minibear2021 / wechatpayv3 Goto Github PK
View Code? Open in Web Editor NEW微信支付 API v3 Python SDK
License: MIT License
微信支付 API v3 Python SDK
License: MIT License
core.py:203: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to not_valid_before_utc.
if certificate and now >= certificate.not_valid_before and now <= certificate.not_valid_after:
signature = headers.get('Wechatpay-Signature')
timestamp = headers.get('Wechatpay-Timestamp')
nonce = headers.get('Wechatpay-Nonce')
serial_no = headers.get('Wechatpay-Serial')
如题
Ubuntu python3.8下安装最新版本导致python3-openssl损坏,全部pip命令不可用,apt卸载python3-openssl后删除site-packages下相关包解决pip不可用问题
链接过期了
首先感谢对项目的开源,我们都是开源项目的受益者。
这个 Issue 想请教下作者,在分布式场景下对这款 SDK 使用的思路。
多节点,多 Work 时,作者如何考虑 多个 WeChatPay 事例,将需要多个证书维护线程,理论上看,微信支付官方对证书下载接口的频次为:1000 次/s,但考虑到多节点时,叠加多 Work 时,如果不能共享,终归不是太好(当然也注意到获取到证书后将证书写入文件)。
当然理论上这个问题不会很要紧,因为如果分布节点到达那么多时,往往已经服务化改造了,但是否代表着这里存在者上限。
另外,根据通读下来的理解,_update_certificates 在更新或者获取证书时,如果出现在被动更新时,被并非的触发更新时,是否有可能存在并行的触发更新。
if receivers:
params.update({'transaction_id': transaction_id})
else:
raise Exception('transaction_id is not assigned')
?
微信支付官方文档中有“敏感信息加解密”的相关要求:
https://pay.weixin.qq.com/wiki/doc/apiv3_partner/wechatpay/wechatpay4_3.shtml
“开发者应当使用微信支付平台证书中的公钥,对上送的敏感信息进行加密。这样只有拥有私钥的微信支付才能对密文进行解密,从而保证了信息的机密性。
另一方面,微信支付使用 商户证书中的公钥对下行的敏感信息进行加密。开发者应使用商户私钥对下行的敏感信息的密文进行解密。”
大佬,请问wechatpayv3中有相关实现代码吗?找了半天没找到,请恕我愚钝。
请问一下,为什么我的回调方法接收到的request.data格式不对
{ "id": "EV-2018022511223320873", "create_time": "2015-05-20T13:29:35+08:00", "resource_type": "encrypt-resource", "event_type": "TRANSACTION.SUCCESS", "summary": "支付成功", "resource": { "original_type": "transaction", "algorithm": "AEAD_AES_256_GCM", "ciphertext": "", "associated_data": "", "nonce": "" } }
我得到的是这样的
{"data":[ {"effective_time":"2022-04-15T13:46:12+08:00", "encrypt_certificate": {"algorithm":"AEAD_AES_256_GCM", "associated_data":"certificate", "ciphertext":"MpxtKsvcoF3Jmuofu/L/NjZ+aUqJ4yrQG824VT4At5WHoDyd4x2ydRAJwwy+zuvZ4MsQfGyjjNkO2xAF9G7oN3cnwJAyL0Oo4ZWcrPoMZDLqccaYJaMogun/qz6u8FHP9x5CIBi3HAQzZl+FP9MhpIEuUhj/nMl8yksTWDU9R5MFdw+0CGymglJ6P3kGDIeQACXALRLT6eL0NGQSCQwFAoQpVEwDBVRIjh6beWYOKySP8KLJasL3MH3XthYcS/rvjO0lQxLER2ByZsfBg/yM+3eQuyFJUauqWlY8iPuO8GAYalhomdPWpe2TwAqwce0ZLdKfDOvDxd96TKKGeR5+BD8Ws5+b6y8PYnkcMd+WUyv8BVGl2dHf6tno3QHuqVxm61Km2Ze+6lEKjPXNr7CMX8k1rqeMhlrVxYbUhGWrNXXL+CKOJTNnQgMRO1aU46Kx0N/x9sepKL72RpYbTzcbcRwsZ4WFw+qqd2nO4afusV7HmYsztSvxxcD8fTg19kTEhI3HMWLHf8CCyQ+uRAm7ZiCi/g6WlMT5a2JYMzx4/kKucS1PCHs+3k7OYDocxXDUhVt9YlMJGPdZLMjmQzEt3CP/8zGl4ndJmOuLZsO