node-easywechat 3.5.10 → 3.5.11

package/CHANGELOG.md

@@ -1,6 +1,11 @@
 # CHANGELOG
 
 
+## v3.5.11 (2023-12-19)
+
+- Fix: 微信支付获取平台证书优化为随用随获取的方式，并增加缓存 (#57)
+- Fix: 修复微信支付请求无参数时，签名计算异常的问题 (#60)
+
 ## v3.5.10 (2023-12-19)
 
 - Feat: 微信支付通知处理增加v2接口xml格式的消息处理 (#56)

package/dist/Pay/Application.d.ts

@@ -60,11 +60,6 @@ declare class Application implements ApplicationInterface {
      * @returns
      */
     protected getHttpClientDefaultOptions(): Record<string, any>;
-    /**
-     * 如果未配置平台证书，则尝试从接口读取
-     * @param force 是否强制读取，默认：false
-     */
-    loadPlatformCerts(force?: boolean): Promise<void>;
 }
 interface Application extends ConfigMixin, CacheMixin, ServerRequestMixin, HttpClientMixin {
 }

package/dist/Pay/Application.js

@@ -1,13 +1,4 @@
 'use strict';
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -24,8 +15,6 @@ const Utils_2 = __importDefault(require("./Utils"));
 const Config_1 = __importDefault(require("../OfficialAccount/Config"));
 const Client_1 = __importDefault(require("./Client"));
 const Validator_1 = __importDefault(require("./Validator"));
-const PublicKey_1 = require("../Core/Support/PublicKey");
-const AES_1 = require("../Core/Support/AES");
 /**
  * 微信支付应用
  */
@@ -47,7 +36,7 @@ class Application {
     getMerchant() {
         var _a;
         if (!this.merchant) {
-            this.merchant = new Merchant_1.default(this.config.get('mch_id'), this.config.get('private_key'), this.config.get('certificate'), this.config.get('secret_key'), this.config.get('v2_secret_key'), (_a = this.config.get('platform_certs')) !== null && _a !== void 0 ? _a : []);
+            this.merchant = new Merchant_1.default(this.config.get('mch_id'), this.config.get('private_key'), this.config.get('certificate'), this.config.get('secret_key'), this.config.get('v2_secret_key'), (_a = this.config.get('platform_certs')) !== null && _a !== void 0 ? _a : [], this);
         }
         return this.merchant;
     }
@@ -128,28 +117,6 @@ class Application {
             baseURL: 'https://api.mch.weixin.qq.com',
         }, this.getConfig().get('http'));
     }
-    /**
-     * 如果未配置平台证书，则尝试从接口读取
-     * @param force 是否强制读取，默认：false
-     */
-    loadPlatformCerts(force = false) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let exists_certs = this.config.get('platform_certs', []);
-            if (force || !exists_certs || exists_certs.length === 0) {
-                let response = yield this.getClient().get('/v3/certificates');
-                let data = response.toObject();
-                if (data.data && data.data.length > 0) {
-                    let certs = {};
-                    let key = this.config.get('secret_key');
-                    data.data.forEach((item) => {
-                        let content = AES_1.AES_GCM.decrypt(item.encrypt_certificate.ciphertext, key, item.encrypt_certificate.nonce, item.encrypt_certificate.associated_data).toString();
-                        certs[item.serial_no] = PublicKey_1.PublicKey.createByCertificateContent(content, item.serial_no);
-                    });
-                    this.getMerchant().setPlatformCerts(certs);
-                }
-            }
-        });
-    }
 }
 ;
 ;

