小程序云函數(shù)如何接入微信支付分功能敛滋？

小程序云開發(fā)現(xiàn)在越來(lái)越備受開發(fā)者的喜歡，但是如何在云函數(shù)里面接入微信支付分呢兴革？這方面的文檔還比較少绎晃，今天有點(diǎn)空余時(shí)間，簡(jiǎn)單總結(jié)下我在接入微信支付分的一些經(jīng)驗(yàn)

要接入微信支付分之前杂曲，需要寫郵件給騰訊去申請(qǐng),一般要等2到3天時(shí)間回收到回復(fù)
開發(fā)之前需要仔細(xì)閱讀如下接入文檔

https://pay.weixin.qq.com/wiki/doc/apiv3/wxpay/payscore/chapter6_1.shtml

具體代碼如下箕昭，最麻煩的地方在驗(yàn)證簽名的地方, 官方并沒(méi)有提供nodejs相關(guān)驗(yàn)證簽名的實(shí)例代碼。

//云函數(shù)入口文件
const cloud = require('wx-server-sdk')
const TcbRouter = require('tcb-router');
const moment = require('moment')
const stringRandom = require('string-random');
const request = require('request');
const rp = require('request-promise');
const crypto = require('crypto')
const jsrsasign = require('jsrsasign')
const KEYUTIL = jsrsasign.KEYUTIL
const KJUR = jsrsasign.KJUR
const tenpay = require('tenpay');
const util = require('util');
const forge = require('node-forge');
const fs = require('fs')
const uuid = require('node-uuid');
cloud.init({
  env: process.env.ID
})
const db = cloud.database()
const private_key = fs.readFileSync('apiclient_key.pem');

const mchid = "你自己的商戶號(hào)";
const serialNo = "商戶證書號(hào)";
const serviceId = "申請(qǐng)的支付分服務(wù)號(hào)"
const api3Key = "api3 key"
const apiKey = "api key"

const config = {
  appid: '您的appid',
  mchid: '商戶號(hào)',
  partnerKey: apiKey, //就是微信支付賬戶里面設(shè)置的API密鑰
  pfx: require('fs').readFileSync('apiclient_cert.p12'), //這是pfx格式的證書，支付不用證書泌霍，但是退款什么的會(huì)用到
  notify_url: 'http://www.weixin.qq.com/wxpay/pay.php', //隨便寫一個(gè)货抄，云函數(shù)無(wú)法實(shí)現(xiàn)返回結(jié)果述召，但有巧妙的方法實(shí)現(xiàn)同樣功能
  spbill_create_ip: '127.0.0.1' //隨便寫一個(gè)，為一些POS場(chǎng)合用的
};

//云函數(shù)入口函數(shù)
exports.main = async(event, content) => {
  const wxContext = cloud.getWXContext()
  const openid = wxContext.OPENID
  const app = new TcbRouter({
    event
  });
  app.router('queryZFFOrder', async(ctx) => {
    console.log(util.inspect(event))
    event.method = "GET"
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder?out_order_no=${event.out_order_no}&service_id=${serviceId}&appid=${config.appid}`
    let auth = getAuthorization(event)
    let result = await rp({
      url: event.url,
      method: event.method,
      json: true,
      headers: {
        "Content-Type": "application/json",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": auth
      }
    })
    ctx.body = result
  })
  app.router('completeZFFOrder', async(ctx) => {
    console.log(util.inspect(event))
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder/${event.out_order_no}/complete`
    event.method = "POST"
    event.body = {
      appid: config.appid,
      service_id: serviceId,
      post_payments: [{
        name: "借閱費(fèi)用",
        amount: event.amount
      }],
      total_amount: event.amount,
      time_range: {
        end_time: moment().utcOffset(8).format("YYYYMMDDHHmmss")
      }
    }
    let authorization = getAuthorization(event)
    let result = await rp({
      uri: event.url,
      method: "POST",
      json: true,
      headers: {
        "Content-Type": "application/json; charset=utf-8",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": authorization
      },
      body: event.body
    })
    ctx.body = result
  })
  app.router("createZFFOrder", async(ctx) => {
    console.log(util.inspect(event))
    const configuration = await db.collection("configuration").where({
      name: "deposit"
    }).get()
    let deposit = configuration.data[0].value
    const configuration2 = await db.collection("configuration").where({
      name: "ZFFCallbackURL"
    }).get()
    let callbackURL = configuration2.data[0].value

