public async Task <WeChatPayPlatformCertificate> GetCertificateAsync(IWeChatPayClient client, WeChatPayOptions options)
{
// 如果证书序列号已缓存,则直接使用缓存的
var platformCert = _certDictionary.Values.Where(cert => cert.EffectiveTime <DateTime.Now && cert.ExpireTime> DateTime.Now).FirstOrDefault();
if (platformCert != null)
{
return(platformCert);
}
// 否则重新下载新的平台证书
var request = new WeChatPayCertificatesRequest();
var response = await client.ExecuteAsync(request, options);
foreach (var certificate in response.Certificates)
{
// 若证书序列号未被缓存,解密证书并加入缓存
if (!_certDictionary.ContainsKey(certificate.SerialNo))
{
switch (certificate.EncryptCertificate.Algorithm)
{
case nameof(AEAD_AES_256_GCM):
{
var certStr = AEAD_AES_256_GCM.Decrypt(certificate.EncryptCertificate.Nonce, certificate.EncryptCertificate.Ciphertext, certificate.EncryptCertificate.AssociatedData, options.V3Key);
var cert = new WeChatPayPlatformCertificate
{
SerialNo = certificate.SerialNo,
EffectiveTime = DateTime.Parse(certificate.EffectiveTime),
ExpireTime = DateTime.Parse(certificate.ExpireTime),
Certificate = new X509Certificate2(Encoding.ASCII.GetBytes(certStr))
};
_certDictionary.TryAdd(certificate.SerialNo, cert);
}
break;
default:
throw new WeChatPayException($"Unknown algorithm: {certificate.EncryptCertificate.Algorithm}");
}
}
}
// 重新从缓存获取
platformCert = _certDictionary.Values.Where(cert => cert.EffectiveTime <DateTime.Now && cert.ExpireTime> DateTime.Now).FirstOrDefault();
if (platformCert != null)
{
return(platformCert);
}
else
{
throw new WeChatPayException("Download certificates failed!");
}
}
public async Task <IActionResult> GetCertificates()
{
if (Request.Method == "POST")
{
var request = new WeChatPayCertificatesRequest();
var response = await _client.ExecuteAsync(request, _optionsAccessor.Value);
ViewData["response"] = response.Body;
return(View());
}
return(View());
}
private async Task <X509Certificate2> LoadPlatformCertificateAsync(string serial, WeChatPayOptions options)
{
// 如果证书序列号已缓存,则直接使用缓存的
if (_platformCertificateManager.TryGetValue(serial, out var certificate2))
{
return(certificate2);
}
// 否则重新下载新的平台证书
var request = new WeChatPayCertificatesRequest();
var response = await ExecuteAsync(request, options);
foreach (var certificate in response.Certificates)
{
// 若证书序列号未被缓存,解密证书并加入缓存
if (!_platformCertificateManager.ContainsKey(certificate.SerialNo))
{
switch (certificate.EncryptCertificate.Algorithm)
{
case nameof(AEAD_AES_256_GCM):
{
var certStr = AEAD_AES_256_GCM.Decrypt(certificate.EncryptCertificate.Nonce, certificate.EncryptCertificate.Ciphertext, certificate.EncryptCertificate.AssociatedData, options.V3Key);
var cert = new X509Certificate2(Encoding.UTF8.GetBytes(certStr));
_platformCertificateManager.TryAdd(certificate.SerialNo, cert);
}
break;
default:
throw new WeChatPayException($"Unknown algorithm: {certificate.EncryptCertificate.Algorithm}");
}
}
}
// 重新从缓存获取
if (_platformCertificateManager.TryGetValue(serial, out certificate2))
{
return(certificate2);
}
else
{
throw new WeChatPayException("Download certificates failed!");
}
}