package/dist/Pay/Contracts/MerchantInterface.d.ts

@@ -26,15 +26,29 @@ declare abstract class MerchantInterface {
      */
     getCertificate(): PublicKey;
     /**
-     * 获取平台证书
+     * 获取平台证书缓存名称
+     */
+    getPlatformCertKey(): string;
+    /**
+     * 设置平台证书缓存名称
+     * @param key
+     */
+    setPlatformCertKey(key: string): this;
+    /**
+     * 更具证书序列号获取平台证书
      * @param serial
      * @returns
      */
-    getPlatformCert(serial: string): PublicKey;
+    getPlatformCert(serial: string): Promise<PublicKey>;
+    /**
+     * 获取平台证书
+     * @param force 是否强制刷新缓存
+     */
+    loadPlatformCerts(force: boolean): void;
     /**
      * 设置平台证书
-     * @param certs 键名：序列号，键值：PublicKey实例
+     * @param certs 键名：序列号，键值：PublicKey实例或者文件内容字符串
      */
-    setPlatformCerts(certs: Record<string, PublicKey>): void;
+    setPlatformCerts(certs: Record<string, PublicKey | string>): void;
 }
 export = MerchantInterface;

package/dist/Pay/Contracts/MerchantInterface.js

@@ -25,14 +25,28 @@ class MerchantInterface {
      */
     getCertificate() { return null; }
     /**
-     * 获取平台证书
+     * 获取平台证书缓存名称
+     */
+    getPlatformCertKey() { return null; }
+    /**
+     * 设置平台证书缓存名称
+     * @param key
+     */
+    setPlatformCertKey(key) { return this; }
+    /**
+     * 更具证书序列号获取平台证书
      * @param serial
      * @returns
      */
     getPlatformCert(serial) { return null; }
+    /**
+     * 获取平台证书
+     * @param force 是否强制刷新缓存
+     */
+    loadPlatformCerts(force) { }
     /**
      * 设置平台证书
-     * @param certs 键名：序列号，键值：PublicKey实例
+     * @param certs 键名：序列号，键值：PublicKey实例或者文件内容字符串
      */
     setPlatformCerts(certs) { }
 }

package/dist/Pay/Contracts/ValidatorInterface.d.ts

@@ -4,7 +4,7 @@ declare abstract class ValidatorInterface {
     /**
      * 验证请求是否正确
      */
-    validate(request: Request): boolean;
+    validate(request: Request): Promise<boolean>;
     /**
      * 验证请求是否正确（v2）
      */

package/dist/Pay/Contracts/ValidatorInterface.js

@@ -3,7 +3,7 @@ class ValidatorInterface {
     /**
      * 验证请求是否正确
      */
-    validate(request) { return true; }
+    validate(request) { return Promise.resolve(true); }
     /**
      * 验证请求是否正确（v2）
      */

package/dist/Pay/Merchant.d.ts

@@ -1,14 +1,17 @@
 import { PrivateKey } from "../Core/Support/PrivateKey";
 import { PublicKey } from "../Core/Support/PublicKey";
+import Application from "./Application";
 import MerchantInterface from "./Contracts/MerchantInterface";
 declare class Merchant implements MerchantInterface {
     protected mchId: string;
     protected secretKey: string;
     protected v2SecretKey: string;
+    protected app: Application;
     protected platformCerts: Record<string, PublicKey>;
     protected privateKey: PrivateKey;
     protected certificate: PublicKey;
-    constructor(mchId: string, privateKey: string | PrivateKey, certificate: string | PublicKey, secretKey: string, v2SecretKey: string, platformCerts?: Record<string, string | PublicKey> | string[] | PublicKey[]);
+    protected cacheKeyPlatformCert: string;
+    constructor(mchId: string, privateKey: string | PrivateKey, certificate: string | PublicKey, secretKey: string, v2SecretKey: string, platformCerts?: Record<string, string | PublicKey> | string[] | PublicKey[], app?: Application);
     /**
      * 统一规范化平台证书
      * @param platformCerts 平台证书列表
@@ -20,7 +23,10 @@ declare class Merchant implements MerchantInterface {
     getSecretKey(): string;
     getV2SecretKey(): string;
     getCertificate(): PublicKey;
-    getPlatformCert(serial: string): PublicKey;
-    setPlatformCerts(certs: Record<string, PublicKey>): void;
+    getPlatformCert(serial: string): Promise<PublicKey>;
+    setPlatformCerts(certs: Record<string, PublicKey | string>): void;
+    getPlatformCertKey(): string;
+    setPlatformCertKey(key: string): this;
+    loadPlatformCerts(force?: boolean): Promise<Record<string, string>>;
 }
 export = Merchant;

