ci: fix bug in WeChat payment provider

pp/alipay.go

@@ -94,3 +94,11 @@ func (pp *AlipayPaymentProvider) Notify(request *http.Request, body []byte, auth
 func (pp *AlipayPaymentProvider) GetInvoice(paymentName string, personName string, personIdCard string, personEmail string, personPhone string, invoiceType string, invoiceTitle string, invoiceTaxId string) (string, error) {
 	return "", nil
 }
+
+func (pp *AlipayPaymentProvider) GetResponseError(err error) string {
+	if err == nil {
+		return "success"
+	} else {
+		return "fail"
+	}
+}

pp/gc.go

@@ -329,3 +329,11 @@ func (pp *GcPaymentProvider) GetInvoice(paymentName string, personName string, p
 
 	return invoiceRespInfo.Url, nil
 }
+
+func (pp *GcPaymentProvider) GetResponseError(err error) string {
+	if err == nil {
+		return "success"
+	} else {
+		return "fail"
+	}
+}

pp/provider.go

@@ -20,20 +20,21 @@ type PaymentProvider interface {
 	Pay(providerName string, productName string, payerName string, paymentName string, productDisplayName string, price float64, returnUrl string, notifyUrl string) (string, error)
 	Notify(request *http.Request, body []byte, authorityPublicKey string) (string, string, float64, string, string, error)
 	GetInvoice(paymentName string, personName string, personIdCard string, personEmail string, personPhone string, invoiceType string, invoiceTitle string, invoiceTaxId string) (string, error)
+	GetResponseError(err error) string
 }
 
-func GetPaymentProvider(typ string, appId string, clientSecret string, host string, appCertificate string, appPrivateKey string, authorityPublicKey string, authorityRootPublicKey string, clientId2 string) (PaymentProvider, error) {
+func GetPaymentProvider(typ string, clientId string, clientSecret string, host string, appCertificate string, certSerialNo string, appPrivateKey string, authorityPublicKey string, authorityRootPublicKey string, clientId2 string) (PaymentProvider, error) {
 	if typ == "Alipay" {
-		newAlipayPaymentProvider, err := NewAlipayPaymentProvider(appId, appCertificate, appPrivateKey, authorityPublicKey, authorityRootPublicKey)
+		newAlipayPaymentProvider, err := NewAlipayPaymentProvider(clientId, appCertificate, appPrivateKey, authorityPublicKey, authorityRootPublicKey)
 		if err != nil {
 			return nil, err
 		}
 		return newAlipayPaymentProvider, nil
 	} else if typ == "GC" {
-		return NewGcPaymentProvider(appId, clientSecret, host), nil
+		return NewGcPaymentProvider(clientId, clientSecret, host), nil
 	} else if typ == "WeChat Pay" {
-		// appId, mchId, mchCertSerialNumber, apiV3Key, privateKey
-		newWechatPaymentProvider, err := NewWechatPaymentProvider(clientId2, appId, appCertificate, clientSecret, appPrivateKey)
+		// appId, mchId, mchCert, mchCertSerialNumber, apiV3Key, privateKey
+		newWechatPaymentProvider, err := NewWechatPaymentProvider(clientId2, clientId, appCertificate, certSerialNo, clientSecret, appPrivateKey)
 		if err != nil {
 			return nil, err
 		}

pp/util.go

@@ -23,3 +23,15 @@ func getPriceString(price float64) string {
 	priceString := strings.TrimRight(strings.TrimRight(fmt.Sprintf("%.2f", price), "0"), ".")
 	return priceString
 }
+
+func joinAttachString(tokens []string) string {
+	return strings.Join(tokens, "|")
+}
+
+func parseAttachString(s string) (string, string, string, error) {
+	tokens := strings.Split(s, "|")
+	if len(tokens) != 3 {
+		return "", "", "", fmt.Errorf("parseAttachString() error: len(tokens) expected 3, got: %d", len(tokens))
+	}
+	return tokens[0], tokens[1], tokens[2], nil
+}

pp/wechatpay.go

@@ -16,7 +16,7 @@ package pp
 
 import (
 	"context"
-	"fmt"
+	"errors"
 	"net/http"
 
 	"github.com/casdoor/casdoor/util"
@@ -24,12 +24,21 @@ import (
 	"github.com/go-pay/gopay/wechat/v3"
 )
 
+type WechatPayNotifyResponse struct {
+	Code    string `json:"Code"`
+	Message string `json:"Message"`
+}
+
 type WechatPaymentProvider struct {
 	ClientV3 *wechat.ClientV3
 	appId    string
 }
 
