use of com.alipay.api.AlipayApiException in project paascloud-master by paascloud.
the class PtcPayController method alipayCallback.
/**
* 支付宝回调信息.
*
* @param request the request
*
* @return the object
*/
@PostMapping("/alipayCallback")
@ApiOperation(httpMethod = "POST", value = "支付宝回调信息")
public Object alipayCallback(HttpServletRequest request) {
logger.info("收到支付宝回调信息");
Map<String, String> params = Maps.newHashMap();
Map requestParams = request.getParameterMap();
for (Object o : requestParams.keySet()) {
String name = (String) o;
String[] values = (String[]) requestParams.get(name);
String valueStr = "";
for (int i = 0; i < values.length; i++) {
valueStr = (i == values.length - 1) ? valueStr + values[i] : valueStr + values[i] + ",";
}
params.put(name, valueStr);
}
logger.info("支付宝回调,sign:{},trade_status:{},参数:{}", params.get("sign"), params.get("trade_status"), params.toString());
// 非常重要,验证回调的正确性,是不是支付宝发的.并且呢还要避免重复通知.
params.remove("sign_type");
try {
boolean alipayRSACheckedV2 = AlipaySignature.rsaCheckV2(params, Configs.getAlipayPublicKey(), "utf-8", Configs.getSignType());
if (!alipayRSACheckedV2) {
return WrapMapper.error("非法请求,验证不通过,再恶意请求我就报警找网警了");
}
} catch (AlipayApiException e) {
logger.error("支付宝验证回调异常", e);
}
// todo 验证各种数据
Wrapper serverResponse = ptcAlipayService.aliPayCallback(params);
if (serverResponse.success()) {
return PtcApiConstant.AlipayCallback.RESPONSE_SUCCESS;
}
return PtcApiConstant.AlipayCallback.RESPONSE_FAILED;
}
Aggregations