1 月之前 · 5ac9922f8d
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/config/WxPayConfig.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/config/WxPayConfig.java
@@ -320,16 +320,7 @@ public class WxPayConfig {
 
				       //构造Http Proxy正向代理
			
 
				       WxPayHttpProxy wxPayHttpProxy = getWxPayHttpProxy();
			
 
				 
			
 
				-      Verifier certificatesVerifier;
			
 
				-      if (publicKey == null) {
			
 
				-        certificatesVerifier =
			
 
				-          new AutoUpdateCertificatesVerifier(
			
 
				-            new WxPayCredentials(mchId, new PrivateKeySigner(certSerialNo, merchantPrivateKey)),
			
 
				-            this.getApiV3Key().getBytes(StandardCharsets.UTF_8), this.getCertAutoUpdateTime(),
			
 
				-            this.getPayBaseUrl(), wxPayHttpProxy);
			
 
				-      } else {
			
 
				-        certificatesVerifier = new PublicCertificateVerifier(publicKey, publicKeyId);
			
 
				-      }
			
 
				+      Verifier certificatesVerifier = getVerifier(merchantPrivateKey, wxPayHttpProxy, publicKey);
			
 
				 
			
 
				       WxPayV3HttpClientBuilder wxPayV3HttpClientBuilder = WxPayV3HttpClientBuilder.create()
			
 
				         .withMerchant(mchId, certSerialNo, merchantPrivateKey)
			
@@ -355,6 +346,19 @@ public class WxPayConfig {
 
				     }
			
 
				   }
			
 
				 
			
 
				+  private Verifier getVerifier(PrivateKey merchantPrivateKey, WxPayHttpProxy wxPayHttpProxy, PublicKey publicKey) {
			
 
				+    Verifier certificatesVerifier = new AutoUpdateCertificatesVerifier(
			
 
				+      new WxPayCredentials(mchId, new PrivateKeySigner(certSerialNo, merchantPrivateKey)),
			
 
				+      this.getApiV3Key().getBytes(StandardCharsets.UTF_8), this.getCertAutoUpdateTime(),
			
 
				+      this.getPayBaseUrl(), wxPayHttpProxy);
			
 
				+    if (publicKey != null) {
			
 
				+      Verifier publicCertificatesVerifier = new PublicCertificateVerifier(publicKey, publicKeyId);
			
 
				+      publicCertificatesVerifier.setOtherVerifier(certificatesVerifier);
			
 
				+      certificatesVerifier = publicCertificatesVerifier;
			
 
				+    }
			
 
				+    return certificatesVerifier;
			
 
				+  }
			
 
				+
			
 
				   /**
			
 
				    * 初始化一个WxPayHttpProxy对象
			
 
				    *
			
@@ -382,7 +386,7 @@ public class WxPayConfig {
 
				     if (configContent != null) {
			
 
				       return new ByteArrayInputStream(configContent);
			
 
				     }
			
 
				-    
			
 
				+
			
 
				     if (StringUtils.isNotEmpty(configString)) {
			
 
				       configContent = Base64.getDecoder().decode(configString);
			
 
				       return new ByteArrayInputStream(configContent);
			
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/WxPayServiceApacheHttpImpl.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/WxPayServiceApacheHttpImpl.java
@@ -100,6 +100,8 @@ public class WxPayServiceApacheHttpImpl extends BaseWxPayServiceImpl {
 
				     HttpPost httpPost = this.createHttpPost(url, requestStr);
			
 
				     httpPost.addHeader(ACCEPT, APPLICATION_JSON);
			
 
				     httpPost.addHeader(CONTENT_TYPE, APPLICATION_JSON);
			
 
				+    String serialNumber = getWechatpaySerial(getConfig());
			
 
				+    httpPost.addHeader("Wechatpay-Serial", serialNumber);
			
 
				     try (CloseableHttpResponse response = httpClient.execute(httpPost)) {
			
 
				       //v3已经改为通过状态码判断200 204 成功
			
 
				       int statusCode = response.getStatusLine().getStatusCode();
			
@@ -387,10 +389,9 @@ public class WxPayServiceApacheHttpImpl extends BaseWxPayServiceImpl {
 
				    * @return
			
 
				    */
			
 
				   private String getWechatpaySerial(WxPayConfig wxPayConfig) {
			
 
				-    String serialNumber = wxPayConfig.getVerifier().getValidCertificate().getSerialNumber().toString(16).toUpperCase();
			
 
				     if (StringUtils.isNotBlank(wxPayConfig.getPublicKeyId())) {
			
 
				-      serialNumber = wxPayConfig.getPublicKeyId();
			
 
				+      return wxPayConfig.getPublicKeyId();
			
 
				     }
			
 
				-    return serialNumber;
			
 
				+    return wxPayConfig.getVerifier().getValidCertificate().getSerialNumber().toString(16).toUpperCase();
			
 
				   }
			
 
				 }
			
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/v3/auth/PublicCertificateVerifier.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/v3/auth/PublicCertificateVerifier.java
@@ -9,6 +9,8 @@ public class PublicCertificateVerifier implements Verifier{
 
				 
			
 
				     private final PublicKey publicKey;
			
 
				 
			
 
				+    private Verifier certificateVerifier;
			
 
				+
			
 
				     private final X509PublicCertificate publicCertificate;
			
 
				 
			
 
				     public PublicCertificateVerifier(PublicKey publicKey, String publicId) {
			
@@ -16,8 +18,15 @@ public class PublicCertificateVerifier implements Verifier{
 
				         this.publicCertificate = new X509PublicCertificate(publicKey, publicId);
			
 
				     }
			
 
				 
			
 
				+   public void setOtherVerifier(Verifier verifier) {
			
 
				+      this.certificateVerifier = verifier;
			
 
				+   }
			
 
				+
			
 
				     @Override
			
 
				     public boolean verify(String serialNumber, byte[] message, String signature) {
			
 
				+        if (!serialNumber.contains("PUB_KEY_ID")) {
			
 
				+            return this.certificateVerifier.verify(serialNumber, message, signature);
			
 
				+        }
			
 
				         try {
			
 
				             Signature sign = Signature.getInstance("SHA256withRSA");
			
 
				             sign.initVerify(publicKey);
			
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/v3/auth/Verifier.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/v3/auth/Verifier.java
@@ -7,4 +7,6 @@ public interface Verifier {
 
				 
			
 
				 
			
 
				   X509Certificate getValidCertificate();
			
 
				+
			
 
				+  default void setOtherVerifier(Verifier verifier) {};
			
 
				 }