package/dist/Pay/Merchant.js

@@ -1,11 +1,22 @@
 'use strict';
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+const AES_1 = require("../Core/Support/AES");
 const PrivateKey_1 = require("../Core/Support/PrivateKey");
 const PublicKey_1 = require("../Core/Support/PublicKey");
 class Merchant {
-    constructor(mchId, privateKey, certificate, secretKey, v2SecretKey, platformCerts = []) {
+    constructor(mchId, privateKey, certificate, secretKey, v2SecretKey, platformCerts = [], app = null) {
         this.mchId = mchId;
         this.secretKey = secretKey;
         this.v2SecretKey = v2SecretKey;
+        this.app = app;
         this.platformCerts = {};
         if (!(privateKey instanceof PrivateKey_1.PrivateKey)) {
             this.privateKey = new PrivateKey_1.PrivateKey(privateKey);
@@ -58,10 +69,55 @@ class Merchant {
     }
     getPlatformCert(serial) {
         var _a;
-        return (_a = this.platformCerts[serial]) !== null && _a !== void 0 ? _a : null;
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!this.platformCerts || Object.keys(this.platformCerts).length === 0) {
+                yield this.loadPlatformCerts();
+            }
+            return (_a = this.platformCerts[serial]) !== null && _a !== void 0 ? _a : null;
+        });
     }
     setPlatformCerts(certs) {
-        this.platformCerts = certs;
+        let newCerts = {};
+        for (let key of Object.keys(certs)) {
+            let cert = certs[key];
+            if (typeof cert === 'string') {
+                newCerts[key] = PublicKey_1.PublicKey.createByCertificateContent(cert, key);
+            }
+            else {
+                newCerts[key] = cert;
+            }
+        }
+        this.platformCerts = newCerts;
+    }
+    getPlatformCertKey() {
+        if (!this.cacheKeyPlatformCert) {
+            this.cacheKeyPlatformCert = `pay.platform_certs.${this.mchId}`;
+        }
+        return this.cacheKeyPlatformCert;
+    }
+    setPlatformCertKey(key) {
+        this.cacheKeyPlatformCert = key;
+        return this;
+    }
+    loadPlatformCerts(force = false) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let cacheKey = this.getPlatformCertKey();
+            let cache = this.app.getCache();
+            let certs = yield cache.get(cacheKey);
+            if (force || !certs || Object.keys(certs).length === 0) {
+                certs = {};
+                let response = yield this.app.getClient().get('/v3/certificates');
+                let data = response.toObject();
+                if (!data || !data.data || data.data.length === 0)
+                    return certs;
+                data.data.forEach((item) => {
+                    let content = AES_1.AES_GCM.decrypt(item.encrypt_certificate.ciphertext, this.app.getConfig().get('secret_key'), item.encrypt_certificate.nonce, item.encrypt_certificate.associated_data).toString();
+                    certs[item.serial_no] = content;
+                });
+                yield cache.set(cacheKey, certs, 36000); // 缓存10小时
+            }
+            this.setPlatformCerts(certs);
+        });
     }
 }
 module.exports = Merchant;

package/dist/Pay/Signature.js

@@ -26,7 +26,18 @@ class Signature {
             pathname = urlObj.pathname + (search ? '?' + search : '');
         }
         else {
-            pathname += (pathname.indexOf('?') > -1 ? '&' : '?') + (0, Utils_1.buildQueryString)(payload.params);
+            let search = '';
+            if (payload.params) {
+                if (typeof payload.params === 'string') {
+                    search = payload.params.replace(/^\?|&/, '');
+                }
+                else if (Object.keys(payload.params).length > 0) {
+                    search = (0, Utils_1.buildQueryString)(payload.params);
+                }
+            }
+            if (search) {
+                pathname += (pathname.indexOf('?') > -1 ? '&' : '?') + search;
+            }
         }
         if (!nonce)
             nonce = (0, Utils_1.randomString)();

