微信小程序支付功能 C# .NET开发
程序员文章站
2023-10-16 19:48:57
微信小程序支付功能的开发的时候坑比较多,不过对于钱的事谨慎也是好事。网上关于小程序支付的实例很多,但是大多多少有些问题,C#开发的更少。此篇文档的目的是讲开发过程中遇到的问题做一个备注,也方便其他开发的同学作为参考! 1、首先建议把官方文档支付部分看上三遍,每个细节都不要放过,因为任何一个点和微信要 ......
微信小程序支付功能的开发的时候坑比较多,不过对于钱的事谨慎也是好事。网上关于小程序支付的实例很多,但是大多多少有些问题,c#开发的更少。此篇文档的目的是讲开发过程中遇到的问题做一个备注,也方便其他开发的同学作为参考!
1、首先建议把官方文档支付部分看上三遍,每个细节都不要放过,因为任何一个点和微信要求不符都会导致支付不成功。https://pay.weixin.qq.com/wiki/doc/api/wxa/wxa_api.php?chapter=3_1
2、经过验证的微信支付功能,会需要一些商户号、支付秘钥等,不要搞混。
3、经常遇到的是“签名错误”,请仔细看需要传送的xml参数及取值规则是否符合微信规则。微信有个验证工具可以验证发送的xml字段是否合法。
下面上代码:
web.config
<add key="connectionstring" value="server=127.0.0.1;database=;uid=sa;pwd="/>
<add key="connectionstring2" value="server=127.0.0.1;database=codematic2;uid=sa;pwd=1"/>
<add key="appid" value=""/>//appid
<add key="secret" value=""/>//小程序秘钥
<add key="mch_id" value=""/>//商户号
<add key="key" value=""/>//支付秘钥
<add key="ip" value=""/>//服务器ip
<add key="payresulturl" value=""/>//微信返回接收信息的url地址
</appsettings>
支付后台xiadan.ashx
<%@ webhandler language="c#" class="xiadan" %>
using system;
using system.web;
using system.net;
using system.io;
using system.configuration;
using maticsoft.model;
using maticsoft.bll;
using system.security.cryptography;
using system.text;
using system.xml.serialization;
using system.xml;
using system.collections.generic;
using system.data;
using system.net.security;
using system.security.cryptography.x509certificates;
using system.linq;
using newtonsoft.json;
public class xiadan : ihttphandler
{
public void processrequest(httpcontext context)
{
context.response.contenttype = "text/plain";
string openid = context.request.params["openid"];
string ordertime = context.request.params["ordertime"];
string appid = configurationmanager.appsettings["appid"];
string secret = configurationmanager.appsettings["secret"];
string key = configurationmanager.appsettings["key"];
string mch_id = configurationmanager.appsettings["mch_id"];
string ip = configurationmanager.appsettings["ip"];
string payresulturl = configurationmanager.appsettings["payresulturl"];
string roomid = context.request.params["roomid"];
string aa = "-押金";////商品描述交易字段格式根据不同的应用场景按照以下格式:app——需传入应用市场上的app名字-实际商品名称,天天爱消除-游戏充值。
string strcode = aa;
byte[] buffer = encoding.utf8.getbytes(strcode);
string body = encoding.utf8.getstring(buffer, 0, buffer.length);
string totalfee = context.request.params["totalfee"];
string output = "";
if ((context.request.params["openid"] != null) && (context.request.params["openid"] != ""))
{
//orderinfo order = new orderinfo();
//order.appid = appid;
system.random random = new system.random();
var dic = new dictionary<string, string>
{
{"appid", appid},
{"mch_id", mch_id},
{"nonce_str", getrandomstring(20)/*random.next().tostring()*/},
{"body",body},
{"out_trade_no",roomid + datetime.now.tostring("yyyymmddhhmmssfff") + random.next(999).tostring()},//商户自己的订单号码
{"total_fee",totalfee},
{"spbill_create_ip",ip},//服务器的ip地址
{"notify_url",payresulturl},//异步通知的地址,不能带参数
{"trade_type","jsapi" },
{"openid",openid}
};
//加入签名
dic.add("sign", getsignstring(dic));
var sb = new stringbuilder();
sb.append("<xml>");
foreach (var d in dic)
{
sb.append("<" + d.key + ">" + d.value + "</" + d.key + ">");
}
sb.append("</xml>");
var xml = new xmldocument();
// xml.loadxml(getpoststring("https://api.mch.weixin.qq.com/pay/unifiedorder", sb.tostring()));
cookiecollection coo = new cookiecollection();
encoding en = encoding.getencoding("utf-8");
httpwebresponse response = createposthttpresponse("https://api.mch.weixin.qq.com/pay/unifiedorder", sb.tostring(), en);
//打印返回值
stream stream = response.getresponsestream(); //获取响应的字符串流
streamreader sr = new streamreader(stream); //创建一个stream读取流
string html = sr.readtoend(); //从头读到尾,放到字符串html
//console.writeline(html);
xml.loadxml(html);
//对请求返回值 进行处理
var root = xml.documentelement;
dataset ds = new dataset();
stringreader stram = new stringreader(html);
xmltextreader reader = new xmltextreader(stram);
ds.readxml(reader);
string return_code = ds.tables[0].rows[0]["return_code"].tostring();
if (return_code.toupper() == "success")
{
//通信成功
string result_code = ds.tables[0].rows[0]["result_code"].tostring();//业务结果
if (result_code.toupper() == "success")
{
var res = new dictionary<string, string>
{
{"appid", appid},
{"timestamp", gettimestamp()},
{"noncestr", dic["nonce_str"]},
{"package", "prepay_id="+ds.tables[0].rows[0]["prepay_id"].tostring()},
{"signtype", "md5"}
};
//在服务器上签名
res.add("paysign", getsignstring(res));
// string signapp = res.tostring();
string signapp = jsonconvert.serializeobject(res);
if ((context.request.params["openid"] != null) && (context.request.params["openid"] != ""))
{
//存储订单信息
maticsoft.model.order_history oh = new maticsoft.model.order_history();
//oh.shop_id =
oh.room_id = convert.toint32(roomid);
oh.pay_price = convert.todecimal(totalfee);
oh.out_trade_no = dic["out_trade_no"];
oh.order_timestart = convert.todatetime(ordertime);
oh.openid = openid;
oh.creating_date = datetime.now;
maticsoft.bll.order_history bll = new maticsoft.bll.order_history();
bll.add(oh);
}
context.response.write(signapp);
}
}
}
context.response.write(output);
}
public bool isreusable
{
get
{
return false;
}
}
public string getmd5hash(string input)
{
if (input == null)
{
return null;
}
md5 md5hash = md5.create();
// 将输入字符串转换为字节数组并计算哈希数据
byte[] data = md5hash.computehash(encoding.utf8.getbytes(input));
// 创建一个 stringbuilder 来收集字节并创建字符串
stringbuilder sbuilder = new stringbuilder();
// 循环遍历哈希数据的每一个字节并格式化为十六进制字符串
for (int i = 0; i < data.length; i++)
{
sbuilder.append(data[i].tostring());
}
// 返回十六进制字符串
return sbuilder.tostring();
}
/// <summary>
/// 对象序列化成 xml string
/// </summary>
public static string xmlserialize<t>(t obj)
{
string xmlstring = string.empty;
xmlserializer xmlserializer = new xmlserializer(typeof(t));
using (memorystream ms = new memorystream())
{
xmlserializer.serialize(ms, obj);
xmlstring = encoding.utf8.getstring(ms.toarray());
}
return xmlstring;
}
/// <summary>
/// 从字符串里随机得到,规定个数的字符串.
/// </summary>
/// <param name="allchar"></param>
/// <param name="codecount"></param>
/// <returns></returns>
public static string getrandomstring(int codecount)
{
string allchar = "1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z";
string[] allchararray = allchar.split(',');
string randomcode = "";
int temp = -1;
random rand = new random();
for (int i = 0; i < codecount; i++)
{
if (temp != -1)
{
rand = new random(temp * i * ((int)datetime.now.ticks));
}
int t = rand.next(allchararray.length - 1);
while (temp == t)
{
t = rand.next(allchararray.length - 1);
}
temp = t;
randomcode += allchararray[t];
}
return randomcode;
}
public static string getwebclientip()
{
string userip = "ip";
try
{
if (system.web.httpcontext.current == null
|| system.web.httpcontext.current.request == null
|| system.web.httpcontext.current.request.servervariables == null)
return "";
string customerip = "";
//cdn加速后取到的ip
customerip = system.web.httpcontext.current.request.headers["cdn-src-ip"];
if (!string.isnullorempty(customerip))
{
return customerip;
}
customerip = system.web.httpcontext.current.request.servervariables["http_x_forwarded_for"];
if (!string.isnullorempty(customerip))
return customerip;
if (system.web.httpcontext.current.request.servervariables["http_via"] != null)
{
customerip = system.web.httpcontext.current.request.servervariables["http_x_forwarded_for"];
if (customerip == null)
customerip = system.web.httpcontext.current.request.servervariables["remote_addr"];
}
else
{
customerip = system.web.httpcontext.current.request.servervariables["remote_addr"];
}
if (string.compare(customerip, "unknown", true) == 0)
return system.web.httpcontext.current.request.userhostaddress;
return customerip;
}
catch { }
return userip;
}
private static bool checkvalidationresult(object sender, x509certificate certificate, x509chain chain, sslpolicyerrors errors)
{
return true; //总是接受
}
public static httpwebresponse createposthttpresponse(string url, string datas, encoding charset)
{
httpwebrequest request = null;
//httpsq请求
servicepointmanager.servercertificatevalidationcallback = new remotecertificatevalidationcallback(checkvalidationresult);
request = webrequest.create(url) as httpwebrequest;
request.protocolversion = httpversion.version10;
request.method = "post";
request.contenttype = "application/x-www-form-urlencoded";
//如果需要post数据
//if (!(parameters == null || parameters.count == 0))
//{
stringbuilder buffer = new stringbuilder();
//int i = 0;
//foreach (string key in parameters.keys)
//{
// if (i > 0)
// {
// buffer.appendformat("&{0}={1}", key, parameters[key]);
// }
// else
// {
// buffer.appendformat("{0}={1}", key, parameters[key]);
// }
// i++;
//}
buffer.appendformat(datas);
byte[] data = charset.getbytes(buffer.tostring());
using (stream stream = request.getrequeststream())
{
stream.write(data, 0, data.length);
}
//}
return request.getresponse() as httpwebresponse;
}
public string getsignstring(dictionary<string, string> dic)
{
string key = system.web.configuration.webconfigurationmanager.appsettings["key"].tostring();//商户平台 api安全里面设置的key 32位长度
//排序
dic = dic.orderby(d => d.key).todictionary(d => d.key, d => d.value);
//连接字段
var sign = dic.aggregate("", (current, d) => current + (d.key + "=" + d.value + "&"));
sign += "key=" + key;
//md5
// sign = system.web.security.formsauthentication.hashpasswordforstoringinconfigfile(sign, "md5").toupper();
system.security.cryptography.md5 md5 = system.security.cryptography.md5.create();
sign = bitconverter.tostring(md5.computehash(encoding.utf8.getbytes(sign))).replace("-", null);
return sign;
}
/// <summary>
/// 获取时间戳
/// </summary>
/// <returns></returns>
public static string gettimestamp()
{
timespan ts = datetime.utcnow - new datetime(1970, 1, 1, 0, 0, 0, 0);
return convert.toint64(ts.totalseconds).tostring();
}
}
微信返回信息接收后台页面notify_url.ashx
<%@ webhandler language="c#" class="notify_url" %>
using system;
using system.web;
using system.collections.generic;
using system.data;
using system.io;
using system.text;
using system.xml;
using system.net;
public class notify_url : ihttphandler
{
public string return_result = "";
public void processrequest(httpcontext context)
{
context.response.contenttype = "text/plain";
context.response.write("hello world");
string xmldata = getpoststr();//获取请求数据
if (xmldata == "")
{
}
else
{
var dic = new dictionary<string, string>
{
{"return_code", "success"},
{"return_msg","ok"}
};
var sb = new stringbuilder();
sb.append("<xml>");
foreach (var d in dic)
{
sb.append("<" + d.key + ">" + d.value + "</" + d.key + ">");
}
sb.append("</xml>");
//把数据重新返回给客户端
dataset ds = new dataset();
stringreader stram = new stringreader(xmldata);
xmltextreader datareader = new xmltextreader(stram);
ds.readxml(datareader);
if (ds.tables[0].rows[0]["return_code"].tostring() == "success")
{
string wx_appid = "";//微信开放平台审核通过的应用appid
string wx_mch_id = "";//微信支付分配的商户号
string wx_nonce_str = "";// 随机字符串,不长于32位
string wx_sign = "";//签名,详见签名算法
string wx_result_code = "";//success/fail
string wx_return_code = "";
string wx_openid = "";//用户在商户appid下的唯一标识
string wx_is_subscribe = "";//用户是否关注公众账号,y-关注,n-未关注,仅在公众账号类型支付有效
string wx_trade_type = "";// app
string wx_bank_type = "";// 银行类型,采用字符串类型的银行标识,银行类型见银行列表
string wx_fee_type = "";// 货币类型,符合iso4217标准的三位字母代码,默认人民币:cny,其他值列表详见货币类型
string wx_transaction_id = "";//微信支付订单号
string wx_out_trade_no = "";//商户系统的订单号,与请求一致。
string wx_time_end = "";// 支付完成时间,格式为yyyymmddhhmmss,如2009年12月25日9点10分10秒表示为20091225091010。其他详见时间规则
int wx_total_fee = -1;// 订单总金额,单位为分
int wx_cash_fee = -1;//现金支付金额订单现金支付金额,详见支付金额
#region 数据解析
//列 是否存在
string signstr = "";//需要前面的字符串
//wx_appid
if (ds.tables[0].columns.contains("appid"))
{
wx_appid = ds.tables[0].rows[0]["appid"].tostring();
if (!string.isnullorempty(wx_appid))
{
signstr += "appid=" + wx_appid;
}
}
//wx_bank_type
if (ds.tables[0].columns.contains("bank_type"))
{
wx_bank_type = ds.tables[0].rows[0]["bank_type"].tostring();
if (!string.isnullorempty(wx_bank_type))
{
signstr += "&bank_type=" + wx_bank_type;
}
}
//wx_cash_fee
if (ds.tables[0].columns.contains("cash_fee"))
{
wx_cash_fee = convert.toint32(ds.tables[0].rows[0]["cash_fee"].tostring());
signstr += "&cash_fee=" + wx_cash_fee;
}
//wx_fee_type
if (ds.tables[0].columns.contains("fee_type"))
{
wx_fee_type = ds.tables[0].rows[0]["fee_type"].tostring();
if (!string.isnullorempty(wx_fee_type))
{
signstr += "&fee_type=" + wx_fee_type;
}
}
//wx_is_subscribe
if (ds.tables[0].columns.contains("is_subscribe"))
{
wx_is_subscribe = ds.tables[0].rows[0]["is_subscribe"].tostring();
if (!string.isnullorempty(wx_is_subscribe))
{
signstr += "&is_subscribe=" + wx_is_subscribe;
}
}
//wx_mch_id
if (ds.tables[0].columns.contains("mch_id"))
{
wx_mch_id = ds.tables[0].rows[0]["mch_id"].tostring();
if (!string.isnullorempty(wx_mch_id))
{
signstr += "&mch_id=" + wx_mch_id;
}
}
//wx_nonce_str
if (ds.tables[0].columns.contains("nonce_str"))
{
wx_nonce_str = ds.tables[0].rows[0]["nonce_str"].tostring();
if (!string.isnullorempty(wx_nonce_str))
{
signstr += "&nonce_str=" + wx_nonce_str;
}
}
//wx_openid
if (ds.tables[0].columns.contains("openid"))
{
wx_openid = ds.tables[0].rows[0]["openid"].tostring();
if (!string.isnullorempty(wx_openid))
{
signstr += "&openid=" + wx_openid;
}
}
//wx_out_trade_no
if (ds.tables[0].columns.contains("out_trade_no"))
{
wx_out_trade_no = ds.tables[0].rows[0]["out_trade_no"].tostring();
if (!string.isnullorempty(wx_out_trade_no))
{
signstr += "&out_trade_no=" + wx_out_trade_no;
}
}
//wx_result_code
if (ds.tables[0].columns.contains("result_code"))
{
wx_result_code = ds.tables[0].rows[0]["result_code"].tostring();
if (!string.isnullorempty(wx_result_code))
{
signstr += "&result_code=" + wx_result_code;
}
}
//wx_result_code
if (ds.tables[0].columns.contains("return_code"))
{
wx_return_code = ds.tables[0].rows[0]["return_code"].tostring();
if (!string.isnullorempty(wx_return_code))
{
signstr += "&return_code=" + wx_return_code;
}
}
//wx_sign
if (ds.tables[0].columns.contains("sign"))
{
wx_sign = ds.tables[0].rows[0]["sign"].tostring();
//if (!string.isnullorempty(wx_sign))
//{
// signstr += "&sign=" + wx_sign;
//}
}
//wx_time_end
if (ds.tables[0].columns.contains("time_end"))
{
wx_time_end = ds.tables[0].rows[0]["time_end"].tostring();
if (!string.isnullorempty(wx_time_end))
{
signstr += "&time_end=" + wx_time_end;
}
}
//wx_total_fee
if (ds.tables[0].columns.contains("total_fee"))
{
wx_total_fee = convert.toint32(ds.tables[0].rows[0]["total_fee"].tostring());
signstr += "&total_fee=" + wx_total_fee;
}
//wx_trade_type
if (ds.tables[0].columns.contains("trade_type"))
{
wx_trade_type = ds.tables[0].rows[0]["trade_type"].tostring();
if (!string.isnullorempty(wx_trade_type))
{
signstr += "&trade_type=" + wx_trade_type;
}
}
//wx_transaction_id
if (ds.tables[0].columns.contains("transaction_id"))
{
wx_transaction_id = ds.tables[0].rows[0]["transaction_id"].tostring();
if (!string.isnullorempty(wx_transaction_id))
{
signstr += "&transaction_id=" + wx_transaction_id;
}
}
#endregion
//追加key 密钥
signstr += "&key=" + system.web.configuration.webconfigurationmanager.appsettings["key"].tostring();
//签名正确
string orderstrwhere = "ordernumber='" + wx_out_trade_no + "'";
if (wx_sign == system.web.security.formsauthentication.hashpasswordforstoringinconfigfile(signstr, "md5").toupper())
{
//签名正确 处理订单操作逻辑
}
else
{
//追加备注信息
}
}
else
{
// 返回信息,如非空,为错误原因 签名失败 参数格式校验错误
string return_msg = ds.tables[0].rows[0]["return_msg"].tostring();
}
return_result = sb.tostring();
}
}
public bool isreusable
{
get
{
return false;
}
}
//获得post过来的数据
public string getpoststr()
{
int32 intlen = convert.toint32(system.web.httpcontext.current.request.inputstream.length);
byte[] b = new byte[intlen];
system.web.httpcontext.current.request.inputstream.read(b, 0, intlen);
return system.text.encoding.utf8.getstring(b);
}
}