RubyGems - wx_pay - Versions diffs - 0.17.0 → 0.21.0 - Mend

wx_pay 0.17.0 → 0.21.0

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 161782a3a1d52339e8ff2e0f3bfc408071fca7452e0390832e78af0294154f19
-  data.tar.gz: b8251fb2072d5dda662e27e7f2e27d88a785f5cb0737dca9c1f955817ad1f07c
+  metadata.gz: e472765b251f44ad368e4738c8593e8b47e349892cec1d39017ec466243edfbf
+  data.tar.gz: bb4338988b511b4573b2a40acdb0e1d95131cee04fa8e776d455a9602b87b5e5
 SHA512:
-  metadata.gz: f14c5ff39a759e960b3578f68a94a6120cef8b69fc9ed5349b40182f493b733999064fdb0105e1f525283146fbf3ea96e90381b38d1f2fbf5eca018dd3a88d26
-  data.tar.gz: aad7882af734bafc4e3bca5a91f49dd1442726a42ca31e041cdc6b005b9d4d7bde6e9feba91b13b37ce0532692b17a8419feb64e03bff3239ead289694a7d97d
+  metadata.gz: a313ebc9905ea19414c3e3d58e0b512941052707ea3fc2a4f5d3b194e20d72ffd40035e1fbf951dc3b4ad789a901b9c4a73b763c6c21fe221eee484815f044df
+  data.tar.gz: faa85e84cd7c78ce8be986039d7bd56ea0061d2a7e284130cf37ceef3cd03918eee06872dee2e42640ea9ca29f1049d107e86f02495e8a3572fd25484e04e086

data/lib/wx_pay.rb CHANGED

@@ -11,7 +11,7 @@ module WxPay
   class<< self
     attr_accessor :appid, :mch_id, :key, :appsecret, :extra_rest_client_options, :debug_mode
-    attr_accessor :sandbox_mode, :sandbox_key, :sandbox_mch_id
+    attr_accessor :sandbox_mode, :manual_get_sandbox_key
     attr_reader :apiclient_cert, :apiclient_key
     def set_apiclient_by_pkcs12(str, pass)
@@ -37,5 +37,9 @@ module WxPay
     def sandbox_mode?
       @sandbox_mode
     end
+    def manual_get_sandbox_key?
+      @manual_get_sandbox_key
+    end
   end
 end

