notice.go

package pay

import (
	"crypto"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"errors"
	"fmt"
	"github.com/gin-gonic/gin"
	"io/ioutil"
	"system_pay/controller/base"
	"system_pay/models"
	"system_pay/repository/pay"
)

// 卡拉卡统一支付回调
type NoticeController struct {
}

// WxNotice 拉卡拉统一支付微信回调
// @Summary 拉卡拉统一支付微信回调
// @Description 拉卡拉统一支付微信回调
// @Tags 拉卡拉统一支付回调
// @Accept application/json
// @Produce application/json
// @Param   body    body  models.WxNoticeInput   true	 "参数"
// @Param language header string ture "语言类型 zh-CN简体中文 en-US英文 ja 日文 默认中文"
// @Success 200
// @router /api/v1/pay/wx_notice [post]
func (l *PayController) WxNotice(c *gin.Context) {

	fmt.Println("拉卡拉微信回调start")

	//ph2 := make(map[string]interface{}, 0)
	////ph2 = new(interface{})
	//err := c.ShouldBind(ph2)
	//if err != nil {
	//	response := new(base.ResponseDataWxNotice)
	//	response.Code = "FAIL"
	//	response.Message = "执行失败1"
	//	base.ResponseWxNotice(c, response)
	//	return
	//}
	//fmt.Println(ph2)

	//验证签名
	//_, err := verySignByPublicKey(c)
	//if err != nil {
	//	fmt.Println("verySignByPublicKey err: ", err)
	//	response := new(base.ResponseDataWxNotice)
	//	response.Code = "FAIL"
	//	response.Message = "验证签名失败"
	//	base.ResponseWxNotice(c, response)
	//	return
	//}

	ph := new(models.WxNoticeInput)
	err := c.ShouldBindJSON(ph)
	if err != nil {
		response := new(base.ResponseDataWxNotice)
		response.Code = "FAIL"
		response.Message = "执行失败2"
		base.ResponseWxNotice(c, response)
		return
	}
	fmt.Println(ph)

	// 拉卡拉统一支付微信回调
	response, err := pay.WxNotice(ph)

	fmt.Println("拉卡拉微信回调end")
	base.ResponseWxNotice(c, response)
}

//func verify(c *gin.Context) error {
//	//String appid = getHeadValue(response, "Lklapi-Appid");
//	//String lklapiSerial = getHeadValue(response, "Lklapi-Serial");
//	//String timestamp = getHeadValue(response, "Lklapi-Timestamp");
//	//String nonce = getHeadValue(response, "Lklapi-Nonce");
//	//String signature = getHeadValue(response, "Lklapi-Signature");
//	//String responseStr = IOUtils.toString(response.getEntity().getContent(), ENCODING);
//	//
//	//System.out.println("responseStr  " + responseStr);
//	//
//	//String source = appid + "\n" + lklapiSerial + "\n" + timestamp + "\n" + nonce + "\n" + responseStr + "\n";
//
//	appid := c.GetHeader("Lklapi-Appid")
//	lklapiSerial := c.GetHeader("Lklapi-Serial")
//	timestamp := c.GetHeader("Lklapi-Timestamp")
//	nonce := c.GetHeader("Lklapi-Nonce")
//	signature := c.GetHeader("Lklapi-Signature")
//	responseStr := c.GetHeader("")
//
//	source := appid + "\n" + lklapiSerial + "\n" + timestamp + "\n" + nonce + "\n" + responseStr + "\n";
//
//	rtn, err := utils.VerifyDerCert([]byte(source), "./cert/lkl-apigw-v2.cer")
//	if err == nil {
//		fmt.Println("验证签名成功！")
//		return errors.New("验证签名成功！")
//	} else {
//		fmt.Println("验证签名失败！")
//		return err
//	}
//	fmt.Println(rtn)
//	return errors.New("wangpei签名测试中。。。。。")
//}

func verySignByPublicKey(c *gin.Context) (bool, error) {

	//publicKey string, data []byte, signData []byte
	//String responseStr = IOUtils.toString(response.getEntity().getContent(), ENCODING);
	appid := c.GetHeader("Lklapi-Appid")
	lklapiSerial := c.GetHeader("Lklapi-Serial")
	timestamp := c.GetHeader("Lklapi-Timestamp")
	nonce := c.GetHeader("Lklapi-Nonce")
	signature := c.GetHeader("Lklapi-Signature")
	responseStr := c.GetHeader("")

	data := appid + "\n" + lklapiSerial + "\n" + timestamp + "\n" + nonce + "\n" + responseStr + "\n";
fmt.Println("verySignByPublicKey start...")
fmt.Println(data)
fmt.Println("signature="+signature)

	// 1、读取公钥文件，获取公钥字节
	//path_cert := setting.Conf.Lakala.BkPathCert
	publicKey, err := ioutil.ReadFile("./cert/dev/lkl-apigw-v2.cer")
	if err != nil {
		return false, err
	}
	// 2、解码私钥字节，生成加密对象
	block, _ := pem.Decode(publicKey)
	if block == nil {
		return false, errors.New("私钥信息错误！")
	}
	// 3、解析DER编码的私钥，生成私钥对象
	pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
	if err != nil {
		return false, err
	}

	hashed := sha256.Sum256([]byte(data))

	fmt.Println("pubKey.(*rsa.PublicKey): ", pubKey.(*rsa.PublicKey))

	pubK := pubKey.(*rsa.PublicKey)

	sig, err := base64.StdEncoding.DecodeString(signature)

	err = rsa.VerifyPKCS1v15(pubK, crypto.SHA256, hashed[:], sig)
	if err != nil {
		return false, err
	}

	return true, nil
}

//const (
//	PEM_BEGIN = "-----BEGIN RSA PRIVATE KEY-----\n"
//	PEM_END   = "\n-----END RSA PRIVATE KEY-----"
//)
//
//func FormatPrivateKey(privateKey string) string {
//	if !strings.HasPrefix(privateKey, PEM_BEGIN) {
//		privateKey = PEM_BEGIN + privateKey
//	}
//	if !strings.HasSuffix(privateKey, PEM_END) {
//		privateKey = privateKey + PEM_END
//	}
//	return privateKey
//}