forked from binarywang/WxJava
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathVerifierBuilder.java
More file actions
131 lines (122 loc) · 4.48 KB
/
VerifierBuilder.java
File metadata and controls
131 lines (122 loc) · 4.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package com.github.binarywang.wxpay.config;
import com.github.binarywang.wxpay.exception.WxPayException;
import com.github.binarywang.wxpay.v3.auth.*;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.apache.commons.lang3.StringUtils;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.PublicKey;
/**
* 验证器构建.
*
* @author holy
*/
@NoArgsConstructor(access = AccessLevel.PRIVATE)
class VerifierBuilder {
/**
* 构建验证器.
* <p>
* 场景
* <pre>
* 1. 老商户号,只有平台证书,未开通公钥 (已验证)
* 2. 新商户号,被强制开通公钥,没有平台证书 (已验证)
* 3. 老商户号,有平台证书,主动开通公钥 (未验证,具备条件的朋友,可以帮忙验证下)
* ...
* </pre>
*
* @param certSerialNo c
* @param mchId m
* @param apiV3Key a
* @param merchantPrivateKey m
* @param wxPayHttpProxy w
* @param certAutoUpdateTime c
* @param payBaseUrl p
* @param publicKeyId p
* @param publicKey p
* @return v
* @throws WxPayException e
*/
@SuppressWarnings("java:S107")
static Verifier build(
// 平台证书 - 依赖参数
String certSerialNo,
String mchId,
String apiV3Key,
PrivateKey merchantPrivateKey,
WxPayHttpProxy wxPayHttpProxy,
int certAutoUpdateTime,
String payBaseUrl,
// 公钥 - 依赖参数
String publicKeyId,
PublicKey publicKey
) throws WxPayException {
Verifier certificatesVerifier = null;
Exception ex = null;
// 构建平台证书验证器
// (沿用旧逻辑)优先构建平台证书验证器,因为公钥验证器需要平台证书验证器 (见以下 .setOtherVerifier )
// 新商户号默认无平台证书,已确认无法构建平台证书验证器,会抛出异常;老商户号,有平台证书主动开通公钥的情况,待具备条件的朋友验证
// 建议公钥模式稳定后,优先构建公钥验证器,以免每次都尝试构建平台证书验证器,且失败 {@link com.github.binarywang.wxpay.v3.auth.PublicCertificateVerifier.verify}
if (merchantPrivateKey != null && StringUtils.isNoneBlank(certSerialNo, apiV3Key)) {
try {
certificatesVerifier = getCertificatesVerifier(
certSerialNo, mchId, apiV3Key, merchantPrivateKey, wxPayHttpProxy, certAutoUpdateTime, payBaseUrl
);
} catch (Exception e) {
ex = e;
}
}
// 构建公钥验证器
if (publicKey != null && StringUtils.isNotBlank(publicKeyId)) {
try {
certificatesVerifier = getPublicCertVerifier(publicKeyId, publicKey, certificatesVerifier);
} catch (Exception e) {
ex = e;
}
}
if (certificatesVerifier != null) {
return certificatesVerifier;
}
// 有异常时抛出
if (ex != null) {
throw new WxPayException(ex.getMessage(), ex);
}
// 没有证书验证器时。不确定是否抛出异常,沿用之前逻辑,返回 null
return null;
}
/**
* 获取证书验证器.
*
* @param certSerialNo certSerialNo
* @param mchId mchId
* @param apiV3Key apiV3Key
* @param merchantPrivateKey merchantPrivateKey
* @param wxPayHttpProxy wxPayHttpProxy
* @param certAutoUpdateTime certAutoUpdateTime
* @param payBaseUrl payBaseUrl
* @return verifier
*/
private static AutoUpdateCertificatesVerifier getCertificatesVerifier(
String certSerialNo, String mchId, String apiV3Key, PrivateKey merchantPrivateKey,
WxPayHttpProxy wxPayHttpProxy, int certAutoUpdateTime, String payBaseUrl
) {
return new AutoUpdateCertificatesVerifier(
new WxPayCredentials(mchId, new PrivateKeySigner(certSerialNo, merchantPrivateKey)),
apiV3Key.getBytes(StandardCharsets.UTF_8), certAutoUpdateTime,
payBaseUrl, wxPayHttpProxy);
}
/**
* 获取公钥验证器.
*
* @param publicKeyId id
* @param publicKey key
* @param certificatesVerifier verifier
* @return verifier
*/
private static Verifier getPublicCertVerifier(String publicKeyId, PublicKey publicKey, Verifier certificatesVerifier) {
Verifier publicCertificatesVerifier = new PublicCertificateVerifier(publicKey, publicKeyId);
publicCertificatesVerifier.setOtherVerifier(certificatesVerifier);
certificatesVerifier = publicCertificatesVerifier;
return certificatesVerifier;
}
}