Home Verkennen Help
Registreren Inloggen
lijunfeng
/
rtdeviceApp
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: e05642d81b
Aftakkingen Labels
rtdeviceApp
/
uni_modules
/
uni-id-pages
/
uniCloud
/
cloudfunctions
/
uni-id-co
/
lib
/
third-party
/
alipay
/
alipayBase.js

alipayBase.js 6.9 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231 
  1. const {
    2. 

  2.   camel2snakeJson,
    3. 

  3.   snake2camelJson,
    4. 

  4.   getOffsetDate,
    5. 

  5.   getFullTimeStr
    6. 

  6. } = require('../../../common/utils')
    7. 

  7. const crypto = require('crypto')
    8. 

  8. 

  9. const ALIPAY_ALGORITHM_MAPPING = {
    10. 

  10.   RSA: 'RSA-SHA1',
    11. 

  11.   RSA2: 'RSA-SHA256'
    12. 

  12. }
    13. 

  13. 

  14. module.exports = class AlipayBase {
    15. 

  15.   constructor (options = {}) {
    16. 

  16.     if (!options.appId) throw new Error('appId required')
    17. 

  17.     if (!options.privateKey) throw new Error('privateKey required')
    18. 

  18.     const defaultOptions = {
    19. 

  19.       gateway: 'https://openapi.alipay.com/gateway.do',
    20. 

  20.       timeout: 5000,
    21. 

  21.       charset: 'utf-8',
    22. 

  22.       version: '1.0',
    23. 

  23.       signType: 'RSA2',
    24. 

  24.       timeOffset: -new Date().getTimezoneOffset() / 60,
    25. 

  25.       keyType: 'PKCS8'
    26. 

  26.     }
    27. 

  27. 

  28.     if (options.sandbox) {
    29. 

  29.       options.gateway = 'https://openapi.alipaydev.com/gateway.do'
    30. 

  30.     }
    31. 

  31. 

  32.     this.options = Object.assign({}, defaultOptions, options)
    33. 

  33. 

  34.     const privateKeyType =
    35. 

  35.       this.options.keyType === 'PKCS8' ? 'PRIVATE KEY' : 'RSA PRIVATE KEY'
    36. 

  36. 

  37.     this.options.privateKey = this._formatKey(
    38. 

  38.       this.options.privateKey,
    39. 

  39.       privateKeyType
    40. 

  40.     )
    41. 

  41.     if (this.options.alipayPublicKey) {
    42. 

  42.       this.options.alipayPublicKey = this._formatKey(
    43. 

  43.         this.options.alipayPublicKey,
    44. 

  44.         'PUBLIC KEY'
    45. 

  45.       )
    46. 

  46.     }
    47. 

  47.   }
    48. 

  48. 

  49.   _formatKey (key, type) {
    50. 

  50.     return `-----BEGIN ${type}-----\n${key}\n-----END ${type}-----`
    51. 

  51.   }
    52. 

  52. 

  53.   _formatUrl (url, params) {
    54. 

  54.     let requestUrl = url
    55. 

  55.     // 需要放在 url 中的参数列表
    56. 

  56.     const urlArgs = [
    57. 

  57.       'app_id',
    58. 

  58.       'method',
    59. 

  59.       'format',
    60. 

  60.       'charset',
    61. 

  61.       'sign_type',
    62. 

  62.       'sign',
    63. 

  63.       'timestamp',
    64. 

  64.       'version',
    65. 

  65.       'notify_url',
    66. 

  66.       'return_url',
    67. 

  67.       'auth_token',
    68. 

  68.       'app_auth_token'
    69. 

  69.     ]
    70. 

  70. 

  71.     for (const key in params) {
    72. 

  72.       if (urlArgs.indexOf(key) > -1) {
    73. 

  73.         const val = encodeURIComponent(params[key])
    74. 

  74.         requestUrl = `${requestUrl}${requestUrl.includes('?') ? '&' : '?'
    75. 

  75.           }${key}=${val}`
    76. 

  76.         // 删除 postData 中对应的数据
    77. 

  77.         delete params[key]
    78. 

