微信支付 商户平台 v3 API调用 发放代金卷 经验

import okhttp3.HttpUrl;  //需要导入最新okhttp-3.10.0的jar包与对应需连同导入使用的okio-1.14.0的jar包
import java.security.Signature;
import java.util.Base64; //需要使用jdb1.8以上的版本

// Authorization: <schema> <token>
// GET - getToken("GET", httpurl, "")
// POST - getToken("POST", httpurl, json)
String schema = "WECHATPAY2-SHA256-RSA2048";
HttpUrl httpurl = HttpUrl.parse(url);

String getToken(String method, HttpUrl url, String body) {
    String nonceStr = "your nonce string";
    long timestamp = System.currentTimeMillis() / 1000;
    String message = buildMessage(method, url, timestamp, nonceStr, body);
    String signature = sign(message.getBytes("utf-8"));

    return "mchid=\"" + yourMerchantId + "\","  //商户号
    + "nonce_str=\"" + nonceStr + "\","
    + "timestamp=\"" + timestamp + "\","
    + "serial_no=\"" + yourCertificateSerialNo + "\","  //商户私钥序列号
    + "signature=\"" + signature + "\"";
}

String sign(byte[] message) {
    Signature sign = Signature.getInstance("SHA256withRSA");
    sign.initSign(yourPrivateKey); //这是你的商户平台微信端签发的私钥，由下面方法加载使用
    sign.update(message);

    return Base64.getEncoder().encodeToString(sign.sign());
}

String buildMessage(String method, HttpUrl url, long timestamp, String nonceStr, String body) {
    String canonicalUrl = url.encodedPath(); //有对url参数处理
    if (url.encodedQuery() != null) {
      canonicalUrl += "?" + url.encodedQuery();
    }

    return method + "\n"
        + canonicalUrl + "\n"
        + timestamp + "\n"
        + nonceStr + "\n"
        + body + "\n";
}

----------------------------------------------------------------------------------------------------------------------------------------------------

对私钥证书的处理

 /**
       * 获取私钥。
       * @param filename 私钥文件路径  (required)
       * @return 私钥对象
       */
    public static PrivateKey getPrivateKey(String filename) throws IOException {

      String content = new String(Files.readAllBytes(Paths.get(filename)), "utf-8");
      try {
        String privateKey = content.replace("-----BEGIN PRIVATE KEY-----", "")
            .replace("-----END PRIVATE KEY-----", "")
            .replaceAll("\\s+", "");

        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePrivate(
            new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey)));
      } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException("当前Java环境不支持RSA", e);
      } catch (InvalidKeySpecException e) {
        throw new RuntimeException("无效的密钥格式");
      }
    }