web_paymsg.go 48 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491
  1. package msg
  2. import (
  3. "bytes"
  4. "crypto"
  5. "crypto/hmac"
  6. "crypto/md5"
  7. "crypto/rsa"
  8. "crypto/sha1"
  9. "crypto/x509"
  10. "database/sql"
  11. "encoding/base64"
  12. "encoding/hex"
  13. "encoding/json"
  14. "encoding/pem"
  15. "encoding/xml"
  16. "fmt"
  17. "io"
  18. "math/big"
  19. "net/http"
  20. "net/url"
  21. "rocommon/service"
  22. "rocommon/socket/mysql"
  23. "rocommon/util"
  24. "roserver/baseserver/model"
  25. gmweb "roserver/gmweb/model"
  26. selfmodel "roserver/gmweb/model"
  27. "roserver/serverproto"
  28. "sort"
  29. "strconv"
  30. "strings"
  31. "time"
  32. "github.com/gin-gonic/gin"
  33. )
  34. // https://blog.csdn.net/chunyouhai5703/article/details/100978656?utm_medium=distribute.pc_relevant.none-task-blog-title-1&spm=1001.2101.3001.4242
  35. type QuickPayNotify struct {
  36. XMLName xml.Name `xml:"quicksdk_message"`
  37. Message QuickTBData `xml:"message"`
  38. }
  39. type QuickTBData struct {
  40. IsTest bool `xml:"is_test"`
  41. Channel string `xml:"channel"`
  42. ChannelUid string `xml:"channel_uid"`
  43. GameOrder string `xml:"game_order"`
  44. PayTime string `xml:"pay_time"`
  45. Amount float32 `xml:"amount"`
  46. Status int32 `xml:"status"`
  47. ExtrasParams string `xml:"extras_params"`
  48. }
  49. /*
  50. <?xml version="1.0" encoding="UTF-8" standalone="no">
  51. <quicksdk_message>
  52. <message>
  53. <is_test>0</is_test>
  54. <channel>8888</channel>
  55. <channel_uid>231845</channel_uid>
  56. <game_order>123456789</game_order>
  57. <order_no>12520160612114220441168433</order_no>
  58. <pay_time>2016-06-12 11:42:20</pay_time>
  59. <amount>1.00</amount>
  60. <status>0</status>
  61. <extras_params>{1}_{2}</extras_params>
  62. </message>
  63. </quicksdk_message>
  64. */
  65. func WebPayQuickNotify(c *gin.Context) {
  66. //ntData := c.PostForm("nt_data")
  67. //sign := c.PostForm("sign")
  68. //md5Sign := c.PostForm("md5Sign")
  69. //
  70. //data := ntData + sign + service.GetServiceConfig().SDKConfig.QuickMd5key
  71. //tmpSign := md5.Sum([]byte(data))
  72. //md5Str := fmt.Sprintf("%x", tmpSign)
  73. //util.DebugF("WebPayQuickNotify ntData=%v sign=%v md5sign=%v tmpsign=%v", ntData, sign, md5Sign, md5Str)
  74. //if md5Str == md5Sign {
  75. // util.InfoF("WebPayQuickNotify ok")
  76. //} else {
  77. // util.ErrorF("WebPayQuickNotify sign invalid!!!")
  78. // c.JSON(http.StatusOK, "FAILED")
  79. // return
  80. //}
  81. //
  82. ////decode nt_data
  83. //tmpNtDataList := strings.Split(ntData, "@")
  84. //tmpNtData := make([]byte, len(tmpNtDataList))
  85. //tmpKeyData := []byte(service.GetServiceConfig().SDKConfig.QuickCallbackKey)
  86. //for idx := 1; idx < len(tmpNtDataList); idx++ {
  87. // tmpVal, _ := strconv.Atoi(tmpNtDataList[idx])
  88. // tmpNtData[idx] = (byte)(tmpVal - (int)(0xff&tmpKeyData[(idx-1)%len(tmpKeyData)]))
  89. //}
  90. ////字符串最前面会有一个空格
  91. //if string(tmpNtData[0]) == "\u0000" {
  92. // tmpNtData = append(tmpNtData[:0], tmpNtData[1:]...)
  93. //}
  94. //util.InfoF("WebPayQuickNotify ntdata=%v", string(tmpNtData))
  95. //
  96. //tmpSt := &QuickPayNotify{}
  97. //err := xml.Unmarshal(tmpNtData, tmpSt)
  98. //if err != nil {
  99. // util.ErrorF("WebPayQuickNotify xml decode err=%v", err)
  100. // c.JSON(http.StatusOK, "FAILED")
  101. // return
  102. //}
  103. //
  104. //ntfData := &WebNotifyData{}
  105. //ntfData.CpOrderId = tmpSt.Message.GameOrder
  106. //ntfData.SdkOrderId = ""
  107. //ntfData.PayMethod = ""
  108. //ntfData.PayCurrency = ""
  109. //ntfData.PayTime = uint64(util.GetTimeSeconds())
  110. //ntfData.PayChannel = ""
  111. //webPayNotify(ntfData, tmpSt.Message.Amount, c)
  112. //c.JSON(http.StatusOK, "SUCCESS")
  113. game_order := c.PostForm("game_order") //游戏订单号
  114. order_no := c.PostForm("order_no") //SDK订单ID
  115. amount := c.PostForm("amount") //充值金额
  116. PayChannel := c.PostForm("channel") //充值渠道
  117. serverId := c.PostForm("server_id") //充值服ID
  118. util.DebugF("收到充值订单:GameOrder=%v, SdkOfderId=%v, PauAmount=%v, PayChannel=%v, serverId=%v", game_order, order_no, amount, PayChannel, serverId)
  119. checkPayAmount, _ := model.Str2Float32(amount)
  120. ntfData := &WebNotifyData{}
  121. ntfData.CpOrderId = game_order
  122. ntfData.SdkOrderId = order_no
  123. ntfData.PayMethod = ""
  124. ntfData.PayCurrency = ""
  125. ntfData.PayTime = uint64(util.GetTimeSeconds())
  126. ntfData.PayChannel = PayChannel
  127. retState := webPayNotify(ntfData, checkPayAmount, c)
  128. //c.JSON(http.StatusOK, `success`)
  129. c.Data(http.StatusOK, "text/plain; charset=utf-8", []byte(retState))
  130. }
  131. func getMd5Sign(callbackKey string, params map[string]string) string {
  132. // 删除参数中的 sign 字段
  133. delete(params, "sign")
  134. // 按参数名进行升序排序
  135. var keys []string
  136. for key := range params {
  137. keys = append(keys, key)
  138. }
  139. sort.Strings(keys)
  140. // 拼接参数和值
  141. var signKey strings.Builder
  142. for _, key := range keys {
  143. signKey.WriteString(key)
  144. signKey.WriteString("=")
  145. signKey.WriteString(params[key])
  146. signKey.WriteString("&")
  147. }
  148. // 添加回调密钥
  149. signKey.WriteString(callbackKey)
  150. // 计算 MD5
  151. hash := md5.Sum([]byte(signKey.String()))
  152. return hex.EncodeToString(hash[:])
  153. }
  154. func getMd5SignXiaoqi(params map[string]string) string {
  155. // 删除参数中的 sign 字段
  156. delete(params, "sign_data")
  157. // 按参数名进行升序排序
  158. var keys []string
  159. for key := range params {
  160. keys = append(keys, key)
  161. }
  162. sort.Strings(keys)
  163. // 拼接参数和值
  164. var signKey strings.Builder
  165. for _, key := range keys {
  166. signKey.WriteString(key)
  167. signKey.WriteString("=")
  168. signKey.WriteString(params[key])
  169. signKey.WriteString("&")
  170. }
  171. return signKey.String()
  172. }
  173. func getMd5RuSign(callbackKey string, params map[string]string) string {
  174. // 删除参数中的 sign 字段
  175. delete(params, "sign")
  176. // 按参数名进行升序排序
  177. var keys []string
  178. for key := range params {
  179. keys = append(keys, key)
  180. }
  181. sort.Strings(keys)
  182. // 拼接参数和值
  183. var signKey strings.Builder
  184. for i, key := range keys {
  185. signKey.WriteString(key)
  186. signKey.WriteString("=")
  187. signKey.WriteString(params[key])
  188. if i != len(keys)-1 {
  189. signKey.WriteString("&")
  190. }
  191. }
  192. // 添加回调密钥
  193. signKey.WriteString(callbackKey)
  194. // 计算 MD5
  195. hash := md5.Sum([]byte(signKey.String()))