package/dist/Pay/Validator.d.ts

@@ -10,7 +10,7 @@ declare class Validator implements ValidatorInterface {
     static HEADER_SERIAL: string;
     static HEADER_SIGNATURE: string;
     constructor(merchant: MerchantInterface);
-    validate(request: MessageInterface): boolean;
+    validate(request: MessageInterface): Promise<boolean>;
     validateV2(message: Message): boolean;
 }
 export = Validator;

package/dist/Pay/Validator.js

@@ -1,4 +1,13 @@
 'use strict';
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -10,35 +19,37 @@ class Validator {
         this.merchant = merchant;
     }
     validate(request) {
-        [
-            Validator.HEADER_TIMESTAMP,
-            Validator.HEADER_NONCE,
-            Validator.HEADER_SERIAL,
-            Validator.HEADER_SIGNATURE,
-        ].forEach(key => {
-            if (!request.hasHeader(key)) {
-                throw new Error(`Missing Header: ${key}`);
+        return __awaiter(this, void 0, void 0, function* () {
+            [
+                Validator.HEADER_TIMESTAMP,
+                Validator.HEADER_NONCE,
+                Validator.HEADER_SERIAL,
+                Validator.HEADER_SIGNATURE,
+            ].forEach(key => {
+                if (!request.hasHeader(key)) {
+                    throw new Error(`Missing Header: ${key}`);
+                }
+            });
+            let timestamp = request.getHeader(Validator.HEADER_TIMESTAMP) || '';
+            let nonce = request.getHeader(Validator.HEADER_NONCE) || '';
+            let serial = request.getHeader(Validator.HEADER_SERIAL) || '';
+            let signature = request.getHeader(Validator.HEADER_SIGNATURE) || '';
+            let body = request.getBody().toString();
+            let message = `${timestamp}\n${nonce}\n${body}\n`;
+            if ((0, Utils_1.getTimestamp)() - parseInt(timestamp) > Validator.MAX_ALLOWED_CLOCK_OFFSET) {
+                throw new Error('Clock Offset Exceeded');
+            }
+            let publicKey = yield this.merchant.getPlatformCert(serial);
+            if (!publicKey) {
+                throw new Error(`No platform certs found for serial: ${serial}, please download from wechat pay and set it in merchant config with key \`platform_certs\`.`);
             }
+            let rsa = new RSA_1.default;
+            rsa.setPublicKey(publicKey.getValue());
+            if (false === rsa.verify(signature, message)) {
+                throw new Error('Invalid Signature');
+            }
+            return true;
         });
-        let timestamp = request.getHeader(Validator.HEADER_TIMESTAMP) || '';
-        let nonce = request.getHeader(Validator.HEADER_NONCE) || '';
-        let serial = request.getHeader(Validator.HEADER_SERIAL) || '';
-        let signature = request.getHeader(Validator.HEADER_SIGNATURE) || '';
-        let body = request.getBody().toString();
-        let message = `${timestamp}\n${nonce}\n${body}\n`;
-        if ((0, Utils_1.getTimestamp)() - parseInt(timestamp) > Validator.MAX_ALLOWED_CLOCK_OFFSET) {
-            throw new Error('Clock Offset Exceeded');
-        }
-        let publicKey = this.merchant.getPlatformCert(serial);
-        if (!publicKey) {
-            throw new Error(`No platform certs found for serial: ${serial}, please download from wechat pay and set it in merchant config with key \`platform_certs\`.`);
-        }
-        let rsa = new RSA_1.default;
-        rsa.setPublicKey(publicKey.getValue());
-        if (false === rsa.verify(signature, message)) {
-            throw new Error('Invalid Signature');
-        }
-        return true;
     }
     validateV2(message) {
         let messageSign = (message.get('sign') + '' || '').toUpperCase();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "node-easywechat",
-  "version": "3.5.10",
+  "version": "3.5.11",
   "description": "EasyWechat SDK for Node.js (NOT OFFICIAL)",
   "main": "dist/index.js",
   "scripts": {