增加微信支付通知处理器

Author: lianup

src/main/java/com/wechat/pay/contrib/apache/httpclient/exception/ParseException.java

@@ -0,0 +1,17 @@
+package com.wechat.pay.contrib.apache.httpclient.exception;
+
+/**
+ * @author lianup
+ */
+public class ParseException extends WechatPayException {
+
+    private static final long serialVersionUID = 4300538230471368120L;
+
+    public ParseException(String message) {
+        super(message);
+    }
+
+    public ParseException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}

src/main/java/com/wechat/pay/contrib/apache/httpclient/exception/ValidationException.java

@@ -0,0 +1,15 @@
+package com.wechat.pay.contrib.apache.httpclient.exception;
+
+/**
+ * @author lianup
+ */
+public class ValidationException extends WechatPayException {
+
+
+    private static final long serialVersionUID = -3473204321736989263L;
+
+
+    public ValidationException(String message) {
+        super(message);
+    }
+}

src/main/java/com/wechat/pay/contrib/apache/httpclient/exception/WechatPayException.java

@@ -10,4 +10,9 @@ public abstract class WechatPayException extends Exception {
     public WechatPayException(String message) {
         super(message);
     }
+
+    public WechatPayException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
 }

src/main/java/com/wechat/pay/contrib/apache/httpclient/notification/NotificationHandler.java

@@ -0,0 +1,173 @@
+package com.wechat.pay.contrib.apache.httpclient.notification;
+
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.wechat.pay.contrib.apache.httpclient.auth.Verifier;
+import com.wechat.pay.contrib.apache.httpclient.exception.ParseException;
+import com.wechat.pay.contrib.apache.httpclient.exception.ValidationException;
+import com.wechat.pay.contrib.apache.httpclient.util.AesUtil;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+
+/**
+ * @author lianup
+ */
+public class NotificationHandler {
+
+    private final Verifier verifier;
+    private final byte[] apiV3Key;
+    private static final ObjectMapper objectMapper = new ObjectMapper();
+
+public NotificationHandler(Verifier verifier, byte[] apiV3Key) {
+    if (verifier == null) {
+        throw new IllegalArgumentException("verifier为空");
+    }
+    if (apiV3Key == null || apiV3Key.length == 0) {
+        throw new IllegalArgumentException("apiV3Key为空");
+    }
+    this.verifier = verifier;
+    this.apiV3Key = apiV3Key;
+}
+
+    /**
+     * 解析微信支付通知请求结果
+     *
+     * @param request 微信支付通知请求
+     * @return 微信支付通知报文解密结果
+     * @throws ValidationException 验签失败
+     * @throws ParseException 解析请求体失败
+     */
+    public ParseResult parse(Request request)
+            throws ValidationException, ParseException {
+        // 验签
+        validate(request);
+        // 解析请求体
+        return parseBody(request.getBody());
+    }
+
+    private void validate(Request request) throws ValidationException {
+        if (request == null) {
+            throw new ValidationException("request为空");
+        }
+        String serialNumber = request.getSerialNumber();
+        byte[] message = request.getMessage();
+        String signature = request.getSignature();
+        if (serialNumber == null || serialNumber.isEmpty()) {
+            throw new ValidationException("serialNumber为空");
+        }
+        if (message == null || message.length == 0) {
+            throw new ValidationException("message为空");
+        }
+        if (signature == null || signature.isEmpty()) {
+            throw new ValidationException("signature为空");
+        }
+        if (!verifier.verify(serialNumber, message, signature)) {
+            String errorMessage = String
+                    .format("验签失败：serial=[%s] message=[%s] sign=[%s]", serialNumber, new String(message), signature);
+            throw new ValidationException(errorMessage);
+        }
+    }
+
+    /**
+     * 解析请求体
+     *
+     * @param body 请求体
+     * @return 解析结果
+     * @throws ParseException 缺少ParseResult中的任意参数
+     */
+    private ParseResult parseBody(String body) throws ParseException {
+        JsonNode bodyNode = getBodyNode(body);
+        String decryptData = getDecryptData(bodyNode);
+        JsonNode idNode = bodyNode.get("id");
+        JsonNode createTimeNode = bodyNode.get("create_time");
+        JsonNode eventTypeNode = bodyNode.get("event_type");
+        JsonNode summaryNode = bodyNode.get("summary");
+        if (idNode == null || isEmpty(idNode)) {
+            throw new ParseException("body不合法，id为空。body:" + body);
+        }
+        if (createTimeNode == null || isEmpty(createTimeNode)) {
+            throw new ParseException("body不合法，create_time为空。body:" + body);
+        }
+        if (eventTypeNode == null || isEmpty(eventTypeNode)) {
+            throw new ParseException("body不合法，event_type为空。body:" + body);
+        }
+        if (summaryNode == null || isEmpty(summaryNode)) {
+            throw new ParseException("body不合法，summary为空。body:" + body);
+        }
+        String id = nodeToString(idNode);
+        String createTime = nodeToString(createTimeNode);
+        String eventType = nodeToString(eventTypeNode);
+        String summary = nodeToString(summaryNode);
+        return new ParseResult(id, createTime, eventType, decryptData, summary);
+    }
+
+    private JsonNode getBodyNode(String body) throws ParseException {
+        if (body == null || body.isEmpty()) {
+            throw new ParseException("body为空");
+        }
+        JsonNode bodyNode;
+        try {
+            bodyNode = objectMapper.readTree(body);
+        } catch (JsonProcessingException e) {
+            throw new ParseException("body解析出错，body:" + body, e);
+        }
+        if (bodyNode == null) {
+            throw new ParseException("body为空");
+        }
+        return bodyNode;
+    }
+
+    private String nodeToString(JsonNode node) {
+        return node.toString().replace("\"", "");
+    }
+
+    private boolean isEmpty(JsonNode node) {
+        return nodeToString(node).isEmpty();
+    }
+
+    /**
+     * 获取解密数据
+     *
+     * @param bodyNode 请求体Json节点
+     * @return 解密数据
+     * @throws ParseException 获取不到解密数据
+     */
+    private String getDecryptData(JsonNode bodyNode) throws ParseException {
+        JsonNode resourceNode = bodyNode.get("resource");
+        String body = nodeToString(bodyNode);
+        if (resourceNode == null) {
+            throw new ParseException("body不合法，没有resource节点。body：" + body);
+        }
+        JsonNode nonceNode = resourceNode.get("nonce");
+        JsonNode ciphertextNode = resourceNode.get("ciphertext");
+        JsonNode associatedDataNode = resourceNode.get("associated_data");
+        if (associatedDataNode == null) {
+            throw new ParseException("body不合法，没有associated_data节点。body:" + body);
+        }
+        if (nonceNode == null || isEmpty(nonceNode)) {
+            throw new ParseException("body不合法，nonce为空。body：" + body);
+        }
+        if (ciphertextNode == null || isEmpty(ciphertextNode)) {
+            throw new ParseException("body不合法，没有ciphertext节点。body：" + body);
+        }
+        String getAssociatedData = nodeToString(associatedDataNode);
+        byte[] associatedData = null;
+        if (!getAssociatedData.isEmpty()) {
+            associatedData = getAssociatedData.getBytes(StandardCharsets.UTF_8);
+        }
+        byte[] bodyNonce = nodeToString(nonceNode).getBytes(StandardCharsets.UTF_8);
+        String ciphertext = nodeToString(ciphertextNode);
+        AesUtil aesUtil = new AesUtil(apiV3Key);
+        String decryptData;
+        try {
+            decryptData = aesUtil.decryptToString(associatedData, bodyNonce, ciphertext);
+        } catch (GeneralSecurityException e) {
+            String errorMessage = String.format("aes解密失败 apiV3Key[%s]， associatedData[%s] bodyNonce[%s] ciphertext[%s]",
+                    new String(apiV3Key), getAssociatedData, new String(bodyNonce), ciphertext);
+            throw new ParseException(errorMessage, e);
+        }
+        return decryptData;
+    }
+}

src/main/java/com/wechat/pay/contrib/apache/httpclient/notification/NotificationRequest.java

@@ -0,0 +1,88 @@
+package com.wechat.pay.contrib.apache.httpclient.notification;
+
+import java.nio.charset.StandardCharsets;
+
+/**
+ * @author lianup
+ */
+public class NotificationRequest implements Request {
+
+    private final String serialNumber;
+    private final String signature;
+    private final byte[] message;
+    private final String body;
+
+    private NotificationRequest(String serialNumber, String signature, byte[] message, String body) {
+        this.serialNumber = serialNumber;
+        this.signature = signature;
+        this.message = message;
+        this.body = body;
+    }
+
+    @Override
+    public String getSerialNumber() {
+        return serialNumber;
+    }
+
+    @Override
+    public byte[] getMessage() {
+        return message;
+    }
+
+    @Override
+    public String getSignature() {
+        return signature;
+    }
+
+    @Override
+    public String getBody() {
+        return body;
+    }
+
+    public static class Builder {
+
+        private String serialNumber;
+        private String timestamp;
+        private String nonce;
+        private String signature;
+        private String body;
+
+        public Builder() {
+        }
+
+        public Builder withSerialNumber(String serialNumber) {
+            this.serialNumber = serialNumber;
+            return this;
+        }
+
+        public Builder withTimestamp(String timestamp) {
+            this.timestamp = timestamp;
+            return this;
+        }
+
+        public Builder withNonce(String nonce) {
+            this.nonce = nonce;
+            return this;
+        }
+
+        public Builder withSignature(String signature) {
+            this.signature = signature;
+            return this;
+        }
+
+        public Builder withBody(String body) {
+            this.body = body;
+            return this;
+        }
+
+        public NotificationRequest build() {
+            byte[] message = buildMessage();
+            return new NotificationRequest(serialNumber, signature, message, body);
+        }
+
+        private byte[] buildMessage() {
+            String verifyMessage = timestamp + "\n" + nonce + "\n" + body + "\n";
+            return verifyMessage.getBytes(StandardCharsets.UTF_8);
+        }
+    }
+}

src/main/java/com/wechat/pay/contrib/apache/httpclient/notification/ParseResult.java

@@ -0,0 +1,42 @@
+package com.wechat.pay.contrib.apache.httpclient.notification;
+
+/**
+ * 请求体解析结果类
+ * 包括：通知ID、通知创建时间、解密通知数据、通知类型、回调摘要
+ */
+public class ParseResult {
+
+    private final String id;
+    private final String createTime;
+    private final String eventType;
+    private final String decryptData;
+    private final String summary;
+
+    public ParseResult(String id, String createTime, String eventType, String decryptData, String summary) {
+        this.id = id;
+        this.createTime = createTime;
+        this.eventType = eventType;
+        this.decryptData = decryptData;
+        this.summary = summary;
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public String getCreateTime() {
+        return createTime;
+    }
+
+    public String getEventType() {
+        return eventType;
+    }
+
+    public String getDecryptData() {
+        return decryptData;
+    }
+
+    public String getSummary() {
+        return summary;
+    }
+}

src/main/java/com/wechat/pay/contrib/apache/httpclient/notification/Request.java

@@ -0,0 +1,37 @@
+package com.wechat.pay.contrib.apache.httpclient.notification;
+
+/**
+ * 通知请求体，包含验签所需信息和报文体
+ *
+ * @author lianup
+ */
+interface Request {
+
+    /**
+     * 获取请求头Wechatpay-Serial
+     *
+     * @return serialNumber
+     */
+    String getSerialNumber();
+
+    /**
+     * 获取验签串
+     *
+     * @return message
+     */
+    byte[] getMessage();
+
+    /**
+     * 获取请求头Wechatpay-Signature
+     *
+     * @return signature
+     */
+    String getSignature();
+
+    /**
+     * 获取请求体
+     *
+     * @return body
+     */
+    String getBody();
+}