PHP如何对接支付宝JSAPI

前言

虽然对接支付宝支付功能很常见，但是随着项目业务不断调整，有时候支付宝也在迭代。过段时间不看很可能就忘了，比如证书过期了，连密钥生成都不知道怎么弄。所以我就在这里就再总结一下JSAPI的对接步骤和遇到的几个小坑。

报错

1. 服务端请求接口返回 “商户协议状态非正常状态”。
2. 前端调起支付时报6001错误。
3. 最新的JSAPI已经不再支持预支付串。

接口加密方式

根据我以往的经验，对接支付宝支付，偶尔改动的地方是返回部分，而容易忘记的是接口加密部分。

1. 密钥方式

用SDK要使用AopClient包，要求有开发者私钥（APP_PRIVATE_KEY）和支付宝公钥（ALIPAY_PUBLIC_KEY），都是在支付宝商户平台操作生成。

2. 证书方式

证书模式用的是AopCertClient包，要求在商户平台下载应用公钥证书、支付宝公钥证书、支付宝根证书。

编码

1. 配置文件

<?php

// 支付宝小程序
return [
	// 网关地址
    "GATEWAY_URL" => 'https://openapi.alipay.com/gateway.do',
    // appId
    "APP_ID" => "20180**********15",
    //合作ID
    "PID" => '',
    // 私钥
    "RSA_PRIVATE_KEY" => 'ali_private.pem',
    // 公钥
    "ALIPAYRSA_PUBLIC_KEY" => 'apiclient_cert.pem',
];

2. 工厂类

<?php

namespace pay;

class PayFactory
{
    public static  function factory($class_name)
    {
        $class_name = 'pay\\'.$class_name;
    	return new $class_name;
    }
}

3. 支付方法抽象

<?php

namespace pay;

abstract class PayBase
{
	abstract public function pay($order,$notify_url);
	abstract public function batchpay($order);
	abstract public function version();
}

4. 密钥方式封装

<?php

namespace pay;

use think\facade\Env;

require_once 'lib/aop/AopCertClient.php';
require_once 'lib/aop/request/AlipayFundTransUniTransferRequest.php';
require_once 'lib/aop/request/AlipayOpenPublicTemplateMessageIndustryModifyRequest.php';
require_once 'lib/aop/request/AlipayUserInfoShareRequest.php';
require_once 'lib/aop/request/AlipaySystemOauthTokenRequest.php';
require_once 'lib/aop/request/AlipayTradeAppPayRequest.php';
require_once 'lib/aop/request/AlipayTradeCreateRequest.php';
require_once 'lib/aop/request/AlipayFundAuthOrderAppFreezeRequest.php';
require_once 'lib/aop/request/AlipayFundAuthOrderUnfreezeRequest.php';
require_once 'lib/aop/request/AlipayTradeRefundRequest.php';

/**
 * 支付宝企业支付
 */
class AliPay extends PayBase
{
	private $config = [];

    private $aop = null;
	
	public function __construct()
    {
            $this->config = include 'config/ali_pay_config.php';

            $path = dirname(__FILE__);

            $RSA_PRIVATE_KEY = file_get_contents($path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR.$this->config['RSA_PRIVATE_KEY']);

            $ALIPAYRSA_PUBLIC_KEY = file_get_contents($path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR.$this->config['ALIPAYRSA_PUBLIC_KEY']);

            $this->aop = new \AopClient();

            $this->aop->gatewayUrl = $this->config["GATEWAY_URL"];
            $this->aop->appId = $this->config["APP_ID"];
            $this->aop->rsaPrivateKey = $RSA_PRIVATE_KEY;
            $this->aop->alipayrsaPublicKey= $ALIPAYRSA_PUBLIC_KEY;
            $this->aop->apiVersion = "1.0";
            $this->aop->signType = "RSA2";
            $this->aop->postCharset = "UTF-8";
            $this->aop->format = "json";
    }

    public function version()
    {
        return "1.0";
    }

5. 证书方式封装

<?php

namespace pay;

use think\facade\Env;

require_once 'lib/aop/AopCertClient.php';
require_once 'lib/aop/request/AlipayFundTransUniTransferRequest.php';
require_once 'lib/aop/request/AlipayOpenPublicTemplateMessageIndustryModifyRequest.php';
require_once 'lib/aop/request/AlipayUserInfoShareRequest.php';
require_once 'lib/aop/request/AlipaySystemOauthTokenRequest.php';
require_once 'lib/aop/request/AlipayTradeAppPayRequest.php';
require_once 'lib/aop/request/AlipayTradeCreateRequest.php';
require_once 'lib/aop/request/AlipayFundAuthOrderAppFreezeRequest.php';
require_once 'lib/aop/request/AlipayFundAuthOrderUnfreezeRequest.php';
require_once 'lib/aop/request/AlipayTradeRefundRequest.php';

/**
 * 支付宝企业支付
 */
class AliPay extends PayBase
{
	private $config = [];

    private $aop = null;
	
	public function __construct()
    {
            $this->config = include 'config/ali_pay_config.php';

            $path = dirname(__FILE__);

            $RSA_PRIVATE_KEY = file_get_contents($path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR.$this->config['RSA_PRIVATE_KEY']);

            $ALIPAYRSA_PUBLIC_KEY = file_get_contents($path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR.$this->config['ALIPAYRSA_PUBLIC_KEY']);