  196. return hex.EncodeToString(hash[:])
  197. }
  198. func getMd5DnSign(callbackKey string, username, order_id, server, amount, extra, sandbox, timestamp string) string {
  199. // 拼接参数和值
  200. var signKey strings.Builder
  201. signKey.WriteString(username)
  202. signKey.WriteString(order_id)
  203. signKey.WriteString(server)
  204. signKey.WriteString(amount)
  205. signKey.WriteString(extra)
  206. signKey.WriteString(sandbox)
  207. signKey.WriteString(timestamp)
  208. // 添加回调密钥
  209. signKey.WriteString(callbackKey)
  210. // 计算 MD5
  211. hash := md5.Sum([]byte(signKey.String()))
  212. return hex.EncodeToString(hash[:])
  213. }
  214. type Extras struct {
  215. ServerId int `json:"serverId"`
  216. Platform string `json:"platform"`
  217. SubPlatform string `json:"subPlatform"`
  218. Bima string `json:"bima"`
  219. CpOrderId string `json:"cpOrderId"`
  220. }
  221. type ExtrasRu struct {
  222. AccountId string `json:"accountId"`
  223. Money string `json:"money"`
  224. Addtime string `json:"addtime"`
  225. OrderId string `json:"orderId"`
  226. CustomorderId string `json:"customorderId"`
  227. Paytype string `json:"paytype"`
  228. Success string `json:"success"`
  229. }
  230. type ExtrasDn struct {
  231. OrderNo string `json:"orderNo"`
  232. Uid string `json:"uid"`
  233. Platform string `json:"platform"`
  234. GoodsId int32 `json:"goodsId"`
  235. GoodsType int32 `json:"goodsType"`
  236. }
  237. type ExtrasDnIos struct {
  238. OrderNo string `json:"biwb"`
  239. Uid string `json:"uid"`
  240. Platform string `json:"bivz"`
  241. GoodsId int32 `json:"goodsId"`
  242. GoodsType int32 `json:"goodsType"`
  243. }
  244. // 海外版quick回调
  245. func WebPayHwQuickNotify(c *gin.Context) {
  246. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  247. params := make(map[string]string)
  248. if err := c.Request.ParseForm(); err != nil {
  249. util.InfoF("parseForm falied")
  250. c.String(http.StatusOK, "FAILED")
  251. return
  252. }
  253. util.DebugF("支付回调信息2:%v", c.Request.PostForm)
  254. for key, value := range c.Request.PostForm {
  255. params[key] = value[0] // 假设每个参数只有一个值
  256. }
  257. sign := params["sign"]
  258. info2 := params["extrasParams"]
  259. info := strings.ReplaceAll(info2, "\\", "")
  260. var extras Extras
  261. err := json.Unmarshal([]byte(info), &extras)
  262. if err != nil {
  263. util.ErrorF("支付回调参数解析错误:%v", err)
  264. }
  265. util.InfoF("支付签名认证:%v params:%v", extras, params)
  266. if extras.Platform == "SDKYOUYI_IOS" || extras.Bima == "SDKYOUYI_IOS" {
  267. util.ErrorF("ios 支付签名认证:%v", info)
  268. newSign := getMd5Sign("58696021497436514481898335416221", params)
  269. if newSign != sign {
  270. util.ErrorF("签名错误%v", sign)
  271. c.String(http.StatusOK, "FAILED")
  272. return
  273. }
  274. } else if extras.Platform == "SDKYOUYI_IOS_MyCard" || extras.Platform == "SDKHwQuick_MyCard" {
  275. util.ErrorF("mycard 支付签名认证:%v", info)
  276. newSign := getMd5Sign("03422134397322604272901806704074", params)
  277. if newSign != sign {
  278. util.ErrorF("签名错误%v", sign)
  279. c.String(http.StatusOK, "FAILED")
  280. return
  281. }
  282. } else {
  283. util.ErrorF("android 支付签名认证:%v", info)
  284. newSign := getMd5Sign("47409863970932353623015025039223", params)
  285. if newSign != sign {
  286. util.ErrorF("签名错误%v", sign)
  287. c.String(http.StatusOK, "FAILED")
  288. return
  289. }
  290. }
  291. uid := c.PostForm("uid")
  292. cpOrderId := c.PostForm("cpOrderNo")
  293. if cpOrderId == "" {
  294. if extras.CpOrderId != "" {
  295. cpOrderId = extras.CpOrderId
  296. } else {
  297. util.ErrorF("mycard pay cporderId is nil extras:%v", extras)
  298. }
  299. }
  300. orderNo := c.PostForm("orderNo")
  301. payAmount := c.PostForm("payAmount")
  302. payCurrency := c.PostForm("payCurrency")
  303. payType := c.PostForm("payType")
  304. usdAmount := c.PostForm("usdAmount")
  305. ntfData := &WebNotifyData{}
  306. ntfData.CpOrderId = cpOrderId
  307. ntfData.SdkOrderId = orderNo
  308. ntfData.PayMethod = payType
  309. ntfData.PayCurrency = payCurrency
  310. ntfData.PayTime = uint64(util.GetTimeSeconds())
  311. ntfData.PayChannel = "qk_hw"
  312. util.WarnF("paycallback uid=%v cpOrderNo=%v orderNo=%v payAmount=%v payCurrency=%v payType=%v usdAmount=%v",
  313. uid, cpOrderId, orderNo, payAmount, payCurrency, payType, usdAmount)
  314. f64, err := strconv.ParseFloat(usdAmount, 32)
  315. if err != nil {
  316. fmt.Println("Error:", err)
  317. return
  318. }
  319. webPayNotify(ntfData, float32(f64), c)
  320. c.String(http.StatusOK, "SUCCESS")
  321. }
  322. const xiaoqiIoskey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdP+3oq+95l5CvsqmZvzgTdueiIWur64OePQkKeNUaKTAR3ar4NU9laEvgI+pkN6q+7BoPpprTB/aBqoU5eLNFnPt/6T0Dq5245e+HGij4qUYiORsU12O+pex5jxWg/knnW1g5F8SrLtAr9lwJbOc4lNPFKi+U+1fdayC64qxmjQIDAQAB"
  323. const xiaoqiAndroidkey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCfYd3FqSaWqCpWLSktBSSgAelt0F6T+tO4C25YKR/6X/sPacDBbX662/0fW+H+YbXigHWFB/yangkhiZTpD/VmiOo5lISX6L0/m+13ti9b8jzTZcfVngfLsP+Ztbk81N1Jk0gWF4bndZxREJ3IxcEDHnIrwXgLGA2GJ89kdgudwIDAQAB"
  324. // 海外版xiaoqi回调
  325. func WebPayHwXiaoQiNotify(c *gin.Context) {
  326. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  327. params := make(map[string]string)
  328. if err := c.Request.ParseForm(); err != nil {
  329. util.InfoF("parseForm falied")
  330. c.String(http.StatusOK, "FAILED")
  331. return
  332. }
  333. util.DebugF("支付回调信息2:%v", c.Request.PostForm)
  334. for key, value := range c.Request.PostForm {
  335. params[key] = value[0] // 假设每个参数只有一个值
  336. }
  337. info2 := params["extends_info_data"]
  338. info := strings.ReplaceAll(info2, "\\", "")
  339. var extras Extras
  340. err := json.Unmarshal([]byte(info), &extras)
  341. if err != nil {
  342. util.ErrorF("支付回调参数解析错误:%v", err)
  343. }
  344. var myData map[string]string
  345. var err3 error
  346. util.InfoF("xiaoqi 透传参数:%v params:%v", extras, params)
  347. if extras.Platform == "IOS_X7" || extras.Bima == "IOS_X7" {
  348. util.ErrorF("xiaoqi ios 支付签名认证:%v", info)
  349. b, err2 := VerifySignature(params, xiaoqiIoskey)
  350. if err2 != nil || !b {
  351. util.ErrorF("签名错误%v", err2)
  352. c.String(http.StatusOK, "FAILED")
  353. return
  354. }
  355. myData, err3 = DecryptDataToMap(params["encryp_data"], xiaoqiIoskey)
  356. if err3 != nil {
  357. util.ErrorF("解析encryp_data error:%v", err3)
  358. c.String(http.StatusOK, "FAILED")
  359. return
  360. }
  361. } else {
  362. util.ErrorF("android 支付签名认证:%v", info)
  363. b, err2 := VerifySignature(params, xiaoqiAndroidkey)
