From 24453d42ddcea126dc803d2c94eaaa9b84fa3a87 Mon Sep 17 00:00:00 2001
From: Hpyer <me@hpyer.cn>
Date: Wed, 20 Dec 2023 12:06:38 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E8=8E=B7=E5=8F=96=E5=BE=AE=E4=BF=A1?=
 =?UTF-8?q?=E6=94=AF=E4=BB=98=E5=B9=B3=E5=8F=B0=E8=AF=81=E4=B9=A6=E6=97=B6?=
 =?UTF-8?q?=EF=BC=8C=E5=BF=BD=E7=95=A5=E6=9C=89=E6=95=88=E6=9C=9F=E5=B0=91?=
 =?UTF-8?q?=E4=BA=8E1=E5=A4=A9=E7=9A=84=E8=AF=81=E4=B9=A6=20(#57)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/Pay/Merchant.ts          | 9 ++++++++-
 test/Pay/Application.test.js | 7 ++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/Pay/Merchant.ts b/src/Pay/Merchant.ts
index c4e366e..13f4e55 100644
--- a/src/Pay/Merchant.ts
+++ b/src/Pay/Merchant.ts
@@ -123,7 +123,12 @@ class Merchant implements MerchantInterface
       let response = await this.app.getClient().get('/v3/certificates');
       let data = response.toObject();
       if (data && data.data && data.data.length > 0) {
+        let nowTime = Math.round((new Date()).getTime() / 1000);
         data.data.forEach((item: any) => {
+          // 跳过有效期少于1天的证书
+          let expireTime = Math.round((new Date(item.expire_time)).getTime() / 1000) - 86400;
+          if (expireTime < nowTime) return;
+
           let content = AES_GCM.decrypt(
             item.encrypt_certificate.ciphertext,
             this.app.getConfig().get('secret_key'),
@@ -132,7 +137,9 @@ class Merchant implements MerchantInterface
           ).toString();
           certs[item.serial_no] = content;
         });
-        await cache.set(cacheKey, certs, 36000); // 缓存10小时
+        if (Object.keys(certs).length > 0) {
+          await cache.set(cacheKey, certs, 36000); // 缓存10小时
+        }
       }
     }
     this.setPlatformCerts(certs);
diff --git a/test/Pay/Application.test.js b/test/Pay/Application.test.js
index 4aba8ae..31d0eb3 100644
--- a/test/Pay/Application.test.js
+++ b/test/Pay/Application.test.js
@@ -8,6 +8,7 @@ const Path = require('path');
 const RSA = require('../../dist/Core/Support/RSA');
 const { getTimestamp, randomString } = require('../../dist/Core/Support/Utils');
 const Message = require('../../dist/Pay/Message');
+const { PublicKey } = require('../../dist/Core/Support/PublicKey');
 
 class TestUnit extends BaseTestUnit {
 
@@ -108,13 +109,16 @@ class TestUnit extends BaseTestUnit {
       payConfig.secret_key = 'mock-secret-key1mock-secret-key1';
       let app = new Pay(payConfig);
 
+      let now = new Date;
+      now.setTime(now.getTime() + 87000*1000);  // 确保默认证书有效期一天以上
+      console.log('now.toISOString()', now.toISOString())
       let httpclient = this.getMockedHttpClient(app.getHttpClient());
       httpclient.mock('get', '/v3/certificates').reply(200, {
         data: [
           {
             serial_no: 'fake-serial_no',
             effective_time: '2018-06-08T10:34:56+08:00',
-            expire_time: '2018-06-08T10:34:56+08:00',
+            expire_time: now.toISOString(),
             encrypt_certificate: {
               algorithm: 'AEAD_AES_256_GCM',
               nonce: '61f9c719728a',
@@ -129,6 +133,7 @@ class TestUnit extends BaseTestUnit {
       let merchant = app.getMerchant();
       await merchant.loadPlatformCerts();
       let cert = await merchant.getPlatformCert('fake-serial_no');
+      this.assert.strictEqual(cert instanceof PublicKey, true);
       this.assert.strictEqual(cert.getValue().toString(), 'fake-ciphertext');
     });