iT邦幫忙

2021 iThome 鐵人賽

DAY 16
0
永豐金融APIs

試著讀懂與串接永豐金融APIs系列 第 16

Day 0x10 - 整理解密函數與 Webhook api

  • 分享至 

  • xImage
  •  

0x1 前言

昨天確認接到訊息回覆了,今天來把解密函數跟 receive_msg 整理一下

0x2 整理函數

昨天有看到 receive_msg 傳入並且也要求 查詢訊息內容,內容也是需要解密,把 create_order 解密的那一塊獨立出來,建立 reply_message_decrypt 函數

// app/Http/Controllers/Controller.php
protected function reply_message_decrypt(Sinopac $sinopac, $message)
{
    $reply_nonce = $message['Nonce'] | '';
    if (!$reply_nonce) {
        $msg = 'Reply message haven\'t Nonce';
        Log::error($msg , $message);
        throw new \Exception($msg);
    }

    // 1. nonce 計算 iv
    $iv = $sinopac->calculateIv($reply_nonce);
    // 2. 計算 hash_id (AES key)
    $hash_id = $sinopac->calcHashId();
    // 3. message 解密
    $decrypt_message = $sinopac->decryptMessage($message['Message'], $hash_id, $iv);
    // 4. 驗證 sign
    $sign = $sinopac->generateSign($decrypt_message, $reply_nonce, $hash_id);

    if (!($sign === $message['Sign'])) {
        return ['msg' => '驗證錯誤,內文簽章不同'];
    }

    return $decrypt_message;
}

receive_msgcreate_order 修改一下

// app/Http/Controllers/Controller.php

public function create_order(Request $request)
{
    ...
    $message = $sinopac->callApi('https://apisbx.sinopac.com/funBIZ/QPay.WebAPI/api/Order', $data);

    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    // 這裡的 – 是 \xE2  不是 \x2D
    $description = explode(' – ', $decrypt_message['Description']);
    ...
}

public function receive_msg(Request $request)
{
    ...
    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    Log::info('Reply message', (array) $decrypt_message);
    ...
}

喔,對了 PayToken 跟 APType 要記錄下來

php .\artisan make:migration --table sale_orders alter_sale_order
// database/migrations/[datetime]_update_sale_order.php
public function up()
{
    Schema::table('sale_orders', function (Blueprint $table) {
        $table->string('pay_token', 110)->nullable()->comment('付款回應訊息 token');
        $table->string('ap_type', 30)->nullable()->comment('訊息類型');
    });
}
    
public function down()
{
    Schema::table('sale_orders', function (Blueprint $table) {
        $table->dropColumn(['pay_token', 'ap_type']);
    });
}
php .\artisan migrate

再次修改 receive_msg,把需要更新的紀錄寫進去

// app/Http/Controllers/Controller.php
public function receive_msg(Request $request)
{
    Log::alert('Receive message Content', $request->all());
    $PayToken = $request->get('PayToken');

    if (!$PayToken) {
        Log::alert('PayToken Not exist');
        return ['Status' => 'F'];
    }

    $sinopac = $this->initSinopac();
    $data = $sinopac->requestDataset('OrderPayQuery', $request->all());
    $message = $sinopac->callApi('https://apisbx.sinopac.com/funBIZ/QPay.WebAPI/api/Order', $data);

    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    Log::info('Reply message', (array) $decrypt_message);

    $record = sale_order::where('ts_no', $decrypt_message['TSResultContent']['TSNo']);
    if (!$record->count()) {
        Log::alert('Not found order!');
        return ['Status' => 'F'];
    }

    $record->update([
        'pay_token'     => $decrypt_message['PayToken'],
        'ap_type'       => $decrypt_message['TSResultContent']['APType'],
        'status'        => $decrypt_message['Status'],
        'description'   => $decrypt_message['Description']
    ]);

    return ['Status' => 'S'];
}

傳送幾筆訂單後,等待訊息回覆
https://ithelp.ithome.com.tw/upload/images/20210926/20141805CryTZl3J9p.png

0x3 今日結語

深深地覺得,這已經當日記在寫了XD,
完全沒有規劃的隨心所欲,看到缺什麼補什麼
明天把建立訂單 - 信用卡的部分完成,
還有兩個禮拜,加油 :D


上一篇
Day 0xF - Web ATM 內容?,測試模擬交易回傳資訊
下一篇
Day 0x11 - 建立信用卡付款的訂單
系列文
試著讀懂與串接永豐金融APIs30
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言