  364. if err2 != nil || !b {
  365. util.ErrorF("签名错误%v", err2)
  366. c.String(http.StatusOK, "FAILED")
  367. return
  368. }
  369. myData, err3 = DecryptDataToMap(params["encryp_data"], xiaoqiAndroidkey)
  370. if err3 != nil {
  371. util.ErrorF("解析encryp_data error:%v", err3)
  372. c.String(http.StatusOK, "FAILED")
  373. return
  374. }
  375. }
  376. uid := myData["uid"]
  377. cpOrderId := myData["game_orderid"]
  378. if cpOrderId == "" {
  379. if extras.CpOrderId != "" {
  380. cpOrderId = extras.CpOrderId
  381. } else {
  382. util.ErrorF("mycard pay cporderId is nil extras:%v", extras)
  383. }
  384. }
  385. orderNo := myData["xiao7_goid"]
  386. payCurrency := myData["game_currency"]
  387. payType := myData["game_currency"]
  388. usdAmount := myData["pay_price"]
  389. ntfData := &WebNotifyData{}
  390. ntfData.CpOrderId = cpOrderId
  391. ntfData.SdkOrderId = orderNo
  392. ntfData.PayMethod = payType
  393. ntfData.PayCurrency = payCurrency
  394. ntfData.PayTime = uint64(util.GetTimeSeconds())
  395. ntfData.PayChannel = "xiaoqi"
  396. util.WarnF("paycallback uid=%v cpOrderNo=%v orderNo=%v payAmount=%v payCurrency=%v payType=%v usdAmount=%v",
  397. uid, cpOrderId, orderNo, usdAmount, payCurrency, payType, usdAmount)
  398. f64, err := strconv.ParseFloat(usdAmount, 32)
  399. if err != nil {
  400. fmt.Println("Error:", err)
  401. return
  402. }
  403. webPayNotify(ntfData, float32(f64), c)
  404. c.String(http.StatusOK, "success")
  405. }
  406. // 使用公钥解密(对应 PHP 的 openssl_public_decrypt)
  407. func DecryptDataToMap(encrypDataBase64 string, publicKeyStr string) (map[string]string, error) {
  408. // 1. Base64 解码得到 raw_encryp_data
  409. rawEncrypData, err := decodeBase64Compat(encrypDataBase64)
  410. if err != nil {
  411. return nil, fmt.Errorf("base64解码失败: %v", err)
  412. }
  413. // 2. 使用 RSA 公钥解密
  414. decryptedData, err := rsaPublicDecrypt(rawEncrypData, publicKeyStr)
  415. if err != nil {
  416. return nil, fmt.Errorf("RSA解密失败: %v", err)
  417. }
  418. // 3. 解析查询字符串为 map
  419. return parseQueryStringToMap(string(decryptedData)), nil
  420. }
  421. func rsaPublicDecrypt(ciphertext []byte, publicKeyStr string) ([]byte, error) {
  422. // 解析公钥
  423. publicKey, err := parsePublicKey(publicKeyStr)
  424. if err != nil {
  425. return nil, fmt.Errorf("解析公钥失败: %v", err)
  426. }
  427. keySize := (publicKey.N.BitLen() + 7) / 8
  428. if keySize == 0 {
  429. return nil, fmt.Errorf("无效RSA公钥")
  430. }
  431. if len(ciphertext)%keySize != 0 {
  432. return nil, fmt.Errorf("密文长度非法: len=%d keySize=%d", len(ciphertext), keySize)
  433. }
  434. // 兼容长消息分段密文(每段一个 RSA block)。
  435. plainData := make([]byte, 0, len(ciphertext))
  436. e := big.NewInt(int64(publicKey.E))
  437. for offset := 0; offset < len(ciphertext); offset += keySize {
  438. block := ciphertext[offset : offset+keySize]
  439. c := new(big.Int).SetBytes(block)
  440. if c.Cmp(publicKey.N) > 0 {
  441. return nil, fmt.Errorf("密文块超出模数范围")
  442. }
  443. m := new(big.Int).Exp(c, e, publicKey.N)
  444. em := leftPadToSize(m.Bytes(), keySize)
  445. plainBlock, err := unpadPKCS1v15ForPublicDecrypt(em)
  446. if err != nil {
  447. return nil, fmt.Errorf("块解密失败: %v", err)
  448. }
  449. plainData = append(plainData, plainBlock...)
  450. }
  451. return plainData, nil
  452. }
  453. func decodeBase64Compat(raw string) ([]byte, error) {
  454. // form-urlencoded 场景下,+ 可能被自动转为空格。
  455. s := strings.TrimSpace(strings.ReplaceAll(raw, " ", "+"))
  456. if s == "" {
  457. return nil, fmt.Errorf("空字符串")
  458. }
  459. encodings := []*base64.Encoding{
  460. base64.StdEncoding,
  461. base64.RawStdEncoding,
  462. base64.URLEncoding,
  463. base64.RawURLEncoding,
  464. }
  465. var lastErr error
  466. for _, enc := range encodings {
  467. data, err := enc.DecodeString(s)
  468. if err == nil {
  469. return data, nil
  470. }
  471. lastErr = err
  472. }
  473. return nil, lastErr
  474. }
  475. func leftPadToSize(src []byte, size int) []byte {
  476. if len(src) >= size {
  477. return src
  478. }
  479. dst := make([]byte, size)
  480. copy(dst[size-len(src):], src)
  481. return dst
  482. }
  483. // unpadPKCS1v15ForPublicDecrypt 兼容 openssl_public_decrypt 的 PKCS#1 v1.5 去填充。
  484. func unpadPKCS1v15ForPublicDecrypt(em []byte) ([]byte, error) {
  485. if len(em) < 11 {
  486. return nil, fmt.Errorf("EM 长度过短")
  487. }
  488. if em[0] != 0x00 {
  489. return nil, fmt.Errorf("EM 格式错误: 缺少前导0x00")
  490. }
  491. switch em[1] {
  492. case 0x01:
  493. i := 2
  494. for i < len(em) && em[i] == 0xFF {
  495. i++
  496. }
  497. if i < 10 {
  498. return nil, fmt.Errorf("PKCS#1 type1 填充长度不足")
  499. }
  500. if i >= len(em) || em[i] != 0x00 {
  501. return nil, fmt.Errorf("PKCS#1 type1 分隔符缺失")
  502. }
  503. return em[i+1:], nil
  504. case 0x02:
  505. // 某些渠道可能走普通公钥加密块,这里也做兼容。
  506. i := 2
  507. for i < len(em) && em[i] != 0x00 {
  508. i++
  509. }
  510. if i < 10 {
  511. return nil, fmt.Errorf("PKCS#1 type2 填充长度不足")
  512. }
  513. if i >= len(em) || em[i] != 0x00 {
  514. return nil, fmt.Errorf("PKCS#1 type2 分隔符缺失")
  515. }
  516. return em[i+1:], nil
  517. default:
  518. return nil, fmt.Errorf("不支持的填充类型: 0x%02x", em[1])
  519. }
  520. }
  521. // 解析查询字符串为 map
  522. func parseQueryStringToMap(queryStr string) map[string]string {
  523. result := make(map[string]string)
  524. // 按 & 分割
  525. pairs := strings.Split(queryStr, "&")
  526. for _, pair := range pairs {
  527. if pair == "" {
  528. continue
  529. }
  530. // 按 = 分割
  531. kv := strings.SplitN(pair, "=", 2)
  532. if len(kv) == 2 {
  533. // URL decode 值(如果需要)
  534. value, err := url.QueryUnescape(kv[1])
  535. if err != nil {
  536. value = kv[1]
  537. }
  538. result[kv[0]] = value
  539. } else if len(kv) == 1 {
  540. result[kv[0]] = ""
  541. }
  542. }
  543. return result
  544. }
  545. func VerifySignature(params map[string]string, publicKeyStr string) (bool, error) {
  546. // 1. 获取并解码 sign_data 参数
  547. signDataBase64, ok := params["sign_data"]
  548. if !ok {
  549. return false, fmt.Errorf("缺少 sign_data 参数")
  550. }
  551. // base64_decode 得到 raw_sign_data
  552. rawSignData, err := decodeBase64Compat(signDataBase64)
  553. if err != nil {
  554. return false, fmt.Errorf("base64解码失败: %v", err)
  555. }
  556. // 2. 构建 source_str(排除 sign_data,其他参数按字典序排序)
  557. sourceStr := buildSourceString(params)
  558. // 3. 验证签名
  559. err = verifyWithPublicKey(sourceStr, rawSignData, publicKeyStr)
  560. if err != nil {
  561. return false, err
  562. }
  563. return true, nil
  564. }
