最近商城进行微信服务商二次进件的开发,大致有几个点
一,服务商签名
二,服务商证书获取
三,图片上传
四,敏感信息加密
五,查询进件状态
除此之外,就是进件信息的拼装
var auth = SrvPayBuildAuthAsync(uri, "", "GET"); var header = new Dictionary<string, string> { { "Authorization",$"WECHATPAY2-SHA256-RSA2048 {auth}"}, { "Accept","*/*" }, { "Accept-Encoding","gzip,deflate,brn" }, { "User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" }, }; return await GetUrlAsync<CertificatesOutModel>(uri, header); } #endregion
使用的实体:CertificatesOutModel
public sealed class CertificatesOutModel : IWXResponse { [jsonPropertyName("data")] public IEnumerable<Certificates> Data { get; set; } public string Code { get; set; } public string Message { get; set; } } public class Certificates { [JsonPropertyName("serial_no")] public string SerialNo { get; set; } [JsonPropertyName("effective_time")] public string EffectiveTime { get; set; } [JsonPropertyName("expire_time")] public string ExpireTime { get; set; } [JsonPropertyName("encrypt_certificate")] public EncryptCertificate EncryptCertificate { get; set; } }请求方法:GetUrlAsync
protected async Task<T> GetUrlAsync<T>(string url, Dictionary<string, string> headers = null) { HttpResponseMessage res = null; try { if (headers != null && headers.Count > 0) { foreach (var header in headers) { _client.DefaultRequestHeaders.TryAddWithoutValidation(header.Key, header.Value); } } res = await _client.GetAsync(url); res.EnsureSuccessStatusCode(); var result = await res.Content.ReadAsStringAsyn易采站长站c(); if (result == null) { return default; } return result.ToJson<T>(); } catch { var result = await res.Content.ReadAsStringAsync(); if (result == null) { return default; } return result.ToJson<T>(); } }解密方法
//获取证书 var cert = await _wxClient.GetSrvCert(); var certificateModel = cert.Data.FirstOrDefault(); if (!cert.Data.Any()) { return new MKResult<V3WXPayApplymentIdOutModel>(code: 400, msg: "未获取到平台证书"); } if (!string.IsNullOrEmpty(applyment.Body.SerialNo)) { certificateModel = cert.Data.SingleOrDefault(s => s.SerialNo == applyment.Body.SerialNo); } certificateModel.EncryptCertificate.Ciphertext = AESUtility.AesGcmDecrypt( _wxCfg.SrvApiV3Key, certificateModedvNXZBll.EncryptCertificate.AssociatedData, certificateModel.EncryptCertificate.Nonce, certificateModel.EncryptCertificate.Ciphertext );三,上传图片
因为我的图片保存在oss,首先要网络图片Bytes,对图片进行sha256,方法在后面
protected async Task<byte[]> GetUrlBytesAsync(string url, Dictionary<string, string> headers = null) { try { if (headers != null && headers.Count > 0) { foreach (var header in headers) { _client.DefaultRequestHeaders.TryAddWithoutValidation(header.Key, header.Value); } } var res = await _client.GetAsync(url); res.EnsureSuccessStatusCode(); return await res.Content.ReadAsByteArrayAsync(); } catch { return default; } }然后上传图片
/// <summary> /// 上传图片 /// </summary> /// <param name="url"></param> /// <returns></returns> public async Task<MKResult<V3WXPayFileUploadOutModel>> UploadFile(string url) { string fileContentType; string filetype; if (url!.Contains(".bmp", StringComparison.OrdinalIgnoreCase)) { fileContentType = "image/bmp"; filetype = ".bmp"; } else if (url!.Contains(".jpg", StringComparison.OrdinalIgnoreCase)) { fileContentType = "image/jpeg"; filetype = ".jpg"; } else if (url!.Contains(".jpeg", StringComparison.OrdinalIgnoreCase)) { fileContentType = "image/jpeg"; filetype = ".jpeg"; } else { fileContentType = "image/png"; filetype = ".png"; } UploadMerchantMediaImageRequest meta = new(); var fileBytes = await GetUrlBytesAsync(url);//获取网络图片Bytes if ((fileBytes?.Length ?? 0) == 0) { return new MKResult<V3WXPayFileUploadOutModel>(code: 400, msg: "转换图片失败"); } meta.FileHash = GetHash(fileBytes); meta.FileName = Guid.NewGuid().ToString("N").ToLower() + filetype; string boundary = "--BOUNDARY--" + DateTimeOffset.Now.Ticks.ToString("x"); using var fileContent = new ByteArrayContent(fileBytes); using var metaContent = new StringContent(meta.ToJson(), Encoding.UTF8, "application/json"); using var httpContent = new MultipartFormDataContent(boundary); httpContent.Add(metaContent, ""meta"");//meta 必须要加双引号 httpContent.Add(fileContent, ""file"", """ + meta.FileName + """);//必须要加双引号 httpContent.Headers.ContentType = MediaTypeHeaderValue.Parse("multipart/form-data; boundary=" + boundary);// boundary不能加引号 metaContent.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json"); fileContent.Headers.ContentType = MediaTypeHeaderValue.Parse(fileContentType); var uri = $"/v3/merchant/media/upload"; var res = await V3UpLoadFile<V3WXPayFileUploadOutModel>(uri, meta.ToJson(), httpContent); return new MKResult<V3WXPayFileUploadOutModel>(res, 1); }private async Task<T> V3UpLoadFile<T>(string uri, string meta, MultipartFormDataContent content) { var auth = SrvPayBuildAuthAsync(uri, meta); var header = new Dictionary<string, string> { { "Authorization",$"WECHATPAY2-SHA256-RSA2048 {auth}"}, { "Accept","*/*" }, { "Accept-Encoding","gzip,deflate,brn" }, { "User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" }, }; return await V3PostFileAsync<T>(uri, header, content); }protected async Task<T> V3PostFileAsync<T>(string url, Dictionary<string, string> headers, MultipartFormDataContent content) { HttpResponseMessage res = null; try { if (headers != null && headers.Count > 0) { foreach (var header in headers) { _client.DefaultRequestHeaders.TryAddWithoutValidation(header.Key, header.Value); } } res = await _client.PostAsync(url, content); res.EnsureSuccessStatusCode(); var result = await res.Content.ReadAsStringAsync(); if (result == null) { return default; } return result.ToJson<T>(); } catch { var result = await res.Content.ReadAsStringAsync(); if (result == null) { return default; } return result.ToJson<T>(); } finally { if (content != null) { content.Dispose(); } } }#region 二进制内容进行sha256 private static string GetHash(byte[] bytes) { if (bytes == null) throw new ArgumentNullException(nameof(bytes)); using SHA256 sha = SHA256.Create(); byte[] hashBytes = sha.ComputeHash(bytes); return BitConverter.ToString(hashBytes).Replace("-", "").ToLower(); }四,敏感信息加密
使用获取到的证书certificateModel,进行加密
public static class RSAUtility { public static string RSAEncrypt(string text, Certificates certificateModel) { var bytes = Encoding.UTF8.GetBytes(certificateModel.EncryptCertificate.Ciphertext); using var x509 = new X509Certificate2(bytes); var rsaParam = x509.GetRSAPublicKey().ExportParameters(false); var rsa = new RSACryptoServiceProvider(); rsa.ImportParameters(rsaParam); var buff = rsa.Encrypt(Encoding.UTF8.GetBytes(text), true); return Convert.ToBase64String(buff); } }五,查询进件状态
直接使用进件返回的Id,调用接口查询就Ok了