data/lib/wx_pay/service.rb CHANGED

@@ -17,19 +17,27 @@ module WxPay
     def self.authenticate(authorization_code, options = {})
       options = WxPay.extra_rest_client_options.merge(options)
-      url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=#{WxPay.appid}&secret=#{WxPay.appsecret}&code=#{authorization_code}&grant_type=authorization_code"
+      payload = {
+        appid: options.delete(:appid) || WxPay.appid,
+        secret: options.delete(:appsecret) || WxPay.appsecret,
+        code: authorization_code,
+        grant_type: 'authorization_code'
+      }
+      url = "https://api.weixin.qq.com/sns/oauth2/access_token"
       ::JSON.parse(RestClient::Request.execute(
         {
           method: :get,
+          headers: {params: payload},
           url: url
         }.merge(options)
       ), quirks_mode: true)
     end
-    def self.get_sandbox_signkey
+    def self.get_sandbox_signkey(mch_id = WxPay.mch_id, options = {})
       params = {
-        mch_id: WxPay.mch_id,
+        mch_id: mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }
       r = WxPay::Result.new(Hash.from_xml(invoke_remote("/pay/getsignkey", xmlify_payload(params))))
@@ -39,11 +47,18 @@ module WxPay
     def self.authenticate_from_weapp(js_code, options = {})
       options = WxPay.extra_rest_client_options.merge(options)
-      url = "https://api.weixin.qq.com/sns/jscode2session?appid=#{WxPay.appid}&secret=#{WxPay.appsecret}&js_code=#{js_code}&grant_type=authorization_code"
+      payload = {
+        appid: options.delete(:appid) || WxPay.appid,
+        secret: options.delete(:appsecret) || WxPay.appsecret,
+        js_code: js_code,
+        grant_type: 'authorization_code'
+      }
+      url = "https://api.weixin.qq.com/sns/jscode2session"
       ::JSON.parse(RestClient::Request.execute(
         {
           method: :get,
+          headers: {params: payload},
           url: url
         }.merge(options)
       ), quirks_mode: true)
@@ -152,6 +167,7 @@ module WxPay
       params = {
         appid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -286,6 +302,7 @@ module WxPay
       params = {
         appid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -309,6 +326,7 @@ module WxPay
       params = {
         appid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -332,6 +350,7 @@ module WxPay
       params = {
         appid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -349,6 +368,7 @@ module WxPay
       params = {
         appid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', ''),
       }.merge(params)
@@ -361,10 +381,35 @@ module WxPay
       r
     end
+    DOWNLOAD_FUND_FLOW_REQUIRED_FIELDS = [:bill_date, :account_type]
+    def self.download_fund_flow(params, options = {})
+      params = {
+          appid: options.delete(:appid) || WxPay.appid,
+          mch_id: options.delete(:mch_id) || WxPay.mch_id,
+          nonce_str: SecureRandom.uuid.tr('-', ''),
+          key: options.delete(:key) || WxPay.key
+      }.merge(params)
+      check_required_options(params, DOWNLOAD_FUND_FLOW_REQUIRED_FIELDS)
+      options = {
+          ssl_client_cert: options.delete(:apiclient_cert) || WxPay.apiclient_cert,
+          ssl_client_key: options.delete(:apiclient_key) || WxPay.apiclient_key,
+          verify_ssl: OpenSSL::SSL::VERIFY_NONE
+      }.merge(options)
+      r = invoke_remote("/pay/downloadfundflow", make_payload(params, WxPay::Sign::SIGN_TYPE_HMAC_SHA256), options)
+      yield r if block_given?
+      r
+    end
     def self.sendgroupredpack(params, options={})
       params = {
         wxappid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -387,6 +432,7 @@ module WxPay
       params = {
         wxappid: options.delete(:appid) || WxPay.appid,
         mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        key: options.delete(:key) || WxPay.key,
         nonce_str: SecureRandom.uuid.tr('-', '')
       }.merge(params)
@@ -405,6 +451,97 @@ module WxPay
       r
     end
+    # 用于商户对已发放的红包进行查询红包的具体信息，可支持普通红包和裂变包。
+    GETHBINFO_FIELDS = [:mch_billno, :bill_type]
+    def self.gethbinfo(params, options = {})
+      params = {
+        appid: options.delete(:appid) || WxPay.appid,
+        mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        nonce_str: SecureRandom.uuid.tr('-', ''),
+        key: options.delete(:key) || WxPay.key
+      }.merge(params)
+      check_required_options(params, GETHBINFO_FIELDS)
+      options = {
+        ssl_client_cert: options.delete(:apiclient_cert) || WxPay.apiclient_cert,
+        ssl_client_key: options.delete(:apiclient_key) || WxPay.apiclient_key,
+        verify_ssl: OpenSSL::SSL::VERIFY_NONE
+      }.merge(options)
+      r = WxPay::Result.new(Hash.from_xml(invoke_remote("/mmpaymkttransfers/gethbinfo", make_payload(params), options)))
+      yield r if block_given?
+      r
+    end
+    PROFITSHARINGADDRECEIVER = [:nonce_str, :receiver]
+    # 添加分账接收方
+    def self.profitsharingaddreceiver(params, options = {})
+      params = {
+        appid: options.delete(:appid) || WxPay.appid,
+        mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        nonce_str: SecureRandom.uuid.tr('-', ''),
+        key: options.delete(:key) || WxPay.key
+      }.merge(params)
+      check_required_options(params, PROFITSHARINGADDRECEIVER)
+      r = WxPay::Result.new(Hash.from_xml(invoke_remote("/pay/profitsharingaddreceiver", make_payload(params, WxPay::Sign::SIGN_TYPE_HMAC_SHA256), options)))
+      yield r if block_given?
+      r
+    end
+    PROFITSHARINGREMOVERECEIVER = [:nonce_str, :receiver]
+    # 删除分账接收方
+    def self.profitsharingremovereceiver(params, options = {})
+      params = {
+        appid: options.delete(:appid) || WxPay.appid,
+        mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        nonce_str: SecureRandom.uuid.tr('-', ''),
+        key: options.delete(:key) || WxPay.key
+      }.merge(params)
+      check_required_options(params, PROFITSHARINGADDRECEIVER)
+      r = WxPay::Result.new(Hash.from_xml(invoke_remote("/pay/profitsharingremovereceiver", make_payload(params, WxPay::Sign::SIGN_TYPE_HMAC_SHA256), options)))
+      yield r if block_given?
+      r
+    end
+    # 单次分账
+    PROFITSHARING = [:nonce_str, :receivers, :transaction_id, :out_order_no]
+    def self.profitsharing(params, options = {})
+      params = {
+        appid: options.delete(:appid) || WxPay.appid,
+        mch_id: options.delete(:mch_id) || WxPay.mch_id,
+        nonce_str: SecureRandom.uuid.tr('-', ''),
+        key: options.delete(:key) || WxPay.key
+      }.merge(params)
+      check_required_options(params, PROFITSHARING)
+      options = {
+        ssl_client_cert: options.delete(:apiclient_cert) || WxPay.apiclient_cert,
+        ssl_client_key: options.delete(:apiclient_key) || WxPay.apiclient_key,
+        verify_ssl: OpenSSL::SSL::VERIFY_NONE
+      }.merge(options)
+      r = WxPay::Result.new(Hash.from_xml(invoke_remote("/secapi/pay/profitsharing", make_payload(params, WxPay::Sign::SIGN_TYPE_HMAC_SHA256), options)))
+      yield r if block_given?
+      r
+    end
     class << self
       private
@@ -420,26 +557,26 @@ module WxPay
         end
       end
-      def xmlify_payload(params)
-        sign = WxPay::Sign.generate(params)
-        params.delete(:key) if params[:key]
-        "<xml>#{params.map { |k, v| "<#{k}>#{v}</#{k}>" }.join}<sign>#{sign}</sign></xml>"
+      def xmlify_payload(params, sign_type = WxPay::Sign::SIGN_TYPE_MD5)
+        sign = WxPay::Sign.generate(params, sign_type)
+        "<xml>#{params.except(:key).sort.map { |k, v| "<#{k}>#{v}</#{k}>" }.join}<sign>#{sign}</sign></xml>"
       end
-      def make_payload(params)
-        if WxPay.sandbox_mode?
+      def make_payload(params, sign_type = WxPay::Sign::SIGN_TYPE_MD5)
+        # TODO: Move this out
+        if WxPay.sandbox_mode? && !WxPay.manual_get_sandbox_key?
           r = get_sandbox_signkey
           if r['return_code'] == WxPay::Result::SUCCESS_FLAG
-            params = params.merge({
-              :mch_id => r['mch_id'] || WxPay.mch_id,
-              :key => r['sandbox_signkey']
-            })
-            WxPay.sandbox_key = r['sandbox_signkey']
+            params = params.merge(
+              mch_id: r['mch_id'] || WxPay.mch_id,
+              key: r['sandbox_signkey']
+            )
           else
             warn("WxPay Warn: fetch sandbox sign key failed #{r['return_msg']}")
           end
         end
-        xmlify_payload(params)
+        xmlify_payload(params, sign_type)
       end
       def invoke_remote(url, payload, options = {})

