在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
最近对接微信wechatpay-api-v3商户通图片上传遇见“错误的签名,验签失败”的问题,发现有不少遇到同样问题的伙伴。希望下面的代码能帮到你们 <?php class Test { public function run() { $url = 'https://api.mch.weixin.qq.com/v3/merchant/media/upload'; $filename = __DIR__.'/1.png'; $merchant_id='商户号'; $serial_no='API证书序列号'; $mch_private_key=$this->getPrivateKey(ROOT_PATH.'cert/wxpay_shoufutong/apiclient_key.pem'); //商户私钥 $fi = new \finfo(FILEINFO_MIME_TYPE); $mime_type = $fi->file($filename); $data['filename'] = '1.png'; $meta['filename'] = '1.png'; $meta['sha256'] = hash_file('sha256',$filename); $boundary = uniqid(); //分割符号 $date = time(); $nonce = $this->nonce_str(); $sign = $this->sign($url,'POST',$date,$nonce,json_encode($meta),$mch_private_key,$merchant_id,$serial_no);//$http_method要大写 $header[] = 'User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36'; $header[] = 'Accept:application/json'; $header[] = 'Authorization:WECHATPAY2-SHA256-RSA2048 '.$sign; $header[] = 'Content-Type:multipart/form-data;boundary='.$boundary; $boundaryStr = "--{$boundary}\r\n"; $out = $boundaryStr; $out .= 'Content-Disposition: form-data; name="meta"'."\r\n"; $out .= 'Content-Type: application/json'."\r\n"; $out .= "\r\n"; $out .= json_encode($meta)."\r\n"; $out .= $boundaryStr; $out .= 'Content-Disposition: form-data; name="file"; filename="'.$data['filename'].'"'."\r\n"; $out .= 'Content-Type: '.$mime_type.';'."\r\n"; $out .= "\r\n"; $out .= file_get_contents($filename)."\r\n"; $out .= "--{$boundary}--\r\n"; $r = $this->doCurl($url,$out,$header); var_dump($r);die; } private function nonce_str() { return date('YmdHis', time()) . rand(10000, 99999); } public function doCurl($url, $data , $header = array(), $referer = '', $timeout = 30) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); //避免https 的ssl验证 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSLVERSION, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); // 模拟来源 curl_setopt($ch, CURLOPT_REFERER, $referer); $response = curl_exec($ch); if ($error = curl_error($ch)) { die($error); } curl_close($ch); return $response; } //获取私钥 public static function getPrivateKey($filepath) { return openssl_get_privatekey(file_get_contents($filepath)); } //签名 private function sign($url,$http_method,$timestamp,$nonce,$body,$mch_private_key,$merchant_id,$serial_no) { $url_parts = parse_url($url); $canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : "")); $message = $http_method."\n". $canonical_url."\n". $timestamp."\n". $nonce."\n". $body."\n"; openssl_sign($message, $raw_sign, $mch_private_key, 'sha256WithRSAEncryption'); $sign = base64_encode($raw_sign); $schema = 'WECHATPAY2-SHA256-RSA2048 '; $token = sprintf('mch', $merchant_id, $nonce, $timestamp, $serial_no, $sign); return $token; } } 版权声明:本文为CSDN博主「umedier」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。 |
2022-11-06
2022-08-15
2022-07-18
2022-08-17
2022-08-17
请发表评论