  565. // buildSourceString 构建查询字符串(排除 sign_data,按字典序排序)
  566. func buildSourceString(params map[string]string) string {
  567. // 收集除 sign_data 外的所有键
  568. keys := make([]string, 0)
  569. for key := range params {
  570. if key != "sign_data" {
  571. keys = append(keys, key)
  572. }
  573. }
  574. // 字典序排序
  575. sort.Strings(keys)
  576. // 拼接成 key=value&key=value 格式
  577. var pairs []string
  578. for _, key := range keys {
  579. value := params[key]
  580. pairs = append(pairs, fmt.Sprintf("%s=%s", key, value))
  581. }
  582. return strings.Join(pairs, "&")
  583. }
  584. // verifyWithPublicKey 使用公钥验证签名
  585. func verifyWithPublicKey(data string, signature []byte, publicKeyStr string) error {
  586. // 1. 解析公钥(支持多种格式)
  587. publicKey, err := parsePublicKey(publicKeyStr)
  588. if err != nil {
  589. return fmt.Errorf("解析公钥失败: %v", err)
  590. }
  591. // 2. 计算 SHA1 哈希
  592. hash := sha1.Sum([]byte(data))
  593. // 3. 验证签名
  594. err = rsa.VerifyPKCS1v15(publicKey, crypto.SHA1, hash[:], signature)
  595. if err != nil {
  596. return fmt.Errorf("签名验证失败: %v", err)
  597. }
  598. return nil
  599. }
  600. // parsePublicKey 解析 PEM 格式的公钥
  601. func parsePublicKey(publicKeyStr string) (*rsa.PublicKey, error) {
  602. // 去除空白字符
  603. publicKeyStr = strings.TrimSpace(publicKeyStr)
  604. // 如果公钥字符串不包含 PEM 头,尝试添加
  605. if !strings.Contains(publicKeyStr, "-----BEGIN") {
  606. publicKeyStr = "-----BEGIN PUBLIC KEY-----\n" +
  607. publicKeyStr +
  608. "\n-----END PUBLIC KEY-----"
  609. }
  610. // 解码 PEM
  611. block, _ := pem.Decode([]byte(publicKeyStr))
  612. if block == nil {
  613. return nil, fmt.Errorf("PEM解码失败")
  614. }
  615. // 解析公钥
  616. pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
  617. if err != nil {
  618. return nil, err
  619. }
  620. publicKey, ok := pubInterface.(*rsa.PublicKey)
  621. if !ok {
  622. return nil, fmt.Errorf("不是RSA公钥")
  623. }
  624. return publicKey, nil
  625. }
  626. // parsePublicKey 解析 PEM 格式的公钥
  627. //func parsePublicKey(publicKeyStr string) (*rsa.PublicKey, error) {
  628. // // 去除可能的空白字符
  629. // publicKeyStr = strings.TrimSpace(publicKeyStr)
  630. //
  631. // // 如果公钥字符串不包含 PEM 头,尝试添加
  632. // if !strings.Contains(publicKeyStr, "-----BEGIN") {
  633. // publicKeyStr = "-----BEGIN PUBLIC KEY-----\n" +
  634. // publicKeyStr +
  635. // "\n-----END PUBLIC KEY-----"
  636. // }
  637. //
  638. // // 解码 PEM
  639. // block, _ := pem.Decode([]byte(publicKeyStr))
  640. // if block == nil {
  641. // return nil, fmt.Errorf("PEM 解码失败")
  642. // }
  643. //
  644. // // 解析公钥
  645. // pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
  646. // if err != nil {
  647. // return nil, err
  648. // }
  649. //
  650. // publicKey, ok := pubInterface.(*rsa.PublicKey)
  651. // if !ok {
  652. // return nil, fmt.Errorf("不是 RSA 公钥")
  653. // }
  654. //
  655. // return publicKey, nil
  656. //}
  657. func WebPayHwRuNotify(c *gin.Context) {
  658. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  659. params := make(map[string]string)
  660. if err := c.Request.ParseForm(); err != nil {
  661. util.InfoF("parseForm falied")
  662. c.String(http.StatusOK, "FAILED")
  663. return
  664. }
  665. util.DebugF("支付回调信息2:%v", c.Request.PostForm)
  666. for key, value := range c.Request.PostForm {
  667. params[key] = value[0] // 假设每个参数只有一个值
  668. }
  669. sign := params["sign"]
  670. info2 := params["custominfo"]
  671. info := strings.ReplaceAll(info2, "\\", "")
  672. var extras Extras
  673. err := json.Unmarshal([]byte(info), &extras)
  674. if err != nil {
  675. util.ErrorF("支付回调参数解析错误:%v", err)
  676. }
  677. util.InfoF("支付签名认证:%v params:%v", extras, params)
  678. if extras.Platform == "ZT_IOS" || extras.Bima == "ZT_IOS" {
  679. util.ErrorF("ios 支付签名认证:%v", info)
  680. newSign := getMd5RuSign("80c648e7df8aaa72", params)
  681. if newSign != sign {
  682. util.ErrorF("签名错误%v", sign)
  683. c.String(http.StatusOK, "FAILED")
  684. return
  685. }
  686. } else if extras.Platform == "SDKYOUYI_IOS_MyCard" || extras.Platform == "SDKHwQuick_MyCard" {
  687. util.ErrorF("mycard 支付签名认证:%v", info)
  688. newSign := getMd5Sign("03422134397322604272901806704074", params)
  689. if newSign != sign {
  690. util.ErrorF("签名错误%v", sign)
  691. c.String(http.StatusOK, "FAILED")
  692. return
  693. }
  694. } else {
  695. util.ErrorF("android 支付签名认证:%v", info)
  696. newSign := getMd5RuSign("80c648e7df8aaa72", params)
  697. if newSign != sign {
  698. util.ErrorF("签名错误%v", sign)
  699. c.String(http.StatusOK, "FAILED")
  700. return
  701. }
  702. }
  703. uid := c.PostForm("account")
  704. cpOrderId := c.PostForm("customorderid")
  705. orderNo := c.PostForm("orderid")
  706. payAmount := c.PostForm("money")
  707. payCurrency := c.PostForm("currency")
  708. payType := c.PostForm("paytype")
  709. usdAmount := c.PostForm("doller")
  710. ntfData := &WebNotifyData{}
  711. ntfData.CpOrderId = cpOrderId
  712. ntfData.SdkOrderId = orderNo
  713. ntfData.PayMethod = payType
  714. ntfData.PayCurrency = payCurrency
  715. ntfData.PayTime = uint64(util.GetTimeSeconds())
  716. ntfData.PayChannel = "qk_hw"
  717. util.WarnF("paycallback uid=%v cpOrderNo=%v orderNo=%v payAmount=%v payCurrency=%v payType=%v usdAmount=%v",
  718. uid, cpOrderId, orderNo, payAmount, payCurrency, payType, usdAmount)
  719. f64, err := strconv.ParseFloat(payAmount, 32)
  720. if err != nil {
  721. fmt.Println("Error:", err)
  722. return
  723. }
  724. webPayNotify(ntfData, float32(f64), c)
  725. //// 简单粗暴,直接给其他服转发,不需要确认是哪个服
  726. //payPostRouter := service.GetServiceConfig().SDKConfig.PayPostRouter
  727. //util.WarnF("paycallback payPostRouter:%v\n", payPostRouter)
  728. //// 组装转发body
  729. //params["sign"] = sign
  730. //var routerStr strings.Builder
  731. //for key, value := range params {
  732. // routerStr.WriteString(key)
  733. // routerStr.WriteString("=")
  734. // routerStr.WriteString(value)
  735. // routerStr.WriteString("&")
  736. //}
  737. //routerString := routerStr.String()
  738. //util.WarnF("paycallback routerString:%v\n", routerString)
  739. //go sendPosts(payPostRouter, routerString)
  740. c.String(http.StatusOK, "success")
  741. }
  742. func WebPayHwDn2Notify(c *gin.Context) {
  743. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  744. orderId := c.DefaultQuery("order_id", "")
  745. payAmount := c.DefaultQuery("amount", "")
  746. sign := c.DefaultQuery("sign", "")
  747. extra := c.DefaultQuery("extra", "")
  748. username := c.DefaultQuery("username", "")
  749. server := c.DefaultQuery("server", "")
  750. sandbox := c.DefaultQuery("sandbox", "")
  751. timestamp := c.DefaultQuery("timestamp", "")
  752. var extras ExtrasDn
  753. err := json.Unmarshal([]byte(extra), &extras)
  754. if err != nil {
  755. util.ErrorF("支付回调参数解析错误:%v", err)
  756. }
  757. //cpOrderId := extras.OrderNo
  758. util.ErrorF("支付回调信息东南亚2:orderId:%v,payAmount:%v,sign:%v,extra:%v,username:%v,server:%v,sandbox:%v,timestamp:%v", orderId, payAmount, sign, extra, username, server, sandbox, timestamp)
  759. if extras.Platform == "XUAN_YOU_Google_Android" {
  760. if sign != getMd5DnSign("e81c2bd2ffb7feb7f0df477dc02b0bbd", username, orderId, server, payAmount, extra, sandbox, timestamp) {
  761. c.JSON(http.StatusOK, gin.H{"status": 1, "msg": "sign error"})
  762. return
  763. }
  764. } else if extras.Platform == "XUAN_YOU_IOS" {
  765. if sign != getMd5DnSign("3f8e9fec0794443f76d3a27cd41e2711", username, orderId, server, payAmount, extra, sandbox, timestamp) {
  766. c.JSON(http.StatusOK, gin.H{"status": 1, "msg": "sign error"})
  767. return
  768. }
  769. } else {
  770. if sign != getMd5DnSign("cee1b45a9aa02a75f9d720d6b9e7b7d4", username, orderId, server, payAmount, extra, sandbox, timestamp) {
  771. c.JSON(http.StatusOK, gin.H{"status": 1, "msg": "sign error"})
  772. return
  773. }
  774. }
  775. cpOrderId := extras.OrderNo
  776. if cpOrderId != "" {
  777. //f64, err := strconv.ParseFloat(payAmount, 64)
  778. //if err != nil {
  779. // fmt.Println("Error:", err)
  780. // return
  781. //}
  782. util.WarnF("paycallbackDn2 uid=%v cpOrderNo=%v orderNo=%v payAmount=%v",
  783. extras.Uid, cpOrderId, orderId, payAmount)
  784. res := webPayNotifyDn(cpOrderId, payAmount, orderId)
  785. if res == "SUCCESS" {
  786. c.JSON(http.StatusOK, gin.H{"status": 0})
  787. } else {
  788. c.JSON(http.StatusOK, gin.H{"status": 1, "msg": "order already complete"})
  789. }
  790. } else { //走的网页支付流程游戏这边没有orderid,只发代金券礼包
  791. for _, v := range ResDnyPayInfo.GiftList {
  792. if v.Id == strconv.Itoa(int(extras.GoodsId)) {
  793. //发送对应奖励
  794. var bfInfo *WebBriefInfo
  795. service.GetMysql().Operate(func(rawClient interface{}) interface{} {
  796. wrapper := mysql.NewWrapper(rawClient.(*sql.DB))
  797. wrapper.Query("select uid,nick_name,base_level,create_date,last_login_date,ban_date,map_level,fight_power,active_code,open_id,serverid from role where open_id=?", username).Each(func(wrapper2 *mysql.Wrapper) bool {
  798. bfInfo = parseUserInfo(wrapper2)
  799. return true
  800. })
  801. if wrapper.Err != nil {
  802. util.ErrorF("uid=%v WebGmProcessUserGet err=%v", username, wrapper.Err)
  803. }
  804. return nil
  805. })
  806. if bfInfo == nil {
  807. util.ErrorF("uid=%v not found err=%v", username)
  808. c.JSON(http.StatusOK, gin.H{"status": 1, "msg": "not found user"})
  809. return
  810. }
  811. uidStr := bfInfo.Uid
  812. titleStr := "system award"
  813. contentStr := v.Desc
  814. rewardStr := v.Reward
  815. // list表示获取邮件列表
  816. // attach添加替换邮件
  817. // del删除延迟发送邮件
  818. //mailType := c.DefaultQuery("type", "")
  819. //uid
  820. var uidList []uint64
  821. uidList = append(uidList, uidStr)
  822. //reward
  823. var rewardList []*serverproto.KeyValueType
  824. rewardStrList := strings.Split(rewardStr, ",")
  825. for idx := 0; idx < len(rewardStrList); idx++ {
  826. key, val := model.Str2Res(rewardStrList[idx])
  827. if key > 0 && val > 0 {
  828. rewardList = append(rewardList, &serverproto.KeyValueType{Key: key, Value: val})
  829. }
  830. }
  831. util.ErrorF("东南亚网页支付:orderId:%v,payAmount:%v,sign:%v,extra:%v,username:%v,server:%v,sandbox:%v,timestamp:%v,award:%v", orderId, payAmount, sign, extra, username, server, sandbox, timestamp, rewardStr)
  832. gmweb.GetMailUpdateMag().AttachMail2Update(1, uidList, titleStr, contentStr, util.GetTimeMilliseconds(), rewardList)
  833. c.JSON(http.StatusOK, gin.H{"status": 0})
  834. }
  835. }
  836. }
  837. }
  838. func WebPayHwDnOpenServerNotify(c *gin.Context) {
  839. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  840. sidStr := c.DefaultQuery("sid", "")
  841. nameStr := c.DefaultQuery("name", "")
  842. timeStr := c.DefaultQuery("time", "") //2019-01-01 12:00:00
  843. gameIdStr := c.DefaultQuery("gameid", "") //2019-01-01 12:00:00
  844. signKeyStr := c.DefaultQuery("signkey", "") //2019-01-01 12:00:00
  845. if nameStr == "" || sidStr == "" || timeStr == "" || gameIdStr == "" {
  846. c.JSON(http.StatusOK, "param error:"+nameStr+sidStr+timeStr)
  847. return
  848. }
  849. reqUrl := "https://i.dze-game.com/game/center/sync_server"
  850. now := strconv.FormatInt(time.Now().Unix(), 10)
  851. // 准备表单数据
  852. formData := url.Values{}
  853. formData.Add("GAME_ID", gameIdStr)
  854. formData.Add("SID", sidStr)
  855. formData.Add("_SID", sidStr)
  856. formData.Add("NAME", nameStr)
  857. formData.Add("START_TIME", timeStr)
  858. formData.Add("sign", Md5Dn(gameIdStr, nameStr, sidStr, timeStr, sidStr, now, signKeyStr))
  859. formData.Add("timestamp", now)
  860. resp, err := http.Post(
  861. reqUrl,
  862. "application/x-www-form-urlencoded",
  863. strings.NewReader(formData.Encode()),
  864. )
  865. if err != nil {
  866. util.ErrorF("req error:%v", err)
  867. c.JSON(http.StatusOK, "req error:"+nameStr+sidStr+timeStr)
  868. return
  869. }
  870. defer resp.Body.Close()
  871. body, err := io.ReadAll(resp.Body)
  872. if err != nil {
  873. util.ErrorF("red body error:%v", err)
  874. c.JSON(http.StatusOK, "res error:"+nameStr+sidStr+timeStr)
  875. return
  876. }
  877. util.ErrorF("东南亚开服信息,sid:%v,name:%v,time:%v,response:%v", sidStr, nameStr, timeStr, string(body))
  878. c.JSON(http.StatusOK, gin.H{"status": 0})
  879. }
  880. func Md5Dn(gameId, name, sid, time, _sid, timestamp, signKey string) string {
  881. key := gameId + name + sid + time + _sid + timestamp + signKey
  882. hash := md5.Sum([]byte(key))
  883. return hex.EncodeToString(hash[:])
  884. }
  885. func WebPayHwDnNotify(c *gin.Context) {
  886. //util.DebugF("支付回调信息:%v", c.Request.PostForm)
  887. params := make(map[string]string)
  888. if err := c.Request.ParseForm(); err != nil {
  889. util.InfoF("parseForm falied")
  890. c.String(http.StatusOK, "FAILED")
  891. return
  892. }
  893. util.ErrorF("支付回调信息东南亚:%v", c.Request.PostForm)
  894. for key, value := range c.Request.PostForm {
  895. params[key] = value[0] // 假设每个参数只有一个值
  896. }
  897. cpOrderId := params["order_code"]
  898. payAmount := params["amount"]
  899. //f64, err := strconv.ParseFloat(payAmount, 32)
  900. //if err != nil {
  901. // fmt.Println("Error:", err)
  902. // return
  903. //}
  904. res := webPayNotifyDn(cpOrderId, payAmount, "")