data/lib/wx_pay/sign.rb CHANGED

@@ -2,26 +2,42 @@ require 'digest/md5'
 module WxPay
   module Sign
-    def self.generate(params)
+    SIGN_TYPE_MD5 = 'MD5'
+    SIGN_TYPE_HMAC_SHA256 = 'HMAC-SHA256'
+    def self.generate(params, sign_type = SIGN_TYPE_MD5)
       key = params.delete(:key)
+      new_key = params["key"] #after
+      key = params.delete("key") if params["key"] #after
       query = params.sort.map do |k, v|
         "#{k}=#{v}" if v.to_s != ''
       end.compact.join('&')
-      Digest::MD5.hexdigest("#{query}&key=#{key || WxPay.key}").upcase
+      string_sign_temp = "#{query}&key=#{key || new_key || WxPay.key}" #after
+      if sign_type == SIGN_TYPE_MD5
+        Digest::MD5.hexdigest(string_sign_temp).upcase
+      elsif sign_type == SIGN_TYPE_HMAC_SHA256
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, string_sign_temp).upcase
+      else
+        warn("WxPay Warn: unknown sign_type : #{sign_type}")
+      end
     end
     def self.verify?(params, options = {})
+      return true if WxPay.sandbox_mode?
       params = params.dup
-      params = params.merge(options)
-      if WxPay.sandbox_mode?
-        params = params.merge(:key => WxPay.sandbox_key)
-      end
+      params["appid"] = options[:appid] if options[:appid]
+      params["mch_id"] = options[:mch_id]  if options[:mch_id]
+      params["key"] = options[:key] if options[:key]
       sign = params.delete('sign') || params.delete(:sign)
-      generate(params) == sign
+      generate(params, options[:sign_type] || SIGN_TYPE_MD5) == sign
     end
   end
 end

