為什么我敢說是權(quán)威版呢?
我在網(wǎng)上查閱了大量資料拼弃,他們給出的方案都不是最安全的做法,所有的操作都是放在客戶端摇展,而官方推薦的做法是放在服務(wù)器吻氧,支付成敗結(jié)果應(yīng)該由服務(wù)器來同步完成,而我的方案是經(jīng)過重重考驗(yàn)而后得出來的咏连。
Android集成微信支付
微信支付和支付寶支付一樣的盯孙,都可以在客戶端發(fā)起支付并成功通過,但這樣做的漏洞比較大祟滴,所以一定不要通過客戶端直接來完成
1.首先需要 在客戶端向服務(wù)器發(fā)起一個(gè)微信預(yù)支付操作:
請(qǐng)求參數(shù)如下:
body.put("loginUserId", loginUserId );
body.put("title", title);
body.put("business", business);
body.put("orderId", orderId);
body.put("charges", charges); // 注意這里的金額是要在實(shí)際金額*100
body.put("employeeId", employeeId);
body.put("WXAppId", Const.WX_APP_ID);
微信預(yù)支付操作處理后可以從微信服務(wù)器獲取一個(gè)預(yù)支付id振惰,然后再通過預(yù)支付id真正發(fā)起微信支付操作.
WXPayUtil payUtil = new WXPayUtil(mActivity);
payUtil.doPayReq(bean.prepay_id);
具體代碼放一下,反正也沒有什么機(jī)密
public class WXPayUtil {
private PayReq req = null;
private IWXAPI msgApi = null;
private StringBuffer sb = null;
public WXPayUtil(final Activity activity) {
this.req = new PayReq();
this.msgApi = WXAPIFactory.createWXAPI(activity, null);
this.msgApi.registerApp(Constants.APP_ID);
this.sb = new StringBuffer();
}
/**
* @work:生成簽名參數(shù)
* @date:2015-9-7 上午11:48:04
* @author:hg_liuzl@163.com
* @params:
*/
public void doPayReq(String prePayId) {
req.appId = Constants.APP_ID;
req.partnerId = Constants.MCH_ID;
req.prepayId = prePayId;
req.packageValue = "Sign=WXPay";
req.nonceStr = genNonceStr();
req.timeStamp = String.valueOf(genTimeStamp());
List<NameValuePair> signParams = new LinkedList<>();
signParams.add(new BasicNameValuePair("appid", req.appId));
signParams.add(new BasicNameValuePair("noncestr", req.nonceStr));
signParams.add(new BasicNameValuePair("package", req.packageValue));
signParams.add(new BasicNameValuePair("partnerid", req.partnerId));
signParams.add(new BasicNameValuePair("prepayid", req.prepayId));
signParams.add(new BasicNameValuePair("timestamp", req.timeStamp));
req.sign = genAppSign(signParams);
sb.append("sign\n" + req.sign + "\n\n");
sendPayReq();
}
/**
* @work:啟動(dòng)支付
* @date:2015-9-7 上午11:49:51
* @author:hg_liuzl@163.com
*/
private void sendPayReq() {
msgApi.registerApp(Constants.APP_ID);
msgApi.sendReq(req);
}
private String genAppSign(List<NameValuePair> params) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < params.size(); i++) {
sb.append(params.get(i).getName());
sb.append('=');
sb.append(params.get(i).getValue());
sb.append('&');
}
sb.append("key=");
sb.append(Constants.API_KEY);
this.sb.append("sign str\n" + sb.toString() + "\n\n");
String appSign = MD5.getMessageDigest(sb.toString().getBytes()).toUpperCase();
return appSign;
}
private String genNonceStr() {
Random random = new Random();
return MD5.getMessageDigest(String.valueOf(random.nextInt(10000)).getBytes());
}
private long genTimeStamp() {
return System.currentTimeMillis() / 1000;
}
然后微信的操作如下:
public class WXPayEntryActivity extends Activity implements IWXAPIEventHandler{
/***微信支付結(jié)果*/
public static int mWXPayResult = -1;
private static final String TAG = "MicroMsg.SDKSample.WXPayEntryActivity";
private IWXAPI api;
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.pay_result);
api = WXAPIFactory.createWXAPI(this, Constants.APP_ID);
api.handleIntent(getIntent(), this);
}
@Override
protected void onNewIntent(Intent intent) {
super.onNewIntent(intent);
setIntent(intent);
api.handleIntent(intent, this);
}
@Override
public void onReq(BaseReq req) {
}
@Override
public void onResp(BaseResp resp) {
if (resp.getType() == ConstantsAPI.COMMAND_PAY_BY_WX) {
mWXPayResult = resp.errCode;
if (resp.errCode == 0) //支付成功踱启,
{
BToast.show(this, "支付成功!");
finish();
} else if(resp.errCode == -1) { //支付失敗
BToast.show(this, "支付錯(cuò)誤");
finish();
}else if(resp.errCode == -2){//取消支付
BToast.show(this, "您已經(jīng)取消了支付报账!");
finish();
}
}
}
}
這里我有一個(gè)全局靜態(tài)變量mWXPayResult來標(biāo)記微信支付是否成功的狀態(tài).
mPayBean.payResult = WXPayEntryActivity.mWXPayResult == 0;
if (mPayBean.payResult) {
doSubmit();
}
這個(gè)時(shí)候微信支付就處理完畢.
