wechat-pay 1.0.1

data/lib/wechat-pay/ecommerce/withdraw.rb

@@ -0,0 +1,155 @@
+# frozen_string_literal: true
+
+module WechatPay
+  module Ecommerce
+    class<<self
+      WITHDRAW_FIELDS = %i[sub_mchid out_request_no amount].freeze # :nodoc:
+      #
+      # 二级商户提现
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_8_2.shtml
+      #
+      # Example:
+      #
+      # ``` ruby
+      # WechatPay::Ecommerce.withdraw(sub_mchid: '160000', out_request_no: 'P10000', amount: 1)
+      # ```
+      #
+      def withdraw(params)
+        url = '/v3/ecommerce/fund/withdraw'
+        method = 'POST'
+
+        make_request(
+          method: method,
+          path: url,
+          for_sign: params.to_json,
+          payload: params.to_json
+        )
+      end
+
+      QUERY_WITHDRAW_FIELDS = %i[withdraw_id out_request_no sub_mchid].freeze # :nodoc:
+      #
+      # 二级商户提现查询
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_8_3.shtml
+      #
+      # Example:
+      #
+      # ``` ruby
+      # WechatPay::Ecommerce.query_withdraw(withdraw_id: '335556', sub_mchid: '160000')
+      # WechatPay::Ecommerce.query_withdraw(out_request_no: 'P1000', sub_mchid: '160000')
+      # ```
+      #
+      def query_withdraw(params)
+        if params[:withdraw_id]
+          params.delete(:out_request_no)
+          withdraw_id = params.delete(:withdraw_id)
+          path = "/v3/ecommerce/fund/withdraw/#{withdraw_id}"
+        else
+          params.delete(:withdraw_id)
+          out_request_no = params.delete(:out_request_no)
+          path = "/v3/ecommerce/fund/withdraw/out-request-no/#{out_request_no}"
+        end
+
+        method = 'GET'
+        query = build_query(params)
+        url = "#{path}?#{query}"
+
+        make_request(
+          method: method,
+          path: url,
+          extra_headers: {
+            'Content-Type' => 'application/x-www-form-urlencoded'
+          }
+        )
+      end
+
+      PLATFORM_WITHDRAW_FIELDS = %i[out_request_no amount account_type].freeze # :nodoc:
+      #
+      # 电商平台提现
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_8_5.shtml
+      #
+      # Example:
+      #
+      # ``` ruby
+      # WechatPay::Ecommerce.platform_withdraw(out_request_no: 'P10000', amount: 1, account_type: 'BASIC')
+      # WechatPay::Ecommerce.platform_withdraw(out_request_no: 'P10000', amount: 1, account_type: 'FEES')
+      # ```
+      #
+      def platform_withdraw(params)
+        url = '/v3/merchant/fund/withdraw'
+        method = 'POST'
+
+        make_request(
+          method: method,
+          path: url,
+          for_sign: params.to_json,
+          payload: params.to_json
+        )
+      end
+
+      QUERY_PLATFORM_WITHDRAW_FIELDS = %i[withdraw_id out_request_no].freeze # :nodoc:
+      #
+      # 商户平台提现查询
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_8_6.shtml
+      #
+      # Example:
+      #
+      # ``` ruby
+      # WechatPay::Ecommerce.query_platform_withdraw(out_request_no: 'P1000')
+      # WechatPay::Ecommerce.query_platform_withdraw(withdraw_id: '12313153')
+      # ```
+      #
+      def query_platform_withdraw(params)
+        if params[:withdraw_id]
+          params.delete(:out_request_no)
+          withdraw_id = params.delete(:withdraw_id)
+          url = "/v3/merchant/fund/withdraw/withdraw-id/#{withdraw_id}"
+        else
+          params.delete(:withdraw_id)
+          out_request_no = params.delete(:out_request_no)
+          url = "/v3/merchant/fund/withdraw/out-request-no/#{out_request_no}"
+        end
+
+        method = 'GET'
+
+        make_request(
+          method: method,
+          path: url,
+          extra_headers: {
+            'Content-Type' => 'application/x-www-form-urlencoded'
+          }
+        )
+      end
+
+      DOWNLOAD_EXCEPTION_WITHDRAW_FILE = %i[bill_type bill_date].freeze # :nodoc:
+      #
+      # 按日下载提现异常文件
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_8_4.shtml
+      #
+      # ``` ruby
+      # WechatPay::Ecommerce.download_exception_withdraw_file(bill_type: 'NO_SUCC', bill_date: '2021-05-10')
+      # ```
+      def download_exception_withdraw_file(params)
+        bill_type = params.delete(:bill_type)
+        path = "/v3/merchant/fund/withdraw/bill-type/#{bill_type}"
+
+        method = 'GET'
+
+        query = build_query(params)
+        url = "#{path}?#{query}"
+
+        make_request(
+          method: method,
+          path: url,
+          extra_headers: {
+            'Content-Type' => 'application/x-www-form-urlencoded'
+          }
+        )
+      end
+    end
+  end
+end

