请求中自动添加 Wechatpay-Serial 头 (#312)

* feat: 请求中自动添加 Wechatpay-Serial 头 * fix: 修复平台证书模式获取序列号的方式
wechatpay-apiv3 · Nov 19, 2024 · 078d25b · 078d25b
1 parent 8492a63
commit 078d25b
Show file tree

Hide file tree

Showing 18 changed files with 233 additions and 34 deletions.
diff --git a/core/src/main/java/com/wechat/pay/java/core/auth/Validator.java b/core/src/main/java/com/wechat/pay/java/core/auth/Validator.java
@@ -14,4 +14,6 @@ public interface Validator {
    * @return 返回是否合法
    */
   <T> boolean validate(HttpHeaders responseHeaders, String body);
+
+  <T> String getSerialNumber();
 }
diff --git a/core/src/main/java/com/wechat/pay/java/core/auth/WechatPay2Validator.java b/core/src/main/java/com/wechat/pay/java/core/auth/WechatPay2Validator.java
@@ -60,4 +60,9 @@ public <T> boolean validate(HttpHeaders responseHeaders, String responseBody) {
     logger.debug("Signature for verifying signatures is[{}]", signature);
     return verifier.verify(serialNumber, message, signature);
   }
+
+  @Override
+  public <T> String getSerialNumber() {
+    return this.verifier.getSerialNumber();
+  }
 }
diff --git a/core/src/main/java/com/wechat/pay/java/core/certificate/RSAAutoCertificateProvider.java b/core/src/main/java/com/wechat/pay/java/core/certificate/RSAAutoCertificateProvider.java
@@ -113,6 +113,11 @@ public Builder httpClientBuilder(AbstractHttpClientBuilder<?> builder) {
           public boolean validate(HttpHeaders responseHeaders, String body) {
             return true;
           }
+
+          @Override
+          public <T> String getSerialNumber() {
+            return "";
+          }
         };
 
     public RSAAutoCertificateProvider build() {

diff --git a/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractVerifier.java b/core/src/main/java/com/wechat/pay/java/core/cipher/AbstractVerifier.java
@@ -3,6 +3,7 @@
 import static java.util.Objects.requireNonNull;
 
 import com.wechat.pay.java.core.certificate.CertificateProvider;
+import com.wechat.pay.java.core.util.PemUtil;
 import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
@@ -126,4 +127,14 @@ public boolean verify(String serialNumber, String message, String signature) {
     }
     return verify(certificate, message, signature);
   }
+
+  @Override
+  public String getSerialNumber() {
+    if (publicKey != null) {
+      return publicKeyId;
+    }
+
+    requireNonNull(certificateProvider);
+    return PemUtil.getSerialNumber(certificateProvider.getAvailableCertificate());
+  }
 }
diff --git a/core/src/main/java/com/wechat/pay/java/core/cipher/Verifier.java b/core/src/main/java/com/wechat/pay/java/core/cipher/Verifier.java
@@ -12,4 +12,6 @@ public interface Verifier {
    * @return 是否验证通过
    */
   boolean verify(String serialNumber, String message, String signature);
+
+  String getSerialNumber();
 }
diff --git a/core/src/main/java/com/wechat/pay/java/core/http/AbstractHttpClient.java b/core/src/main/java/com/wechat/pay/java/core/http/AbstractHttpClient.java
@@ -7,6 +7,7 @@
 import static com.wechat.pay.java.core.http.Constant.USER_AGENT;
 import static com.wechat.pay.java.core.http.Constant.USER_AGENT_FORMAT;
 import static com.wechat.pay.java.core.http.Constant.VERSION;
+import static com.wechat.pay.java.core.http.Constant.WECHAT_PAY_SERIAL;
 import static java.net.HttpURLConnection.HTTP_MULT_CHOICE;
 import static java.net.HttpURLConnection.HTTP_OK;
 import static java.util.Objects.requireNonNull;
@@ -39,6 +40,7 @@ public <T> HttpResponse<T> execute(HttpRequest httpRequest, Class<T> responseCla
             .headers(httpRequest.getHeaders())
             .addHeader(AUTHORIZATION, getAuthorization(httpRequest))
             .addHeader(USER_AGENT, getUserAgent())
+            .addHeader(WECHAT_PAY_SERIAL, getWechatPaySerial())
             .body(httpRequest.getBody())
             .build();
     OriginalResponse originalResponse = innerExecute(innerRequest);
@@ -57,6 +59,7 @@ public InputStream download(String url) {
             .addHeader(AUTHORIZATION, getAuthorization(originRequest))
             .addHeader(ACCEPT, "*/*")
             .addHeader(USER_AGENT, getUserAgent())
+            .addHeader(WECHAT_PAY_SERIAL, getWechatPaySerial())
             .build();
     return innerDownload(httpRequest);
   }
@@ -130,6 +133,10 @@ private String getUserAgent() {
         getHttpClientInfo());
   }
 
