支付宝支付
1,参数准备
/// <summary> /// 类名:Config /// 功能:基础配置类 /// 详细:设置帐户有关信息及返回路径 /// 版本:3.4 /// 修改日期:2016-03-08 /// 说明: /// 以下代码只是为了方便商户测试而提供的样例代码,商户可以根据自己网站的需要,按照技术文档编写,并非一定要使用该代码。 /// 该代码仅供学习和研究支付宝接口使用,只是提供一个参考。 /// </summary> public class AlipayConfig { //↓↓↓↓↓↓↓↓↓↓请在这里配置您的基本信息↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓ // 合作身份者ID,签约账号,以2088开头由16位纯数字组成的字符串,查看地址:https://b.alipay.com/order/pidAndKey.htm public static string partner = YardPadConfig.Partner; // 收款支付宝账号,以2088开头由16位纯数字组成的字符串,一般情况下收款账号就是签约账号 public static string seller_id = partner; //商户的私钥,原始格式,RSA公私钥生成:https://doc.open.alipay.com/doc2/detail.htm?spm=a219a.7629140.0.0.nBDxfy&treeId=58&articleId=103242&docType=1 public static string private_key = YardPadConfig.PrivateKey; //支付宝的公钥,查看地址:https://b.alipay.com/order/pidAndKey.htm public static string alipay_public_key = YardPadConfig.AlipayPublicKey; // 服务器异步通知页面路径,需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问 public static string notify_url = YardPadConfig.AlipayNotifyUrl; // 页面跳转同步通知页面路径,需http://格式的完整路径,不能加?id=123这类自定义参数,必须外网可以正常访问 public static string return_url = YardPadConfig.AlipayReturnUrl; // 签名方式 public static string sign_type = "RSA"; // 调试用,创建TXT日志文件夹路径,见AlipayCore.cs类中的LogResult(string sWord)打印方法。 public static string log_path = HttpRuntime.AppDomainAppPath.ToString() + "log/"; // 字符编码格式 目前支持utf-8 public static string input_charset = "utf-8"; // 支付类型 ,无需修改 public static string payment_type = "1"; // 调用的接口名,无需修改 public static string service = "alipay.wap.create.direct.pay.by.user"; //↑↑↑↑↑↑↑↑↑↑请在这里配置您的基本信息↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑ }
2.支付代码撰写
public string doAlipayPay(string outTradeNo) { PayOrderDomain payOrderDomain = new PayOrderDomain(); PAY_Order parOrder = new PAY_Order(); List<PAY_Order> payOrderList = payOrderDomain.GetByOrderNoList(outTradeNo); if (payOrderList != null && payOrderList.Count > 0) { parOrder = payOrderList.First(); } else { return "Order does not exist"; }////////////////////////////////////////////请求参数//////////////////////////////////////////// //商户订单号,商户网站订单系统中唯一订单号,必填 string out_trade_no = newOrderNo; //订单名称,必填
string subject = project.ChineseProjectName; byte[] buffer = Encoding.UTF8.GetBytes(subject); subject = Encoding.UTF8.GetString(buffer, 0, buffer.Length); //付款金额,必填 string total_fee = parOrder.Amount.ToString(); //收银台页面上,商品展示的超链接,必填 string show_url = ""; //商品描述,可空 byte[] buffer1 = Encoding.UTF8.GetBytes(parOrder.Order_Desc); string body = Encoding.UTF8.GetString(buffer1, 0, buffer1.Length); //////////////////////////////////////////////////////////////////////////////////////////////// //把请求参数打包成数组 SortedDictionary<string, string> sParaTemp = new SortedDictionary<string, string>(); sParaTemp.Add("partner", AlipayConfig.partner); sParaTemp.Add("seller_id", AlipayConfig.seller_id); sParaTemp.Add("_input_charset", AlipayConfig.input_charset.ToLower()); sParaTemp.Add("service", AlipayConfig.service); sParaTemp.Add("payment_type", AlipayConfig.payment_type); sParaTemp.Add("notify_url", AlipayConfig.notify_url); sParaTemp.Add("return_url", AlipayConfig.return_url); sParaTemp.Add("out_trade_no", out_trade_no); sParaTemp.Add("subject", subject); sParaTemp.Add("total_fee", total_fee); sParaTemp.Add("show_url", show_url); //sParaTemp.Add("app_pay","Y");//启用此参数可唤起钱包APP支付。 sParaTemp.Add("body", body); //其他业务参数根据在线开发文档,添加参数.文档地址:https://doc.open.alipay.com/doc2/detail.htm?spm=a219a.7629140.0.0.2Z6TSk&treeId=60&articleId=103693&docType=1 //如sParaTemp.Add("参数名","参数值"); // 建立请求 string sHtmlText = AlipaySubmit.BuildRequest(sParaTemp, "get", "确认"); return sHtmlText; //Response.Write(sHtmlText); throw new NotImplementedException(); }