    let out_order_no = uuid.v1().replace(new RegExp('-', "g"), "")
    event.url = "https://api.mch.weixin.qq.com/v3/payscore/serviceorder"
    event.method = "POST"
    event.body = {
      out_order_no: out_order_no,
      appid: config.appid,
      service_id: serviceId,
      service_introduction: "借書巴巴",
      location: {
        start_location: event.address.slice(0, 49)
      },
      time_range: {
        start_time: "OnAccept"
      },
      risk_fund: {
        name: "DEPOSIT",
        amount: deposit
      },
      post_payments: [{
        name: `${event.title.slice(0, 14)}-借閱費(fèi)用`,
        amount: parseInt(event.price * 100),
        description: `借閱${event.days}天, 共${event.price}元`
      }],
      notify_url: callbackURL,
      need_user_confirm: true
    }

    let authorization = getAuthorization(event)
    let result = await rp({
      uri: event.url,
      method: "POST",
      json: true,
      headers: {
        "Content-Type": "application/json; charset=utf-8",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": authorization
      },
      body: event.body
    })
    result.out_order_no = out_order_no
    if (result.state == "CREATED") {
      ctx.body = getExtraData(result.package, out_order_no)
    } else {
      ctx.body = result
    }
  })
  app.router('changeZFFOrder', async(ctx) => {
    event.method = "POST"
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder/${event.out_order_no}/modify`
    event.body = {
      appid: config.appid,
      service_id: serviceId,
      post_payments: event.payments,
      total_amount: event.total_amount,
      reason: event.reason
    }
    console.log(util.inspect(event))
    let auth = getAuthorization(event)
    let result = await rp({
      url: event.url,
      method: event.method,
      json: true,
      headers: {
        "Content-Type": "application/json",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": auth
      },
      body: event.body
    })
    ctx.body = result
  })
  app.router('cancelZFFOrder', async(ctx) => {
    console.log(util.inspect(event))
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder/${event.out_order_no}/cancel`
    event.method = "POST"
    event.body = {
      appid: config.appid,
      service_id: serviceId,
      reason: event.reason
    }
    let authorization = getAuthorization(event)
    let result = await rp({
      uri: event.url,
      method: "POST",
      json: true,
      headers: {
        "Content-Type": "application/json; charset=utf-8",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": authorization
      },
      body: event.body
    })
    ctx.body = result
  })
  app.router('syncZFFOrder', async(ctx) => {
    event.method = "POST"
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder/${event.out_order_no}/sync`
    event.body = {
      appid: config.appid,
      service_id: serviceId,
      type: event.type,
      detail: {
        paid_time: event.paid_time
      }
    }
    let auth = getAuthorization(event)
    let result = await rp({
      url: event.url,
      method: event.method,
      json: true,
      headers: {
        "Content-Type": "application/json",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": auth
      },
      body: event.body
    })
    ctx.body = result
  })
  app.router('ZFFOrderPay', async(ctx) => {
    event.method = "POST"
    event.url = `https://api.mch.weixin.qq.com/v3/payscore/serviceorder/${event.out_order_no}/pay`
    event.body = {
      appid: config.appid,
      service_id: serviceId
    }
    let auth = getAuthorization(event)
    let result = await rp({
      url: event.url,
      method: event.method,
      json: true,
      headers: {
        "Content-Type": "application/json",
        "Accept": "application/json",
        "User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13G36",
        "Authorization": auth
      },
      body: event.body
    })
    ctx.body = result
  })
  
  return app.serve();

