0x1 前言

昨天確認接到訊息回覆了，今天來把解密函數跟 receive_msg 整理一下

0x2 整理函數

昨天有看到 receive_msg 傳入並且也要求 查詢訊息內容，內容也是需要解密，把 create_order 解密的那一塊獨立出來，建立 reply_message_decrypt 函數

// app/Http/Controllers/Controller.php
protected function reply_message_decrypt(Sinopac $sinopac, $message)
{
    $reply_nonce = $message['Nonce'] | '';
    if (!$reply_nonce) {
        $msg = 'Reply message haven\'t Nonce';
        Log::error($msg , $message);
        throw new \Exception($msg);
    }

    // 1. nonce 計算 iv
    $iv = $sinopac->calculateIv($reply_nonce);
    // 2. 計算 hash_id (AES key)
    $hash_id = $sinopac->calcHashId();
    // 3. message 解密
    $decrypt_message = $sinopac->decryptMessage($message['Message'], $hash_id, $iv);
    // 4. 驗證 sign
    $sign = $sinopac->generateSign($decrypt_message, $reply_nonce, $hash_id);

    if (!($sign === $message['Sign'])) {
        return ['msg' => '驗證錯誤，內文簽章不同'];
    }

    return $decrypt_message;
}

把 receive_msg 跟 create_order 修改一下

// app/Http/Controllers/Controller.php

public function create_order(Request $request)
{
    ...
    $message = $sinopac->callApi('https://apisbx.sinopac.com/funBIZ/QPay.WebAPI/api/Order', $data);

    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    // 這裡的 – 是 \xE2  不是 \x2D
    $description = explode(' – ', $decrypt_message['Description']);
    ...
}

public function receive_msg(Request $request)
{
    ...
    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    Log::info('Reply message', (array) $decrypt_message);
    ...
}

喔，對了 PayToken 跟 APType 要記錄下來

php .\artisan make:migration --table sale_orders alter_sale_order

// database/migrations/[datetime]_update_sale_order.php
public function up()
{
    Schema::table('sale_orders', function (Blueprint $table) {
        $table->string('pay_token', 110)->nullable()->comment('付款回應訊息 token');
        $table->string('ap_type', 30)->nullable()->comment('訊息類型');
    });
}
    
public function down()
{
    Schema::table('sale_orders', function (Blueprint $table) {
        $table->dropColumn(['pay_token', 'ap_type']);
    });
}

php .\artisan migrate

再次修改 receive_msg，把需要更新的紀錄寫進去

// app/Http/Controllers/Controller.php
public function receive_msg(Request $request)
{
    Log::alert('Receive message Content', $request->all());
    $PayToken = $request->get('PayToken');

    if (!$PayToken) {
        Log::alert('PayToken Not exist');
        return ['Status' => 'F'];
    }

    $sinopac = $this->initSinopac();
    $data = $sinopac->requestDataset('OrderPayQuery', $request->all());
    $message = $sinopac->callApi('https://apisbx.sinopac.com/funBIZ/QPay.WebAPI/api/Order', $data);

    $decrypt_message = $this->reply_message_decrypt($sinopac, $message);
    Log::info('Reply message', (array) $decrypt_message);

    $record = sale_order::where('ts_no', $decrypt_message['TSResultContent']['TSNo']);
    if (!$record->count()) {
        Log::alert('Not found order!');
        return ['Status' => 'F'];
    }

    $record->update([
        'pay_token'     => $decrypt_message['PayToken'],
        'ap_type'       => $decrypt_message['TSResultContent']['APType'],
        'status'        => $decrypt_message['Status'],
        'description'   => $decrypt_message['Description']
    ]);

    return ['Status' => 'S'];
}

傳送幾筆訂單後，等待訊息回覆

0x3 今日結語

深深地覺得，這已經當日記在寫了XD，
完全沒有規劃的隨心所欲，看到缺什麼補什麼
明天把建立訂單 - 信用卡的部分完成，
還有兩個禮拜，加油 :D