Skip to content

Commit

Permalink
fix: wechat pay cert
Browse files Browse the repository at this point in the history
  • Loading branch information
@zrll12
zrll12 committed Mar 21, 2024
1 parent d61fa3e commit d54a594
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 4 deletions.
123 changes: 120 additions & 3 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ migration = { path = "migration" }
#third party
lsys-lib-sms = "0.1.0"
wechat-pay-rust-sdk = { version = "0.2.14", features = ["debug-print"] }
x509-parser = "0.16.0"

[build-dependencies]
shadow-rs = "0.24.1"
30 changes: 29 additions & 1 deletion src/service/trade/wechat/recall.rs
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
use axum::http::HeaderMap;
use axum::Json;
use base64::Engine;
use sea_orm::{ActiveModelTrait, EntityTrait, IntoActiveModel};
use sea_orm::ActiveValue::Set;
use serde::Serialize;
use tracing::{error, info};
use wechat_pay_rust_sdk::model::WechatPayNotify;
use wechat_pay_rust_sdk::pay::PayNotifyTrait;
use wechat_pay_rust_sdk::response::Certificate;
use x509_parser::parse_x509_certificate;
use x509_parser::pem::parse_x509_pem;

use crate::model::prelude::Trade;
use crate::service::trade::{TradeStatus, WECHAT_PAY_CLIENT, WECHAT_PUBLIC};

Expand All @@ -22,7 +27,7 @@ pub async fn wechat_pay_recall(header_map: HeaderMap, body: String) -> Json<Wech

//verify signature
if WECHAT_PAY_CLIENT.verify_signatrue(
&WECHAT_PUBLIC,
&get_public_key().await,
header_map.get("Wechatpay-Timestamp").unwrap().to_str().unwrap(),
header_map.get("Wechatpay-Nonce").unwrap().to_str().unwrap(),
header_map.get("Wechatpay-Signature").unwrap().to_str().unwrap(),
Expand All @@ -49,4 +54,27 @@ pub async fn wechat_pay_recall(header_map: HeaderMap, body: String) -> Json<Wech
pub struct WechatNoticeResponse {
code: String,
message: String,
}

#[test]
fn test_cert() {
let pem = tokio::runtime::Runtime::new().unwrap().block_on(get_public_key());
println!("{pem}");
}

async fn get_public_key() -> String {
//get cert from WeChat
let cert = WECHAT_PAY_CLIENT.certificates().await.unwrap();
let data: Certificate = cert.data.unwrap()[0].clone();
let ciphertext = data.encrypt_certificate.ciphertext;
let nonce = data.encrypt_certificate.nonce;
let associated_data = data.encrypt_certificate.associated_data;
let cert = WECHAT_PAY_CLIENT.decrypt_bytes(ciphertext, nonce, associated_data).unwrap();

//extract public key
let res = parse_x509_pem(&cert).unwrap();
let res_x509 = parse_x509_certificate(&res.1.contents).unwrap().1;
let public_key = res_x509.public_key().raw;
let pem = base64::prelude::BASE64_STANDARD.encode(public_key);
format!("-----BEGIN PUBLIC KEY-----\n{}\n-----END PUBLIC KEY-----", pem)
}

0 comments on commit d54a594

Please sign in to comment.