fix: 获取微信支付平台证书时，忽略有效期少于1天的证书 (#57)

hpyer · Dec 20, 2023 · 24453d4 · 24453d4
1 parent c94e246
commit 24453d4
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 2 deletions.
diff --git a/src/Pay/Merchant.ts b/src/Pay/Merchant.ts
@@ -123,7 +123,12 @@ class Merchant implements MerchantInterface
       let response = await this.app.getClient().get('/v3/certificates');
       let data = response.toObject();
       if (data && data.data && data.data.length > 0) {
+        let nowTime = Math.round((new Date()).getTime() / 1000);
         data.data.forEach((item: any) => {
+          // 跳过有效期少于1天的证书
+          let expireTime = Math.round((new Date(item.expire_time)).getTime() / 1000) - 86400;
+          if (expireTime < nowTime) return;
+
           let content = AES_GCM.decrypt(
             item.encrypt_certificate.ciphertext,
             this.app.getConfig().get('secret_key'),
@@ -132,7 +137,9 @@ class Merchant implements MerchantInterface
           ).toString();
           certs[item.serial_no] = content;
         });
-        await cache.set(cacheKey, certs, 36000); // 缓存10小时
+        if (Object.keys(certs).length > 0) {
+          await cache.set(cacheKey, certs, 36000); // 缓存10小时
+        }
       }
     }
     this.setPlatformCerts(certs);

diff --git a/test/Pay/Application.test.js b/test/Pay/Application.test.js
@@ -8,6 +8,7 @@ const Path = require('path');
 const RSA = require('../../dist/Core/Support/RSA');
 const { getTimestamp, randomString } = require('../../dist/Core/Support/Utils');
 const Message = require('../../dist/Pay/Message');
+const { PublicKey } = require('../../dist/Core/Support/PublicKey');
 
 class TestUnit extends BaseTestUnit {
 
@@ -108,13 +109,16 @@ class TestUnit extends BaseTestUnit {
       payConfig.secret_key = 'mock-secret-key1mock-secret-key1';
       let app = new Pay(payConfig);
 
+      let now = new Date;
+      now.setTime(now.getTime() + 87000*1000);  // 确保默认证书有效期一天以上
+      console.log('now.toISOString()', now.toISOString())
       let httpclient = this.getMockedHttpClient(app.getHttpClient());
       httpclient.mock('get', '/v3/certificates').reply(200, {
         data: [
           {
             serial_no: 'fake-serial_no',
             effective_time: '2018-06-08T10:34:56+08:00',
-            expire_time: '2018-06-08T10:34:56+08:00',
+            expire_time: now.toISOString(),
             encrypt_certificate: {
               algorithm: 'AEAD_AES_256_GCM',
               nonce: '61f9c719728a',
@@ -129,6 +133,7 @@ class TestUnit extends BaseTestUnit {
       let merchant = app.getMerchant();
       await merchant.loadPlatformCerts();
       let cert = await merchant.getPlatformCert('fake-serial_no');
+      this.assert.strictEqual(cert instanceof PublicKey, true);
       this.assert.strictEqual(cert.getValue().toString(), 'fake-ciphertext');
     });