@liuhlightning/wx-pay
v0.2.3
Published
communicate to wx pay
Downloads
447
Maintainers
Readme
wx-pay
Interact with WeChat Pay.
Designed following principles of low coupling and high cohesion, minimizing external dependencies and avoiding features with side effects, such as caching.
WeChat Pay has adjusted the way notification signatures are verified.
Only legacy merchants should use platform certificates for signature verification. Please use version v0.1.1.
New merchants should use WeChat Pay public keys for signature verification.
Certificates and Keys
WeChat Pay implements a complex encryption, signing, and decryption process to ensure security.
- Merchant API Certificate, usually in the form of
apiclient_cert.p12
andapiclient_cert.pem
.- The password for
apiclient_cert.p12
is the merchant ID, and it contains certificate serial number details.
- The password for
- Merchant API Private Key, usually in the form of
apiclient_key.pem
. - WeChat Pay Public Key, a separately requested key.
- APIv3 Key, a separately set decryption key.
https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay3_0.shtml
https://pay.weixin.qq.com/docs/merchant/products/platform-certificate/wxp-pub-key-guide.html#%E8%8E%B7%E5%8F%96%E5%BE%AE%E4%BF%A1%E6%94%AF%E4%BB%98%E5%85%AC%E9%92%A5
The general process is as follows:
- The merchant uses the Merchant API Private Key to sign the request.
- The signed request is sent to WeChat Pay for processing.
- WeChat Pay sends a notification and a notification signature to the callback URL.
- The merchant uses the WeChat Pay Public Key to verify the notification signature.
- The merchant decrypts the notification using the APIv3 Key.
范例
import { WxPay } from "@liuhlightning/wx-pay";
import {
NotifyTransactionHeaders,
PostOrderData,
} from "@liuhlightning/wx-pay/dist/lib/transaction";
import { Request, Response } from "express";
const wxPay = new WxPay({
appId: "The appid associated with WeChat Pay",
apiv3Key: "APIv3 key",
mchId: "Merchant ID",
notifyUrl: "Callback URL",
wxPayPublicKeyPath: "File path to the WeChat Pay public key",
privateKeyPath: "File path to the Merchant API private key",
certSerial: "Merchant API certificate serial number",
debug: process.env.NODE_ENV !== "production",
});
// Initiating a Payment
export async function postPay() {
const data: PostOrderData = {
description: "Payment description",
out_trade_no: "Order number in merchant's system",
amount: {
// Payment amount
total: 0.01,
currency: "CNY",
},
};
// Initiate payment
const { status, data: pd } = await wxPay.postTransactionNative(data);
if (status !== 200) {
throw new Error(`WeChat Pay request error ${status}`);
}
return pd;
}
// Payment Notification
export async function postNotify(req: Request, res: Response) {
// Verify signature and decrypt data
const n = wxPay.notifyTransaction(
req.headers as unknown as NotifyTransactionHeaders,
req.body,
);
if (!n) {
// Signature verification failed
res.status(401).send({
code: "FAIL",
message: "Signature error",
});
} else {
// Handle business logic here
res.sendStatus(204);
}
}