package cn.xydx.crowdfunding.controller;

import cn.xydx.crowdfunding.util.HttpRequest;
import cn.xydx.crowdfunding.util.WXPayUtil;
import org.json.JSONObject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Random;

import static cn.xydx.crowdfunding.util.WXPayConfig.appid;
import static cn.xydx.crowdfunding.util.WXPayConfig.appsecret;
import static cn.xydx.crowdfunding.util.WXPayConfig.mch_id;
import static cn.xydx.crowdfunding.util.WXPayConfig.key;

@Controller
@RequestMapping(value = "WeixinService")
@CrossOrigin
public class WeixinPayController {
 /**
  * @param request
  * @param code
  * @return Map
  * @Description 微信瀏覽器內(nèi)微信支付/公眾號支付(JSAPI)
  */
 @RequestMapping(value = "orders", method = RequestMethod.GET)
 @ResponseBody
 public Map orders(HttpServletRequest request, String code) {
  try {
   //頁面獲取openId接口
   String getopenid_url = "https://api.weixin.qq.com/sns/oauth2/access_token";
   String param = "appid=" + appid + "&secret=" + appsecret + "&code=" + code + "&grant_type=authorization_code";
   // 向微信服務(wù)器發(fā)送get請求獲取openIdStr
   String openIdStr = HttpRequest.sendGet(getopenid_url, param);
//   JSONObject json = JSONObject.parseObject(openIdStr);//轉(zhuǎn)成Json格式

   JSONObject json = new JSONObject(openIdStr);
   String openId = json.getString("openid");//獲取openId

   //拼接統(tǒng)一下單地址參數(shù)
   Map<String, String> paraMap = new HashMap<String, String>();
   //獲取請求ip地址
   String ip = request.getHeader("x-forwarded-for");
   if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
    ip = request.getHeader("Proxy-Client-IP");
   }
   if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
    ip = request.getHeader("WL-Proxy-Client-IP");
   }
   if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
    ip = request.getRemoteAddr();
   }
   if (ip.indexOf(",") != -1) {
    String[] ips = ip.split(",");
    ip = ips[0].trim();
   }


   paraMap.put("appid", appid);
   paraMap.put("mch_id", mch_id);
   paraMap.put("nonce_str", WXPayUtil.generateNonceStr());
   paraMap.put("body", "CrowdFund");
   paraMap.put("out_trade_no", getOrderSn());//訂單號
   paraMap.put("total_fee", "1");
   paraMap.put("spbill_create_ip", ip);
   paraMap.put("notify_url", "http://******/index.html");// 此路徑是微信服務(wù)器調(diào)用支付結(jié)果通知路徑隨意寫
   paraMap.put("trade_type", "JSAPI");
   paraMap.put("openid", openId);

   String sign = WXPayUtil.generateSignature(paraMap, key);
   paraMap.put("sign", sign);

   String xml = WXPayUtil.mapToXml(paraMap);//將所有參數(shù)(map)轉(zhuǎn)xml格式
//  System.out.println("xml="+xml);
   // 統(tǒng)一下單 
   String unifiedorder_url = "https://api.mch.weixin.qq.com/pay/unifiedorder";

   String xmlStr = HttpRequest.sendPost(unifiedorder_url, xml);//發(fā)送post請求"統(tǒng)一下單接口"返回預(yù)支付id:prepay_id

   System.out.println(xmlStr);
   //以下內(nèi)容是返回前端頁面的json數(shù)據(jù)
   String prepay_id = "";//預(yù)支付id
   if (xmlStr.indexOf("SUCCESS") != -1) {
    Map<String, String> map = WXPayUtil.xmlToMap(xmlStr);
    prepay_id = (String) map.get("prepay_id");
   }