  905. //// 简单粗暴,直接给其他服转发,不需要确认是哪个服
  906. //payPostRouter := service.GetServiceConfig().SDKConfig.PayPostRouter
  907. //util.WarnF("paycallback payPostRouter:%v\n", payPostRouter)
  908. //// 组装转发body
  909. //params["sign"] = sign
  910. //var routerStr strings.Builder
  911. //for key, value := range params {
  912. // routerStr.WriteString(key)
  913. // routerStr.WriteString("=")
  914. // routerStr.WriteString(value)
  915. // routerStr.WriteString("&")
  916. //}
  917. //routerString := routerStr.String()
  918. //util.WarnF("paycallback routerString:%v\n", routerString)
  919. //go sendPosts(payPostRouter, routerString)
  920. if res == "SUCCESS" {
  921. c.JSON(http.StatusOK, gin.H{"processingStatus": "completed"})
  922. } else {
  923. c.JSON(404, gin.H{"code": "ORDER_CODE_NOT_FOUND", "message": "order_code does not exist"})
  924. }
  925. }
  926. func sendPosts(urls []string, routerString string) {
  927. for i := 0; i < len(urls); i++ {
  928. sendPostToOtherServer(urls[i], []byte(routerString))
  929. }
  930. }
  931. // http://110.40.223.119:8002/pay/hwQucikFromS1GmWeb
  932. func WebPayHwQuickNotifyFromS1GmWeb(c *gin.Context) {
  933. params := make(map[string]string)
  934. if err := c.Request.ParseForm(); err != nil {
  935. util.InfoF("parseForm falied")
  936. c.String(http.StatusOK, "FAILED")
  937. return
  938. }
  939. for key, value := range c.Request.PostForm {
  940. params[key] = value[0] // 假设每个参数只有一个值
  941. }
  942. sign := params["sign"]
  943. newSign := getMd5Sign("03422134397322604272901806704074", params)
  944. util.ErrorF("sign:%v", sign)
  945. util.ErrorF("newSign:%v", newSign)
  946. util.ErrorF("params:%v", params)
  947. if newSign != sign {
  948. util.ErrorF("签名错误%v", sign)
  949. c.String(http.StatusOK, "FAILED")
  950. return
  951. }
  952. uid := c.PostForm("uid")
  953. cpOrderId := c.PostForm("cpOrderNo")
  954. orderNo := c.PostForm("orderNo")
  955. payAmount := c.PostForm("payAmount")
  956. payCurrency := c.PostForm("payCurrency")
  957. payType := c.PostForm("payType")
  958. usdAmount := c.PostForm("usdAmount")
  959. ntfData := &WebNotifyData{}
  960. ntfData.CpOrderId = cpOrderId
  961. ntfData.SdkOrderId = orderNo
  962. ntfData.PayMethod = payType
  963. ntfData.PayCurrency = payCurrency
  964. ntfData.PayTime = uint64(util.GetTimeSeconds())
  965. ntfData.PayChannel = "qk_hw"
  966. util.DebugF("uid=%v cpOrderNo=%v orderNo=%v payAmount=%v payCurrency=%v payType=%v usdAmount=%v",
  967. uid, cpOrderId, orderNo, payAmount, payCurrency, payType, usdAmount)
  968. f64, err := strconv.ParseFloat(usdAmount, 32)
  969. if err != nil {
  970. fmt.Println("Error:", err)
  971. return
  972. }
  973. webPayNotify(ntfData, float32(f64), c)
  974. c.JSON(http.StatusOK, "SUCCESS")
  975. }
  976. // sendPostToOtherServer 发送给其他服务器
  977. func sendPostToOtherServer(url string, body []byte) {
  978. // 创建请求
  979. req, err := http.NewRequest("POST", url, bytes.NewReader(body))
  980. if err != nil {
  981. util.ErrorF("r1 NewRequest:%v \n", err.Error())
  982. }
  983. // 设置Header
  984. req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
  985. req.Header.Set("Custom-Header", "custom-value")
  986. // 发送请求
  987. client := &http.Client{}
  988. resp, err := client.Do(req)
  989. if err != nil {
  990. util.ErrorF("r1 client.Do(req):%v \n", err.Error())
  991. return
  992. }
  993. defer resp.Body.Close()
  994. }
  995. type KVSt struct {
  996. ParamKey string
  997. ParamVal string
  998. }
  999. func WebPayNBSDKNotify(c *gin.Context) {
  1000. tmpReq := c.Request
  1001. err := tmpReq.ParseMultipartForm(32 << 20)
  1002. if err != nil {
  1003. return
  1004. }
  1005. formCache := tmpReq.PostForm
  1006. //util.DebugF("formCache2=%v", formCache)
  1007. var kvList []*KVSt
  1008. for k, v := range formCache {
  1009. if k == "sign" {
  1010. continue
  1011. }
  1012. kv := &KVSt{
  1013. ParamKey: k,
  1014. ParamVal: v[0],
  1015. }
  1016. kvList = append(kvList, kv)
  1017. }
  1018. sort.Slice(kvList, func(i, j int) bool {
  1019. return kvList[i].ParamKey < kvList[j].ParamKey
  1020. })
  1021. //util.DebugF("kvlist=%v", kvList)
  1022. verifyStr := ""
  1023. for idx := 0; idx < len(kvList); idx++ {
  1024. key := url.QueryEscape(kvList[idx].ParamKey)
  1025. val := url.QueryEscape(kvList[idx].ParamVal)
  1026. if idx == 0 {
  1027. verifyStr += key + "=" + val
  1028. } else {
  1029. verifyStr += "&" + key + "=" + val
  1030. }
  1031. }
  1032. sign := c.PostForm("sign")
  1033. sdkOrderId := c.PostForm("sdk_order_id") //SDK订单ID
  1034. cpOrderId := c.PostForm("cp_order_id") //游戏方订单ID,由游戏客户端生成(服务器生成给到客户端)
  1035. serverId := c.PostForm("server_id") //游戏区服ID
  1036. pfUid := c.PostForm("pf_uid") //渠道平台的UID
  1037. roleId := c.PostForm("role_id") //游戏方自己的角色ID
  1038. payAmount := c.PostForm("pay_amount") //支付金额(int,单位分,CP方需要验证是否与计费点金额一致,不做此判断,后果自负哦!!!)
  1039. gameKey := service.GetServiceConfig().SDKConfig.NbGameKey
  1040. tmpHmac := hmac.New(md5.New, []byte(gameKey))
  1041. tmpHmac.Write([]byte(verifyStr))
  1042. tmpSign := hex.EncodeToString(tmpHmac.Sum([]byte("")))
  1043. util.DebugF("uid=%v verifyStr=%v cpOrderId=%v pfUid=%v sdkOrderId=%v serverId=%v tmpSign=%v sign=%v gamekey=%v", roleId, verifyStr, cpOrderId, pfUid,
  1044. sdkOrderId, serverId, tmpSign, sign, gameKey)
  1045. if tmpSign != sign {
  1046. util.InfoF("uid=%v WebPayNBSDKNotify sign verify failed cpOrderId=%v", roleId, cpOrderId)
  1047. return
  1048. }
  1049. checkPayAmount, _ := model.Str2Num(payAmount)
  1050. ntfData := &WebNotifyData{}
  1051. ntfData.CpOrderId = cpOrderId
  1052. ntfData.SdkOrderId = sdkOrderId
  1053. ntfData.PayMethod = ""
  1054. ntfData.PayCurrency = ""
  1055. ntfData.PayTime = uint64(util.GetTimeSeconds())
  1056. ntfData.PayChannel = ""
  1057. ret := webPayNotify(ntfData, float32(checkPayAmount)/100, c)
  1058. //c.JSON(http.StatusOK, `success`)
  1059. c.Data(http.StatusOK, "text/plain; charset=utf-8", []byte(ret))
  1060. }
  1061. type UniSDKPayExtraST struct {
  1062. Aid int `json:"aid"` //用户唯一标识
  1063. PrivateParam string `json:"privateparam"`
  1064. PayChannel string `json:"paychannel"` //支付渠道
  1065. AppChannel string `json:"appchannel"` //appchannel
  1066. Platform string `json:"platfrom"`
  1067. UidId string `json:"uidid"` //设备id
  1068. GoodsCount int `json:"goodscount"` //商品数量
  1069. PayMoney string `json:"paymoney"` //玩家实际支付金额
  1070. FreeMoney string `json:"freemoney"` //免费总价,供游戏服写运营日志(如果渠道不提供,该字段为0)
  1071. PayCurrency string `json:"paycurrency"` //玩家实际支付币种
  1072. Deduct int `json:"deduct"`
