++]))) {
return null;
}//if found "no data" just return null
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;//if found "no data" just return null
}
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {//Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)//last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)//last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { //No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
return decodedData;
}
/**
* remove WhiteSpace from MIME containing encoded Base64 data.
*
* @param data the byte array of base64 data (with WS)
* @return the new length
*/
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}
// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}
==== AlipayRSA.java ====
package com.gxx.record.utils.alipay;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
public class AlipayRSA{
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
/**
* RSA签名
* @param content 待签名数据
* @param privateKey 商户私钥
* @param input_charset 编码格式
* @return 签名值
*/
public static String sign(String content, String privateKey, String input_charset)
{
try
{
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( AlipayBase64.decode(privateKey) );
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update( content.getBytes(input_charset) );
byte[] signed = signature.sign();
return AlipayBase64.encode(signed);
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
/**
* RSA验签名检查
* @param content 待签名数据
* @param sign 签名值
* @param ali_public_key 支付宝公钥
* @param input_charset 编码格式
* @return 布尔值
*/
public static boolean verify(String content, String sign, String ali_public_key, String input_charset)
{
try
{
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = AlipayBase64.decode(ali_public_key);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update( content.getBytes(input_charset) );
boolean bverify = signature.verify( AlipayBase64.decode(sign) );
return bverify;
}
catch (Exception e)
{
e.printStackTrace();
}
return false;
}
/**
* 解密
* @param content 密文
* @param private_key 商户私钥
* @param input_charset 编码格式
* @return 解密后的字符串
*/
public static String decrypt(String content, String private_key, String input_charset) throws Exception {
PrivateKey prikey = getPrivateKey(private_key);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, prikey);
InputStream ins = new ByteArrayInputStream(AlipayBase64.decode(content));
ByteArrayOutputStream writer = new ByteArrayOutputStream();
//rsa解密的字节大小最多是128,将需要解密的内容,按128位拆开解密
byte[] buf = new byte[128];
int bufl;
while ((bufl = ins.read(buf)) != -1) {
byte[] block = null;
if (buf.length == bufl) {
block = buf;
} else {
block = new byte[bufl];
for (int i = 0; i < bufl; i++) {
block[i] = buf[i];
}
}
writer.write(cipher.doFinal(block));
}
return new String(writer.toByteArray(), input_charset);
}
/**
* 得到私钥
* @param key 密钥字符串(经过base64编码)
* @throws Exception
*/
public static PrivateKey getPrivateKey(String key) throws Exception {
byte[] keyBytes;
keyBytes = AlipayBase64.decode(key);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
return privateKey;
}
public static void main(String[] args) throws Exception {
//String pubKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnxj/9qwVfgoUh/y2W89L6BkRAFljhNhgPdyPuBV64bfQNN1PjbCzkIM6qRdKBoLPXmKKMiFYnkd6rAoprih3/PrQEB/VsW8OoM8fxn67UDYuyBTqA23MML9q1+ilIZwBC2AQ2UBVOrFXfFl75p6/B5KsiNG9zpgmLCUYuLkxpLQIDAQAB";
String pubKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnxj/9qwVfgoUh/y2W89L6BkRAFljhNhgPdyPuBV64bfQNN1PjbCzkIM6qRdKBoLPXmKKMiFYnkd6rAoprih3/PrQEB/VsW8OoM8fxn67UDYuyBTqA23MML9q1+ilIZwBC2AQ2UBVOrFXfFl75p6/B5KsiNG9zpgmLCUYuLkxpLQIDAQAB";
String code = "nMOlpXJmgD91xQu3vfrKQHcDYlXJhnzNa/wY2vTiIQLtitrQKE09H7TbNRs8s0CkAbz2jCLQCXs8Lu/9ucvyqn5R39AkMKnFnfKgJS5QNbIm69D2Hb5bQ9rV6c9B1ZER2PYOvltRz+izYA9OikhKvdQ/fLzJ4+3T+RHjcTpUIH4=";
String value ="body=产品1介绍&buyer_email=tangtao7481@yahoo.com.cn&buyer_id=2088002363398192&discount=0.00&gmt_create=2015-04-20 13:53:35&gmt_payment=2015-04-20 13:53:36&is_total_fee_adjust=N¬ify_id=753fb36a05cf00ed1a4f18db44e9405032¬ify_time=2015-04-20 13:53:37¬ify_type=trade_status_sync&out_trade_no=2015040700000010&payment_type=1&price=0.01&quantity=1&seller_email=zhangyx@tebon.com.cn&seller_id=2088011222632094&subject=产品1&total_fee=0.01&trade_no=2015042000001000190050269133&trade_status=TRADE_SUCCESS&use_coupon=N";
//解密验证
boolean verify = AlipayRSA.verify(value, code, pubKey, "utf-8");
System.out.println("验证是否通过:" + verify);
String abc = "2015041400001000190049688411^0.01^SUCCESS#2015041400001000190049688411^0.01^SUCCESS";
String[] tmp = abc.split("#");
//String[] tmp = abc.split("\\^");
System.out.println(tmp);
}
}
==== HttpClientUtils.java ====
package com.gxx.record.utils;
/**
*
* - Title:
* -
* none
* - Description:
* -
*
* none
*
*
* @author Gxx
* @version 1.0, 2014-5-21
* @since sirius-commons
*
*/
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpMethodParams;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.gxx.record.utils.alipay.AlipayRSA;
public class HttpClientUtils {
private static final Log logger = LogFactory.getLog(HttpClientUtils.class);
/**
* 获得网页中的所有HTML内容
*
* @param url
* @param charset
* @return
*/
public static String getWebContentByGet(String url, String charset) {
HttpClient client = new HttpClient();
GetMethod getMethod = new GetMethod(url);
StringBuilder sb = new StringBuilder();
try {
getMethod.setRequestHeader("Connection", "close");
getMethod.getParams().setBooleanParameter(
"http.protocol.expect-continue", false);
// 状态码
int statusCode = client.executeMethod(getMethod);
if (statusCode == HttpStatus.SC_OK) {
// 获得HTML文本
BufferedReader bf = new BufferedReader(new InputStreamReader(
getMethod.getResponseBodyAsStream(), charset));
String line = null;
while ((line = bf.readLine()) != null) {
sb.append(line);
}
bf.close();
}
} catch (Exception e) {
logger.error(e);
} finally {
if (getMethod != null)
getMethod.releaseConnection();
if (client != null) {
client = null;
}
}
return sb.toString();
}
public static String getWebContentByGet(String url) {
return getWebContentByGet(url, "utf-8");
}
/**
* 获得网页中的所有HTML内容
*
* @param url
* @param mapData
* :传递的参数
* @param charset
* @return
*/
@SuppressWarnings("rawtypes")
public static String getWebContentByPost(String url,
Map mapData, String charset) {
HttpClient client = new HttpClient();
InputStream is = null;
PostMethod postMethod = new PostMethod(url);
postMethod.getParams().setParameter(HttpMethodParams.HTTP_CONTENT_CHARSET, "UTF-8");
StringBuilder sb = new StringBuilder();
// 填入各个表单域的值
NameValuePair[] data = new NameValuePair[mapData.size()];
Set set = mapData.entrySet();
Iterator iterator = set.iterator();
int i = 0;
while (iterator.hasNext()) {
Map.Entry entry = (Map.Entry) iterator.next();
data[i] = new NameValuePair((String) entry.getKey(),
entry.getValue() == null ? StringUtils.EMPTY
: (String) entry.getValue());
i++;
}
// 将表单的值放入postMethod中
postMethod.setRequestBody(data);
BufferedReader bf = null;
InputStreamReader isReader = null;
try {
int statusCode = client.executeMethod(postMethod);
if (statusCode == HttpStatus.SC_OK) {
// 获得HTML文本
is = postMethod.getResponseBodyAsStream();
isReader = new InputStreamReader(is, charset);
bf = new BufferedReader(isReader);
String line = null;
while ((line = bf.readLine()) != null) {
sb.append(line);
}
bf.close();
}
} catch (HttpException e) {
logger.error(e);
} catch (IOException e) {
logger.error(e);
} finally {
if (is != null) {
try {
is.close();
} catch (Exception e) {
logger.error("关闭流错误", e);
}
}
if (bf != null) {
try {
bf.close();
} catch (Exception ex) {
logger.error("关闭流句柄错误", ex);
}
}
if (isReader != null) {
try {
isReader.close();
} catch (Exception ex) {
logger.error("关闭流句柄错误", ex);
}
}
if (postMethod != null)
postMethod.releaseConnection();
if (client != null) {
client = null;
}
}
return sb.toString();
}
//私钥用于签名