   Map<String, String> payMap = new HashMap<String, String>();
   payMap.put("appId", appid);
   payMap.put("timeStamp", WXPayUtil.getCurrentTimestamp() + "");
   payMap.put("nonceStr", WXPayUtil.generateNonceStr());
   payMap.put("signType", "MD5");
   payMap.put("package", "prepay_id=" + prepay_id);
   String paySign = WXPayUtil.generateSignature(payMap, key);
   payMap.put("paySign", paySign);
//   System.out.println("code="+code);
   System.out.println("openIdStr="+openIdStr);
   return payMap;
  } catch (Exception e) {
   e.printStackTrace();
  }
  return null;
 }

 public String getOrderSn() {
  //創(chuàng)建不同的日期格式
  DateFormat df = new SimpleDateFormat("yyyyMMddHHmmss");
  Random rm = new Random();
  // 獲得隨機數(shù)
  double pross = (1 + rm.nextDouble()) * Math.pow(10, 6);
  // 將獲得的獲得隨機數(shù)轉(zhuǎn)化為字符串
  String fixLenthString = String.valueOf(pross);
  String dateNum = df.format(new Date()) + "WX" + fixLenthString.substring(1,7);
  return dateNum;
 }

 @RequestMapping(value = "orderquery", method = RequestMethod.GET)
 @ResponseBody
 public String orderquery() {
  try {
   Map<String, String> reqMap = new HashMap<String, String>();
   reqMap.put("appid", appid);
   reqMap.put("mch_id", mch_id);
   reqMap.put("nonce_str", WXPayUtil.generateNonceStr());
   reqMap.put("out_trade_no", getOrderSn()); //商戶系統(tǒng)內(nèi)部的訂單號,
   String sign = WXPayUtil.generateSignature(reqMap, key);
   reqMap.put("sign", sign);

   String reqXmlStr = WXPayUtil.mapToXml(reqMap);//將所有參數(shù)(map)轉(zhuǎn)xml格式

//   System.out.println("xml="+reqXmlStr);

   // 查詢訂單 https://api.mch.weixin.qq.com/pay/orderquery
   String orderquery = "https://api.mch.weixin.qq.com/pay/orderquery";

   String xmlStr = HttpRequest.sendPost(orderquery, reqXmlStr);
   return xmlStr;
  } catch (Exception e) {
   e.printStackTrace();
  }
  return null;
 }
}

package cn.xydx.crowdfunding.util;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLConnection;
import java.util.List;
import java.util.Map;

public class HttpUtil {
 /**
  * 向指定URL發(fā)送GET方法的請求
  *
  * @param url 發(fā)送請求的URL
  * //@param param 請求參數(shù)，請求參數(shù)應(yīng)該是 name1=value1&name2=value2 的形式。
  * @return URL 所代表遠程資源的響應(yīng)結(jié)果
  */
 public static String sendGet(String url) {
  String result = "";
  BufferedReader in = null;
  try {
   String urlNameString = url ;
   URL realUrl = new URL(urlNameString);
   // 打開和URL之間的連接
   URLConnection connection = realUrl.openConnection();
   // 設(shè)置通用的請求屬性
   connection.setRequestProperty("accept", "*/*");
   connection.setRequestProperty("connection", "Keep-Alive");
   connection.setRequestProperty("user-agent",
     "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
   // 建立實際的連接
   connection.connect();
   // 獲取所有響應(yīng)頭字段
   Map<String, List<String>> map = connection.getHeaderFields();
   // 遍歷所有的響應(yīng)頭字段
   for (String key : map.keySet()) {
    System.out.println(key + "--->" + map.get(key));
   }
   // 定義 BufferedReader輸入流來讀取URL的響應(yīng)
   in = new BufferedReader(new InputStreamReader(
     connection.getInputStream()));
   String line;
   while ((line = in.readLine()) != null) {
    result += line;
   }
  } catch (Exception e) {
   System.out.println("發(fā)送GET請求出現(xiàn)異常！" + e);
   e.printStackTrace();
  }
  // 使用finally塊來關(guān)閉輸入流
  finally {
   try {
    if (in != null) {
     in.close();
    }
   } catch (Exception e2) {
    e2.printStackTrace();
   }
  }
  return result;
 }