data/lib/wx_pay/version.rb CHANGED

@@ -1,3 +1,3 @@
 module WxPay
-  VERSION = '0.17.0'.freeze
+  VERSION = '0.21.0'.freeze
 end

data/test/wx_pay/service_test.rb CHANGED

@@ -48,7 +48,7 @@ class ServiceTest < MiniTest::Test
       mch_id: 'mch_id',
       key: 'key'
     }
-    xml_str = '<xml><body>测试商品</body><out_trade_no>test003</out_trade_no><total_fee>1</total_fee><spbill_create_ip>127.0.0.1</spbill_create_ip><notify_url>http://making.dev/notify</notify_url><trade_type>JSAPI</trade_type><openid>OPENID</openid><app_id>app_id</app_id><mch_id>mch_id</mch_id><sign>172A2D487A37D13FDE32B874BA823DD6</sign></xml>'
+    xml_str = '<xml><app_id>app_id</app_id><body>测试商品</body><mch_id>mch_id</mch_id><notify_url>http://making.dev/notify</notify_url><openid>OPENID</openid><out_trade_no>test003</out_trade_no><spbill_create_ip>127.0.0.1</spbill_create_ip><total_fee>1</total_fee><trade_type>JSAPI</trade_type><sign>172A2D487A37D13FDE32B874BA823DD6</sign></xml>'
     assert_equal xml_str, WxPay::Service.send(:make_payload, params)
   end
 end

data/test/wx_pay/sign_test.rb CHANGED

@@ -14,19 +14,29 @@ class WxPay::SignTest < MiniTest::Test
       total_fee: 1
     }
-    @sign = '729A68AC3DE268DBD9ADE442382E7B24'
+    @sign_md5 = '729A68AC3DE268DBD9ADE442382E7B24'
+    @sign_hmac_sha256 = 'A58C01F990B45A4D0E496F835B2739E391C6C734927B1DA740DC873E607FB42A'
   end
   def test_generate_sign
-    assert_equal @sign, WxPay::Sign.generate(@params)
+    assert_equal @sign_md5, WxPay::Sign.generate(@params)
+  end
+  def test_generate_sign_md5
+    assert_equal @sign_md5, WxPay::Sign.generate(@params, WxPay::Sign::SIGN_TYPE_MD5)
+  end
+  def test_generate_sign_hmac_sha256
+    @params.merge!(key: "key")
+    assert_equal @sign_hmac_sha256, WxPay::Sign.generate(@params, WxPay::Sign::SIGN_TYPE_HMAC_SHA256)
   end
   def test_verify_sign
-    assert WxPay::Sign.verify?(@params.merge(:sign => @sign))
+    assert WxPay::Sign.verify?(@params.merge(:sign => @sign_md5))
   end
   def test_verify_sign_when_fails
-    assert !WxPay::Sign.verify?(@params.merge(:danger => 'danger', :sign => @sign))
+    assert !WxPay::Sign.verify?(@params.merge(:danger => 'danger', :sign => @sign_md5))
   end
   def test_accept_pars_key_to_generate_sign
@@ -34,4 +44,10 @@ class WxPay::SignTest < MiniTest::Test
     assert_equal "1454C32E885B8D9E4A05E976D1C45B88", WxPay::Sign.generate(@params)
   end
+  def test_verify_sign_when_use_hmac_sha256
+    opts = { key: "key", sign_type: WxPay::Sign::SIGN_TYPE_HMAC_SHA256 }
+    assert WxPay::Sign.verify?(@params.merge(:sign => @sign_hmac_sha256), opts)
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wx_pay
 version: !ruby/object:Gem::Version
-  version: 0.17.0
+  version: 0.21.0
 platform: ruby
 authors:
 - Jasl
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-01-09 00:00:00.000000000 Z
+date: 2020-07-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -38,34 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '3.2'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '11.2'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '11.2'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -116,7 +102,7 @@ homepage: https://github.com/jasl/wx_pay
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -131,9 +117,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.4
-signing_key:
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: An unofficial simple wechat pay gem
 test_files: