Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

微信支付相关:新商户不再支持平台证书模式 只支持公钥模式 导致调用https://api.mch.weixin.qq.com/v3/certificates接口返回证书不存在 #3402

Closed
lin-youming opened this issue Oct 30, 2024 · 17 comments · Fixed by #3425
Milestone

Comments

@lin-youming
Copy link

简要描述

微信支付官方的变更导致目前 新商户想入驻平台 调起支付时报错

模块版本情况

  • WxJava 模块名: weixin-java-pay
  • WxJava 版本号:4.6.0

详细描述

该方法请求https://api.mch.weixin.qq.com/v3/certificates接口获取平台证书 返回证书不存在 目前因微信官方变更导致新入驻的商户不在支持平台证书模式 转而支持公钥模式
private void autoUpdateCert() throws IOException, GeneralSecurityException {
WxPayV3HttpClientBuilder wxPayV3HttpClientBuilder = WxPayV3HttpClientBuilder.create()
.withCredentials(credentials)
.withValidator(verifier == null ? response -> true : new WxPayValidator(verifier));

//调用自定义扩展设置设置HTTP PROXY对象
HttpProxyUtils.initHttpProxy(wxPayV3HttpClientBuilder,this.wxPayHttpProxy);

//增加自定义扩展点,子类可以设置其他构造参数
this.customHttpClientBuilder(wxPayV3HttpClientBuilder);

CloseableHttpClient httpClient = wxPayV3HttpClientBuilder.build();

HttpGet httpGet = new HttpGet(CERT_DOWNLOAD_PATH);
httpGet.addHeader("Accept", "application/json");

CloseableHttpResponse response = httpClient.execute(httpGet);
int statusCode = response.getStatusLine().getStatusCode();
String body = EntityUtils.toString(response.getEntity());
if (statusCode == HttpStatus.SC_OK) {
  List<X509Certificate> newCertList = deserializeToCerts(apiV3Key, body);
  if (newCertList.isEmpty()) {
    throw new WxRuntimeException("Cert list is empty");
  }
  this.verifier = new CertificatesVerifier(newCertList);
} else {
  log.warn("Auto update cert failed, statusCode = " + statusCode + ",body = " + body);
  throw new WxRuntimeException(this.getErrorMsg(body));
}

}
sp20241030_173902_671

sp20241030_175710_193
@lin-youming
Copy link
Author

lin-youming commented Oct 30, 2024

补一下 异常信息

Caused by: com.github.binarywang.wxpay.exception.WxPayException: v3请求构造异常!
at com.github.binarywang.wxpay.config.WxPayConfig.initApiV3HttpClient(WxPayConfig.java:303)
at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.createApiV3HttpClient(WxPayServiceApacheHttpImpl.java:309)
at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.requestV3(WxPayServiceApacheHttpImpl.java:215)
at com.github.binarywang.wxpay.service.impl.WxPayServiceApacheHttpImpl.getV3(WxPayServiceApacheHttpImpl.java:246)
at com.github.binarywang.wxpay.service.impl.BaseWxPayServiceImpl.queryOrderV3(BaseWxPayServiceImpl.java:505)
at com.mywl.framework.pay.core.client.impl.weixin.AbstractWxPayClient.doGetOrderV3(AbstractWxPayClient.java:228)
at com.mywl.framework.pay.core.client.impl.weixin.AbstractWxPayClient.doGetOrder(AbstractWxPayClient.java:195)
at com.mywl.framework.pay.core.client.impl.AbstractPayClient.getOrder(AbstractPayClient.java:122)
... 160 common frames omitted
Caused by: me.chanjar.weixin.common.error.WxRuntimeException: 证书不存在
at com.github.binarywang.wxpay.v3.auth.AutoUpdateCertificatesVerifier.autoUpdateCert(AutoUpdateCertificatesVerifier.java:170)
at com.github.binarywang.wxpay.v3.auth.AutoUpdateCertificatesVerifier.(AutoUpdateCertificatesVerifier.java:111)
at com.github.binarywang.wxpay.config.WxPayConfig.initApiV3HttpClient(WxPayConfig.java:281)
... 167 common frames omitted

@cherl
Copy link

cherl commented Oct 30, 2024

+1

@tekfig
Copy link

tekfig commented Oct 30, 2024

same issue

@fFanloat
Copy link

+1

3 similar comments
@2fx0one
Copy link

2fx0one commented Oct 31, 2024

+1

@gaollard
Copy link

+1

@Derick-L-HQ
Copy link

+1

@YYQHoro
Copy link

YYQHoro commented Nov 4, 2024

本项目是否已经支持了微信支付公钥?我看源码好像没有写这方面的东西,只有加载平台证书。
实在不行我们改用微信官方SDK临时规避一下wechatpay-java

@small-redguy
Copy link

测试了下,通过修改重写WxPayConfig类可暂时解决:https://blog.csdn.net/qq_37391200/article/details/143508109

@Derick-L-HQ
Copy link

Derick-L-HQ commented Nov 5, 2024

测试了下,通过修改重写WxPayConfig类可暂时解决:https://blog.csdn.net/qq_37391200/article/details/143508109

Uploading screenshot_2024-11-05_17-28-21.png…

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@binarywang
Copy link
Owner

欢迎楼上的朋友帮忙提供最新修复代码

@HaalandCR
Copy link

HaalandCR commented Nov 6, 2024

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

@binarywang binarywang added this to the 4.7.0 milestone Nov 6, 2024
@Derick-L-HQ
Copy link

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

@zhanyan-Ader1y
Copy link
Contributor

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

请问有对应的fork了吗, 如果还没开始改的话我可以帮忙修复这个问题

@binarywang
Copy link
Owner

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

请问有对应的fork了吗, 如果还没开始改的话我可以帮忙修复这个问题

你开搞吧,大家都等着呢

@zhanyan-Ader1y
Copy link
Contributor

官方给的publicKeyId是带有前缀的吧,看你因为类型转换问题这部分替换掉了,如果没影响是没问题,

@PiscesNick 大佬不提下pr嘛

还没测试,所以,临时应急可以先用上面那个兄弟的方案, 实现verifier 自定义X509Certificate 改写getPublicKey的方法和getSerialNumber 看他文档是测试了,这个是改动最小的 涉及三个原有的类,新增一个自定义

请问有对应的fork了吗, 如果还没开始改的话我可以帮忙修复这个问题

你开搞吧,大家都等着呢

ok

@zhanyan-Ader1y
Copy link
Contributor

比较急的朋友可以通过类加载的特性在本地新建一个相同名字的WxPayConfig和PemUtils类, 并添加剩下的原本没有的类即可.

可以在这个提交中找到所有内容

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.