  78.       }
    79. 

  79.     }
    80. 

  80. 

  81.     return { execParams: params, url: requestUrl }
    82. 

  82.   }
    83. 

  83. 

  84.   _getSign (method, params) {
    85. 

  85.     const bizContent = params.bizContent || null
    86. 

  86.     delete params.bizContent
    87. 

  87. 

  88.     const signParams = Object.assign({
    89. 

  89.       method,
    90. 

  90.       appId: this.options.appId,
    91. 

  91.       charset: this.options.charset,
    92. 

  92.       version: this.options.version,
    93. 

  93.       signType: this.options.signType,
    94. 

  94.       timestamp: getFullTimeStr(getOffsetDate(this.options.timeOffset))
    95. 

  95.     }, params)
    96. 

  96. 

  97.     if (bizContent) {
    98. 

  98.       signParams.bizContent = JSON.stringify(camel2snakeJson(bizContent))
    99. 

  99.     }
    100. 

  100. 

  101.     // params key 驼峰转下划线
    102. 

  102.     const decamelizeParams = camel2snakeJson(signParams)
    103. 

  103. 

  104.     // 排序
    105. 

  105.     const signStr = Object.keys(decamelizeParams)
    106. 

  106.       .sort()
    107. 

  107.       .map((key) => {
    108. 

  108.         let data = decamelizeParams[key]
    109. 

  109.         if (Array.prototype.toString.call(data) !== '[object String]') {
    110. 

  110.           data = JSON.stringify(data)
    111. 

  111.         }
    112. 

  112.         return `${key}=${data}`
    113. 

  113.       })
    114. 

  114.       .join('&')
    115. 

  115. 

  116.     // 计算签名
    117. 

  117.     const sign = crypto
    118. 

  118.       .createSign(ALIPAY_ALGORITHM_MAPPING[this.options.signType])
    119. 

  119.       .update(signStr, 'utf8')
    120. 

  120.       .sign(this.options.privateKey, 'base64')
    121. 

  121. 

  122.     return Object.assign(decamelizeParams, { sign })
    123. 

  123.   }
    124. 

  124. 

  125.   async _exec (method, params = {}, option = {}) {
    126. 

  126.     // 计算签名
    127. 

  127.     const signData = this._getSign(method, params)
    128. 

  128.     const { url, execParams } = this._formatUrl(this.options.gateway, signData)
    129. 

  129.     const { status, data } = await uniCloud.httpclient.request(url, {
    130. 

  130.       method: 'POST',
    131. 

  131.       data: execParams,
    132. 

  132.       // 按 text 返回(为了验签)
    133. 

  133.       dataType: 'text',
    134. 

  134.       timeout: this.options.timeout
    135. 

  135.     })
    136. 

  136.     if (status !== 200) throw new Error('request fail')
    137. 

  137.     /**
    138. 

  138.      * 示例响应格式
    139. 

  139.      * {"alipay_trade_precreate_response":
    140. 

  140.      *  {"code": "10000","msg": "Success","out_trade_no": "111111","qr_code": "https:\/\/"},
    141. 

  141.      *  "sign": "abcde="
    142. 

  142.      * }
    143. 

  143.      * 或者
    144. 

  144.      * {"error_response":
    145. 

  145.      *  {"code":"40002","msg":"Invalid Arguments","sub_code":"isv.code-invalid","sub_msg":"授权码code无效"},
    146. 

  146.      * }
    147. 

  147.      */
    148. 

  148.     const result = JSON.parse(data)
    149. 

  149.     const responseKey = `${method.replace(/\./g, '_')}_response`
    150. 

  150.     const response = result[responseKey]
    151. 

  151.     const errorResponse = result.error_response
    152. 

  152.     if (response) {
    153. 

  153.       // 按字符串验签
    154. 

  154.       const validateSuccess = option.validateSign ? this._checkResponseSign(data, responseKey) : true
    155. 

  155.       if (validateSuccess) {
    156. 

  156.         if (!response.code || response.code === '10000') {
    157. 

  157.           const errCode = 0
    158. 