public class AlipaySubmit { #region 字段 //支付宝网关地址(新) private static string GATEWAY_NEW = "https://mapi.alipay.com/gateway.do?"; //商户的私钥 private static string _private_key = ""; //编码格式 private static string _input_charset = ""; //签名方式 private static string _sign_type = ""; #endregion static AlipaySubmit() { _private_key = AlipayConfig.private_key; _input_charset = AlipayConfig.input_charset.Trim().ToLower(); _sign_type = AlipayConfig.sign_type.Trim().ToUpper(); } /// <summary> /// 生成请求时的签名 /// </summary> /// <param name="sPara">请求给支付宝的参数数组</param> /// <returns>签名结果</returns> private static string BuildRequestMysign(Dictionary<string, string> sPara) { //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 string prestr = Core.CreateLinkString(sPara); //把最终的字符串签名,获得签名结果 string mysign = ""; switch (_sign_type) { case "RSA": mysign = RSAFromPkcs8.sign(prestr, _private_key, _input_charset); break; default: mysign = ""; break; } return mysign; } /// <summary> /// 生成要请求给支付宝的参数数组 /// </summary> /// <param name="sParaTemp">请求前的参数数组</param> /// <returns>要请求的参数数组</returns> private static Dictionary<string, string> BuildRequestPara(SortedDictionary<string, string> sParaTemp) { //待签名请求参数数组 Dictionary<string, string> sPara = new Dictionary<string, string>(); //签名结果 string mysign = ""; //过滤签名参数数组 sPara = Core.FilterPara(sParaTemp); //获得签名结果 mysign = BuildRequestMysign(sPara); //签名结果与签名方式加入请求提交参数组中 sPara.Add("sign", mysign); sPara.Add("sign_type", _sign_type); return sPara; } /// <summary> /// 生成要请求给支付宝的参数数组 /// </summary> /// <param name="sParaTemp">请求前的参数数组</param> /// <param name="code">字符编码</param> /// <returns>要请求的参数数组字符串</returns> private static string BuildRequestParaToString(SortedDictionary<string, string> sParaTemp, Encoding code) { //待签名请求参数数组 Dictionary<string, string> sPara = new Dictionary<string, string>(); sPara = BuildRequestPara(sParaTemp); //把参数组中所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串,并对参数值做urlencode string strRequestData = Core.CreateLinkStringUrlencode(sPara, code); return strRequestData; } /// <summary> /// 建立请求,以表单HTML形式构造(默认) /// </summary> /// <param name="sParaTemp">请求参数数组</param> /// <param name="strMethod">提交方式。两个值可选:post、get</param> /// <param name="strButtonValue">确认按钮显示文字</param> /// <returns>提交表单HTML文本</returns> public static string BuildRequest(SortedDictionary<string, string> sParaTemp, string strMethod, string strButtonValue) { //待请求参数数组 Dictionary<string, string> dicPara = new Dictionary<string, string>(); dicPara = BuildRequestPara(sParaTemp); StringBuilder sbHtml = new StringBuilder(); sbHtml.Append("<form id='alipaysubmit' name='alipaysubmit' action='" + GATEWAY_NEW + "_input_charset=" + _input_charset + "' method='" + strMethod.ToLower().Trim() + "' accept-charset='utf-8'>"); foreach (KeyValuePair<string, string> temp in dicPara) { sbHtml.Append("<input type='hidden' name='" + temp.Key + "' value='" + temp.Value + "'/>"); } //submit按钮控件请不要含有name属性 sbHtml.Append("<input type='submit' value='" + strButtonValue + "' style='display:none;'></form>"); sbHtml.Append("<script>document.forms['alipaysubmit'].submit();</script>"); return sbHtml.ToString(); } /// <summary> /// 用于防钓鱼,调用接口query_timestamp来获取时间戳的处理函数 /// 注意:远程解析XML出错,与IIS服务器配置有关 /// </summary> /// <returns>时间戳字符串</returns> public static string Query_timestamp() { string url = GATEWAY_NEW + "service=query_timestamp&partner=" + AlipayConfig.partner + "&_input_charset=" + AlipayConfig.input_charset; string encrypt_key = ""; XmlTextReader Reader = new XmlTextReader(url); XmlDocument xmlDoc = new XmlDocument(); xmlDoc.Load(Reader); encrypt_key = xmlDoc.SelectSingleNode("/alipay/response/timestamp/encrypt_key").InnerText; return encrypt_key; } }
