django2.0调用支付宝支付接口完成扫码支付
准备工作:
1.蚂蚁金服开放平台注册账号:https://openhome.alipay.com/platform/appDaily.htm?tab=info
2.开发者中心 --> 研发服务 --> 沙箱应用(测试环境)
3.设置应用公钥,按照提示下载**生成工具,生成**,将商户应用公钥复制拷贝到对应位置并保存,生成的**文件妥善保存
4.点击查看支付宝公钥,将支付宝公钥复制到一个新文件中保存
5. 需要加密方面的模块 pip install pycryptodome
6. 手机上下载沙箱钱包可做测试使用
代码实现:
目录结构
pay.py 文件
import json
from datetime import datetime
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from urllib.parse import quote_plus
from base64 import decodebytes, encodebytes
class AliPay(object):
"""
支付宝支付接口(PC端)
"""
def __init__(self, appid, app_notify_url, app_private_key_path,
alipay_public_key_path, return_url, debug=False):
self.appid = appid
self.app_notify_url = app_notify_url
self.app_private_key_path = app_private_key_path
self.app_private_key = None
self.return_url = return_url
with open(self.app_private_key_path) as fp:
self.app_private_key = RSA.importKey(fp.read())
self.alipay_public_key_path = alipay_public_key_path
with open(self.alipay_public_key_path) as fp:
self.alipay_public_key = RSA.import_key(fp.read())
if debug is True:
self.__gateway = "https://openapi.alipaydev.com/gateway.do"
else:
self.__gateway = "https://openapi.alipay.com/gateway.do"
def direct_pay(self, subject, out_trade_no, total_amount, return_url=None, **kwargs):
biz_content = {
"subject": subject,
"out_trade_no": out_trade_no,
"total_amount": total_amount,
"product_code": "FAST_INSTANT_TRADE_PAY",
# "qr_pay_mode":4
}
biz_content.update(kwargs)
data = self.build_body("alipay.trade.page.pay", biz_content, self.return_url)
return self.sign_data(data)
def build_body(self, method, biz_content, return_url=None):
data = {
"app_id": self.appid,
"method": method,
"charset": "utf-8",
"sign_type": "RSA2",
"timestamp": datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
"version": "1.0",
"biz_content": biz_content
}
if return_url is not None:
data["notify_url"] = self.app_notify_url
data["return_url"] = self.return_url
return data
def sign_data(self, data):
data.pop("sign", None)
# 排序后的字符串
unsigned_items = self.ordered_data(data)
unsigned_string = "&".join("{0}={1}".format(k, v) for k, v in unsigned_items)
sign = self.sign(unsigned_string.encode("utf-8"))
ordered_items = self.ordered_data(data)
quoted_string = "&".join("{0}={1}".format(k, quote_plus(v)) for k, v in ordered_items)
# 获得最终的订单信息字符串
signed_string = quoted_string + "&sign=" + quote_plus(sign)
return signed_string
def ordered_data(self, data):
complex_keys = []
for key, value in data.items():
if isinstance(value, dict):
complex_keys.append(key)
# 将字典类型的数据dump出来
for key in complex_keys:
data[key] = json.dumps(data[key], separators=(',', ':'))
return sorted([(k, v) for k, v in data.items()])
def sign(self, unsigned_string):
# 开始计算签名
key = self.app_private_key
signer = PKCS1_v1_5.new(key)
signature = signer.sign(SHA256.new(unsigned_string))
# base64 编码,转换为unicode表示并移除回车
sign = encodebytes(signature).decode("utf8").replace("\n", "")
return sign
def _verify(self, raw_content, signature):
# 开始计算签名
key = self.alipay_public_key
signer = PKCS1_v1_5.new(key)
digest = SHA256.new()
digest.update(raw_content.encode("utf8"))
if signer.verify(digest, decodebytes(signature.encode("utf8"))):
return True
return False
def verify(self, data, signature):
if "sign_type" in data:
sign_type = data.pop("sign_type")
# 排序后的字符串
unsigned_items = self.ordered_data(data)
message = "&".join(u"{}={}".format(k, v) for k, v in unsigned_items)