1xGuJNN5P/h2K+JuZ0Y5toQrR6m9zlWdhmbaxiENVDzaxn9FEyR3Tj1ioRVpFhIBvmyLhZuRr+uHX/9ZcxNqKuP+pVntu+oEnd+aUSZsNV3U+S/vF2d78cFsJMgx1k9dbyYOflmAJB6qhf4MUxumqMXhu6verAs7K9RYy3B/8D+1DLv88gxRSSZVr0iqXYped6EGe0Gfp10oy0OKWAjsXmiIQaX/d4NGnFFfi0HdvaxhFokkh/Nktam0fxl40OZGeyKgqZl/NcfirjtLpRUu3YZV1ASYdbHLe8kqn0HYnMfKUdcw//5AIT9mDTnvP+wHadHicLRQHVzPR2z4IlBGm+Rr6J0yBC9LWzxFstBv/yHq9SmcqiC6C9RVOtrHpqb2HbE4kD0TbpTcofp3KGVsMOEf+hAYob94OEUU74H6tulxI1UiTr6JQzJykxP3M1FnEqb3/JN8aDZPIAwilgE/NjySpRvedkl4apvanNI8gHOK3SYyrD+RvrHrY3LcHjpiR6V5inCXYM3tmPmNiURBoIVLRLzbb84Q11lRJCVmWfE1zU62OCckmlqDJMck58QPI75EEk5sCQbBumuICKwfDfj//uU49KtvcHLVdj3WhmQtz660x2NU80ndB5WBk2AAv/rT3zFd3zGzXeM+jBy/4623dXnDEaSXHQk4BP7FLULhIsQiM/JNP+hbkyHTDq+bbJ3JzQpZtR8aTlP5wZpwWvclDCnisi65JHeEublKe2wIKoiYo9RYsHDzsqy6FlJlSqaJMu6mC6oYsF3ZG21x2Dv+WRIsf3SaPpGLpcOkVJNtT+tdT12z1i//rbLK53DADhTN2h2djPiHkx2KiMlNxocFQXtFcJIR0zmde8UQ54sLg4SMh1An+bJitpNleeCcNZuDJIQCAkpCShztQB9lFdEbeG7bWI28sMYVVOVuSYgqanmEh5CyNteqcqG21A91uMQmmQLG3dJmD9VyTvakBf3R6Qm7rLoXXUJ+yoAVJie6Te12ALLzuyE8pwI8OfvpK+BNLXBS7W3KzENTsIkx/i/IqtgGFzRkQ9guVCwA71JHiuU3+K0KLKXjN4ynLDbk2r0ZIL9m8aBHoguyoIWtFwI76Fz3B4ZwXDX7U9N9VqNGO+UjCljrTZjRQy+FSOh1DJIXKaePEROggGSOjcD3QEE9Q1va2WW7M/uv+yHh8u/V9HnsBnTQrPK09U0BIqy+3ALEhfGgZef6L5kHUY/nWDLcRwtnSq/W0NPf16XjcgQ/29Krq3OXadQ==", "nonce":"0401acb66488"}, "expire_time":"2027-04-14T13:46:12+08:00","serial_no":"474A7CDC898039BEC0F1D6F4A0F7F8C9D8113412"} ] }
麻烦帮忙看一下,非常感谢
服务商模式不能直接使用吗?
方法路径:wechatpayv3 > core.py > _verify_signature(self, headers, body)
方法源码:
def _verify_signature(self, headers, body):
signature = headers.get('Wechatpay-Signature')
timestamp = headers.get('Wechatpay-Timestamp')
nonce = headers.get('Wechatpay-Nonce')
serial_no = headers.get('Wechatpay-Serial')
cert_found = False
for cert in self._certificates:
if int('0x' + serial_no, 16) == cert.serial_number:
cert_found = True
certificate = cert
break
if not cert_found:
self._update_certificates()
for cert in self._certificates:
if int('0x' + serial_no, 16) == cert.serial_number:
cert_found = True
certificate = cert
break
if not cert_found:
return False
if not rsa_verify(timestamp, nonce, body, signature, certificate):
return False
return True
当 cert_found 为 False 时,程序将会执行 _update_certificates() 方法,在此更新证书的方法中,self._certificates 中的信息仍然错误,从而导致接下来的验证依旧不能通过,进而再次执行 _update_certificates() 方法,最终产生死循环
不确定headers和body的具体类型,是否可以修改成默认为dict类型
init.py处WeChatPay类__init__方法中参数parivate_key拼写错误
path should end with ‘/’, path = '/v3/applyment4sub/applyment/', otherwise will return 404.