/// <summary> /// 除去数组中的空值和签名参数并以字母a到z的顺序排序 /// </summary> /// <param name="dicArrayPre">过滤前的参数组</param> /// <returns>过滤后的参数组</returns> public static Dictionary<string, string> FilterPara(SortedDictionary<string, string> dicArrayPre) { Dictionary<string, string> dicArray = new Dictionary<string, string>(); foreach (KeyValuePair<string, string> temp in dicArrayPre) { if (temp.Key.ToLower() != "sign" && temp.Key.ToLower() != "sign_type" && temp.Value != "" && temp.Value != null) { dicArray.Add(temp.Key, temp.Value); } } return dicArray; } /// <summary> /// 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 /// </summary> /// <param name="sArray">需要拼接的数组</param> /// <returns>拼接完成以后的字符串</returns> public static string CreateLinkString(Dictionary<string, string> dicArray) { StringBuilder prestr = new StringBuilder(); foreach (KeyValuePair<string, string> temp in dicArray) { prestr.Append(temp.Key + "=" + temp.Value + "&"); } //去掉最後一個&字符 int nLen = prestr.Length; prestr.Remove(nLen-1,1); return prestr.ToString(); } /// <summary> /// 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串,并对参数值做urlencode /// </summary> /// <param name="sArray">需要拼接的数组</param> /// <param name="code">字符编码</param> /// <returns>拼接完成以后的字符串</returns> public static string CreateLinkStringUrlencode(Dictionary<string, string> dicArray, Encoding code) { StringBuilder prestr = new StringBuilder(); foreach (KeyValuePair<string, string> temp in dicArray) { prestr.Append(temp.Key + "=" + HttpUtility.UrlEncode(temp.Value, code) + "&"); } //去掉最後一個&字符 int nLen = prestr.Length; prestr.Remove(nLen - 1, 1); return prestr.ToString(); } /// <summary> /// 写日志,方便测试(看网站需求,也可以改成把记录存入数据库) /// </summary> /// <param name="sWord">要写入日志里的文本内容</param> public static void LogResult(string sWord) { string strPath = AlipayConfig.log_path + "\\" + "alipay_log_" + DateTime.Now.ToString("yyyyMMddHHmmss") + ".txt"; StreamWriter fs = new StreamWriter(strPath, false, System.Text.Encoding.Default); fs.Write(sWord); fs.Close(); } /// <summary> /// 获取文件的md5摘要 /// </summary> /// <param name="sFile">文件流</param> /// <returns>MD5摘要结果</returns> public static string GetAbstractToMD5(Stream sFile) { MD5 md5 = new MD5CryptoServiceProvider(); byte[] result = md5.ComputeHash(sFile); StringBuilder sb = new StringBuilder(32); for (int i = 0; i < result.Length; i++) { sb.Append(result[i].ToString("x").PadLeft(2, '0')); } return sb.ToString(); } /// <summary> /// 获取文件的md5摘要 /// </summary> /// <param name="dataFile">文件流</param> /// <returns>MD5摘要结果</returns> public static string GetAbstractToMD5(byte[] dataFile) { MD5 md5 = new MD5CryptoServiceProvider(); byte[] result = md5.ComputeHash(dataFile); StringBuilder sb = new StringBuilder(32); for (int i = 0; i < result.Length; i++) { sb.Append(result[i].ToString("x").PadLeft(2, '0')); } return sb.ToString(); }
public class Notify { #region 字段 private string _partner = ""; //合作身份者ID private string alipay_public_key = ""; //支付宝的公钥 private string _input_charset = ""; //编码格式 private string _sign_type = ""; //签名方式 //支付宝消息验证地址 private string Https_veryfy_url = "https://mapi.alipay.com/gateway.do?service=notify_verify&"; #endregion /// <summary> /// 构造函数 /// 从配置文件中初始化变量 /// </summary> /// <param name="inputPara">通知返回参数数组</param> /// <param name="notify_id">通知验证ID</param> public Notify() { //初始化基础配置信息 _partner = AlipayConfig.partner.Trim(); alipay_public_key = AlipayConfig.alipay_public_key.Trim(); _input_charset = AlipayConfig.input_charset.Trim().ToLower(); _sign_type = AlipayConfig.sign_type.Trim().ToUpper(); } /// <summary> /// 从文件读取公钥转公钥字符串 /// </summary> /// <param name="Path">公钥文件路径</param> public static string getPublicKeyStr(string Path) { StreamReader sr = new StreamReader(Path); string pubkey = sr.ReadToEnd(); sr.Close(); if (pubkey != null) { pubkey = pubkey.Replace("-----BEGIN PUBLIC KEY-----", ""); pubkey = pubkey.Replace("-----END PUBLIC KEY-----", ""); pubkey = pubkey.Replace("\r", ""); pubkey = pubkey.Replace("\n", ""); } return pubkey; } /// <summary> /// 验证消息是否是支付宝发出的合法消息 /// </summary> /// <param name="inputPara">通知返回参数数组</param> /// <param name="notify_id">通知验证ID</param> /// <param name="sign">支付宝生成的签名结果</param> /// <returns>验证结果</returns> public bool Verify(SortedDictionary<string, string> inputPara, string notify_id, string sign) { //获取返回时的签名验证结果 bool isSign = GetSignVeryfy(inputPara, sign); //获取是否是支付宝服务器发来的请求的验证结果 string responseTxt = "false"; if (notify_id != null && notify_id != "") { responseTxt = GetResponseTxt(notify_id); } //写日志记录(若要调试,请取消下面两行注释) //string sWord = "responseTxt=" + responseTxt + "\n isSign=" + isSign.ToString() + "\n 返回回来的参数:" + GetPreSignStr(inputPara) + "\n "; //Core.LogResult(sWord); //判断responsetTxt是否为true,isSign是否为true //responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //isSign不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (responseTxt == "true" && isSign)//验证成功 { return true; } else//验证失败 { return false; } } /// <summary> /// 获取待签名字符串(调试用) /// </summary> /// <param name="inputPara">通知返回参数数组</param> /// <returns>待签名字符串</returns> private string GetPreSignStr(SortedDictionary<string, string> inputPara) { Dictionary<string, string> sPara = new Dictionary<string, string>(); //过滤空值、sign与sign_type参数 sPara = Core.FilterPara(inputPara); //获取待签名字符串 string preSignStr = Core.CreateLinkString(sPara); return preSignStr; } /// <summary> /// 获取返回时的签名验证结果 /// </summary> /// <param name="inputPara">通知返回参数数组</param> /// <param name="sign">对比的签名结果</param> /// <returns>签名验证结果</returns> private bool GetSignVeryfy(SortedDictionary<string, string> inputPara, string sign) { Dictionary<string, string> sPara = new Dictionary<string, string>(); //过滤空值、sign与sign_type参数 sPara = Core.FilterPara(inputPara); //获取待签名字符串 string preSignStr = Core.CreateLinkString(sPara); //获得签名验证结果 bool isSgin = false; if (sign != null && sign != "") { switch (_sign_type) { case "RSA": isSgin = RSAFromPkcs8.verify(preSignStr, sign, alipay_public_key, _input_charset); break; default: break; } } return isSgin; } /// <summary> /// 获取是否是支付宝服务器发来的请求的验证结果 /// </summary> /// <param name="notify_id">通知验证ID</param> /// <returns>验证结果</returns> private string GetResponseTxt(string notify_id) { string veryfy_url = Https_veryfy_url + "partner=" + _partner + "¬ify_id=" + notify_id; //获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求 string responseTxt = Get_Http(veryfy_url, 120000); return responseTxt; } /// <summary> /// 获取远程服务器ATN结果 /// </summary> /// <param name="strUrl">指定URL路径地址</param> /// <param name="timeout">超时时间设置</param> /// <returns>服务器ATN结果</returns> private string Get_Http(string strUrl, int timeout) { string strResult; try { HttpWebRequest myReq = (HttpWebRequest)HttpWebRequest.Create(strUrl); myReq.Timeout = timeout; HttpWebResponse HttpWResp = (HttpWebResponse)myReq.GetResponse(); Stream myStream = HttpWResp.GetResponseStream(); StreamReader sr = new StreamReader(myStream, Encoding.Default); StringBuilder strBuilder = new StringBuilder(); while (-1 != sr.Peek()) { strBuilder.Append(sr.ReadLine()); } strResult = strBuilder.ToString(); } catch (Exception exp) { strResult = "错误:" + exp.Message; } return strResult; } }
/// <summary> /// 支付宝支付回调 /// </summary> /// <returns></returns> [HttpPost] public ActionResult AlipayNotify() { string status = string.Empty; SortedDictionary<string, string> sPara = GetRequestPost(); if (sPara.Count > 0)//判断是否有带返回参数 { Notify aliNotify = new Notify(); bool verifyResult = aliNotify.Verify(sPara, Request.Form["notify_id"], Request.Form["sign"]); if (verifyResult)//验证成功 { ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //请在这里加上商户的业务逻辑程序代码 //——请根据您的业务逻辑来编写程序(以下代码仅作参考)—— //获取支付宝的通知返回参数,可参考技术文档中服务器异步通知参数列表 //商户订单号 string out_trade_no = Request.Form["out_trade_no"]; //支付宝交易号 string trade_no = Request.Form["trade_no"]; // 支付金额 string amount = Request.Form["total_fee"]; //交易状态 string trade_status = Request.Form["trade_status"];if (Request.Form["trade_status"] == "TRADE_SUCCESS") { //判断该笔订单是否在商户网站中已经做过处理 //如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序 //请务必判断请求时的total_fee、seller_id与通知时获取的total_fee、seller_id为一致的 //如果有做过处理,不执行商户的业务程序 //注意: //付款完成后,支付宝系统发送该交易状态通知 //验签成功,更新订单表状态 PayOrderRelationDomain payOrderRelationDomain = new PayOrderRelationDomain(); List<PAY_Order_Relation> payOrderRelationList = payOrderRelationDomain.GetByOrderNoList(out_trade_no); if (payOrderRelationList != null && payOrderRelationList.Count > 0) { PAY_Order_Relation payOrderRelation = payOrderRelationList.First(); PayOrderDomain payOrderDomain = new PayOrderDomain(); PAY_Order payOrder = new PAY_Order(); List<PAY_Order> payOrderList = payOrderDomain.GetByOrderNoList(payOrderRelation.Original_Order_No); if (payOrderList != null && payOrderList.Count > 0) { payOrder = payOrderList.First(); payOrder.Status = "Paied"; payOrder.UpdateDate = DateTime.Now; payOrder.NotifyNum = 1; payOrder.NotifyTime = DateTime.Now.AddMinutes(5); payOrderDomain.Modify(payOrder.ID, payOrder); } status = "success"; //请不要修改或删除 } else { status = "fail"; } } else { status = "fail"; } //——请根据您的业务逻辑来编写程序(以上代码仅作参考)—— ///////////////////////////////////////////////////////////////////////////////////////////////////////////// } else//验证失败 { status = "fail"; } } else { status = "无通知参数"; } // Response.Write(""); return Content(status); //return Content("success"); } /// <summary> /// 获取支付宝POST过来通知消息,并以“参数名=参数值”的形式组成数组 /// </summary> /// <returns>request回来的信息组成的数组</returns> public SortedDictionary<string, string> GetRequestPost() { int i = 0; SortedDictionary<string, string> sArray = new SortedDictionary<string, string>(); NameValueCollection coll; //Load Form variables into NameValueCollection variable. coll = Request.Form; // Get names of all forms into a string array. String[] requestItem = coll.AllKeys; for (i = 0; i < requestItem.Length; i++) { sArray.Add(requestItem[i], Request.Form[requestItem[i]]); } return sArray; }