            $this->aop = new \AopCertClient ();

            $appCertPath = $path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR."cert".DIRECTORY_SEPARATOR."appCertPublicKey_2018091961451345.crt";
            $alipayCertPath = $path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR."cert".DIRECTORY_SEPARATOR."alipayCertPublicKey_RSA2.crt";
            $rootCertPath = $path.DIRECTORY_SEPARATOR."keys".DIRECTORY_SEPARATOR."cert".DIRECTORY_SEPARATOR."alipayRootCert.crt";

            $this->aop->gatewayUrl = $this->config["GATEWAY_URL"];
            $this->aop->appId = $this->config["APP_ID"];
            $this->aop->rsaPrivateKey = $RSA_PRIVATE_KEY;
            //$this->aop->alipayrsaPublicKey= $ALIPAYRSA_PUBLIC_KEY;
            $this->aop->apiVersion = "1.0";
            $this->aop->signType = "RSA2";
            $this->aop->postCharset = "UTF-8";
            $this->aop->format = "json";

            //调用getPublicKey从支付宝公钥证书中提取公钥
            $this->aop->alipayrsaPublicKey = $this->aop->getPublicKey($alipayCertPath);
            //是否校验自动下载的支付宝公钥证书，如果开启校验要保证支付宝根证书在有效期内
            $this->aop->isCheckAlipayPublicCert = true;
            //调用getCertSN获取证书序列号
            $this->aop->appCertSN = $this->aop->getCertSN($appCertPath);
            //调用getRootCertSN获取支付宝根证书序列号
            $this->aop->alipayRootCertSN = $this->aop->getRootCertSN($rootCertPath);

	}

6. 支付封装

这里要特别注意的是调用执行方法时，证书模式execute，密钥模式sdkExecute。密钥模式返回orderStr，证书模式返回tradeNO。

public function pay($order,$notify_url)
{
	$data = $this->make($order);

	// 该笔订单允许的最晚付款时间，逾期将关闭交易。
	$timeout_express = "30m";
	// 订单总金额，单位为元，精确到小数点后两位，取值范围[0.01,100000000]
	$total_amount = $data['total_amount'];
	// 商品的标题/交易标题/订单标题/订单关键字等。
	$subject = $data['subject'];
	// 商户网站唯一订单号
	$out_trade_no = $data['out_trade_no'];

	$content = [
		"timeout_express"   => "30m",
		"total_amount"      => $total_amount,
		"subject"           => $subject,
		"out_trade_no"      => $out_trade_no,
		"product_code"      => "JSAPI_PAY",
		"op_app_id"      => $this->config["APP_ID"],
		"buyer_id"      => $order['open_id'],
	];

	$jsonData = json_encode($content,JSON_UNESCAPED_UNICODE);

	$request = new \AlipayTradeCreateRequest();

	// 设置异步回调地址
	$request->setNotifyUrl(Env::get('pay.coupon_notify'));
	$request->setBizContent($jsonData);
	
	// 证书模式execute，密钥方式sdkExecute
	$result = $this->aop->execute($request);

	$responseApiName = str_replace(".","_",$request->getApiMethodName())."_response";
	$response = $result->$responseApiName;

	if(!empty($response->code)&&$response->code==10000) {
		return $response->trade_no;
	}
	else{
		throw new \Exception('调用JSAPI支付接口失败~');
	}
}

private function make($order,$type="pay")
{
	$data = [];

	if ($type == "pay") {
		// 订单总金额，单位为元，精确到小数点后两位，取值范围[0.01,100000000]
		$data['total_amount'] = $order['amount'];
		// 商品的标题/交易标题/订单标题/订单关键字等。
		$data['subject'] = $order['title'];
		// 商户网站唯一订单号
		$data['out_trade_no'] = $order['order_no'];
	}

	if ($type == "freeze") {
		// 商户授权资金订单号 ,不能包含除中文、英文、数字以外的字符，创建后不能修改，需要保证在商户端不重复。
		$data['out_order_no'] = $order['order_no'];
		// 商户本次资金操作的请求流水号，用于标示请求流水的唯一性，不能包含除中文、英文、数字以外的字符，需要保证在商户端不重复。
		$data['out_request_no'] = $order['request_no'];
		// 业务订单的简单描述，如商品名称等
		$data['order_title'] = $order['title'];
		// 需要冻结的金额，单位为：元（人民币），精确到小数点后两位 取值范围：[0.01,100000000.00]
		$data['amount'] = $order['amount'];
	}

	if ($type == "unfreeze") {
		// 支付宝资金授权订单号
		$data['auth_no'] = $order['auth_no'];
		// 商户本次资金操作的请求流水号，同一商户每次不同的资金操作请求，商户请求流水号不能重复
		$data['out_request_no'] = $order['request_no'];
		// 本次操作解冻的金额，单位为：元（人民币），精确到小数点后两位，取值范围：[0.01,100000000.00]
		$data['amount'] = $order['amount'];
		// 商户对本次解冻操作的附言描述
		$data['remark'] = $order['remark'];
	}

	// 退款
	if ($type == "refund"){
		$data['trade_no'] = $order['trade_no'];
		$data['refund_amount'] = $order['refund_amount'];
		$data['out_request_no'] = $order['out_request_no'];
		$data['form'] = isset($order['form']) ? $order['form'] : "app";
	}

	return $data;
}