wechat-ipay 2.0.0

data/lib/wechat-pay/helper.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'active_support/concern'
+
+module WechatPayHelper # :nodoc:
+  GATEWAY_URL = 'https://api.mch.weixin.qq.com'
+
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def build_query(params)
+      params.sort.map { |key, value| "#{key}=#{value}" }.join('&')
+    end
+
+    def make_request(method:, path:, for_sign: '', payload: {}, extra_headers: {})
+      authorization = WechatPay::Sign.build_authorization_header(method, path, for_sign)
+      headers = {
+        'Authorization' => authorization,
+        'Content-Type' => 'application/json',
+        'Accept-Encoding' => '*'
+      }.merge(extra_headers)
+
+      RestClient::Request.execute(
+        url: "#{GATEWAY_URL}#{path}",
+        method: method.downcase,
+        payload: payload,
+        headers: headers.compact # Remove empty items
+      )
+    rescue ::RestClient::ExceptionWithResponse => e
+      e.response
+    end
+  end
+end

data/lib/wechat-pay/sign.rb

@@ -0,0 +1,245 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'base64'
+require 'securerandom'
+require 'active_support/core_ext/hash'
+
+module WechatPay
+  # # 微信签名相关的封装
+  # 文档: https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay4_0.shtml
+  #
+  # PS: 提供了常用的帮助方法，方便您的开发
+  #
+  module Sign
+    class << self
+      # Generate payment params with appid and prepay_id for invoking the wechat pay in app
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_7.shtml
+      #
+      # Take app for example
+      #
+      # ``` ruby
+      # appid = 'appid for mobile'
+      #
+      # params = {
+      #   sp_appid: 'Your appid',
+      #   sp_mchid: 'Your mchid',
+      #   description: 'pay',
+      #   out_trade_no: 'Order Number',
+      #   amount: {
+      #     total: 10
+      #   },
+      #   sub_mchid: 'Your sub mchid',
+      #   notify_url: 'the url'
+      # }
+      # result = WechatPay::Ecommerce.invoke_transactions_in_app(params).body
+      # # => { prepay_id => 'wx201410272009395522657a690389285100' }
+      # prepay_id = result['prepay_id']
+      # WechatPay::Sign.generate_app_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+      # # => params for invoking the wechat pay in app
+      # ```
+
+      def generate_app_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+        timestamp = Time.now.to_i.to_s
+        noncestr = SecureRandom.hex
+        string = build_app_paysign_string(appid, timestamp, noncestr, prepay_id)
+
+        {
+          appId: appid,
+          partnerId: WechatPay.mch_id,
+          timeStamp: timestamp,
+          nonceStr: noncestr,
+          prepayId: prepay_id,
+          packageValue: 'Sign=WXPay',
+          sign: sign_string(string)
+        }.stringify_keys
+      end
+
+      # Generate payment params with appid and prepay_id for invoking the wechat pay in miniprogram
+      #
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_8.shtml
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_9.shtml
+      #
+      # Take app for example
+      #
+      # ``` ruby
+      # appid = 'appid for mobile'
+      #
+      # params = {
+      #   sp_appid: 'Your appid',
+      #   sp_mchid: 'Your mchid',
+      #   description: 'pay',
+      #   out_trade_no: 'Order Number',
+      #   payer: {
+      #     sp_openid: 'wechat open id'
+      #   },
+      #   amount: {
+      #     total: 10
+      #   },
+      #   sub_mchid: 'Your sub mchid',
+      #   notify_url: 'the url'
+      # }
+      # result = WechatPay::Ecommerce.invoke_transactions_in_miniprogram(params).body
+      # # => { prepay_id => 'wx201410272009395522657a690389285100' }
+      # prepay_id = result['prepay_id']
+      # WechatPay::Sign.generate_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+      # # => params for invoking the wechat pay in miniprogram
+      # ```
+      def generate_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+        timestamp = Time.now.to_i.to_s
+        noncestr = SecureRandom.hex
+        string = build_paysign_string(appid, timestamp, noncestr, prepay_id)
+
+        {
+          timeStamp: timestamp,
+          nonceStr: noncestr,
+          package: "prepay_id=#{prepay_id}",
+          paySign: sign_string(string),
+          signType: 'RSA'
+        }.stringify_keys
+      end
+
+      # For checkingi if the requests from wechat platform
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_11.shtml
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_1.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # def pay_action
+      #   timestamp = request.headers['Wechatpay-Timestamp']
+      #   noncestr = request.headers['Wechatpay-Nonce']
+      #   signature = request.headers['Wechatpay-Signature']
+      #   body = JSON.parse(request.body.read)
+      #   raise Exceptions::InvalidAction, '非法请求，请求并非来自微信' unless WechatV3.notification_from_wechat?(timestamp, noncestr, body.to_json, signature)
+      #   # ....
+      # end
+      # ```
+      def notification_from_wechat?(timestamp, noncestr, json_body, signature)
+        string = build_callback_string(timestamp, noncestr, json_body)
+        decoded_signature = Base64.strict_decode64(signature)
+        WechatPay.platform_cert.public_key.verify('SHA256', decoded_signature, string)
+      end
+
+      # For signing the sensitive information
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_3.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # string = 'Ruby'
+      # WechatPay::Sign.sign_important_info(string)
+      # ```
+      #
+      # ``` ruby
+      # # result
+      # "K0MK7g3laREAQ4HIlpIndVmFdz4IyxxiVp42hXFx2CzWRB1fn85ANBxnQXESq91vJ1P9mCt94cHZDoshlEOJRkE1KvcxpBCnG3ghIqiSsLKdLZ3ytO94GBDzCt8nsq+vJKXJbK2XuL9p5h0KYGKZyjt2ydU9Ig6daWTpZH8lAKIsLzPTsaUtScuw/v3M/7t8/4py8N0MOLKbDBDnR5Q+MRHbEWI9nCA3HTAWsSerIIgE7igWnzybxsUzhkV8m49P/Shr2zh6yJAlEnyPLFmQG7GuUaYwDTSLKOWzzPYwxMcucWQha2krC9OlwnZJe6ZWUAI3s4ej4kFRfheOYywRoQ=="
+      # ```
+      def sign_important_info(string)
+        platform_public_key = WechatPay.platform_cert.public_key
+        Base64.strict_encode64(platform_public_key.public_encrypt(string, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING))
+      end
+
+      # For Decrypting the encrypt params from wechat platform
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_2.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # def pay_action
+      #   # check if the request from wechat
+      #   associated_data = body['resource']['associated_data']
+      #   nonce = body['resource']['nonce']
+      #   ciphertext = body['resource']['ciphertext']
+      #   res = WechatPay::Sign.decrypt_the_encrypt_params(
+      #     associated_data: associated_data,
+      #     nonce: nonce,
+      #     ciphertext: ciphertext
+      #   )
+      #   result = JSON.parse(res) # Get the real params
+      # end
+      # ```
+      #
+      def decrypt_the_encrypt_params(associated_data:, nonce:, ciphertext:)
+        # https://contest-server.cs.uchicago.edu/ref/ruby_2_3_1_stdlib/libdoc/openssl/rdoc/OpenSSL/Cipher.html
+        tag_length = 16
+        decipher = OpenSSL::Cipher.new('aes-256-gcm').decrypt
+        decipher.key = WechatPay.mch_key
+        decipher.iv = nonce
+        signature = Base64.strict_decode64(ciphertext)
+        length = signature.length
+        real_signature = signature.slice(0, length - tag_length)
+        tag = signature.slice(length - tag_length, length)
+        decipher.auth_tag = tag
+        decipher.auth_data = associated_data
+        decipher.update(real_signature)
+      end
+
+      # Build authorization header for request
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_0.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # method = 'GET'
+      # url = '/v3/certificates'
+      # json_body = ''
+      # WechatPay::sign.build_authorization_header(method, url, json_body)
+      # ```
+      #
+      # ``` ruby
+      # # Result
+      # "WECHATPAY2-SHA256-RSA2048 mchid=\"16000000\",nonce_str=\"42ac357637f9331794e0c6fb3b3de048\",serial_no=\"0254A801C0\",signature=\"WBJaWlVFur5OGQ/E0ZKIlSDhR8WTNrkW2oCECF3Udrh8BVlnfYf5N5ROeOt9PBxdwD0+ufFQANZKugmXDNat+sFRY2DrIzdP3qYvFIzaYjp6QEtB0UPzvTgcLDULGbwCSTNDxvKRDi07OXPFSmVfmA5SbpbfumgjYOfzt1wcl9Eh+/op/gAB3N010Iu1w4OggR78hxQvPb9GIscuKHjaUWqqwf6v+p3/b0tiSO/SekJa3bMKPhJ2wJj8utBHQtbGO+iUQj1n90naL25MNJUM2XYocv4MasxZZgZnV3v1dtRvFkVo0ApqFyDoiRndr1Q/jPh+wmsb80LuhZ1S4eNfew==\",timestamp=\"1620571488\""
+      # ```
+      def build_authorization_header(method, url, json_body)
+        timestamp = Time.now.to_i
+        nonce_str = SecureRandom.hex
+        string = build_string(method, url, timestamp, nonce_str, json_body)
+        signature = sign_string(string)
+
+        params = {
+          mchid: WechatPay.mch_id,
+          nonce_str: nonce_str,
+          serial_no: WechatPay.apiclient_serial_no,
+          signature: signature,
+          timestamp: timestamp
+        }
+
+        params_string = params.stringify_keys.map { |key, value| "#{key}=\"#{value}\"" }.join(',')
+
+        "WECHATPAY2-SHA256-RSA2048 #{params_string}"
+      end
+
+      def sign_string(string)
+        result = WechatPay.apiclient_key.sign('SHA256', string) # 商户私钥的SHA256-RSA2048签名
+        Base64.strict_encode64(result) # Base64处理
+      end
+
+      private
+
+      def build_string(method, url, timestamp, noncestr, body)
+        "#{method}\n#{url}\n#{timestamp}\n#{noncestr}\n#{body}\n"
+      end
+
+      def build_callback_string(timestamp, noncestr, body)
+        "#{timestamp}\n#{noncestr}\n#{body}\n"
+      end
+
+      def build_paysign_string(appid, timestamp, noncestr, prepayid)
+        "#{appid}\n#{timestamp}\n#{noncestr}\nprepay_id=#{prepayid}\n"
+      end
+
+      def build_app_paysign_string(appid, timestamp, noncestr, prepayid)
+        "#{appid}\n#{timestamp}\n#{noncestr}\n#{prepayid}\n"
+      end
+    end
+  end
+end