  158.           const errMsg = response.msg || ''
    159. 

  159.           return {
    160. 

  160.             errCode,
    161. 

  161.             errMsg,
    162. 

  162.             ...snake2camelJson(response)
    163. 

  163.           }
    164. 

  164.         }
    165. 

  165.         const msg = response.sub_code ? `${response.sub_code} ${response.sub_msg}` : `${response.msg || 'unkonwn error'}`
    166. 

  166.         throw new Error(msg)
    167. 

  167.       } else {
    168. 

  168.         throw new Error('check sign error')
    169. 

  169.       }
    170. 

  170.     } else if (errorResponse) {
    171. 

  171.       throw new Error(errorResponse.sub_msg || errorResponse.msg || 'request fail')
    172. 

  172.     }
    173. 

  173. 

  174.     throw new Error('request fail')
    175. 

  175.   }
    176. 

  176. 

  177.   _checkResponseSign (signStr, responseKey) {
    178. 

  178.     if (!this.options.alipayPublicKey || this.options.alipayPublicKey === '') {
    179. 

  179.       console.warn('options.alipayPublicKey is empty')
    180. 

  180.       // 支付宝公钥不存在时不做验签
    181. 

  181.       return true
    182. 

  182.     }
    183. 

  183. 

  184.     // 带验签的参数不存在时返回失败
    185. 

  185.     if (!signStr) { return false }
    186. 

  186. 

  187.     // 根据服务端返回的结果截取需要验签的目标字符串
    188. 

  188.     const validateStr = this._getSignStr(signStr, responseKey)
    189. 

  189.     // 服务端返回的签名
    190. 

  190.     const serverSign = JSON.parse(signStr).sign
    191. 

  191. 

  192.     // 参数存在,并且是正常的结果(不包含 sub_code)时才验签
    193. 

  193.     const verifier = crypto.createVerify(ALIPAY_ALGORITHM_MAPPING[this.options.signType])
    194. 

  194.     verifier.update(validateStr, 'utf8')
    195. 

  195.     return verifier.verify(this.options.alipayPublicKey, serverSign, 'base64')
    196. 

  196.   }
    197. 

  197. 

  198.   _getSignStr (originStr, responseKey) {
    199. 

  199.     // 待签名的字符串
    200. 

  200.     let validateStr = originStr.trim()
    201. 

  201.     // 找到 xxx_response 开始的位置
    202. 

  202.     const startIndex = originStr.indexOf(`${responseKey}"`)
    203. 

  203.     // 找到最后一个 “"sign"” 字符串的位置(避免)
    204. 

  204.     const lastIndex = originStr.lastIndexOf('"sign"')
    205. 

  205. 

  206.     /**
    207. 

  207.      * 删除 xxx_response 及之前的字符串
    208. 

  208.      * 假设原始字符串为
    209. 

  209.      *  {"xxx_response":{"code":"10000"},"sign":"jumSvxTKwn24G5sAIN"}
    210. 

  210.      * 删除后变为
    211. 

  211.      *  :{"code":"10000"},"sign":"jumSvxTKwn24G5sAIN"}
    212. 

  212.      */
    213. 

  213.     validateStr = validateStr.substr(startIndex + responseKey.length + 1)
    214. 

  214. 

  215.     /**
    216. 

  216.      * 删除最后一个 "sign" 及之后的字符串
    217. 

  217.      * 删除后变为
    218. 

  218.      *  :{"code":"10000"},
    219. 

  219.      * {} 之间就是待验签的字符串
    220. 

  220.      */
    221. 

  221.     validateStr = validateStr.substr(0, lastIndex)
    222. 

  222. 

  223.     // 删除第一个 { 之前的任何字符
    224. 

  224.     validateStr = validateStr.replace(/^[^{]*{/g, '{')
    225. 

  225. 

  226.     // 删除最后一个 } 之后的任何字符
    227. 

  227.     validateStr = validateStr.replace(/\}([^}]*)$/g, '}')
    228. 

  228. 

  229.     return validateStr
    230. 

  230.   }
    231. 

  231. }
    232.