/// <summary>
/// 对支付宝异步通知的关键参数进行校验
/// </summary>
/// <returns></returns>
private bool CheckParams(out Data_Order order)
{
//获得商户订单号out_trade_no
string out_trade_no = Request.Form["out_trade_no"];
//判断通知数据中的out_trade_no是否为商户系统中创建的订单号
order = MPOrderBusiness.GetOrderModel(out_trade_no);
if (order == null)
{
//PayLogHelper.WritePayLog("商户订单号校验失败");
return(false);
}
//获得支付总金额total_amount
string total_amount = Request.Form["total_amount"];
// 判断total_amount是否确实为该订单的实际金额
if (order.Price.ToString("0.00") != total_amount)
{
//PayLogHelper.WritePayLog("支付金额校验失败");
return(false);
}
//获得卖家账号seller_id
string seller_id = Request.Form["seller_id"].Trim();
// 验证通知中的seller_email(或者seller_id) 是否为out_trade_no这笔单据的对应的操作方(有的时候,一个商户可能有多个seller_id / seller_email)
if (AliPayConfig.pid.Trim() != seller_id)
{
//PayLogHelper.WritePayLog("seller_id校验失败");
return(false);
}
//获得调用方的appid;
//如果是非授权模式,appid是商户的appid;如果是授权模式(token调用),appid是系统商的appid
string app_id = Request.Form["app_id"];
// 验证支付宝小程序app_id是否是调用方的appid
if (AliPayConfig.miniAppId.Trim() != app_id)
{
//PayLogHelper.WritePayLog("app_id校验失败");
return(false);
}
//验证上述四个参数,完全吻合则返回参数校验成功
return(true);
}
protected void Page_Load(object sender, EventArgs e)
{
SortedDictionary <string, string> sPara = GetRequestPost();
if (sPara.Count > 0)//判断是否有带返回参数
{
//PayLogHelper.WritePayLog(Request.Form.ToString());
//Notify aliNotify = new Notify();
Notify aliNotify = new Notify(AliPayConfig.charset, AliPayConfig.sign_type, AliPayConfig.pid, AliPayConfig.mapiUrl, AliPayConfig.alipay_miniapp_public_key);
bool verifyResult = aliNotify.Verify(sPara, Request.Form["notify_id"], Request.Form["sign"]);
//商户订单号
string out_trade_no = Request.Form["out_trade_no"];
Data_Order order = null;
if (verifyResult && CheckParams(out order))//验证成功
{
///////////////////////////////////////////////////////////////////////////////////////////////////////////
//请在这里加上商户的业务逻辑程序代码
//——请根据您的业务逻辑来编写程序(以下代码仅作参考)——
//获取支付宝的通知返回参数,可参考技术文档中服务器异步通知参数列表
//支付宝交易号
string trade_no = Request.Form["trade_no"];
//交易状态
//在支付宝的业务通知中,只有交易通知状态为TRADE_SUCCESS或TRADE_FINISHED时,才是买家付款成功。
string trade_status = Request.Form["trade_status"];
//交易状态
if (trade_status == "TRADE_SUCCESS" || trade_status == "TRADE_FINISHED")
{
try
{
if (MPOrderBusiness.UpdateOrderForPaySuccess(out_trade_no, trade_no))
{
LogHelper.SaveLog(TxtLogType.AliPay, TxtLogContentType.Debug, TxtLogFileType.Day, "应用:莘拍档 订单号:" + out_trade_no + " 支付成功!");
//支付宝买家用户id
string buyer_id = Request.Form["buyer_id"];
//支付时间
string gmt_payment = HttpUtility.UrlDecode(Request.Form["gmt_payment"]);
string aliId = string.Empty;
string msg = string.Empty;
if (!MobileTokenBusiness.GetAliId(order.Mobile, out aliId, out msg))
{
bool ret = MobileTokenBusiness.UpdateAliBuyerId(order.Mobile, buyer_id);
}
IAopClient client = new DefaultAopClient(AliPayConfig.serverUrl, AliPayConfig.miniAppId, AliPayConfig.merchant_miniapp_private_key, "json", "1.0", "RSA2", AliPayConfig.alipay_miniapp_public_key, AliPayConfig.charset, false);
AlipayOpenAppMiniTemplatemessageSendRequest request = new AlipayOpenAppMiniTemplatemessageSendRequest();
request.BizContent = "{" +
"\"to_user_id\":\"" + buyer_id + "\"," +
"\"form_id\":\"" + trade_no + "\"," +
"\"user_template_id\":\"" + AliPayConfig.MiniAppTemplateId + "\"," +
"\"page\":\"pages/login/login\"," +
"\"data\":\"{\\\"keyword1\\\":{\\\"value\\\":\\\"" + out_trade_no + "\\\"},\\\"keyword2\\\":{\\\"value\\\":\\\"" + order.Descript + "\\\"},\\\"keyword3\\\":{\\\"value\\\":\\\"" + order.Price.ToString("0.00") + "\\\"},\\\"keyword4\\\":{\\\"value\\\":\\\"" + order.CreateTime.ToString("yyyy-MM-dd HH:mm:ss") + "\\\"},\\\"keyword5\\\":{\\\"value\\\":\\\"" + gmt_payment + "\\\"}}\"" +
"}";
AlipayOpenAppMiniTemplatemessageSendResponse response = client.Execute(request);
}
else
{
LogHelper.SaveLog(TxtLogType.AliPay, TxtLogContentType.Debug, TxtLogFileType.Day, "应用:莘拍档 订单号:" + out_trade_no + " 已支付订单更新失败!!!");
}
}
catch (Exception ex)
{
//PayLogHelper.WriteError(ex);
LogHelper.SaveLog(TxtLogType.AliPay, ex.InnerException != null ? ex.InnerException.Message : ex.Message);
}
//判断是否在商户网站中已经做过了这次通知返回的处理
//如果没有做过处理,那么执行商户的业务程序
//如果有做过处理,那么不执行商户的业务程序
Response.Write("success"); //请不要修改或删除
}
else
{
Response.Write("fail");
}
//——请根据您的业务逻辑来编写程序(以上代码仅作参考)——
///////////////////////////////////////////////////////////////////////////////////////////////////////////
}
else//验证失败
{
LogHelper.SaveLog(TxtLogType.AliPay, TxtLogContentType.Debug, TxtLogFileType.Day, "应用:莘拍档 订单号:" + out_trade_no + " 警告:支付回调验证失败!!!");
Response.Write("fail");
}
}
else
{
Response.Write("无通知参数");
}
}