}

function getExtraData(package, out_order_no) {
  var now = Date.now();
  var timeStamp = (Math.round(now / 1000)).toString();
  var nonceStr = now.toString();
  var str = `mch_id=${mchid}&nonce_str=${nonceStr}&package=${package}&sign_type=HMAC-SHA256&timestamp=${timeStamp}&key=${apiKey}`
  var sign = crypto.createHmac("sha256", apiKey).update(str).digest("hex").toUpperCase()

  return {
    mchid: mchid,
    package: package,
    timeStamp: timeStamp,
    nonceStr: nonceStr,
    signType: "HMAC-SHA256",
    sign: sign,
    out_order_no: out_order_no
  }
}

function getAuthorization(event) {
  let method = event.method
  let relativePath = event.url.replace("https://api.mch.weixin.qq.com", "")
  let body = ""
  if (event.body) {
    body = JSON.stringify(event.body)
  }
  var now = Date.now();
  var timeStamp = Math.round(now / 1000);
  var nonceStr = now;

  let message = `${method}\n${relativePath}\n${timeStamp}\n${nonceStr}\n${body}\n`
  var privateKey = forge.pki.privateKeyFromPem(private_key);
  var sha256 = forge.md.sha256.create();
  sha256.update(forge.util.encodeUtf8(message));
  var signature = forge.util.encode64(privateKey.sign(sha256));

  console.log(`message=[${message}]`);

  var auth = `WECHATPAY2-SHA256-RSA2048 mchid="${mchid}",serial_no="${serialNo}",nonce_str="${nonceStr}",timestamp="${timeStamp}",signature="${signature}"`;

