wechatpay-api 0.0.2 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c02376e1f66aced738a92265233ed65a159fa677672498d098d406fd6f68ebeb
-  data.tar.gz: d996e6f70e9a473a8a7d05a2f32730e895a55e5388e873d3db098fab9f5a0216
+  metadata.gz: b97b7c1f8ed9f448edd975a6adf2bf554840d5442fbc3dc5928be733941fdcd2
+  data.tar.gz: 39723a0aa3661c5bff6a1ebed35c67a79c0b1b976354882aa0651bdc2189ac89
 SHA512:
-  metadata.gz: d00c99a38872e1eae30fd765c94aeb954f0066b38fd179247a363b8f2af2756dd90775a86d0b0ecf7f3e3532012824d24f7e5daddf3ff526fb1cb8c4398d0879
-  data.tar.gz: ad86f1ba1f248ce12f8664643c616601b7842b4601108512d58b95ab3f62d04e5f3e9b8d195daeeb5207a68bc6f1baa05da7b11ca107f7e03c7857128c15d5b3
+  metadata.gz: 3f7be18010ec031f42fc57978b9adb186c1adf876e9c29a76a574a8c137f4d70fe99ae9862a791c4bee22223e5aae13ee1d9bd279e0f8968224c128f3f33252e
+  data.tar.gz: 94d67a3a5483c82c26000f9064c22f46234e8c183f1d5318c6c5a77263151caa7e211780941a09c8dc051de25abad59c8c72cdca550b18205d1943859a4899f9

data/Gemfile.lock

@@ -1,23 +1,19 @@
 PATH
   remote: .
   specs:
-    wechatpay-api (0.0.1)
+    wechatpay-api (0.0.2)
       faraday (~> 1.0)
-      gyoku (>= 1.0.0)
       multi_json (~> 1.0)
-      nokogiri (~> 1.0)
-      nori (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    builder (3.2.4)
     coderay (1.1.3)
     crack (0.4.4)
     diff-lcs (1.4.4)
-    faraday (1.1.0)
+    faraday (1.2.0)
       multipart-post (>= 1.2, < 3)
       ruby2_keywords
     ffi (1.13.1)
@@ -36,21 +32,15 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    gyoku (1.3.1)
-      builder (>= 2.1.2)
     hashdiff (1.0.1)
     listen (3.3.3)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     lumberjack (1.2.8)
     method_source (1.0.0)
-    mini_portile2 (2.4.0)
     multi_json (1.15.0)
     multipart-post (2.1.1)
     nenv (0.3.0)
-    nokogiri (1.10.10)
-      mini_portile2 (~> 2.4.0)
-    nori (2.6.0)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)

data/README.md

@@ -1,2 +1,71 @@
 # wechatpay-api
-Yet Another wechatpay sdk for ruby 另一个微信支付Ruby SDK。基于API V3.0
+Yet Another wechatpay sdk for ruby 另一个微信支付Ruby SDK。
+APIv3 接口版本V3
+
+公众号API SDK: https://github.com/lazing/wechat-api
+
+# Install
+
+```ruby
+gem 'wechatpay-api', '~>0.1'
+```
+
+
+or
+
+```ruby
+gem install wechatpay-api
+```
+
+# Usage
+
+## Prepare
+
+Essential configure items and datus from wechat pay 需要从微信支付获取的必要配置项目
+
+  * appid - 公众号ID
+  * mchid - 商户号
+  * key - 32 bytes secret key to encrypt and decrypt 32字节加解密key
+  * cert_no - APIv3 certification serial no. 从微信支付获取的APIv3证书序列号
+  * cert - APIv3 certification private key pem, content as string. 从微信支付获取的APIv3证书私钥，内容作为文本输入
+
+## Configuration and direct usage
+
+```ruby
+# initialize with a file like wechatpay-api.rb inside rails config initilizers
+Wechatpay::Api.client do |klass|
+  klass.new 'appid', 'mchid', key: 'key', cert: 'apiv3 certification...', cert_no: 'cert_no'
+end
+
+# next in anywhere needs, using get or post, will sign automatic. response body 
+response_body_as_hash_symbolized = Wechatpay::Api.client.get '/path', params
+response_body_as_hash_symbolized = Wechatpay::Api.client.post '/path', hash_as_body, headers
+
+# check incoming request
+Wechatpay::Api.client.verify headers, body
+```
+
+## JSAPI Helper Example
+
+```ruby
+# initilized somehow Wechatpay::Api.client do |klass| ..... end
+# reference the client
+client = Wechatpay::Api.client 
+# STEP 1. after generate your own order object, start prepay
+prepay_id = client.js_prepay(openid, out_trade_no, description, total_amount, **opts)
+
+# STEP 2. get signature for WXJS SDK call
+timestamp = Time.now.to_i
+nonce = SecureRandom.hex
+package = "prepay_id=#{prepay_id}"
+signature = client.js_sign(package, timestamp, nonce)
+
+# STEP 3. expose to view and start payment
+
+# STEP 4. build a API endpoint to receive wechat payment notice
+# request header and body
+
+decrypted_hash = client.notice(headers, body)
+
+```
+

data/lib/wechatpay-api.rb

@@ -0,0 +1 @@
+require 'wechatpay/api'

data/lib/wechatpay/api.rb

@@ -1,16 +1,15 @@
 module Wechatpay
   module Api
     class Error < StandardError; end
-    module V2
-    end
+    module V3; end
 
     def self.client(appid = 'origin_id')
       var = "@v#{appid}"
-      if instance_variable_defined?(var)
-        instance_variable_get(var)
-      elsif block_given?
-        c = yield(V2::Client)
+      if block_given?
+        c = yield(V3::Client)
         instance_variable_set var, c
+      elsif instance_variable_defined?(var)
+        instance_variable_get(var)
       else
         raise Error, :not_initialized
       end
@@ -18,4 +17,7 @@ module Wechatpay
   end
 end
 
-require 'wechatpay/api/v2/client'
+require 'wechatpay/api/v3/client'
+require 'wechatpay/api/v3/trade'
+require 'wechatpay/api/v3/jsapi'
+require 'wechatpay/api/v3/cert'

data/lib/wechatpay/api/v3/cert.rb

@@ -0,0 +1,33 @@
+require 'multi_json'
+require 'singleton'
+require 'openssl'
+
+module Wechatpay
+  module Api
+    module V3
+      class Cert
+        include Singleton
+
+        attr_accessor :expires_at, :serial_no, :cert, :certificate
+
+        def update(json)
+          Wechatpay::Api.client.logger.debug { "Cert JSON: #{json}" }
+          expire_time = DateTime.parse(json[:expire_time])
+          return unless expires_at.nil? || expire_time > expires_at
+
+          @serial_no = json[:serial_no]
+          @expires_at = expire_time
+          ec = json[:encrypt_certificate]
+          @cert = yield(ec[:ciphertext], ec[:nonce], ec[:associated_data])
+          @certificate = OpenSSL::X509::Certificate.new @cert
+        end
+
+        def load
+          return false if cert.nil? || expires_at < DateTime.now
+
+          self
+        end
+      end
+    end
+  end
+end