data/lib/wechat-pay/helper.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require 'active_support/concern'
+
+module WechatPayHelper # :nodoc:
+  GATEWAY_URL = 'https://api.mch.weixin.qq.com'
+
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def build_query(params)
+      params.sort.map { |key, value| "#{key}=#{value}" }.join('&')
+    end
+
+    def make_request(method:, path:, for_sign: '', payload: {}, extra_headers: {})
+      authorization = WechatPay::Sign.build_authorization_header(method, path, for_sign)
+      headers = {
+        'Authorization' => authorization,
+        'Content-Type' => 'application/json'
+      }.merge(extra_headers)
+
+      RestClient::Request.execute(
+        url: "#{GATEWAY_URL}#{path}",
+        method: method.downcase,
+        payload: payload,
+        headers: headers.compact # Remove empty items
+      )
+    rescue ::RestClient::ExceptionWithResponse => e
+      e.response
+    end
+  end
+end

data/lib/wechat-pay/sign.rb

@@ -0,0 +1,209 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'base64'
+require 'securerandom'
+require 'active_support/core_ext/hash'
+
+module WechatPay
+  # # 微信签名相关的封装
+  # 文档: https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay4_0.shtml
+  #
+  # PS: 提供了常用的帮助方法，方便您的开发
+  #
+  module Sign
+    class<<self
+      # Generate payment params with appid and prepay_id for invoking the wechat pay.
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_7.shtml
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_8.shtml
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_9.shtml
+      #
+      # Take app for example
+      #
+      # ``` ruby
+      # appid = 'appid for mobile'
+      #
+      # params = {
+      #   sp_appid: 'Your appid',
+      #   sp_mchid: 'Your mchid',
+      #   description: 'pay',
+      #   out_trade_no: 'Order Number',
+      #   payer: {
+      #     sp_openid: 'wechat open id'
+      #   },
+      #   amount: {
+      #     total: 10
+      #   },
+      #   sub_mchid: 'Your sub mchid',
+      #   notify_url: 'the url'
+      # }
+      # result = WechatPay::Ecommerce.invoke_transactions_in_app(params).body
+      # # => { prepay_id => 'wx201410272009395522657a690389285100' }
+      # prepay_id = result['prepay_id']
+      # WechatPay::Sign.generate_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+      # # => params for invoking the wechat pay in miniprogram
+      # ```
+      #
+      # Miniprogram and js process are similar, just get the prepay_id by method
+      #
+      # ``` ruby
+      # result = WechatPay::Ecommerce.invoke_transactions_in_js(params_for_miniprogram)
+      # # => { prepay_id => 'wx201410272009395522657a690389285100' }
+      # prepay_id = result['prepay_id']
+      # WechatPay::Sign.generate_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+      # # => params for invoking the wechat pay in miniprogram or js
+      # ```
+      def generate_payment_params_from_prepay_id_and_appid(appid, prepay_id)
+        timestamp = Time.now.to_i.to_s
+        noncestr = SecureRandom.hex
+        string = build_paysign_string(appid, timestamp, noncestr, prepay_id)
+
+        {
+          timeStamp: timestamp,
+          nonceStr: noncestr,
+          package: "prepay_id=#{prepay_id}",
+          paySign: sign_string(string),
+          signType: 'RSA'
+        }.stringify_keys
+      end
+
+      # For checkingi if the requests from wechat platform
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/apis/chapter7_2_11.shtml
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_1.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # def pay_action
+      #   timestamp = request.headers['Wechatpay-Timestamp']
+      #   noncestr = request.headers['Wechatpay-Nonce']
+      #   signature = request.headers['Wechatpay-Signature']
+      #   body = JSON.parse(request.body.read)
+      #   raise Exceptions::InvalidAction, '非法请求，请求并非来自微信' unless WechatV3.notification_from_wechat?(timestamp, noncestr, body.to_json, signature)
+      #   # ....
+      # end
+      # ```
+      def notification_from_wechat?(timestamp, noncestr, json_body, signature)
+        string = build_callback_string(timestamp, noncestr, json_body)
+        decoded_signature = Base64.strict_decode64(signature)
+        WechatPay.platform_cert.public_key.verify('SHA256', decoded_signature, string)
+      end
+
+      # For signing the sensitive information