+  private String getWechatPaySerial() {
+    return this.validator.getSerialNumber();
+  }
+
   /**
    * 获取http客户端信息，用于User-Agent。 格式：客户端名称/版本 示例：okhttp3/4.9.3
    *

diff --git a/core/src/test/java/com/wechat/pay/java/core/RSAAutoCertificateConfigTest.java b/core/src/test/java/com/wechat/pay/java/core/RSAAutoCertificateConfigTest.java
@@ -42,6 +42,11 @@ static void initHttpClient() {
           public <T> boolean validate(HttpHeaders responseHeaders, String body) {
             return true;
           }
+
+          @Override
+          public <T> String getSerialNumber() {
+            return "";
+          }
         };
     okHttpClient =
         new OkHttpClient.Builder()

diff --git a/core/src/test/java/com/wechat/pay/java/core/auth/WechatPay2ValidatorTest.java b/core/src/test/java/com/wechat/pay/java/core/auth/WechatPay2ValidatorTest.java
@@ -32,9 +32,17 @@ public static void init() {
     String buildMessage = timestamp + "\n" + NONCE + "\n" + BODY + "\n";
 
     Verifier fakeVerifier =
-        (serialNumber, message, signature) -> {
-          Assert.assertEquals(buildMessage, message);
-          return true;
+        new Verifier() {
+          @Override
+          public boolean verify(String serialNumber, String message, String signature) {
+            Assert.assertEquals(buildMessage, message);
+            return true;
+          }
+
+          @Override
+          public String getSerialNumber() {
+            return "";
+          }
         };
 
     validator = new WechatPay2Validator(fakeVerifier);

diff --git a/core/src/test/java/com/wechat/pay/java/core/certificate/AutoCertificateServiceTest.java b/core/src/test/java/com/wechat/pay/java/core/certificate/AutoCertificateServiceTest.java
@@ -229,6 +229,11 @@ static class FakeValidator implements Validator {
     public <T> boolean validate(HttpHeaders responseHeaders, String body) {
       return true;
     }
+
+    @Override
+    public <T> String getSerialNumber() {
+      return "";
+    }
   }
 
   @Test

diff --git a/core/src/test/java/com/wechat/pay/java/core/certificate/RSAAutoCertificateProviderTest.java b/core/src/test/java/com/wechat/pay/java/core/certificate/RSAAutoCertificateProviderTest.java
@@ -39,13 +39,23 @@ static class EmtpyValidator implements Validator {
     public boolean validate(HttpHeaders responseHeaders, String body) {
       return true;
     }
+
+    @Override
+    public <T> String getSerialNumber() {
+      return "";
+    }
   }
 
   static class FalseValidator implements Validator {
     @Override
     public boolean validate(HttpHeaders responseHeaders, String body) {
       return false;
     }
+
+    @Override
+    public <T> String getSerialNumber() {
+      return "";
+    }
   }
 
   @BeforeAll

diff --git a/core/src/test/java/com/wechat/pay/java/core/http/DefaultHttpClientBuilderTest.java b/core/src/test/java/com/wechat/pay/java/core/http/DefaultHttpClientBuilderTest.java
@@ -41,6 +41,11 @@ public String getAuthorization(URI uri, String httpMethod, String signBody) {
         public <T> boolean validate(HttpHeaders responseHeaders, String body) {
           return true;
         }
+
+        @Override
+        public <T> String getSerialNumber() {
+          return "";
+        }
       };
 
   OkHttpClient okHttpClient = new OkHttpClient();