 /**
  * 向指定 URL 發(fā)送POST方法的請求
  *
  * @param url 發(fā)送請求的 URL
  * @param param 請求參數(shù)，請求參數(shù)應(yīng)該是 name1=value1&name2=value2 的形式。
  * @return 所代表遠程資源的響應(yīng)結(jié)果
  */
 public static String sendPost(String url, String param) {
  PrintWriter out = null;
  BufferedReader in = null;
  String result = "";
  try {
   URL realUrl = new URL(url);
   // 打開和URL之間的連接
   URLConnection conn = realUrl.openConnection();
   // 設(shè)置通用的請求屬性
   conn.setRequestProperty("accept", "*/*");
   conn.setRequestProperty("connection", "Keep-Alive");
   conn.setRequestProperty("user-agent",
     "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
   // 發(fā)送POST請求必須設(shè)置如下兩行
   conn.setDoOutput(true);
   conn.setDoInput(true);
   // 獲取URLConnection對象對應(yīng)的輸出流
   out = new PrintWriter(conn.getOutputStream());
   // 發(fā)送請求參數(shù)
   out.print(param);
   // flush輸出流的緩沖
   out.flush();
   // 定義BufferedReader輸入流來讀取URL的響應(yīng)
   in = new BufferedReader(
     new InputStreamReader(conn.getInputStream()));
   String line;
   while ((line = in.readLine()) != null) {
    result += line;
   }
  } catch (Exception e) {
   System.out.println("發(fā)送 POST 請求出現(xiàn)異常！" + e);
   e.printStackTrace();
  }
  //使用finally塊來關(guān)閉輸出流、輸入流
  finally {
   try {
    if (out != null) {
     out.close();
    }
    if (in != null) {
     in.close();
    }
   } catch (IOException ex) {
    ex.printStackTrace();
   }
  }
  return result;
 }
}

package cn.xydx.crowdfunding.util;

import cn.xydx.crowdfunding.util.WXPayConstants.SignType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.*;


public class WXPayUtil {

 private static final String SYMBOLS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";

 private static final Random RANDOM = new SecureRandom();

 /**
  * XML格式字符串轉(zhuǎn)換為Map
  *
  * @param strXML XML字符串
  * @return XML數(shù)據(jù)轉(zhuǎn)換后的Map
  * @throws Exception
  */
 public static Map<String, String> xmlToMap(String strXML) throws Exception {
  try {
   Map<String, String> data = new HashMap<String, String>();
   DocumentBuilder documentBuilder = WXPayXmlUtil.newDocumentBuilder();
   InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8"));
   org.w3c.dom.Document doc = documentBuilder.parse(stream);
   doc.getDocumentElement().normalize();
   NodeList nodeList = doc.getDocumentElement().getChildNodes();
   for (int idx = 0; idx < nodeList.getLength(); ++idx) {
    Node node = nodeList.item(idx);
    if (node.getNodeType() == Node.ELEMENT_NODE) {
     org.w3c.dom.Element element = (org.w3c.dom.Element) node;
     data.put(element.getNodeName(), element.getTextContent());
    }
   }
   try {
    stream.close();
   } catch (Exception ex) {
    // do nothing
   }
   return data;
  } catch (Exception ex) {
   WXPayUtil.getLogger().warn("Invalid XML, can not convert to map. Error message: {}. XML content: {}", ex.getMessage(), strXML);
   throw ex;
  }

 }

 /**
  * 將Map轉(zhuǎn)換為XML格式的字符串
  *
  * @param data Map類型數(shù)據(jù)
  * @return XML格式的字符串
  * @throws Exception
  */
 public static String mapToXml(Map<String, String> data) throws Exception {
  org.w3c.dom.Document document = WXPayXmlUtil.newDocument();
  org.w3c.dom.Element root = document.createElement("xml");
  document.appendChild(root);
  for (String key: data.keySet()) {
   String value = data.get(key);
   if (value == null) {
    value = "";
   }
   value = value.trim();
   org.w3c.dom.Element filed = document.createElement(key);
   filed.appendChild(document.createTextNode(value));
   root.appendChild(filed);
  }
  TransformerFactory tf = TransformerFactory.newInstance();
  Transformer transformer = tf.newTransformer();
  DOMSource source = new DOMSource(document);
  transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
  transformer.setOutputProperty(OutputKeys.INDENT, "yes");
  StringWriter writer = new StringWriter();
  StreamResult result = new StreamResult(writer);
  transformer.transform(source, result);
  String output = writer.getBuffer().toString(); //.replaceAll("\n|\r", "");
  try {
   writer.close();
  }
  catch (Exception ex) {
  }
  return output;
 }


 /**
  * 生成帶有 sign 的 XML 格式字符串
  *
  * @param data Map類型數(shù)據(jù)
  * @param key API密鑰
  * @return 含有sign字段的XML
  */
 public static String generateSignedXml(final Map<String, String> data, String key) throws Exception {
  return generateSignedXml(data, key, SignType.MD5);
 }