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_3.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # string = 'Ruby'
+      # WechatPay::Sign.sign_important_info(string)
+      # ```
+      #
+      # ``` ruby
+      # # result
+      # "K0MK7g3laREAQ4HIlpIndVmFdz4IyxxiVp42hXFx2CzWRB1fn85ANBxnQXESq91vJ1P9mCt94cHZDoshlEOJRkE1KvcxpBCnG3ghIqiSsLKdLZ3ytO94GBDzCt8nsq+vJKXJbK2XuL9p5h0KYGKZyjt2ydU9Ig6daWTpZH8lAKIsLzPTsaUtScuw/v3M/7t8/4py8N0MOLKbDBDnR5Q+MRHbEWI9nCA3HTAWsSerIIgE7igWnzybxsUzhkV8m49P/Shr2zh6yJAlEnyPLFmQG7GuUaYwDTSLKOWzzPYwxMcucWQha2krC9OlwnZJe6ZWUAI3s4ej4kFRfheOYywRoQ=="
+      # ```
+      def sign_important_info(string)
+        platform_public_key = WechatPay.platform_cert.public_key
+        Base64.strict_encode64(platform_public_key.public_encrypt(string, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING))
+      end
+
+      # For Decrypting the encrypt params from wechat platform
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_2.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # def pay_action
+      #   # check if the request from wechat
+      #   associated_data = body['resource']['associated_data']
+      #   nonce = body['resource']['nonce']
+      #   ciphertext = body['resource']['ciphertext']
+      #   res = WechatPay::Sign.decrypt_the_encrypt_params(
+      #     associated_data: associated_data,
+      #     nonce: nonce,
+      #     ciphertext: ciphertext
+      #   )
+      #   result = JSON.parse(res) # Get the real params
+      # end
+      # ```
+      #
+      def decrypt_the_encrypt_params(associated_data:, nonce:, ciphertext:)
+        # https://contest-server.cs.uchicago.edu/ref/ruby_2_3_1_stdlib/libdoc/openssl/rdoc/OpenSSL/Cipher.html
+        tag_length = 16
+        decipher = OpenSSL::Cipher.new('aes-256-gcm').decrypt
+        decipher.key = WechatPay.mch_key
+        decipher.iv = nonce
+        signature = Base64.strict_decode64(ciphertext)
+        length = signature.length
+        real_signature = signature.slice(0, length - tag_length)
+        tag = signature.slice(length - tag_length, length)
+        decipher.auth_tag = tag
+        decipher.auth_data = associated_data
+        decipher.update(real_signature)
+      end
+
+      # Build authorization header for request
+      #
+      # Document: https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_0.shtml
+      #
+      # Usage:
+      #
+      # ``` ruby
+      # method = 'GET'
+      # url = '/v3/certificates'
+      # json_body = ''
+      # WechatPay::sign.build_authorization_header(method, url, json_body)
+      # ```
+      #
+      # ``` ruby
+      # # Result
+      # "WECHATPAY2-SHA256-RSA2048 mchid=\"16000000\",nonce_str=\"42ac357637f9331794e0c6fb3b3de048\",serial_no=\"0254A801C0\",signature=\"WBJaWlVFur5OGQ/E0ZKIlSDhR8WTNrkW2oCECF3Udrh8BVlnfYf5N5ROeOt9PBxdwD0+ufFQANZKugmXDNat+sFRY2DrIzdP3qYvFIzaYjp6QEtB0UPzvTgcLDULGbwCSTNDxvKRDi07OXPFSmVfmA5SbpbfumgjYOfzt1wcl9Eh+/op/gAB3N010Iu1w4OggR78hxQvPb9GIscuKHjaUWqqwf6v+p3/b0tiSO/SekJa3bMKPhJ2wJj8utBHQtbGO+iUQj1n90naL25MNJUM2XYocv4MasxZZgZnV3v1dtRvFkVo0ApqFyDoiRndr1Q/jPh+wmsb80LuhZ1S4eNfew==\",timestamp=\"1620571488\""
+      # ```
+      def build_authorization_header(method, url, json_body)
+        timestamp = Time.now.to_i
+        nonce_str = SecureRandom.hex
+        string = build_string(method, url, timestamp, nonce_str, json_body)
+        signature = sign_string(string)
+
+        params = {
+          mchid: WechatPay.mch_id,
+          nonce_str: nonce_str,
+          serial_no: WechatPay.apiclient_serial_no,
+          signature: signature,
+          timestamp: timestamp
+        }
+
+        params_string = params.stringify_keys.map { |key, value| "#{key}=\"#{value}\"" }.join(',')
+
+        "WECHATPAY2-SHA256-RSA2048 #{params_string}"
+      end
+
+      def sign_string(string)
+        result = WechatPay.apiclient_key.sign('SHA256', string) # 商户私钥的SHA256-RSA2048签名
+        Base64.strict_encode64(result) # Base64处理
+      end
+
+      private
+
+      def build_string(method, url, timestamp, noncestr, body)
+        "#{method}\n#{url}\n#{timestamp}\n#{noncestr}\n#{body}\n"
+      end
+
+      def build_callback_string(timestamp, noncestr, body)
+        "#{timestamp}\n#{noncestr}\n#{body}\n"
+      end
+
+      def build_paysign_string(appid, timestamp, noncestr, prepayid)
+        "#{appid}\n#{timestamp}\n#{noncestr}\nprepay_id=#{prepayid}\n"
+      end
+    end
+  end
+end

data/lib/wechat-pay/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module WechatPay
+  VERSION = '1.0.1'
+end

metadata

@@ -0,0 +1,133 @@
+--- !ruby/object:Gem::Specification
+name: wechat-pay
+version: !ruby/object:Gem::Version
+  version: 1.0.1
+platform: ruby
+authors:
+- lanzhiheng
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-05-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.14.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.14.4
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 13.0.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 13.0.3
+description: A simple Wechat pay ruby gem in api V3.
+email: lanzhihengrj@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/set_base_envrionment.rb
+- lib/wechat-pay.rb
+- lib/wechat-pay/direct.rb
+- lib/wechat-pay/ecommerce.rb
+- lib/wechat-pay/ecommerce/applyment.rb
+- lib/wechat-pay/ecommerce/balance.rb
+- lib/wechat-pay/ecommerce/bill.rb
+- lib/wechat-pay/ecommerce/combine_order.rb
+- lib/wechat-pay/ecommerce/order.rb
+- lib/wechat-pay/ecommerce/profitsharing.rb
+- lib/wechat-pay/ecommerce/refund.rb
+- lib/wechat-pay/ecommerce/subsidies.rb
+- lib/wechat-pay/ecommerce/withdraw.rb
+- lib/wechat-pay/helper.rb
+- lib/wechat-pay/sign.rb
+- lib/wechat-pay/version.rb
+homepage: https://rubygems.org/gems/wechat-pay
+licenses:
+- MIT
+metadata:
+  source_code_uri: https://github.com/lanzhiheng/wechat-pay
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.5'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Wechat Pay in api V3
+test_files: []