return self._verify(message, signature)
view.py 文件
import random
import time
from django.http import HttpResponse
from django.shortcuts import redirect, render
from django.contrib.auth import get_user_model
from utils.pay import AliPay
from xfz.settings import AliPayConfig
# 注意:uid参数可不要,此处因生成订单号要使用,所以添加,测试证明沙箱环境下添加自定义参数回调函数也可正常访问,正式环境下还没有测试,待测试后再做说明
# 充值页面
def pay_page(request):
return render(request, 'user_center/pay_page.html')
# 生成订单号(自定义)
def order_num(package_num,uid):
'''
商品代码后两位+下单时间后十二位+用户id后四位+随机数四位
:param package_num: 商品代码
:return: 唯一的订单号
'''
local_time = time.strftime('%Y%m%d%H%M%S',time.localtime(time.time()))[2:]
result = str(package_num)[-2:] + local_time +uid[-4:]+str(random.randint(1000,9999))
return result
# 获取一个Alipay对象
def get_ali_object(uid):
# 沙箱环境地址:https://openhome.alipay.com/platform/appDaily.htm?tab=info
# 正式启用时需要重新配置app_id ,merchant_private_key_path ,alipay_public_key_path
app_id = AliPayConfig.app_id # APPID 沙箱应用
# 支付完成后支付宝向这里发送一个post请求,如果识别为局域网ip,支付宝找不到,alipay_result()接受不到这个请求
notify_url = AliPayConfig.notify_url+uid+'/'
# 支付完成后跳转的地址
return_url = AliPayConfig.return_url+uid+'/'
# 应用私钥
merchant_private_key_path = AliPayConfig.merchant_private_key_path
# 支付宝公钥
alipay_public_key_path = AliPayConfig.alipay_public_key_path # 验证支付宝回传消息使用
alipay = AliPay(
appid=app_id,
app_notify_url=notify_url,
return_url=return_url,
app_private_key_path=merchant_private_key_path,
alipay_public_key_path=alipay_public_key_path,
debug=True # 默认False 设置是否是沙箱环境
)
return alipay
# 账户充值(支付宝)
def alipay(request, uid):
'''根据当前用户的配置生成url,并跳转'''
money = float(request.POST.get('money'))
alipay = get_ali_object(uid)
# 生成支付的url
query_params = alipay.direct_pay(
subject='充值到XXX', # 订单名称
out_trade_no=order_num('xx',uid), # 用户购买商品订单号(每次不一样)
total_amount=money # 交易金额
)
# 支付url
pay_url = "https://openapi.alipaydev.com/gateway.do?{0}".format(query_params) # 支付宝网关地址(沙箱应用)
return redirect(pay_url)
# 支付成功后回调函数(支付宝)
def alipay_result(request,uid):
alipay = get_ali_object(uid)
if request.method == "POST": # POST方法后台回调,只能在外网服务器测试
# 检测是否支付成功
# 去请求体中获取所有返回的参数:状态/订单号
post_dict = request.POST.dict()
sign = post_dict.pop('sign', None)
money = post_dict['total_amount']
status = alipay.verify(post_dict, sign) # 验签
if status:
'''
支付成功后业务逻辑
'''
return HttpResponse('success')
else:
'''
支付失败后业务逻辑
'''
return HttpResponse('')
else: # GET请求 前台回调
params = request.GET.dict()
sign = params.pop('sign', None)
status = alipay.verify(params, sign) # 验签
if status:
return HttpResponse('支付成功')
else:
return HttpResponse('支付失败')
urls.py 文件
from django.urls import path
from . import views
app_name = 'pay'
urlpatterns = [
path('alipay/<str:uid>/',views.alipay,name='alipay'),
path('alipay_result/<str:uid>/',views.alipay_result,name='alipay_result'),
path('pay_page/',views.pay_page,name='pay_page'),
]
sittings.py 文件
# 支付宝参数配置
class AliPayConfig(object):
# 正式启用时需要重新配置app_id ,merchant_private_key_path ,alipay_public_key_path
app_id = "xxx" # APPID 沙箱应用
# 支付完成后支付宝向这里发送一个post请求,如果识别为局域网ip,支付宝找不到,alipay_result()接受不到这个请求
notify_url = "http://127.0.0.1:8000/pay/alipay_result/"
# 支付完成后跳转的地址
return_url = "http://127.0.0.1:8000/pay/alipay_result/"
# 应用私钥
merchant_private_key_path = "keys/app_private_2048.txt"
# 支付宝公钥
alipay_public_key_path = "keys/alipay_public_2048.txt" # 验证支付宝回传消息使用
效果图
参考:
1.https://blog.csdn.net/lmw1239225096/article/details/79416474
2.https://www.cnblogs.com/ctztake/p/8513628.html
以上代码仅供参考,如直接用于商用,出现任何问题概不负责。