  1073. DeductPercent string `json:"deductpercent"`
  1074. DeductReason string `json:"deductreason"` //扣除原因,是黑设备还是黑币种
  1075. JsonData string `json:"jsondata"`
  1076. InitTime int `json:"inittime"` //订单创建时间戳,精确到秒;若订单不通过create_order接口创建(例如web 支付),则此值为0
  1077. PayTime int `json:"paytime"` //订单支付时间戳,精确到秒
  1078. IsTest int `json:"istest"` //订单来源:0,正式环境订单;1,测试环境订单(v3.6.2新增)
  1079. FreeYuanBao int `json:"free_yuanbao"`
  1080. PayYuanBao int `json:"pay_yuanbao"`
  1081. PayMethod string `json:"paymethod"`
  1082. }
  1083. type UniSDKPayST struct {
  1084. GameId string `json:"gameid"`
  1085. HostId int `json:"hostid"`
  1086. RoleId string `json:"roleid"`
  1087. GoodsId string `json:"goodsid"`
  1088. UserName string `json:"username"` //玩家渠道帐号(玩家帐号被sdk渠道转换之后的字符串)
  1089. SN string `json:"sn"` //游戏订单号
  1090. ConsumeSN string `json:"consumesn"` //渠道流水订单号(苹果渠道对应为transaction-id)
  1091. ExtraData UniSDKPayExtraST
  1092. }
  1093. type UniSDKPayResponseST struct {
  1094. Code int `json:"code"`
  1095. Msg string `json:"msg"`
  1096. Data interface{} `json:"data"`
  1097. }
  1098. func WebPayUniSDKNotify(c *gin.Context) {
  1099. sign := c.GetHeader("Gas-Ship-Signature")
  1100. payInfo := &UniSDKPayST{}
  1101. bodyData, err := c.GetRawData()
  1102. if err != nil {
  1103. util.ErrorF("WebPayUniSDKNotify body get error=%v", err)
  1104. return
  1105. }
  1106. err = json.Unmarshal(bodyData, payInfo)
  1107. if err != nil {
  1108. util.ErrorF("WebPayUniSDKNotify body Unmarshal error=%v", err)
  1109. return
  1110. }
  1111. secretKey := service.GetServiceConfig().SDKConfig.UniSecretKey
  1112. tmpHmac := hmac.New(md5.New, []byte(secretKey))
  1113. tmpHmac.Write(bodyData)
  1114. tmpSign := hex.EncodeToString(tmpHmac.Sum([]byte("")))
  1115. if tmpSign != sign {
  1116. util.InfoF("uid=%v WebPayUniSDKNotify sign verify failed cpOrderId=%v", payInfo.RoleId, payInfo.SN)
  1117. c.Header("Gas-Ship-Signature", tmpSign)
  1118. responseSt := &UniSDKPayResponseST{
  1119. Code: 403,
  1120. Msg: "ok",
  1121. Data: nil,
  1122. }
  1123. c.JSON(http.StatusOK, responseSt)
  1124. return
  1125. }
  1126. checkPayAmount, _ := model.Str2Num(payInfo.ExtraData.PayMoney)
  1127. ntfData := &WebNotifyData{}
  1128. ntfData.CpOrderId = payInfo.SN
  1129. ntfData.SdkOrderId = payInfo.ConsumeSN
  1130. ntfData.PayMethod = payInfo.ExtraData.PayMethod
  1131. ntfData.PayCurrency = payInfo.ExtraData.PayCurrency
  1132. ntfData.PayTime = uint64(payInfo.ExtraData.PayTime)
  1133. ntfData.PayChannel = payInfo.ExtraData.PayChannel
  1134. ret := webPayNotify(ntfData, float32(checkPayAmount)/100, c)
  1135. if ret == "FAILED" {
  1136. c.JSON(http.StatusOK, "FAILED")
  1137. }
  1138. c.Header("Gas-Ship-Signature", tmpSign)
  1139. responseSt := &UniSDKPayResponseST{
  1140. Code: 200,
  1141. Msg: "ok",
  1142. Data: nil,
  1143. }
  1144. c.JSON(http.StatusOK, responseSt)
  1145. }
  1146. func WebPayNBH5Notify(c *gin.Context) {
  1147. sdkOrderId := c.PostForm("sdk_order_id") //SDK订单ID
  1148. cpOrderId := c.PostForm("cp_order_id") //游戏方订单ID,由游戏客户端生成(服务器生成给到客户端)
  1149. serverId := c.PostForm("server_id") //游戏区服ID
  1150. pfUid := c.PostForm("pf_uid") //渠道平台的UID
  1151. roleId := c.PostForm("role_id") //游戏方自己的角色ID(uid)
  1152. payAmount := c.PostForm("pay_amount") //支付金额(int,单位分,CP方需要验证是否与计费点金额一致,不做此判断,后果自负哦!!!)
  1153. goodsType := c.PostForm("goods_type")
  1154. goodsID := c.PostForm("goods_id")
  1155. util.InfoF("WebPayH5Notify roleId=%v pfUid=%v sdkOrderId=%v serverId=%v", roleId, pfUid, sdkOrderId, serverId)
  1156. if cpOrderId == "" {
  1157. cpOrderId = "WebPayH5Notify"
  1158. }
  1159. gameRoleId, _ := model.Str2NumU64(roleId)
  1160. checkPayAmount, _ := model.Str2Num(payAmount)
  1161. if gameRoleId <= 0 || checkPayAmount <= 0 {
  1162. c.Data(http.StatusOK, "text/plain; charset=utf-8", []byte("FAILED"))
  1163. return
  1164. }
  1165. ntfData := &WebNotifyData{}
  1166. ntfData.GameRoleId = gameRoleId
  1167. ntfData.CpOrderId = cpOrderId
  1168. ntfData.SdkOrderId = sdkOrderId
  1169. ntfData.PayMethod = ""
  1170. ntfData.PayCurrency = ""
  1171. ntfData.PayTime = uint64(util.GetTimeSeconds())
  1172. ntfData.PayChannel = "WebPayH5Notify"
  1173. ntfData.GoodsType, _ = model.Str2NumU64(goodsType)
  1174. ntfData.GoodsID, _ = model.Str2NumU64(goodsID)
  1175. ret := webPayNotifyH5(ntfData, float32(checkPayAmount)/100, c)
  1176. c.Data(http.StatusOK, "text/plain; charset=utf-8", []byte(ret))
  1177. }
  1178. type WebNotifyData struct {
  1179. CpOrderId string
  1180. SdkOrderId string
  1181. PayMethod string
  1182. PayCurrency string
  1183. PayTime uint64
  1184. PayChannel string
  1185. GameRoleId uint64
  1186. GoodsType uint64
  1187. GoodsID uint64
  1188. }
  1189. func webPayNotify(webNtf *WebNotifyData, payAmount float32, c *gin.Context) string {
  1190. //流程处理gmweb保存订单状态到redis中设置为 成功充值状态
  1191. //发送给gameserver,成功收到后设置订单状态为成功获取充值状态,如果gameserver没有收到
  1192. //每次玩家上线时,重新获取一次订单状态如果是成功充值,但是没有获取成功就获取一次
  1193. // 充值成功获取对应的ntdata数据
  1194. // 1,回复成/失败消息给quick
  1195. // 2,订单状态写入redis(判重处理),并发送给social做获取奖励处理
  1196. msgStr, err := service.GetRedis().HGet(model.PayOrderPrefix, webNtf.CpOrderId).Result()
  1197. if err != nil {
  1198. //util.ErrorF("WebPayQuickNotify order not exist err=%v", err)
  1199. util.ErrorF("WebPayQuickNotify order not exist err=%v, cpOrderId=%v, sdkOrderId=%v", err, webNtf.CpOrderId, webNtf.SdkOrderId)
  1200. //c.JSON(http.StatusOK, "FAILED")
  1201. //return "FAILED"
  1202. return fmt.Sprintf("FAILED,cpOrderId=%v err=%v", webNtf.CpOrderId, err)
  1203. }
  1204. payInfo := &serverproto.PayOrderSaveInfo{}
  1205. err = model.GetDecodeMessage(payInfo, msgStr)
  1206. if err != nil {
  1207. util.ErrorF("WebPayQuickNotify GetDecodeMessage err=%, cpOrderId=%v, sdkOrderId=%v", err, webNtf.CpOrderId, webNtf.SdkOrderId)
  1208. //util.ErrorF("WebPayQuickNotify GetDecodeMessage err=%v", err)
  1209. //c.JSON(http.StatusOK, "FAILED")
  1210. //return "FAILED"
  1211. return fmt.Sprintf("FAILED,cpOrderId=%v err=%v", webNtf.CpOrderId, err)
  1212. }
  1213. if payInfo.OrderState == int32(serverproto.PayOrderState_EPayOrderState_Gen) {
  1214. //实际支付 == 订单的钱,否则为支付失败
  1215. //payAmount := int32(payAmount * 100) //该渠道是以分为单位(游戏以卢布为单位)
  1216. //服务器订单实际金额:
  1217. //orderAmount := int32(payInfo.Amount * 1000)
  1218. if payAmount == payInfo.Amount {
  1219. payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayOk)
  1220. } else {
  1221. payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayFailed)
  1222. util.ErrorF("uid=%v WebPayQuickNotify failed payAmount:%v order=%v", payInfo.Uid, payAmount, payInfo)
