支付宝接入
1.支付宝沙箱环境
登陆支付宝开放平台创建沙箱环境
支付宝开放平台 https://openhome.alipay.com/platform/appDaily.htm?tab=info
支付文档 https://docs.open.alipay.com/200/105311
2.创建密钥
1.生成应用公钥和秘钥
2.把应用公钥赋值并配置到当前的沙箱环境中
3.配置完公钥后,沙箱环境配置中会给一个支付宝公钥,复制并保存
4.在项目根目录中创建keys文件目录,存储应用私钥(rsa_private_key.txt)和支付宝公钥(rsa_public_key.txt)
ubuntu生成密钥和公钥
#打开终端输入openssl# 输入以下命令创建密钥genrsa -out rsa_private_key.txt 2048# 输入以下命令创建公钥rsa -in rsa_private_key.txt -pubout -out rsa_public_key.txt#输入 exit 推出 opensslexit# ls 查看当前目录下创建的密钥和公钥rsa_private_key.txt rsa_public_key.txt
windows10 可以安装支付宝开放平台助手,创建密钥
注意:在项目中配置 keys应用 私钥和支付宝公钥 放进来
1,在项目中 创建 keys 目录 里面放入 秘钥文件2,创建 rsa_private_key.txt 放入秘钥,加开始和结束的标记-----BEGIN RSA PRIVATE KEY-----.....-----END RSA PRIVATE KEY-----3,创建 rsa_public_key.txt 放入秘钥,加开始和结束的标记-----BEGIN PUBLIC KEY-----....-----END PUBLIC KEY-----
3. 支付宝配置 settings.py
1.settings.py
# 支付宝相关配置# APPID# 沙箱APPID,生产环境须更改为应用APPID。ALIPAY_APPID = "2016092200571332"# 网关# 沙箱网关,生产环境须更改为正式网关。ALIPAY_URL = "https://openapi.alipaydev.com/gateway.do"# 正式网关,开发环境勿使用。# ALIPAY_URL = "https://openapi.alipay.com/gateway.do"# 回调通知地址ALIPAY_NOTIFY_URL = "http://47.114.147.247/order/pay_result"# 支付后的跳转地址ALIPAY_RETURN_URL = 'http://47.114.147.247/order/pay_result'# 应用私钥APP_PRIVATE_KEY_PATH = os.path.join(BASE_DIR, 'keys/rsa_private_key.txt')# 支付宝公钥ALIPAY_PUBLIC_KEY_PATH = os.path.join(BASE_DIR, 'keys/rsa_public_key.txt')
2.配置url路由和视图函数
- myhome/urls.py文件中添加回调路由
# 支付回调地址path('order/pay_result',PayViews.pay_result,name="myhome_order_pay_result"),
myhome/views/目录中创建Payviews.py并创建回调视图函数
# myhome/views/Payviews.py# 支付宝回调地址def pay_result(request):return HttpResponse('支付宝回调成功')
4.安装支付SDK及依赖环境
1.安装依赖环境
aliyun-python-sdk-core-v3==2.13.11Django==2.2.11jmespath==0.10.0mysqlclient==1.4.6Pillow==6.2.1pycryptodome==3.9.7pytz==2020.1sqlparse==0.3.1
2.导入支付宝支付接口类
在项目根目录创建utils包文件夹,创建pay.py模块写入支付接口类
bookshop\utils\pay.py
from datetime import datetimefrom Crypto.PublicKey import RSAfrom Crypto.Signature import PKCS1_v1_5from Crypto.Hash import SHA256from urllib.parse import quote_plusfrom urllib.parse import urlparse, parse_qsfrom base64 import decodebytes, encodebytesimport jsonclass AliPay(object):"""支付宝支付接口(PC端支付接口)"""def __init__(self, appid, app_notify_url, app_private_key_path,alipay_public_key_path, return_url, debug=False):self.appid = appidself.app_notify_url = app_notify_urlself.app_private_key_path = app_private_key_pathself.app_private_key = Noneself.return_url = return_urlwith open(self.app_private_key_path) as fp:self.app_private_key = RSA.importKey(fp.read())self.alipay_public_key_path = alipay_public_key_pathwith open(self.alipay_public_key_path) as fp:self.alipay_public_key = RSA.importKey(fp.read())if debug is True:self.__gateway = "https://openapi.alipaydev.com/gateway.do"else:self.__gateway = "https://openapi.alipay.com/gateway.do"def direct_pay(self, subject, out_trade_no, total_amount, return_url=None, **kwargs):biz_content = {"subject": subject,"out_trade_no": out_trade_no,"total_amount": total_amount,"product_code": "FAST_INSTANT_TRADE_PAY",# "qr_pay_mode":4}biz_content.update(kwargs)data = self.build_body("alipay.trade.page.pay", biz_content, self.return_url)return self.sign_data(data)def build_body(self, method, biz_content, return_url=None):data = {"app_id": self.appid,"method": method,"charset": "utf-8","sign_type": "RSA2","timestamp": datetime.now().strftime("%Y-%m-%d %H:%M:%S"),"version": "1.0","biz_content": biz_content}if return_url is not None:data["notify_url"] = self.app_notify_urldata["return_url"] = self.return_urlreturn datadef sign_data(self, data):data.pop("sign", None)# 排序后的字符串unsigned_items = self.ordered_data(data)unsigned_string = "&".join("{0}={1}".format(k, v) for k, v in unsigned_items)sign = self.sign(unsigned_string.encode("utf-8"))# ordered_items = self.ordered_data(data)quoted_string = "&".join("{0}={1}".format(k, quote_plus(v)) for k, v in unsigned_items)# 获得最终的订单信息字符串signed_string = quoted_string + "&sign=" + quote_plus(sign)return signed_stringdef ordered_data(self, data):complex_keys = []for key, value in data.items():if isinstance(value, dict):complex_keys.append(key)# 将字典类型的数据dump出来for key in complex_keys:data[key] = json.dumps(data[key], separators=(',', ':'))return sorted([(k, v) for k, v in data.items()])def sign(self, unsigned_string):# 开始计算签名key = self.app_private_keysigner = PKCS1_v1_5.new(key)signature = signer.sign(SHA256.new(unsigned_string))# base64 编码,转换为unicode表示并移除回车sign = encodebytes(signature).decode("utf8").replace("\n", "")return signdef _verify(self, raw_content, signature):# 开始计算签名key = self.alipay_public_keysigner = PKCS1_v1_5.new(key)digest = SHA256.new()digest.update(raw_content.encode("utf8"))if signer.verify(digest, decodebytes(signature.encode("utf8"))):return Truereturn Falsedef verify(self, data, signature):if "sign_type" in data:sign_type = data.pop("sign_type")# 排序后的字符串unsigned_items = self.ordered_data(data)message = "&".join(u"{}={}".format(k, v) for k, v in unsigned_items)return self._verify(message, signature)
5.发起支付请求
from django.shortcuts import render,reverse
from django.http import HttpResponse,JsonResponse,HttpResponseRedirect
from myadmin import models
from .indexViews import GetNavData
from django.views.decorators.csrf import csrf_exempt
# 支付宝对象创建方法
from bookshop import settings
from utils.pay import AliPay
# AliPay 对象实例化
def Get_AliPay_Object():
alipay = AliPay(
appid=settings.ALIPAY_APPID,# APPID (沙箱应用)
app_notify_url=settings.ALIPAY_NOTIFY_URL, # 回调通知地址
return_url=settings.ALIPAY_RETURN_URL,# 支付完成后的跳转地址
app_private_key_path=settings.APP_PRIVATE_KEY_PATH, # 应用私钥
alipay_public_key_path=settings.ALIPAY_PUBLIC_KEY_PATH, # 支付宝公钥
debug=True, # 默认False,
)
return alipay
# 发起支付请求
def pay_request(orderobj):
# 获取支付对象
alipay = Get_AliPay_Object()
# 生成支付的url
query_params = alipay.direct_pay(
subject = '图书商城_书籍购买', # 商品简单描述
out_trade_no = orderobj.id,# 用户购买的商品订单号
total_amount = orderobj.totalprice # 交易金额(单位: 元 保留俩位小数)
)
# 支付宝网关地址(沙箱应用)
pay_url = settings.ALIPAY_URL+"?{0}".format(query_params)
# 页面重定向到支付页面
return HttpResponseRedirect(pay_url)
# 支付宝回调地址 get post
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def pay_result(request):
# 获取对象
alipay = Get_AliPay_Object()
if request.method == "POST":
# 检测是否支付成功
# 去请求体中获取所有返回的数据:状态/订单号
from urllib.parse import parse_qs
body_str = request.body.decode('utf-8')
post_data = parse_qs(body_str)
post_dict = {}
for k, v in post_data.items():
post_dict[k] = v[0]
sign = post_dict.pop('sign', None)
status = alipay.verify(post_dict, sign)
out_trade_no = post_dict['out_trade_no']
# 修改订单状态
ass = {'status':1,'paytime':post_dict['gmt_payment']}
models.Order.objects.filter(id=out_trade_no).update(**ass)
return HttpResponse('success')
else:
params = request.GET.dict()
sign = params.pop('sign', None)
status = alipay.verify(params, sign)
return HttpResponse('<script>alert("支付成功");location.href="/order/mylist"</script>')
6.扫码支付
使用Android手机下载沙箱钱包进行
7.支付流程总结
title: 支付流程
participant 用户 as user
participant 商户系统 as app
participant 支付宝 as alipay
user->app:1.选择商品下单
app->app:2.系统中创建订单
app->alipay:3.向支付宝发起支付请求
alipay-->user:4.返回支付页面
user-->alipay:5.进行扫码支付
alipay->app:6.get请求回调地址,同步返回参数
app->user:7.向用户显示支付成功,跳转到订单列表页面
alipay->app:8.post请求回调地址,异步通知参数(支付是否成功已异步通知为准)
app->app:9.根据post请求修改订单状态
app->alipay:10.post请求后向支付宝响应success
若有收获,就点个赞吧
0 人点赞