Also,some field should encrypt too, add logic as follows in applyment_submit function:
if params.get('subject_info').get('identity_info'):
id_card_info = params.get('subject_info').get('identity_info').get('id_card_info')
if id_card_info is not None:
id_card_info['id_card_name'] = self._core.encrypt(id_card_info['id_card_name'])
id_card_info['id_card_number'] = self._core.encrypt(id_card_info['id_card_number'])
cipher_data = True
请问小程序对接微信支付,都必要要先申请小程序账号和商户号吗?有没有类似支付宝沙箱环境账号那样,可以申请测试账号在本地环境测试下
How to use wechatpayv3 in likeadmin-python version
大佬,再问一个可能比较普遍的问题。wechatpayv3文档上说:”适用对象wechatpayv3支持微信支付直连商户“,然后给出了接口适配的方法。通过阅读微信支付官方文档,我发现直连商户和服务商的签名验签、加密解密过程都是一样的。API本质上貌似也没什么区别。例如,以下是服务商电商收付通的API列表:
https://pay.weixin.qq.com/wiki/doc/apiv3_partner/open/pay/chapter3_3_3.shtml
所以我认为wechatpayv3也支持微信支付服务商,只要开发者自己适配相关接口即可。
请问我的理解是正确的吗?
你好,
在回调地址notify_url中接受request.header和request.body,并传入wxpay.decrypt_callback函数验证签名和解密返回值,验证签名失败,但解密返回值正确。
服务器为centos 7,已设置平台证书路径为“\cert”,运行decrypt_callback函数时,系统已下载签名并存放到该文件夹。verify(timestamp, nonce, body, signature, certificate)时可以通过该证书生成公钥文件:<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f0dcf7b6eb0>
然后在public_key.verify(signature, message, PKCS1v15(), SHA256())时,验证不过去。以下为拼凑的sign_str,还请帮助看看在哪一步出现了问题,非常感谢!
例如,验签拼凑字符串为:
1627890132
Fnqw2Aw6k1fIxb8DhPAKogL76BeSnvQ6
{"id": "3e283601-7c3d-5c04-8ebf-225474439c26", "create_time": "2021-08-02T15:42:11+08:00", "resource_type": "encrypt-resource", "event_type": "TRANSACTION.SUCCESS", "summary": "支付成功", "resource": {"original_type": "transaction", "algorithm": "AEAD_AES_256_GCM", "ciphertext": "ECIKoyOZBc9soYj7gVqD1JRzXA+0LSPcbm6lPXqIqB/iLTWk9jR6En9z6vVPHpTDKIySzFb4/A9+fViPQJYMCa8tGqwA2HzMCB52PyRTRQ7nrBLBR7lQyHMZbWDqU35tujTmu4KGuO8nplOV4Q7rm+dXFt5RN7XJwbyufTQmU1FviWfzTwe7sT4ndnf4YhY7V0z7m2AhboQXGxdpSYccHLIGFpZctL4VFE1qJ4ikHdNJNvj6RF/yTElP2ssDVHd4lKckuqZ8u7xa5jmhvxzqkJIAFsVDEHKvM4wUkmgV6B6XIeuXMvxi1JNTW33hTnNWTZphcE467Ge/l2ajJckDNKJTeRv50nY+JLm6K2I7f2kmvxHm9OYpCkHlzXWqieMrPrwQs1KbfTqxYaUYW9vOESRXAAOV7q7YfMCkvfjnyX7KQEKYIsKYHPUnpWpJbBRriAH1oY5DC0SoLmlbaCEvwiaEJg7MFwhFVQYLxwk2DsIjbFC1UUxLIs5tZvKUrWFmbQOUTzmnCv/0qU7KbVZbeaHVEFzZ8d1UG1SK/db+medh65ueEwgko9DIvdCITnXTceS3AwTdre2T", "associated_data": "transaction", "nonce": "123RUOfxtcAL"}}
wxpay.pay(
description='demo-description',
out_trade_no='demo-trade-no',
amount={'total': 100},
payer={'openid': 'demo-openid'})
readme和example有一定的误导性。最好文档明确一点:
PRIVATE_KEY = open(os.path.join(settings.BASE_DIR, 'wechat_files/apiclient_key.pem')).read()
看源代码core.py里
def _last_certificate(self):
if not self._certificates:
self._update_certificates()
certificate = self._certificates[0]
for cert in self._certificates:
if certificate.not_valid_after < cert.not_valid_after:
certificate = cert
return certificate
里面的 _update_certificates() 是在 self._certificate为空的时候调一次更新,
看不到哪里是定时进行更新的逻辑,或者哪里使得 self._certificates变成空
今天用了发现有bug,代码里是post,看微信文档是patch方法:https://pay.weixin.qq.com/docs/merchant/apis/fapiao/fapiao-merchant/update-development-config.html