public static final String PRIVATE_KEY = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALRLWLgujFrTx5hn" +
"/tWVJS8F1cyFwel+kYUls5hnWslEnRq5RoShByiMmLJ2SuhzICxDs8dztDX27nJN" +
"zrK+zR7DFC2OWCGGKZCB9sL9fPxQZka80etUGpEa4k/ozNUV0AA7g8cF2sYP402Q" +
"ilKLtY3i9n8v4FLmoBrQnlFkev6DAgMBAAECgYEAgV63cKHmEJ56UD//Od7laZJ0" +
"UWeBNzycyr+82RUArf9QBAcCNNUfP9dzEkuTgKxrX5fM/sdlfnuLqfVu5g/HOqEK" +
"Nf7Du6EHNCoYrk1pO8TDIe+FmGf1YMhFNSXUyy/iiBp8DhIZBPuw8CJDXk/HDfX8" +
"4ZVMwyI54XogHIyvVZECQQDfuEfk2pX83j0vPFtvfsn38pMkvuX74bCSMHC1d/vp" +
"2qhIEBkMnSWIOCF0xyXZOtyCxr3dQdq0w75lP13dQnr9AkEAzk8FuIGBiY/Ycxek" +
"yTaOKR5h7vtMFXBYaIWjhRvFH7uu1BV3WYZRUZ+AcrajzR0gVh8vw/fHMJTXjt3g" +
"C8RXfwJAGbjHU1GqcwNeR4MKBDywnfhe4JeuO5KMSZKWMtcTuKRyOq7XInMi8JF7" +
"j0CiYmJ5HfQZukmrCqOCzYNGmHzfRQJASvJqIZzqcg7PkwAD3RT0j/t5mFeyTBeE" +
"BnSF8tUjx2NnH6SsttkUsZJAF2xCFUF/fcnWkFpzAjMQG9Z+jcfGAQJBAJix01pB" +
"q1G/CbmE1kkftR8lOnnU899SxaAkF9pxZ0NfCpU0gQfZ/ez6frFJi59RyFon5sRk" +
"xSMfGfCSZtmEytY=";
public static void main(String[] str) throws Exception {
/**
* (一)根据code获取token和userid
*/
String code="4c8bb8acbe964e2b9c8e2121f61eYD37";//第一步中获取的auth_code
//根据code获取token和userid
StringBuffer payParams = new StringBuffer();
//生产加密签名明文
payParams.append("app_id").append("=").append("2015012700028257").append("&");
payParams.append("charset").append("=").append("GBK").append("&");
payParams.append("code").append("=").append(code).append("&");
payParams.append("grant_type").append("=").append("authorization_code").append("&");
payParams.append("method").append("=").append("alipay.system.oauth.token").append("&");
//payParams.append("refresh_token").append("=").append("").append("&");
payParams.append("sign_type").append("=").append("RSA").append("&");
payParams.append("timestamp").append("=").append("2016-01-19 08:08:08").append("&");
payParams.append("version").append("=").append("1.0");
String signValue = AlipayRSA.sign(payParams.toString(), PRIVATE_KEY, "GBK");
System.out.println(signValue);
//根据code获取token和userid
Map map = new HashMap();
map.put("app_id", "2015012700028257");
map.put("charset", "GBK");
map.put("code", code);
map.put("grant_type", "authorization_code");
map.put("method", "alipay.system.oauth.token");
//map.put("refresh_token", "");
map.put("sign_type", "RSA");
map.put("timestamp", "2016-01-19 08:08:08");
map.put("version", "1.0");
map.put("sign", signValue);
String content = HttpClientUtils.getWebContentByPost(
"https://openapi.alipay.com/gateway.do",
map, "GBK");
System.out.println(content);
/**
* (二)根究token获取用户信息
*/
// String token = "composeB7fddb71c31e04d4d8e43f500ee383X37";//第二步中获取的access_token
//
// StringBuffer payParams = new StringBuffer();
// //生产加密签名明文
// payParams.append("app_id").append("=").append("2015012700028257").append("&");
// payParams.append("auth_token").append("=").append(token).append("&");
// payParams.append("charset").append("=").append("GBK").append("&");
// payParams.append("method").append("=").append("alipay.user.userinfo.share").append("&");
// payParams.append("sign_type").append("=").append("RSA").append("&");
// payParams.append("timestamp").append("=").append("2016-01-19 08:08:08").append("&");
// payParams.append("version").append("=").append("1.0");
// String signValue = AlipayRSA.sign(payParams.toString(), PRIVATE_KEY, "GBK");
// System.out.println(signValue);
//
// //根究token获取用户信息
// Map map = new HashMap();
// map.put("app_id", "2015012700028257");
// map.put("auth_token", token);
// map.put("charset", "GBK");
// map.put("method", "alipay.user.userinfo.share");
// map.put("sign_type", "RSA");
// map.put("timestamp", "2016-01-19 08:08:08");
// map.put("version", "1.0");
// map.put("sign", signValue);
// String content = HttpClientUtils.getWebContentByPost(
// "https://openapi.alipay.com/gateway.do",
// map, "GBK");
// System.out.println(content);
}
}
===== 文档 =====
支付宝开发平台服务窗说明文档:https://doc.open.alipay.com/doc2/detail.htm?treeId=53&articleId=104114&docType=1