<?php
namespace App\Http\Controllers\Gateway;
use App\Models\Payment;
use Auth;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Response;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
class bypay extends AbstractPayment
{
public function purchase(Request $request): JsonResponse
{
$payment = $this->creatNewPayment(Auth::id(), $request->input('id'), $request->input('amount'));
// switch ($request->input('type')) {
// case 2:
// $type = 'qqpay';
// break;
// case 3:
// $type = 'wxpay';
// break;
// case 1:
// default:
// $type = 'alipay';
// break;
// }
/*
merchantId 商户号-平台统一提供的唯一ID号 true string
merchantOrderId 商户订单号[自行维护唯一性] true string
payCode 支付编码[alipay]|JD|zfb|wx] true string
amount 支付金额(单位:元) 可以0.01元 true string
callbackUrl 异步通知地址 true string
notifyUrl 同步跳转地址 false string
userLocalIp 用户IP true string
sign 签名[参考平台签名算法] true string
ext 附加参数[异步通知原路返回] false string
SHA256 签名介绍
第一步,设所有发送或者接收到的数据为集合M,将集合M内的[参数名]按照参 ASCII 码从小到大排序(字典序)
第二步,使用 URL 键值对的格式(即 key1=value1&key2=value2…),将集合M内参数值,拼接成字符串 stringA; 参数中 sign 不参与签名
第三步,在 stringA 的最后拼接上 "&key=商户密钥值",得到字符串 stringB
第四步,对 stringB 进行 SHA256 运算,得到 stringC
第五步,将字符串 stringC 转换为大写,最后得到 签名值 sign
*/
$key = "e7c359e9146345de86a41a099cacd67f";
$data = [
'merchantId' => "1654045635701374976",
'merchantOrderId' => $payment->trade_no,
'payCode' => "wgzfbsm",
'amount' => $payment->amount,
'userLocalIp' => "192.178.31.34",
'notifyUrl' => route('invoice'),
'callbackUrl' => route('payment.notify', ['method' => 'bypay']),
];
$str = $this->sortParams($data) . '&key=' . $key; //stringB
Log::info("[BYPZ]请求支付接口". var_export($str, true));
$StringC = strtolower($this->sha256($str));
Log::info("[BYPZ]请求支付接口". var_export($StringC, true));
$data['sign'] = strtoupper($StringC); //stringC
Log::info("[BYPZ]请求支付接口". var_export($data, true));
$postData = json_encode($data);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "https://bjzf88.vip/api/unifiedOrder/v2");
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($postData))
);
$res = curl_exec($curl);
curl_close($curl);
$result = json_decode($res, true);
if (!$result) {
return Response::json(['status' => 'success', 'url' => "", 'message' => '网络异常!']);
}
Log::info("[BYPZ]请求支付接口". var_export($result, true));
if ($result["status"] != 200){
return Response::json(['status' => 'fail', 'message' => '创建订单失败!'.$result['error']]);
}
return Response::json(['status' => 'success', 'url' => $result['data'], 'message' => '创建订单成功!']);
}
public function notify(Request $request): void
{
$postData = file_get_contents('php://input');
$result = json_decode($postData,true);
Log::info("[BYPZ]回调内容1". var_export($result, true));
$notifyData = [
'merchantId'=>$result['merchantId'],
'merchantOrderId'=>$result['merchantOrderId'],
'orderId'=>$result['orderId'],
'amount'=>$result['amount'],
'factAmount'=>$result['factAmount'],
'ext'=>$result['ext'],
'state'=>$result['state'],
'sign'=>$result['sign']
];
if ($this->verifySign($notifyData)){
exit('fail');
}
Log::info("[BYPZ]回调内容". var_export($notifyData, true));
if ($this->paymentReceived($notifyData['merchantOrderId']) ) {
$this->addPamentCallback($notifyData['merchantOrderId'] ,$notifyData['orderId'] ,"");
Log::info('【BYPZ】paymentReceived:'.var_export($request->all(), true));
exit('success');
}
}
function ASCII($params = array()){
//ksort()对数组按照键名进行升序排序
ksort($params);
//reset()内部指针指向数组中的第一个元素
reset($params);
$str = http_build_query($params);
return $str;
}
function verifySign($params)
{
$key = "e7c359e9146345de86a41a099cacd67f";
$sign = $params['sign'];
unset($params['sign']);
ksort($params);
$str = $this->sortParams($params) . '&key='.$key;
$StringC = strtolower($this->sha256($str));
if ($sign !== strtoupper($StringC)) {
return false;
}
return $str;
// 剃离sign,sign_type,空值
// unset($data['sign'], $data['sign_type'] , $data["method"]);
// if ($filter) {
// $data = array_filter($data);
// }
// 排序
// ksort($data, SORT_STRING);
// reset($data);
//
//
// $data["key"] = $key;
// return strtoupper(md5(urldecode(http_build_query($data))));
}
function sortParams($params) {
ksort($params);
$str = '';
foreach ($params as $key => $value) {
$str .= $key . '=' . $value . '&';
}
return rtrim($str, '&');
}
function sha256($str) {
$hash = hash('sha256', $str, true);
$encdeStr = bin2hex($hash);
return strtolower($encdeStr);
}
}