|
@@ -111,9 +111,20 @@ public class NotificationService {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
// 服务商配置了证书则用证书验签,否则回退普通公钥
|
|
// 服务商配置了证书则用证书验签,否则回退普通公钥
|
|
|
- boolean verified = StrUtil.isNotBlank(alipayPublicCert)
|
|
|
|
|
- ? AlipaySignature.rsaCertCheckV1(params, alipayPublicCert, charset, signType)
|
|
|
|
|
- : AlipaySignature.rsaCheckV1(params, alipayPublicKey, charset, signType);
|
|
|
|
|
|
|
+ boolean verified;
|
|
|
|
|
+ if (StrUtil.isNotBlank(alipayPublicCert)) {
|
|
|
|
|
+ // rsaCertCheckV1 第二个参数是文件路径,证书内容需先写临时文件
|
|
|
|
|
+ java.nio.file.Path certPath = java.nio.file.Files.createTempFile("alipay_cert_", ".crt");
|
|
|
|
|
+ java.nio.file.Files.writeString(certPath, alipayPublicCert);
|
|
|
|
|
+ try {
|
|
|
|
|
+ verified = AlipaySignature.rsaCertCheckV1(params,
|
|
|
|
|
+ certPath.toAbsolutePath().toString(), charset, signType);
|
|
|
|
|
+ } finally {
|
|
|
|
|
+ java.nio.file.Files.deleteIfExists(certPath);
|
|
|
|
|
+ }
|
|
|
|
|
+ } else {
|
|
|
|
|
+ verified = AlipaySignature.rsaCheckV1(params, alipayPublicKey, charset, signType);
|
|
|
|
|
+ }
|
|
|
entry.setVerifyResult(verified);
|
|
entry.setVerifyResult(verified);
|
|
|
if (!verified) {
|
|
if (!verified) {
|
|
|
log.warn("支付宝通知验签失败: notify_id={}", notifyId);
|
|
log.warn("支付宝通知验签失败: notify_id={}", notifyId);
|