data/lib/wechat-pay/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module WechatPay
+  VERSION = '2.0.0'
+end

data/lib/wechat-pay.rb

@@ -0,0 +1,44 @@
+# rubocop:disable Naming/FileName
+
+# frozen_string_literal: true
+
+require 'restclient'
+require 'wechat-pay/sign'
+require 'wechat-pay/direct' # 直连模式
+require 'wechat-pay/ecommerce' # 电商平台
+
+# # 微信支付
+#
+# 设置关键信息
+module WechatPay
+  class << self
+    attr_accessor :app_id, :mch_id, :mch_key
+    attr_reader :apiclient_key, :apiclient_cert, :platform_cert
+
+    # 设置商户私钥，从微信商户平台下载
+    def apiclient_key=(key)
+      @apiclient_key = OpenSSL::PKey::RSA.new(key)
+    end
+
+    # 设置平台证书，通过接口获取 https://github.com/lanzhiheng/wechat-pay/blob/master/lib/wechat-pay/ecommerce/applyment.rb#L116
+    def platform_cert=(cert)
+      @platform_cert = OpenSSL::X509::Certificate.new(cert)
+    end
+
+    # 设置商户证书，从微信商户平台下载
+    def apiclient_cert=(cert)
+      @apiclient_cert = OpenSSL::X509::Certificate.new(cert)
+    end
+
+    # 平台证书序列号
+    def platform_serial_no
+      @platform_serial_no ||= platform_cert.serial.to_s(16)
+    end
+
+    # 商户证书序列号
+    def apiclient_serial_no
+      @apiclient_serial_no ||= apiclient_cert.serial.to_s(16)
+    end
+  end
+end
+# rubocop:enable Naming/FileName

data/wechat-ipay.gemspec

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+$LOAD_PATH.push File.expand_path('lib', __dir__)
+
+require 'wechat-pay/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'wechat-ipay'
+  s.version     = WechatPay::VERSION
+  s.summary     = 'Wechat Pay in api V3'
+  s.description = 'A simple Wechat pay ruby gem in api V3.'
+  s.authors     = ['tianlu1677']
+  s.email       = 'tianlu1677@gmail.com'
+  s.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  
+  s.required_ruby_version = '>= 2.6'
+  s.require_paths = ['lib']
+  s.homepage = 'https://github.com/tianlu1677/wechat-pay/'
+  s.license = 'MIT'
+
+  s.add_runtime_dependency 'rest-client', '~> 2.0', '>= 2.0.0'
+  s.add_development_dependency 'rake', '~> 13.0', '>= 13.0.3'
+  s.add_development_dependency 'rspec', '~> 3.10.0'
+  s.add_development_dependency 'rubocop', '~> 1.14.0'
+end

metadata

@@ -0,0 +1,135 @@
+--- !ruby/object:Gem::Specification
+name: wechat-ipay
+version: !ruby/object:Gem::Version
+  version: 2.0.0
+platform: ruby
+authors:
+- tianlu1677
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-11-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 13.0.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 13.0.3
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.10.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.10.0
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.14.0
+description: A simple Wechat pay ruby gem in api V3.
+email: tianlu1677@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/code_quality.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".yardopts"
+- CHANGELOG.md
+- Gemfile
+- README.md
+- Rakefile
+- lib/wechat-pay.rb
+- lib/wechat-pay/direct.rb
+- lib/wechat-pay/ecommerce.rb
+- lib/wechat-pay/ecommerce/applyment.rb
+- lib/wechat-pay/ecommerce/balance.rb
+- lib/wechat-pay/ecommerce/bill.rb
+- lib/wechat-pay/ecommerce/combine_order.rb
+- lib/wechat-pay/ecommerce/order.rb
+- lib/wechat-pay/ecommerce/profitsharing.rb
+- lib/wechat-pay/ecommerce/refund.rb
+- lib/wechat-pay/ecommerce/subsidies.rb
+- lib/wechat-pay/ecommerce/withdraw.rb
+- lib/wechat-pay/helper.rb
+- lib/wechat-pay/sign.rb
+- lib/wechat-pay/version.rb
+- wechat-ipay.gemspec
+homepage: https://github.com/tianlu1677/wechat-pay/
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.6'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.10
+signing_key:
+specification_version: 4
+summary: Wechat Pay in api V3
+test_files: []