Signature algorithms
Signature generation steps
Let all the data sent or received be set M, sort the parameters of the non-null parameter values in the set M according to the ASCII code of the parameter name from small to large (dictionary order), and use the format of the URL key-value pair (i.e., key1=value1&key2=value2...). ) concatenated into the string stringA.
Finally, concatenate the key (merchant key) on stringA to obtain the stringSignTemp string, perform MD5 operation on stringSignTemp, and then convert all the characters of the obtained string to uppercase to obtain the sign value signValue.
example
For example, the request parameters are as follows:
{
"countryId": "COL",
"currency": "COP",
"customerAccount": "3720000264",
"merId": "8301000002750275",
"merOrderNo": "merOrderNo",
"nonceStr": "string",
"orderAmount": "30000",
"payProduct": "08",
"nonceStr": "4cKcL83FIsDgjAi"
}Concatenate the string according to the rule to obtain the string to be signed
countryId=COL¤cy=COP&customerAccount=3720000264&merId=8301000002750275&merOrderNo=merOrderNo&nonceStr=4cKcL83FIsDgjAi&orderAmount=30000&payProduct=08&key=11111111111111111111111111111111Final Signature Result
1DD2448C750D92B3AE512F2E493F5665Final request parameters
{
"countryId": "COL",
"currency": "COP",
"customerAccount": "3720000264",
"merId": "8301000002750275",
"merOrderNo": "merOrderNo",
"nonceStr": "string",
"orderAmount": "30000",
"payProduct": "08",
"nonceStr": "4cKcL83FIsDgjAi",
"sign": "1DD2448C750D92B3AE512F2E493F5665"
}Use the Signature SDK
For details about how to download the SDK,see Dictionary Resource > Downloads - Signing SDKs
Introduce the "supefina-sign" jar package into your own project
The signature operation is completed through the com.supefina.sign.SupefinaSignUtils#sign(java.lang.Object,java.lang.String) method. (Parameter 1: request parameter JSON object; Parameter 2: Merchant Key)
Sign the demo
public static String sign(Object data, String key) {
return sign(JSON.parseObject(JSONObject.toJSONString(data)), key);
}
public static String sign(Map<String, Object> data, String key) {
data.remove("sign");
String signedValue = getSignedValue(data);
signedValue += "key=" + key;
log.info("signedValue:{}", signedValue);
return md5(signedValue, "UTF-8").toUpperCase();
}
private static String getSignedValue(Map<String, Object> reqMap) {
Map<String, String> copy = new TreeMap<>();
reqMap.forEach((k, v) -> {
if (v != null && !"".equals(v)) {
copy.put(k, v.toString());
}
});
StringBuilder sb = new StringBuilder();
copy.forEach((k, v) -> {
if (v != null) {
sb.append(k).append("=").append(v).append("&");
}
});
return sb.toString();
}Verify the demo
String callbackData = "{\n" + " \"countryId\": \"COL\",\n" + " \"currency\": \"COP\",\n"
+ " \"customerAccount\": \"3720000264\",\n" + " \"merId\": \"8301000002750275\",\n"
+ " \"merOrderNo\": \"merOrderNo\",\n" + " \"nonceStr\": \"string\",\n"
+ " \"orderAmount\": \"30000\",\n" + " \"payProduct\": \"08\",\n"
+ " \"nonceStr\": \"4cKcL83FIsDgjAi\",\n" + " \"sign\": \"1DD2448C750D92B3AE512F2E493F5665\"\n" + "}";
JSONObject data = JSON.parseObject(callbackData);
String sign = data.get("sign").toString();
data.remove("sign");
String signValue = SupefinaSignUtils.sign(data, "商户key");
if (Objects.equals(sign, signValue)) {
// 验证签名通过
} else {
// 失败
}Última actualización