该接口在return refund时掉了一个self参数。因此会报如下错误:
File "/usr/local/lib/python3.9/site-packages/wechatpayv3/payscore.py", line 361, in payscore_refund
sharedpowerbankdocker-web_api-1 | return refund(out_refund_no=out_refund_no, amount=amount, transaction_id=transaction_id, reason=reason,
sharedpowerbankdocker-web_api-1 | TypeError: refund() missing 1 required positional argument: 'self'
在使用单线程时,不会出现签名错误,当使用线程池去查询线程状态时,会有概率出现 签名错误的提示
2023-09-14 14:18:21,482 DEBUG core.py line:129 Response content: {"code":"SIGN_ERROR","detail":{"detail":{"issue":"sign not match"},"field":"signature","location":"authorization","sign_information":{"method":"GET","sign_message_length":126,"truncated_sign_message":"GET\n/v3/pay/transactions/out-trade-no/*****","url":"/v3/pay/transactions/out-trade-no/******"}},"message":"签名错误,请检查后再试"}
这是因为下载cert代码模块时,请求返回401,无法下载cert,时间异常,但是没有报错显示,只是单纯无法运行项目
如果 need_query_detail 值为 False ,微信会返回错误 {'code': 'PARAM_ERROR', 'message': '传入的转账明细状态无效'}
无论 detail_status 传 WAIT_PAY ALL SUCCESS FAIL 中的哪个值,都会返回错误
但是 need_query_detail = False 的时候,不传 detail_status 就能正常拿到响应,此时 path 如下
/v3/transfer/batches/out-batch-no/my_out_batch_no?need_query_detail=false&offset=0&limit=20
查看参数, headers跟文档的一样, 也按照文档配置了平台证书,但是在验证签名这步一直失败.
Traceback (most recent call last):
File ".\weixinpay.py", line 32, in
wxpay = WeChatPay(
File "C:\Users\bob\AppData\Local\Programs\Python\Python38\lib\site-packages\wechatpayv3_init_.py", line 38, in init
self._core = Core(mchid=self._mchid,
File "C:\Users\bob\AppData\Local\Programs\Python\Python38\lib\site-packages\wechatpayv3\core.py", line 26, in init
self._init_certificates()
File "C:\Users\bob\AppData\Local\Programs\Python\Python38\lib\site-packages\wechatpayv3\core.py", line 208, in _init_certificates
raise Exception('No wechatpay platform certificate, please double check your init params.')
Exception: No wechatpay platform certificate, please double check your init params.
wechatpayv3/wechatpayv3/transaction.py
Line 180 in 4c3939f
需要添加 skip_verify=True
看了下文档,好像没看见付款码支付,是不支持吗?
您好,
请问项目现在对FastAPI支持情况如何?有更契合FastAPI项目接入的方案吗?
就象超市一样,POS录完单后,用扫码枪扫下用户的微信收款码
其它都解决了,就差这个扫收款码
谢谢
在请求支付二维码code_url时,core.py里的requests.post()卡住导致wxpay.pay()卡住了,那几个get,post,patch,put,delete请求都没有加timeout的,是不是要添加一下?
https://pay.weixin.qq.com/wiki/doc/api/micropay.php?chapter=9_10&index=1
就是这个,谢谢
我建立了一个公众号,作为一个平台,里面有多个商户,这些商户在服务商添加子商户的情况下,绑定的是平台的公众号app_id,也即这些商户没有自己的app_id。
看微信的接口文档是需要传1个sub_mchid。请问下示例里面是没有sub_mchid的。请教下,这种情况下,
wxpay = WeChatPay(
wechatpay_type=WeChatPayType.NATIVE,
mchid=MCHID,
private_key=PRIVATE_KEY,
cert_serial_no=CERT_SERIAL_NO,
apiv3_key=APIV3_KEY,
appid=APPID,
notify_url=NOTIFY_URL,
cert_dir=CERT_DIR,
# logger=LOGGER,
partner_mode=PARTNER_MODE,
proxy=PROXY
)
是不是初始化的时候加一个参数SUB_MCHID='xxxxx',并且在这个wxpay里面加上sub_mchid=SUB_MCHID
另外:
payer = {'openid': 'xxxx'}是否改为:payer = {'sub_openid': 'xxxxx'}
Exception: failed to load private key.
python 运行出错,请问是什么问题
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.