 /**
  * 生成帶有 sign 的 XML 格式字符串
  *
  * @param data Map類型數(shù)據(jù)
  * @param key API密鑰
  * @param signType 簽名類型
  * @return 含有sign字段的XML
  */
 public static String generateSignedXml(final Map<String, String> data, String key, SignType signType) throws Exception {
  String sign = generateSignature(data, key, signType);
  data.put(WXPayConstants.FIELD_SIGN, sign);
  return mapToXml(data);
 }

 /**
  * 判斷簽名是否正確
  *
  * @param xmlStr XML格式數(shù)據(jù)
  * @param key API密鑰
  * @return 簽名是否正確
  * @throws Exception
  */
 public static boolean isSignatureValid(String xmlStr, String key) throws Exception {
  Map<String, String> data = xmlToMap(xmlStr);
  if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
   return false;
  }
  String sign = data.get(WXPayConstants.FIELD_SIGN);
  return generateSignature(data, key).equals(sign);
 }

 /**
  * 判斷簽名是否正確，必須包含sign字段，否則返回false。使用MD5簽名。
  *
  * @param data Map類型數(shù)據(jù)
  * @param key API密鑰
  * @return 簽名是否正確
  * @throws Exception
  */
 public static boolean isSignatureValid(Map<String, String> data, String key) throws Exception {
  return isSignatureValid(data, key, SignType.MD5);
 }

 /**
  * 判斷簽名是否正確，必須包含sign字段，否則返回false。
  *
  * @param data Map類型數(shù)據(jù)
  * @param key API密鑰
  * @param signType 簽名方式
  * @return 簽名是否正確
  * @throws Exception
  */
 public static boolean isSignatureValid(Map<String, String> data, String key, SignType signType) throws Exception {
  if (!data.containsKey(WXPayConstants.FIELD_SIGN) ) {
   return false;
  }
  String sign = data.get(WXPayConstants.FIELD_SIGN);
  return generateSignature(data, key, signType).equals(sign);
 }

 /**
  * 生成簽名
  *
  * @param data 待簽名數(shù)據(jù)
  * @param key API密鑰
  * @return 簽名
  */
 public static String generateSignature(final Map<String, String> data, String key) throws Exception {
  return generateSignature(data, key, SignType.MD5);
 }

 /**
  * 生成簽名. 注意，若含有sign_type字段，必須和signType參數(shù)保持一致。
  *
  * @param data 待簽名數(shù)據(jù)
  * @param key API密鑰
  * @param signType 簽名方式
  * @return 簽名
  */
 public static String generateSignature(final Map<String, String> data, String key, SignType signType) throws Exception {
  Set<String> keySet = data.keySet();
  String[] keyArray = keySet.toArray(new String[keySet.size()]);
  Arrays.sort(keyArray);
  StringBuilder sb = new StringBuilder();
  for (String k : keyArray) {
   if (k.equals(WXPayConstants.FIELD_SIGN)) {
    continue;
   }
   if (data.get(k).trim().length() > 0) // 參數(shù)值為空，則不參與簽名
    sb.append(k).append("=").append(data.get(k).trim()).append("&");
  }
  sb.append("key=").append(key);
  if (SignType.MD5.equals(signType)) {
   return MD5(sb.toString()).toUpperCase();
  }
  else if (SignType.HMACSHA256.equals(signType)) {
   return HMACSHA256(sb.toString(), key);
  }
  else {
   throw new Exception(String.format("Invalid sign_type: %s", signType));
  }
 }


 /**
  * 獲取隨機字符串 Nonce Str
  *
  * @return String 隨機字符串
  */
 public static String generateNonceStr() {
  char[] nonceChars = new char[32];
  for (int index = 0; index < nonceChars.length; ++index) {
   nonceChars[index] = SYMBOLS.charAt(RANDOM.nextInt(SYMBOLS.length()));
  }
  return new String(nonceChars);
 }


