解决:支付宝回调验证AlipaySignature.rsaCheckV1,一直返回false的问题

xu.wang

发布于 2021.06.23 10:04 阅读 501 评论 0

环境:

使用IjPay 普通公玥方式

配置文件如下:

 @Bean
    @PostConstruct
    public AliPayApiConfig getApiConfig() {
        AliPayApiConfig aliPayApiConfig;
        try {
            aliPayApiConfig = AliPayApiConfigKit.getApiConfig(this.getAppId());
        } catch (Exception e) {
            aliPayApiConfig = AliPayApiConfig.builder()
                    .setAppId(this.getAppId())
                    .setAliPayPublicKey(this.getPublicKey())
                    .setAppCertPath(this.getAppCertPath())
                    .setAliPayCertPath(this.getAliPayCertPath())
                    .setAliPayRootCertPath(this.getAliPayRootCertPath())
                    .setCharset("UTF-8")
                    .setPrivateKey(this.getPrivateKey())
                    .setServiceUrl(this.getServerUrl())
                    .setSignType("RSA2")
                    // 普通公钥方式
                    .build();
            // 证书模式
//                    .buildByCert();
        }
        AliPayApiConfigKit.putApiConfig(aliPayApiConfig);
        return aliPayApiConfig;
    }

在支付成功回调地址中

  boolean verifyResult = AlipaySignature.rsaCheckV1(params, alipayConfiguration.getPublicKey(), "UTF-8", alipayConfiguration.getSign_type());

 

一直返回false, 经过搜索和查询源码后发现第二个参数是填写支付宝公玥,而不是应用公玥,在沙箱环境中可以查看:修改后测试成功;


            boolean verifyResult = AlipaySignature.rsaCheckV1(params, alipayConfiguration.getAlipayPublicKey(), "UTF-8", alipayConfiguration.getSign_type());