data/lib/wechatpay/api/v3/client.rb

@@ -0,0 +1,132 @@
+require 'base64'
+require 'faraday'
+require 'multi_json'
+require 'openssl'
+require 'logger'
+require 'securerandom'
+
+module Wechatpay
+  module Api
+    module V3
+      class Client
+
+        attr_reader :rsa_key, :serial_no, :mch_id, :appid, :key
+        attr_accessor :logger, :site
+
+        SCHEMA = 'WECHATPAY2-SHA256-RSA2048'.freeze
+
+        def initialize(appid, mch_id, **opts)
+          @appid = appid
+          @mch_id = mch_id
+          @rsa_key = OpenSSL::PKey::RSA.new opts[:cert] if opts[:cert]
+          @serial_no = opts[:cert_no]
+          @key = opts[:key]
+          @site = opts[:site] || 'https://api.mch.weixin.qq.com'
+
+          @logger = Logger.new(STDOUT)
+        end
+
+        def connection
+          Faraday.new(url: @site) do |conn|
+            conn.request :retry
+            conn.response :logger
+            # conn.response :raise_error
+            conn.adapter :net_http
+          end
+        end
+
+        def get(path, params = nil)
+          resp = connection.get(path, params) do |req|
+            path = req.path
+            path = [req.path, Faraday::Utils.build_query(req.params)].join('?') unless params.nil? || params.empty?
+            req.headers['Authorization'] = authorization_header('GET', path, nil)
+            req.headers['Accept'] = 'application/json'
+          end
+          handle resp
+        end
+
+        def post(path, data, **headers)
+          body = data.is_a?(Hash) ? MultiJson.dump(data) : data
+          resp = connection.post(path, body, headers) do |req|
+            req.headers['Authorization'] = authorization_header('POST', path, body)
+            req.headers['Accept'] = 'application/json'
+          end
+          handle resp
+        end
+
+        def verify(headers, body)
+          sha256 = OpenSSL::Digest::SHA256.new
+          key = cert.certificate.public_key
+          sign = Base64.strict_decode64(headers['Wechatpay-Signature'])
+          data = %w[Wechatpay-Timestamp Wechatpay-Nonce].map { |k| headers[k] }
+          key.verify sha256, sign, data.append(body).join("\n") + "\n"
+        end
+
+        def cert
+          Wechatpay::Api::V3::Cert.instance.load || update_certs
+        end
+
+        def update_certs
+          certs = get('/v3/certificates')[:data]
+          certs.map do |raw|
+            Wechatpay::Api::V3::Cert.instance.update(raw, &method(:decrypt))
+          end
+          Wechatpay::Api::V3::Cert.instance
+        end
+
+        def handle(resp)
+          logger.debug { "HANDLE RESPONSE: #{resp.inspect}" }
+          data = resp.body
+          raise :empty_body unless data && !data.empty?
+
+          MultiJson.load data, symbolize_keys: true
+        end
+
+        def sign_with(body, method, path, timestamp, rnd)
+          str = [method, path, timestamp, rnd, body].join("\n") + "\n"
+          logger.debug { "Sign Content: #{str.inspect}" }
+          sign_content(str)
+        end
+
+        def sign_content(content)
+          digest = OpenSSL::Digest::SHA256.new
+          signed = rsa_key.sign(digest, content)
+          Base64.strict_encode64 signed
+        end
+
+        def authorization_header(http_method, path, body)
+          [SCHEMA, authorization_params(http_method, path, body)].join ' '
+        end
+
+        def authorization_params(http_method, path, body)
+          timestamp = Time.now.to_i
+          rnd = SecureRandom.hex
+          signature = sign_with(body, http_method, path, timestamp, rnd)
+          [
+            "mchid=\"#{mch_id}\"", "serial_no=\"#{serial_no}\"", "nonce_str=\"#{rnd}\"",
+            "timestamp=\"#{timestamp}\"", "signature=\"#{signature}\""
+          ].join(',')
+        end
+
+        def decrypt(cipher_text, nonce, auth_data)
+          raise :cipher_text_invalid if (cipher_text.try(:length) || 0) < 16
+
+          data = Base64.strict_decode64(cipher_text)
+          dec = dechipher(data, nonce, auth_data)
+          dec.update(data[0, data.length - 16]).tap { |s| logger.debug "DEC: #{s}" } + dec.final
+        end
+
+        def dechipher(data, nonce, auth_data)
+          chipher = OpenSSL::Cipher.new 'aes-256-gcm'
+          chipher.decrypt
+          chipher.key = key
+          chipher.iv = nonce
+          chipher.padding = 0
+          chipher.auth_data = auth_data
+          chipher.auth_tag = data[-16, 16]
+          chipher
+        end
+      end
+    end
+  end
+end

data/lib/wechatpay/api/v3/jsapi.rb

@@ -0,0 +1,26 @@
+
+module Wechatpay
+  module Api
+    module V3
+      module JSAPI
+        def js_prepay(openid, out_trade_no, description, total_amount, **opts)
+          data = {
+            appid: appid, mchid: mch_id, description: description,
+            out_trade_no: out_trade_no, amount: { total: total_amount, currency: 'CNY' },
+            payer: { openid: openid }
+          }.merge(opts)
+          res = post '/v3/pay/transactions/jsapi', data
+          res[:prepay_id]
+        end
+
+        def js_sign(package, timestamp, nonce)
+          str = [appid, timestamp, nonce, package].join("\n") + "\n"
+          sign_content(str)
+        end
+      end
+
+      Client.include JSAPI
+    end
+  end
+end
+

data/lib/wechatpay/api/v3/trade.rb

@@ -0,0 +1,22 @@
+require 'multi_json'
+
+module Wechatpay
+  module Api
+    module V3
+      module Trade
+
+        def notice(headers, payload)
+          raise :verify_fail unless verify(headers, payload)
+
+          data = MultiJson.load(payload, symbolize_keys: true)
+          r = data[:resource]
+          text = decrypt r[:ciphertext], r[:nonce], r[:associated_data]
+          MultiJson.load(text, symbolize_keys: true)
+        end
+      end
+
+      Client.include Trade
+    end
+  end
+end
+

data/lib/wechatpay/api/version.rb

@@ -1,5 +1,5 @@
 module Wechatpay
   module Api
-    VERSION = '0.0.2'
+    VERSION = '0.2.1'
   end
 end

data/wechatpay-api.gemspec

@@ -1,6 +1,7 @@
 # encoding: utf-8
 
-$:.unshift File.expand_path('../lib', __FILE__)
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'wechatpay/api/version'
 
 Gem::Specification.new do |s|
@@ -18,10 +19,7 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
 
   s.add_dependency 'faraday', '~> 1.0'
-  s.add_dependency 'gyoku', '>= 1.0.0'
   s.add_dependency 'multi_json', '~> 1.0'
-  s.add_dependency 'nokogiri', '~> 1.0'
-  s.add_dependency 'nori', '~> 2.0'
 
   s.add_development_dependency 'bundler', '~> 1.0'
   s.add_development_dependency 'guard', '~> 2.0'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wechatpay-api
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.2.1
 platform: ruby
 authors:
 - lazing
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-15 00:00:00.000000000 Z
+date: 2021-01-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -24,20 +24,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: gyoku
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -52,34 +38,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: nokogiri
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: nori
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -190,9 +148,12 @@ files:
 - Guardfile
 - LICENSE.md
 - README.md
+- lib/wechatpay-api.rb
 - lib/wechatpay/api.rb
-- lib/wechatpay/api/v2/client.rb
-- lib/wechatpay/api/v2/pay.rb
+- lib/wechatpay/api/v3/cert.rb
+- lib/wechatpay/api/v3/client.rb
+- lib/wechatpay/api/v3/jsapi.rb
+- lib/wechatpay/api/v3/trade.rb
 - lib/wechatpay/api/version.rb
 - wechatpay-api.gemspec
 homepage: https://github.com/lazing/wechatpay-api

data/lib/wechatpay/api/v2/client.rb

@@ -1,118 +0,0 @@
-require 'faraday'
-require 'multi_json'
-require 'openssl'
-require 'logger'
-require 'nokogiri'
-require 'nori'
-require 'gyoku'
-require 'securerandom'
-
-require 'wechatpay/api/v2/pay'
-
-module Wechatpay
-  module Api
-    module V2
-      class Client
-
-        include Pay
-
-        attr_reader :appid, :mch_id, :key
-        attr_accessor :logger, :site
-
-        def initialize(appid, mch_id, **opts)
-          @appid = appid
-          @mch_id = mch_id
-          @key = opts[:key]
-          @site = opts[:site] || 'https://api.mch.weixin.qq.com'
-
-          @logger = Logger.new(STDOUT)
-        end
-
-        def post(url, params, headers = {})
-          data = sign(merge(params))
-          response = connection.post url, xml(data), headers
-          logger.debug { { response: response } }
-          handle(response.body)
-        end
-
-        def verify(response)
-          sign = response.delete(:sign)
-          test = sign(response)
-          logger.debug { { result: test } }
-          sign == test[:sign]
-        end
-
-        def parse(body)
-          parser.parse(body)
-        end
-
-        private
-
-        def requires(params, keys)
-          actual = params.keys.map(&:to_sym)
-          return if keys == (actual & keys)
-
-          raise Wechatpay::Api::Error, "missing params #{keys - actual}"
-        end
-
-        def connection
-          Faraday.new(url: @site) do |conn|
-            conn.request :retry
-            conn.response :logger
-            conn.response :raise_error
-            conn.adapter :net_http
-          end
-        end
-
-        def handle(body)
-          response = parse(body) 
-          check(response)
-          response
-        end
-
-        def parser
-          Nori.new
-        end
-
-        def check(res)
-          return if res['xml']['result_code'] == 'SUCCESS'
-
-          handle_error(res['xml']['err_code'], res)
-        rescue NoMethodError
-          logger.warn { res.inspect }
-          raise Error, 'Bad Response'
-        end
-
-        def handle_error(error_code, response)
-          raise ERRORS[error_code] || PayError, response.inspect
-        end
-
-        def xml(hash)
-          Gyoku.xml({ xml: hash }, key_converter: :none)
-        end
-
-        def sign(params)
-          ordered = trim_and_sort(params)
-          keystr = format('key=%<key>s', key: key)
-          origin = ordered.map { |k, v| [k, v].join('=') }.push(keystr).join('&')
-          sign = Digest::MD5.hexdigest(origin).upcase
-          logger.debug { format('origin: %s, sign: %s', origin, sign) }
-          params.merge(sign: sign)
-        end
-
-        def trim_and_sort(params)
-          params.delete_if { |_k, v| v.to_s.blank? }
-          Hash[params.sort]
-        end
-
-        def merge(params)
-          { mch_id: @mch_id, nonce_str: nonce_str }.merge(params)
-        end
-
-        def nonce_str
-          SecureRandom.hex
-        end
-      end
-    end
-  end
-end

data/lib/wechatpay/api/v2/pay.rb

@@ -1,26 +0,0 @@
-module Wechatpay
-  module Api
-    module V2
-      module Pay
-
-        def unifiedorder(params)
-          requires(params, %i[body out_trade_no total_fee spbill_create_ip notify_url trade_type])
-          post('/pay/unifiedorder', params)
-        end
-
-        def jsapi_params(params)
-          requires(params, %i[prepayid])
-
-          data = {
-            appId: appid,
-            package: format('prepay_id=%<prepayid>s', params),
-            nonceStr: nonce_str,
-            timeStamp: Time.now.to_i,
-            signType: 'MD5'
-          }
-          sign(data)
-        end
-      end
-    end
-  end
-end