  return auth;
}

具體效果可以參考借書巴巴小程序里面蟹地，申請(qǐng)借閱借書驛站圖書

image.png

最后編輯于：2020.07.12 11:02:24

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者

人面猴
序言：七十年代末积暖，一起剝皮案震驚了整個(gè)濱河市，隨后出現(xiàn)的幾起案子怪与，更是在濱河造成了極大的恐慌夺刑，老刑警劉巖，帶你破解...
沈念sama閱讀 217,542評(píng)論 6贊 504
死咒
序言：濱河連續(xù)發(fā)生了三起死亡事件分别，死亡現(xiàn)場(chǎng)離奇詭異遍愿，居然都是意外死亡，警方通過(guò)查閱死者的電腦和手機(jī)耘斩，發(fā)現(xiàn)死者居然都...
沈念sama閱讀 92,822評(píng)論 3贊 394
救了他兩次的神仙讓他今天三更去死
文/潘曉璐我一進(jìn)店門沼填，熙熙樓的掌柜王于貴愁眉苦臉地迎上來(lái)，“玉大人括授，你說(shuō)我怎么就攤上這事坞笙。” “怎么了荚虚？”我有些...
開封第一講書人閱讀 163,912評(píng)論 0贊 354
道士緝兇錄：失蹤的賣姜人
文/不壞的土叔我叫張陵薛夜，是天一觀的道長(zhǎng)。經(jīng)常有香客問(wèn)我版述，道長(zhǎng)梯澜，這世上最難降的妖魔是什么？我笑而不...
開封第一講書人閱讀 58,449評(píng)論 1贊 293
?港島之戀（遺憾婚禮）
正文為了忘掉前任院水，我火速辦了婚禮腊徙，結(jié)果婚禮上，老公的妹妹穿的比我還像新娘檬某。我一直安慰自己撬腾，他們只是感情好，可當(dāng)我...
茶點(diǎn)故事閱讀 67,500評(píng)論 6贊 392
惡毒庶女頂嫁案：這布局不是一般人想出來(lái)的
文/花漫我一把揭開白布恢恼。她就那樣靜靜地躺著民傻，像睡著了一般。火紅的嫁衣襯著肌膚如雪场斑。梳的紋絲不亂的頭發(fā)上漓踢，一...
開封第一講書人閱讀 51,370評(píng)論 1贊 302
城市分裂傳說(shuō)
那天，我揣著相機(jī)與錄音漏隐，去河邊找鬼喧半。笑死，一個(gè)胖子當(dāng)著我的面吹牛青责，可吹牛的內(nèi)容都是我干的挺据。我是一名探鬼主播取具，決...
沈念sama閱讀 40,193評(píng)論 3贊 418
雙鴛鴦連環(huán)套：你想象不到人心有多黑
文/蒼蘭香墨我猛地睜開眼，長(zhǎng)吁一口氣：“原來(lái)是場(chǎng)噩夢(mèng)啊……” “哼扁耐！你這毒婦竟也來(lái)了暇检？” 一聲冷哼從身側(cè)響起，我...
開封第一講書人閱讀 39,074評(píng)論 0贊 276
萬(wàn)榮殺人案實(shí)錄
序言：老撾萬(wàn)榮一對(duì)情侶失蹤婉称，失蹤者是張志新（化名）和其女友劉穎块仆，沒(méi)想到半個(gè)月后，有當(dāng)?shù)厝嗽跇淞掷锇l(fā)現(xiàn)了一具尸體王暗，經(jīng)...
沈念sama閱讀 45,505評(píng)論 1贊 314
?護(hù)林員之死
正文獨(dú)居荒郊野嶺守林人離奇死亡悔据，尸身上長(zhǎng)有42處帶血的膿包…… 初始之章·張勛以下內(nèi)容為張勛視角年9月15日...
茶點(diǎn)故事閱讀 37,722評(píng)論 3贊 335
?白月光啟示錄
正文我和宋清朗相戀三年，在試婚紗的時(shí)候發(fā)現(xiàn)自己被綠了瘫筐。大學(xué)時(shí)的朋友給我發(fā)了我未婚夫和他白月光在一起吃飯的照片蜜暑。...
茶點(diǎn)故事閱讀 39,841評(píng)論 1贊 348
活死人
序言：一個(gè)原本活蹦亂跳的男人離奇死亡，死狀恐怖策肝，靈堂內(nèi)的尸體忽然破棺而出肛捍，到底是詐尸還是另有隱情，我是刑警寧澤之众，帶...
沈念sama閱讀 35,569評(píng)論 5贊 345
?日本核電站爆炸內(nèi)幕
正文年R本政府宣布拙毫，位于F島的核電站，受9級(jí)特大地震影響棺禾，放射性物質(zhì)發(fā)生泄漏惦界。R本人自食惡果不足惜秕岛，卻給世界環(huán)境...
茶點(diǎn)故事閱讀 41,168評(píng)論 3贊 328
男人毒藥：我在死后第九天來(lái)索命
文/蒙蒙一唱矛、第九天我趴在偏房一處隱蔽的房頂上張望锅尘。院中可真熱鬧，春花似錦悬襟、人聲如沸衅码。這莊子的主人今日做“春日...
開封第一講書人閱讀 31,783評(píng)論 0贊 22
一樁弒父案脊岳，背后竟有這般陰謀
文/蒼蘭香墨我抬頭看了看天上的太陽(yáng)逝段。三九已至，卻和暖如春割捅，著一層夾襖步出監(jiān)牢的瞬間奶躯，已是汗流浹背。一陣腳步聲響...
開封第一講書人閱讀 32,918評(píng)論 1贊 269
情欲美人皮
我被黑心中介騙來(lái)泰國(guó)打工亿驾，沒(méi)想到剛下飛機(jī)就差點(diǎn)兒被人妖公主榨干…… 1. 我叫王不留嘹黔，地道東北人。一個(gè)月前我還...
沈念sama閱讀 47,962評(píng)論 2贊 370
代替公主和親
正文我出身青樓莫瞬，卻偏偏與公主長(zhǎng)得像参淹，于是被迫代替她去往敵國(guó)和親醉锄。傳聞我的和親對(duì)象是個(gè)殘疾皇子，可洞房花燭夜當(dāng)晚...
茶點(diǎn)故事閱讀 44,781評(píng)論 2贊 354