-func NewWechatPaymentProvider(appId string, mchId string, mchCertSerialNumber string, apiV3Key string, privateKey string) (*WechatPaymentProvider, error) {
+func NewWechatPaymentProvider(appId string, mchId string, cert string, mchCertSerialNumber string, apiV3Key string, privateKey string) (*WechatPaymentProvider, error) {
+	if appId == "" && mchId == "" && cert == "" && mchCertSerialNumber == "" && apiV3Key == "" && privateKey == "" {
+		return &WechatPaymentProvider{}, nil
+	}
+
 	pp := &WechatPaymentProvider{appId: appId}
 
 	clientV3, err := wechat.NewClientV3(mchId, mchCertSerialNumber, apiV3Key, privateKey)
@@ -37,11 +46,13 @@ func NewWechatPaymentProvider(appId string, mchId string, mchCertSerialNumber st
 		return nil, err
 	}
 
-	err = clientV3.AutoVerifySign()
+	platformCert, serialNo, err := clientV3.GetAndSelectNewestCert()
 	if err != nil {
 		return nil, err
 	}
-	pp.ClientV3 = clientV3
+
+	pp.ClientV3 = clientV3.SetPlatformCert([]byte(platformCert), serialNo)
+
 	return pp, nil
 }
 
@@ -50,53 +61,71 @@ func (pp *WechatPaymentProvider) Pay(providerName string, productName string, pa
 
 	bm := gopay.BodyMap{}
 
-	bm.Set("providerName", providerName)
-	bm.Set("productName", productName)
-
-	bm.Set("return_url", returnUrl)
+	bm.Set("attach", joinAttachString([]string{productDisplayName, productName, providerName}))
+	bm.Set("appid", pp.appId)
+	bm.Set("description", productDisplayName)
 	bm.Set("notify_url", notifyUrl)
-
-	bm.Set("body", productDisplayName)
 	bm.Set("out_trade_no", paymentName)
-	bm.Set("total_fee", getPriceString(price))
+	bm.SetBodyMap("amount", func(bm gopay.BodyMap) {
+		bm.Set("total", int(price*100))
+		bm.Set("currency", "CNY")
+	})
 
-	wechatRsp, err := pp.ClientV3.V3TransactionJsapi(context.Background(), bm)
+	wxRsp, err := pp.ClientV3.V3TransactionNative(context.Background(), bm)
 	if err != nil {
 		return "", err
 	}
 
-	payUrl := fmt.Sprintf("https://open.weixin.qq.com/connect/oauth2/authorize?appid=%s&redirect_uri=%s&response_type=code&scope=snsapi_base&state=STATE#wechat_redirect", pp.appId, wechatRsp.Response.PrepayId)
-	return payUrl, nil
+	if wxRsp.Code != wechat.Success {
+		return "", errors.New(wxRsp.Error)
+	}
+
+	return wxRsp.Response.CodeUrl, nil
 }
 
 func (pp *WechatPaymentProvider) Notify(request *http.Request, body []byte, authorityPublicKey string) (string, string, float64, string, string, error) {
-	bm, err := wechat.V3ParseNotifyToBodyMap(request)
-	if err != nil {
-		return "", "", 0, "", "", err
-	}
-
-	providerName := bm.Get("providerName")
-	productName := bm.Get("productName")
-
-	productDisplayName := bm.Get("body")
-	paymentName := bm.Get("out_trade_no")
-	price := util.ParseFloat(bm.Get("total_fee"))
-
 	notifyReq, err := wechat.V3ParseNotify(request)
 	if err != nil {
 		panic(err)
 	}
 
 	cert := pp.ClientV3.WxPublicKey()
-
 	err = notifyReq.VerifySignByPK(cert)
 	if err != nil {
 		return "", "", 0, "", "", err
 	}
 
+	apiKey := string(pp.ClientV3.ApiV3Key)
+	result, err := notifyReq.DecryptCipherText(apiKey)
+	if err != nil {
+		return "", "", 0, "", "", err
+	}
+
+	paymentName := result.OutTradeNo
+	price := float64(result.Amount.PayerTotal) / 100
+
+	productDisplayName, productName, providerName, err := parseAttachString(result.Attach)
+	if err != nil {
+		return "", "", 0, "", "", err
+	}
+
 	return productDisplayName, paymentName, price, productName, providerName, nil
 }
 
 func (pp *WechatPaymentProvider) GetInvoice(paymentName string, personName string, personIdCard string, personEmail string, personPhone string, invoiceType string, invoiceTitle string, invoiceTaxId string) (string, error) {
 	return "", nil
 }
+
+func (pp *WechatPaymentProvider) GetResponseError(err error) string {
+	response := &WechatPayNotifyResponse{
+		Code:    "SUCCESS",
+		Message: "",
+	}
+
+	if err != nil {
+		response.Code = "FAIL"
+		response.Message = err.Error()
+	}
+
+	return util.StructToJson(response)
+}