123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185 |
- using Aop.Api.Util;
- using System;
- using System.Collections.Generic;
- using System.IO;
- using System.Linq;
- using System.Net;
- using System.Text;
- using System.Web;
- namespace EMIS.Utility.OnlinePay.Alipay.Models
- {
- public class Notify
- {
- #region 字段
- private string _partner = ""; //合作身份者ID
- private string _charset = ""; //编码格式
- private string _sign_type = ""; //签名方式
- private string _alipay_public_key = ""; //支付宝公钥文件地址
- //支付宝消息验证地址
- private string Https_veryfy_url = "";
- #endregion
- /// <summary>
- /// 构造函数
- /// 从配置文件中初始化变量
- /// </summary>
- /// <param name="inputPara">通知返回参数数组</param>
- /// <param name="notify_id">通知验证ID</param>
- public Notify(string charset, string sign_type, string pid, string mapiUrl, string alipay_public_key)
- {
- //初始化基础配置信息
- _charset = charset;
- _sign_type = sign_type;
- _partner = pid;
- Https_veryfy_url = mapiUrl + "?service=notify_verify&";
- _alipay_public_key = alipay_public_key;
- }
- /// <summary>
- /// 验证消息是否是支付宝发出的合法消息
- /// </summary>
- /// <param name="inputPara">通知返回参数数组</param>
- /// <param name="notify_id">通知验证ID</param>
- /// <param name="sign">支付宝生成的签名结果</param>
- /// <returns>验证结果</returns>
- public bool Verify(SortedDictionary<string, string> inputPara, string notify_id, string sign)
- {
- //获取返回时的签名验证结果
- bool isSign = GetSignVeryfy(inputPara, sign);
- //获取是否是支付宝服务器发来的请求的验证结果
- //string responseTxt = "true";
- //当面付2.0的异步通
- //if (notify_id != null && notify_id != "") { responseTxt = GetResponseTxt(notify_id); }
- //写日志记录(若要调试,请取消下面两行注释)
- //string sWord = "responseTxt=" + responseTxt + "\n isSign=" + isSign.ToString() + "\n 返回回来的参数:" + GetPreSignStr(inputPara) + "\n ";
- //Core.LogResult(sWord);
- //对于开放平台的异步通知,通过验签可以达到安全校验的目的
- //isSign不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
- if (isSign)//验证成功
- {
- return true;
- }
- else//验证失败
- {
- return false;
- }
- }
- /// <summary>
- /// 获取待签名字符串(调试用)
- /// </summary>
- /// <param name="inputPara">通知返回参数数组</param>
- /// <returns>待签名字符串</returns>
- private string GetPreSignStr(SortedDictionary<string, string> inputPara)
- {
- Dictionary<string, string> sPara = new Dictionary<string, string>();
- //过滤空值、sign与sign_type参数
- sPara = Core.FilterPara(inputPara);
- //获取待签名字符串
- string preSignStr = Core.CreateLinkString(sPara);
- return preSignStr;
- }
- /// <summary>
- /// 获取返回时的签名验证结果
- /// </summary>
- /// <param name="inputPara">通知返回参数数组</param>
- /// <param name="sign">对比的签名结果</param>
- /// <returns>签名验证结果</returns>
- private bool GetSignVeryfy(SortedDictionary<string, string> inputPara, string sign)
- {
- Dictionary<string, string> sPara = new Dictionary<string, string>();
- //过滤空值、sign与sign_type参数
- sPara = Core.FilterPara(inputPara);
- //获取待签名字符串
- string preSignStr = Core.CreateLinkString(sPara);
- //获得签名验证结果
- bool isSign = false;
- if (sign != null && sign != "")
- {
- switch (_sign_type)
- {
- case "RSA":
- isSign = AlipaySignature.RSACheckContent(preSignStr, sign, _alipay_public_key, _charset, _sign_type, false);
- break;
- case "RSA2":
- isSign = AlipaySignature.RSACheckContent(preSignStr, sign, _alipay_public_key, _charset, _sign_type, false);
- break;
- default:
- break;
- }
- }
- return isSign;
- }
- /// <summary>
- /// 获取是否是支付宝服务器发来的请求的验证结果
- /// </summary>
- /// <param name="notify_id">通知验证ID</param>
- /// <returns>验证结果</returns>
- private string GetResponseTxt(string notify_id)
- {
- string veryfy_url = Https_veryfy_url + "partner=" + _partner + "¬ify_id=" + notify_id;
- //获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求
- string responseTxt = Get_Http(veryfy_url, 120000);
- return responseTxt;
- }
- /// <summary>
- /// 获取远程服务器ATN结果
- /// </summary>
- /// <param name="strUrl">指定URL路径地址</param>
- /// <param name="timeout">超时时间设置</param>
- /// <returns>服务器ATN结果</returns>
- private string Get_Http(string strUrl, int timeout)
- {
- string strResult;
- try
- {
- HttpWebRequest myReq = (HttpWebRequest)HttpWebRequest.Create(strUrl);
- myReq.Timeout = timeout;
- HttpWebResponse HttpWResp = (HttpWebResponse)myReq.GetResponse();
- Stream myStream = HttpWResp.GetResponseStream();
- StreamReader sr = new StreamReader(myStream, Encoding.Default);
- StringBuilder strBuilder = new StringBuilder();
- while (-1 != sr.Peek())
- {
- strBuilder.Append(sr.ReadLine());
- }
- strResult = strBuilder.ToString();
- }
- catch (Exception exp)
- {
- strResult = "错误:" + exp.Message;
- }
- return strResult;
- }
- }
- }
|