 /**
  * 生成 MD5
  *
  * @param data 待處理數(shù)據(jù)
  * @return MD5結(jié)果
  */
 public static String MD5(String data) throws Exception {
  java.security.MessageDigest md = MessageDigest.getInstance("MD5");
  byte[] array = md.digest(data.getBytes("UTF-8"));
  StringBuilder sb = new StringBuilder();
  for (byte item : array) {
   sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
  }
  return sb.toString().toUpperCase();
 }

 /**
  * 生成 HMACSHA256
  * @param data 待處理數(shù)據(jù)
  * @param key 密鑰
  * @return 加密結(jié)果
  * @throws Exception
  */
 public static String HMACSHA256(String data, String key) throws Exception {
  Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
  SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA256");
  sha256_HMAC.init(secret_key);
  byte[] array = sha256_HMAC.doFinal(data.getBytes("UTF-8"));
  StringBuilder sb = new StringBuilder();
  for (byte item : array) {
   sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
  }
  return sb.toString().toUpperCase();
 }

 /**
  * 日志
  * @return
  */
 public static Logger getLogger() {
  Logger logger = LoggerFactory.getLogger("wxpay java sdk");
  return logger;
 }

 /**
  * 獲取當(dāng)前時間戳，單位秒
  * @return
  */
 public static long getCurrentTimestamp() {
  return System.currentTimeMillis()/1000;
 }

 /**
  * 獲取當(dāng)前時間戳，單位毫秒
  * @return
  */
 public static long getCurrentTimestampMs() {
  return System.currentTimeMillis();
 }

}

 <li><a  rel="external nofollow" >立即訂購</a></li>

//獲取code
function getQueryString(name) {
 var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)", "i");
 var r = window.location.search.substr(1).match(reg);
 if (r != null) return unescape(r[2]); return null;
}

var code = getQueryString("code");
  if (code) {
  var url = "http://******/WeixinService/orders?code=" + code + "";
  $.get(url, function (data) {
  var appid = data.appId;
  var timeStamp = data.timeStamp;
  var nonceStr = data.nonceStr;
  var package = data.package;
  var signType = data.signType;
  var paySign = data.paySign;

  if (typeof WeixinJSBridge == "undefined") {
  if (document.addEventListener) {
  document.addEventListener('WeixinJSBridgeReady',
  onBridgeReady, false);
  } else if (document.attachEvent) {
  document.attachEvent('WeixinJSBridgeReady',
  onBridgeReady);
  document.attachEvent('onWeixinJSBridgeReady',
  onBridgeReady);
  }
  } else {
  // onBridgeReady();
  WeixinJSBridge.invoke('getBrandWCPayRequest', {
  "appId": appid,  //公眾號名稱,由商戶傳入  
  "timeStamp": timeStamp,   //時間戳,自1970年以來的秒數(shù)  
  "nonceStr": nonceStr, //隨機串  
  "package": package,
  "signType": signType,   //微信簽名方式：  
  "paySign": paySign //微信簽名 
  },
  function (res) {
  if (res.err_msg == "get_brand_wcpay_request:ok") {
  //console.log('支付成功');

  // 支付成功后比如新增數(shù)據(jù)
  $.post("http://******/saveUser", {
  userName: $('#inputName').val(),
  userIdentity: $('#inputIdentity').val(),
  companyName: $('#inputCompany').val(),
  userPhone: $('#inputPhone').val()
  },
  function (data, status) {
  alert("數(shù)據(jù): \n你好！" + $('#inputName').val() + "\n狀態(tài): " + status);

  },
  "json"
  );
  //支付成功后跳轉(zhuǎn)的頁面
  alert("支付成功!將返回首頁!請分享******!");
  window.history.go(-1);
  } else if (res.err_msg == "get_brand_wcpay_request:cancel") {
  //console.log('支付取消');
  alert("支付取消!保證數(shù)據(jù)安全 重新參加訂購!");
  //WeixinJSBridge.call('closeWindow');
  window.history.go(-1);
  } else if (res.err_msg == "get_brand_wcpay_request:fail") {
  //console.log('支付失敗');
  alert("支付失敗!重復(fù)支付，建議稍后參加訂購");
  WeixinJSBridge.call('closeWindow');
  } //使用以上方式判斷前端返回,微信團隊鄭重提示：res.err_msg將在用戶支付成功后返回ok,但并不保證它絕對可靠。
  });
  }

  }, "json")
  } else {
  alert("服務(wù)器異常")
  }