cuter44 / wxpay-sdk Goto Github PK
View Code? Open in Web Editor NEWServer-side SDK of Weixin/WeChat, the Java binding.
License: Other
Server-side SDK of Weixin/WeChat, the Java binding.
License: Other
因为赛门铁克出售了CA业务, 所以微信企业 API 服务器更换了证书. 您需要更新软件包到 0.14.1 或者 自行替换证书 以解决问题.
自行替换证书的步骤如下:
As Symentac sold their Web Certificate business, GeoTrust now become a child CA of DigiCert, i.e. no longer a Root CA.
Thereafter, Tencent changed their server cert rooting on a new DigiCert cert on 2018-2-28. Hence our original bundled certificates is no longer valid. You have to tweak it to catch up.
Release 0.14.1 fixed this problem. If you are unable to update the package there is still an alternative:
Thanks for your reliance of Nyaguruware. ฅ(⌯͒• ɪ •⌯͒)ฅ
WxpayErrorCode REFUNDNOTEXIST is seen while invoking RefundQuery, while passing a valid out_trade_no
that with no yet any refund. This will caused an IllegalArgumentException
on com.github.cuter44.wxpay.constants.WxpayErrorCode.forName(WxpayErrorCode.java:51)
.
We have fixed this problem. Patch is releasing in a few days.
Sorry about that.
It is the ERROR
(but not documented in official docs)
Which is not included in WxpayErrorCode
, and it may lead to java.lang.IllegalArgumentException: No enum constant com.github.cuter44.wxpay.constants.WxpayErrorCode.ERROR
Not really big deal, we will find some spare to fix it.
这个项目是怎么样打开的呢?
Due to latest explaination from wxpay official page. The current release may not meet the standards.
It is supposed to boom while converting between wxpay's time format(yyyyMMddHHmmss)(with GMT+8 timezone) and java.util.Date(w/o timezone) on a non-CST environment.
No reports received so far. So I haven't take a further exam to ensure its existence.
Currently there is no patch to it.
If you are suffering it, a quick way is to adjust your environment to make it using GMT+8 timezone. The JRE will apply this right fitting the wxpay requirement.
If you are not doing that, try to make a jury patch yourself, this should be rather easy for a skilled developer.
Sorry for the inconvenience.
获取得到prepay_id再签名后,回送给移动端的时候签名不对,不能进行支付
This feature allows wxpay-sdk distribute/accept distributed access_token
across application context.
已经升级了jce的两个jar包,之后用这个JDK启动后,还是报错,具体堆栈信息如下:
ERROR c.f.fxl.web.m.api.v2.UserController - java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Usage constraint TLSServer check failed: SHA1 used with certificate: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US. Usage was tls server
at com.github.cuter44.wxmp.util.TokenKeeper.retrieveAccessToken(TokenKeeper.java:89)
at com.github.cuter44.wxmp.util.TokenKeeper.getAccessToken(TokenKeeper.java:111)
at com.github.cuter44.wxmp.util.TokenKeeper.retrieveJSSDKTicket(TokenKeeper.java:120)
at com.github.cuter44.wxmp.util.TokenKeeper.getJSSDKTicket(TokenKeeper.java:149)
at com.fangxuele.fxl.util.wx.WxmpUtil.getWxJssdkParam(WxmpUtil.java:58)
at com.fangxuele.fxl.service.v2.CustomerService.getWxJssdk(CustomerService.java:385)
at com.fangxuele.fxl.service.v2.CustomerService$$FastClassBySpringCGLIB$$c0c26860.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at com.fangxuele.fxl.service.v2.CustomerService$$EnhancerBySpringCGLIB$$19c3a251.getWxJssdk()
Whose .verify()
is still not implemented yet.
As Tencent enriched available properties of notify API response, the com.github.cuter44.wxpay.resps.Notify#verify
is out-dated and incompatible with current schema. which may cause verify()
always returns false.
This problem will be solved in next time we rework the Notify
(which is pending). If you're in emergency, you'd better implements your own version of verify()
, or disable sign-verify(in config file, but may raise security risk).
Sorry to make you in trouble.
Due to one of the constants is set faultily. This two function did not performed correctly.
This bug has been fixed on 0.3.3, previous version are all affected. DO NOT USE THEM ANYMORE!
Errrr...my fault. (´・ω・`)
java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:514)
at java.util.Properties.setProperty(Properties.java:161)
at com.github.cuter44.wxmsg.servlet.WxmsgGatewayServlet.doGet(WxmsgGatew
ayServlet.java:145)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:303)
Which is indicating wx-server is not sending signature
as docs claiming.
We'll take further investigation later.
WeChat have migrate group
into tags
for UserInfo.
Hello all,
Unfortunately, we are seeing a massive trend that mixing wxmp and wxpay will be dangerous. It may take in poor performance, confusion, etc.
So we decide to make a slight isolation. The main idea is, to seperate wxmp and wxpay reqs/resps, each of them should have own package hierarchy and super-class. Another thing is, explicitly defining one-api-one-req, and .build().sign().execute() workflow.
These changes are pushing version code to 0.4.z, which means backwards incompatiable. Meanwhile 0.3.z codebase is no longer maintained. Projects using 0.3 CANNOT upgrade without adapting code, I HAVE TOLD YOU.
近期公司的APP在试用微信支付的时候突然报一下错误:
[framework] 2018-07-10 14:29:52,094 - com.pinghua.rest.WxpayRestServices -19043979 [http-apr-8080-exec-30] ERROR com.pinghua.rest.WxpayRestServices - unified order faild! javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:261) at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:118) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:314) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:357) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:218) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:194) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:85) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106) at com.github.cuter44.wxpay.reqs.WxpayRequestBase.executePostXML(WxpayRequestBase.java:286) at com.github.cuter44.wxpay.reqs.UnifiedOrder.execute(UnifiedOrder.java:93) at com.pinghua.rest.WxpayRestServices.unifiedOrder(WxpayRestServices.java:89) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180) at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:115) at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58) at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:238) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:222) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:163) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137) at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:158) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:239) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:159) at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:215) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at com.pinghua.filter.SecurityFilter.doFilter(SecurityFilter.java:140) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:147) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2500) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2489) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1488) ... 74 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ... 80 more
开始觉得可能是微信支付的证书过期了,后来证实确实过期了,然后重新申请了证书,并替换了系统WEB-INF/classes目录下的apiclient_cert.p12文件,重启后依然报上面的错误。
wxpay.properties 文件中的相关的配置参数为:LOAD_IDENTIFICATION=/apiclient_cert.p12
服务器环境:
Windows Server 2008 R2 Enterprise
JDK 1.8.0_60
Tomcat-8.0.32
Can't found file ".p12"
Support off-shore API node like below:
https://apihk.mch.weixin.qq.com/pay/orderquery (建议接入点:东南亚)
https://apius.mch.weixin.qq.com/pay/orderquery (建议接入点:其它)
https://api.mch.weixin.qq.com/pay/orderquery (建议接入点:**国内)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.