为什么我敢说是权威版呢?
我在网上查阅了大量资料,他们给出的方案都不是最安全的做法,所有的操作都是放在客户端,而官方推荐的做法是放在服务器,支付成败结果应该由服务器来同步完成,而我的方案是经过重重考验而后得出来的。
Android集成微信支付
微信支付和支付宝支付一样的,都可以在客户端发起支付并成功通过,但这样做的漏洞比较大,所以一定不要通过客户端直接来完成
1.首先需要 在客户端向服务器发起一个微信预支付操作:
请求参数如下:
body.put("loginUserId", loginUserId );
body.put("title", title);
body.put("business", business);
body.put("orderId", orderId);
body.put("charges", charges); // 注意这里的金额是要在实际金额*100
body.put("employeeId", employeeId);
body.put("WXAppId", Const.WX_APP_ID);
微信预支付操作处理后可以从微信服务器获取一个预支付id,然后再通过预支付id真正发起微信支付操作.
WXPayUtil payUtil = new WXPayUtil(mActivity);
payUtil.doPayReq(bean.prepay_id);
具体代码放一下,反正也没有什么机密
public class WXPayUtil {
private PayReq req = null;
private IWXAPI msgApi = null;
private StringBuffer sb = null;
public WXPayUtil(final Activity activity) {
this.req = new PayReq();
this.msgApi = WXAPIFactory.createWXAPI(activity, null);
this.msgApi.registerApp(Constants.APP_ID);
this.sb = new StringBuffer();
}
/**
* @work:生成签名参数
* @date:2015-9-7 上午11:48:04
* @author:hg_liuzl@163.com
* @params:
*/
public void doPayReq(String prePayId) {
req.appId = Constants.APP_ID;
req.partnerId = Constants.MCH_ID;
req.prepayId = prePayId;
req.packageValue = "Sign=WXPay";
req.nonceStr = genNonceStr();
req.timeStamp = String.valueOf(genTimeStamp());
List<NameValuePair> signParams = new LinkedList<>();
signParams.add(new BasicNameValuePair("appid", req.appId));
signParams.add(new BasicNameValuePair("noncestr", req.nonceStr));
signParams.add(new BasicNameValuePair("package", req.packageValue));
signParams.add(new BasicNameValuePair("partnerid", req.partnerId));
signParams.add(new BasicNameValuePair("prepayid", req.prepayId));
signParams.add(new BasicNameValuePair("timestamp", req.timeStamp));
req.sign = genAppSign(signParams);
sb.append("sign\n" + req.sign + "\n\n");
sendPayReq();
}
/**
* @work:启动支付
* @date:2015-9-7 上午11:49:51
* @author:hg_liuzl@163.com
*/
private void sendPayReq() {
msgApi.registerApp(Constants.APP_ID);
msgApi.sendReq(req);
}
private String genAppSign(List<NameValuePair> params) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < params.size(); i++) {
sb.append(params.get(i).getName());
sb.append('=');
sb.append(params.get(i).getValue());
sb.append('&');
}
sb.append("key=");
sb.append(Constants.API_KEY);
this.sb.append("sign str\n" + sb.toString() + "\n\n");
String appSign = MD5.getMessageDigest(sb.toString().getBytes()).toUpperCase();
return appSign;
}
private String genNonceStr() {
Random random = new Random();
return MD5.getMessageDigest(String.valueOf(random.nextInt(10000)).getBytes());
}
private long genTimeStamp() {
return System.currentTimeMillis() / 1000;
}
然后微信的操作如下:
public class WXPayEntryActivity extends Activity implements IWXAPIEventHandler{
/***微信支付结果*/
public static int mWXPayResult = -1;
private static final String TAG = "MicroMsg.SDKSample.WXPayEntryActivity";
private IWXAPI api;
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.pay_result);
api = WXAPIFactory.createWXAPI(this, Constants.APP_ID);
api.handleIntent(getIntent(), this);
}
@Override
protected void onNewIntent(Intent intent) {
super.onNewIntent(intent);
setIntent(intent);
api.handleIntent(intent, this);
}
@Override
public void onReq(BaseReq req) {
}
@Override
public void onResp(BaseResp resp) {
if (resp.getType() == ConstantsAPI.COMMAND_PAY_BY_WX) {
mWXPayResult = resp.errCode;
if (resp.errCode == 0) //支付成功,
{
BToast.show(this, "支付成功!");
finish();
} else if(resp.errCode == -1) { //支付失败
BToast.show(this, "支付错误");
finish();
}else if(resp.errCode == -2){//取消支付
BToast.show(this, "您已经取消了支付!");
finish();
}
}
}
}
这里我有一个全局静态变量mWXPayResult来标记微信支付是否成功的状态.
mPayBean.payResult = WXPayEntryActivity.mWXPayResult == 0;
if (mPayBean.payResult) {
doSubmit();
}
这个时候微信支付就处理完毕.