  1223. return "FAILED"
  1224. }
  1225. payInfo.OrderProcessTime = util.GetTimeMilliseconds()
  1226. payInfo.SdkOrderId = webNtf.SdkOrderId //sdk订单id\
  1227. payInfo.PayMethod = webNtf.PayMethod
  1228. payInfo.PayCurrency = webNtf.PayCurrency
  1229. payInfo.PayTime = webNtf.PayTime
  1230. payInfo.PayChannel = webNtf.PayChannel
  1231. //订单状态修改,写入数据库(后续玩家发货成功后会再次修改订单状态为PayOrderState_EPayOrderState_PayOkReward)
  1232. err, newPayInfoStr := model.GetEncodeMessage(payInfo)
  1233. if err == nil {
  1234. service.GetRedis().HSet(model.PayOrderPrefix, webNtf.CpOrderId, newPayInfoStr)
  1235. }
  1236. //完成订单id列表(避免上次发货不成功,玩家下次登陆时可以重新获取一次奖励)
  1237. uidStr := strconv.FormatUint(payInfo.Uid, 10)
  1238. okListKeyStr := model.PayOrderOKIdListPrefix + uidStr
  1239. service.GetRedis().SAdd(okListKeyStr, payInfo.CpOrderId)
  1240. if payInfo.OrderState == int32(serverproto.PayOrderState_EPayOrderState_PayOk) {
  1241. ssNtfMsg := &serverproto.SSPayInfoOrderNtf{
  1242. PayOrderInfo: payInfo,
  1243. }
  1244. selfmodel.SendSocial(ssNtfMsg)
  1245. }
  1246. util.InfoF("uid=%v WebPayQuickNotify ok order=%v", payInfo.Uid, payInfo)
  1247. } else {
  1248. util.ErrorF("WebPayQuickNotify uid=%v state error state=%v", payInfo.Uid, payInfo.OrderState)
  1249. //return "FAILED"
  1250. return fmt.Sprintf("FAILED,cpOrderId=%v state error=%v", webNtf.CpOrderId, payInfo.OrderState)
  1251. }
  1252. return "SUCCESS"
  1253. }
  1254. func webPayNotifyDn(cpOrderId string, Amount, sdkOrderId string) string {
  1255. //流程处理gmweb保存订单状态到redis中设置为 成功充值状态
  1256. //发送给gameserver,成功收到后设置订单状态为成功获取充值状态,如果gameserver没有收到
  1257. //每次玩家上线时,重新获取一次订单状态如果是成功充值,但是没有获取成功就获取一次
  1258. // 充值成功获取对应的ntdata数据
  1259. // 1,回复成/失败消息给quick
  1260. // 2,订单状态写入redis(判重处理),并发送给social做获取奖励处理
  1261. msgStr, err := service.GetRedis().HGet(model.PayOrderPrefix, cpOrderId).Result()
  1262. if err != nil {
  1263. //util.ErrorF("WebPayQuickNotify order not exist err=%v", err)
  1264. util.ErrorF("WebPayQuickNotify order not exist err=%v, cpOrderId=%v, sdkOrderId=%v", err, cpOrderId, 0)
  1265. //c.JSON(http.StatusOK, "FAILED")
  1266. //return "FAILED"
  1267. return fmt.Sprintf("FAILED,cpOrderId=%v err=%v", cpOrderId, err)
  1268. }
  1269. payInfo := &serverproto.PayOrderSaveInfo{}
  1270. err = model.GetDecodeMessage(payInfo, msgStr)
  1271. if err != nil {
  1272. util.ErrorF("WebPayQuickNotify GetDecodeMessage err=%, cpOrderId=%v, sdkOrderId=%v", err, cpOrderId, 0)
  1273. //util.ErrorF("WebPayQuickNotify GetDecodeMessage err=%v", err)
  1274. //c.JSON(http.StatusOK, "FAILED")
  1275. //return "FAILED"
  1276. return fmt.Sprintf("FAILED,cpOrderId=%v err=%v", cpOrderId, err)
  1277. }
  1278. if payInfo.OrderState == int32(serverproto.PayOrderState_EPayOrderState_Gen) {
  1279. //实际支付 == 订单的钱,否则为支付失败
  1280. //payAmount := int32(Amount * 1000)
  1281. ////服务器订单实际金额:
  1282. orderAmount := fmt.Sprintf("%.2f", payInfo.Amount)
  1283. if Amount == orderAmount {
  1284. payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayOk)
  1285. } else {
  1286. payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayFailed)
  1287. util.ErrorF("uid=%v WebPayQuickNotify failed payAmount:%v order=%v ,price=%v", payInfo.Uid, Amount, payInfo, orderAmount)
  1288. return ""
  1289. }
  1290. //payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayOk)
  1291. payInfo.OrderProcessTime = util.GetTimeMilliseconds()
  1292. payInfo.SdkOrderId = sdkOrderId //sdk订单id\
  1293. //payInfo.PayMethod = webNtf.PayMethod
  1294. //payInfo.PayCurrency = webNtf.PayCurrency
  1295. payInfo.PayTime = util.GetTimeMilliseconds()
  1296. payInfo.PayChannel = "dn"
  1297. //订单状态修改,写入数据库(后续玩家发货成功后会再次修改订单状态为PayOrderState_EPayOrderState_PayOkReward)
  1298. err, newPayInfoStr := model.GetEncodeMessage(payInfo)
  1299. if err == nil {
  1300. service.GetRedis().HSet(model.PayOrderPrefix, cpOrderId, newPayInfoStr)
  1301. }
  1302. //完成订单id列表(避免上次发货不成功,玩家下次登陆时可以重新获取一次奖励)
  1303. uidStr := strconv.FormatUint(payInfo.Uid, 10)
  1304. okListKeyStr := model.PayOrderOKIdListPrefix + uidStr
  1305. service.GetRedis().SAdd(okListKeyStr, payInfo.CpOrderId)
  1306. if payInfo.OrderState == int32(serverproto.PayOrderState_EPayOrderState_PayOk) {
  1307. ssNtfMsg := &serverproto.SSPayInfoOrderNtf{
  1308. PayOrderInfo: payInfo,
  1309. }
  1310. selfmodel.SendSocial(ssNtfMsg)
  1311. }
  1312. util.InfoF("uid=%v WebPayQuickNotify ok order=%v", payInfo.Uid, payInfo)
  1313. } else {
  1314. util.ErrorF("WebPayQuickNotify uid=%v state error state=%v", payInfo.Uid, payInfo.OrderState)
  1315. //return "FAILED"
  1316. return fmt.Sprintf("FAILED,cpOrderId=%v state error=%v", cpOrderId, payInfo.OrderState)
  1317. }
  1318. return "SUCCESS"
  1319. }
  1320. // 外层发起主动充值(不走游戏流程)
  1321. func webPayNotifyH5(webNtf *WebNotifyData, payAmount float32, c *gin.Context) string {
  1322. payInfo := &serverproto.PayOrderSaveInfo{}
  1323. payInfo.Uid = webNtf.GameRoleId
  1324. payInfo.Amount = payAmount
  1325. payInfo.OrderProcessTime = util.GetTimeMilliseconds()
  1326. payInfo.SdkOrderId = webNtf.SdkOrderId //sdk订单id\
  1327. payInfo.PayMethod = webNtf.PayMethod
  1328. payInfo.PayCurrency = webNtf.PayCurrency
  1329. payInfo.PayTime = webNtf.PayTime
  1330. payInfo.PayChannel = webNtf.PayChannel
  1331. payInfo.GoodsType = int32(webNtf.GoodsType)
  1332. payInfo.GoodsId = int32(webNtf.GoodsID)
  1333. rewardStr := c.DefaultQuery("reward", "")
  1334. //reward
  1335. rewardStrList := strings.Split(rewardStr, ",")
  1336. for idx := 0; idx < len(rewardStrList); idx++ {
  1337. key, val := model.Str2Res(rewardStrList[idx])
  1338. if key > 0 && val > 0 {
  1339. payInfo.RewardList = append(payInfo.RewardList, &serverproto.KeyValueType{Key: key, Value: val})
  1340. }
  1341. }
  1342. payInfo.OrderState = int32(serverproto.PayOrderState_EPayOrderState_PayOk)
  1343. //订单状态修改,写入数据库(后续玩家发货成功后会再次修改订单状态为PayOrderState_EPayOrderState_PayOkReward)
  1344. err, newPayInfoStr := model.GetEncodeMessage(payInfo)
  1345. if err == nil {
  1346. service.GetRedis().HSet(model.PayOrderPrefix, webNtf.CpOrderId, newPayInfoStr)
  1347. }
  1348. //完成订单id列表(避免上次发货不成功,玩家下次登陆时可以重新获取一次奖励)
  1349. uidStr := strconv.FormatUint(payInfo.Uid, 10)
  1350. okListKeyStr := model.PayOrderOKIdListPrefix + uidStr
  1351. service.GetRedis().SAdd(okListKeyStr, payInfo.CpOrderId)
  1352. util.InfoF("webPayNotifyH5: %v", payInfo)
  1353. ssNtfMsg := &serverproto.SSPayInfoOrderNtf{
  1354. PayOrderInfo: payInfo,
  1355. }
  1356. selfmodel.SendSocial(ssNtfMsg)
  1357. return "SUCCESS"
  1358. }