diff --git a/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/PayermaxService.java b/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/PayermaxService.java index cc7e16735..4122830d3 100644 --- a/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/PayermaxService.java +++ b/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/PayermaxService.java @@ -53,9 +53,8 @@ public class PayermaxService { Map mapParams = toMapCreateOrderParams(params); log.info("payermax请求参数:{}", JSONObject.toJSONString(mapParams)); - - //result = OkHttpUtils.postWithBody("payermaxConfig.getApiUrl()", mapParams); - result = OkHttpUtils.postWithBody("https://pay-gate-uat.payermax.com/aggregate-pay-gate/api/gateway", mapParams); + + result = OkHttpUtils.postWithBody(payermaxConfig.getApiUrl(), mapParams); log.info("payermax请求结果:{}", result); } catch (Exception e) { diff --git a/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/config/PayermaxConfig.java b/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/config/PayermaxConfig.java index 5d6dac737..c3d598901 100644 --- a/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/config/PayermaxConfig.java +++ b/accompany-base/accompany-payment/src/main/java/com/accompany/payment/payermax/config/PayermaxConfig.java @@ -11,8 +11,6 @@ public class PayermaxConfig{ private String apiUrl; private String merchantId; - private String appId; - private String privateKey; - private String payermaxPublicKey; + private String secretKey; } diff --git a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/apppay/PayermaxPayController.java b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/apppay/PayermaxPayController.java index d00e42fe0..5d909418a 100644 --- a/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/apppay/PayermaxPayController.java +++ b/accompany-business/accompany-business-web/src/main/java/com/accompany/business/controller/apppay/PayermaxPayController.java @@ -1,6 +1,7 @@ package com.accompany.business.controller.apppay; import com.accompany.business.service.ChargeService; +import com.accompany.common.redis.RedisKey; import com.accompany.payment.model.ChargeRecord; import com.accompany.payment.payermax.config.PayermaxConfig; import com.accompany.payment.payermax.params.PayCallbackReqVO; @@ -9,6 +10,8 @@ import com.accompany.payment.utils.SignMD5Utils; import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; +import org.redisson.api.RLock; +import org.redisson.api.RedissonClient; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -16,8 +19,10 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; import java.math.BigDecimal; +import java.util.Calendar; import java.util.HashMap; import java.util.Map; +import java.util.concurrent.TimeUnit; /** * 付费通支付相关接口 @@ -36,6 +41,8 @@ public class PayermaxPayController { private ChargeService chargeService; @Autowired private PayermaxConfig payermaxConfig; + @Autowired + private RedissonClient redissonClient; private final static Integer TRADE_STATUS_SUCCESS = 1; private final static Integer TRADE_STATUS_FAIL = 2; @@ -46,54 +53,66 @@ public class PayermaxPayController { String paramsString = JSONObject.toJSONString(payCallbackReqVO); log.info("payermax接受回调参数为:{}",paramsString); Map map = new HashMap<>(); + + //1.1 Verify signature + Map param = JSONObject.parseObject(paramsString, Map.class); + //Use the test environment link: secretKey needs to be secretKey for the test environment + //Use the production environment link: the secretKey needs to be secretKey for the production environment + Boolean result = SignMD5Utils.verifyForMD5(param, payCallbackReqVO.getSign(), payermaxConfig.getSecretKey()); + + if (!result) { + //1.2 Verify signature failure + //default response format without modify + map.put("bizCode", "400"); + map.put("message", "Signature verification failure"); + return map; + } + + String chargeRecordId = payCallbackReqVO.getOrderId(); + + if (!TRADE_STATUS_SUCCESS.equals(payCallbackReqVO.getStatus())) { + log.warn("【payermax支付回调】订单 {} 支付状态不是成功,忽略。", chargeRecordId); + map.put("bizCode", "0000"); + map.put("message", "success"); + return map; + } + + String lockKey = RedisKey.lock_pay_callback_notify.getKey(chargeRecordId); + RLock lock = redissonClient.getLock(lockKey); + try { - //1.1 Verify signature - Map param = JSONObject.parseObject(paramsString, Map.class); - //Use the test environment link: secretKey needs to be secretKey for the test environment - //Use the production environment link: the secretKey needs to be secretKey for the production environment - Boolean result = SignMD5Utils.verifyForMD5(param, payCallbackReqVO.getSign(), payermaxConfig.getPayermaxPublicKey()); + lock.tryLock(5L, TimeUnit.SECONDS); - if (!result) { - //1.2 Verify signature failure - //default response format without modify - map.put("bizCode", "400"); - map.put("message", "Signature verification failure"); - return map; - } - - String chargeRecordId = payCallbackReqVO.getOrderId(); - - if (!TRADE_STATUS_SUCCESS.equals(payCallbackReqVO.getStatus())) { - log.warn("【payermax支付回调】订单 {} 支付状态不是成功,忽略。", chargeRecordId); - map.put("bizCode", "0000"); - map.put("message", "success"); - return map; - } - - ChargeRecord chargeRecordById = - chargeRecordService.getChargeRecordById(chargeRecordId); - if (chargeRecordById == null) { + ChargeRecord chargeRecord = chargeRecordService.getChargeRecordById(chargeRecordId); + if (chargeRecord == null) { log.warn("【payermax支付回调】订单 {} 不存在", chargeRecordId); map.put("bizCode", "500"); map.put("message", "charge order not exsists"); return map; } - if (StringUtils.isBlank(payCallbackReqVO.getCurrency()) || !payCallbackReqVO.getCurrency().equalsIgnoreCase(chargeRecordById.getLocalCurrencyCode())) { - log.warn("【payermax支付回调】回调的货币代码为空或与订单 {} 中的 {} 不匹配", chargeRecordId, chargeRecordById.getLocalCurrencyCode()); + if (StringUtils.isBlank(payCallbackReqVO.getCurrency()) || !payCallbackReqVO.getCurrency().equalsIgnoreCase(chargeRecord.getLocalCurrencyCode())) { + log.warn("【payermax支付回调】回调的货币代码为空或与订单 {} 中的 {} 不匹配", chargeRecordId, chargeRecord.getLocalCurrencyCode()); map.put("bizCode", "500"); map.put("message", "charge currency error"); return map; } Long totalAmount = new BigDecimal(payCallbackReqVO.getTotalAmount()).multiply(BigDecimal.valueOf(100)).longValue(); // 校验金额 - boolean validateAmount = totalAmount.equals(chargeRecordById.getLocalAmount()); + boolean validateAmount = totalAmount.equals(chargeRecord.getLocalAmount()); if (!validateAmount) { log.warn("【payermax支付回调】订单 {} 金额 {} 校验失败", chargeRecordId, totalAmount); map.put("bizCode", "500"); map.put("message", "total amount error"); return map; } - chargeService.payCallbackDo(chargeRecordId, payCallbackReqVO.getTradeOrderNo()); + chargeRecord.setCountry(payCallbackReqVO.getCountryCode()); + chargeRecord.setLocalCurrencyCode(payCallbackReqVO.getPayCurrency()); + chargeRecord.setLocalAmount(Long.parseLong(payCallbackReqVO.getPayAmount())); + + chargeRecord.setPingxxChargeId(payCallbackReqVO.getTradeOrderNo()); + chargeRecord.setUpdateTime(Calendar.getInstance().getTime()); + + chargeService.updateAppPayData(chargeRecord); //3 Return success //default response format without modify @@ -106,6 +125,10 @@ public class PayermaxPayController { map.put("bizCode", "500"); map.put("message", "Exception happened " + e.getMessage()); return map; + } finally { + if (lock.isLocked()){ + lock.unlock(); + } } }