This paper briefly introduces the application, access, use and confirmation of payment results of Alipay App

Series of articles

Series 1 wechat App payment full resolution series 2 Alipay App Payment full resolution series 3 wechat public account payment full resolution series 4 wechat scan code payment full resolution series 5 Alipay instant payment full resolution series 6 wechat refund full resolution series 7 Alipay refund full resolution series 8 Full analysis of alipay open platform payment updates and upgrades

1 application

Log in to alipay merchant service and enter mobile payment. Sign up.

After signing the contract, the following parameters are required to complete the payment:

  1. partnerid
  2. sellerid
  3. Rsa private key
  4. Alipay public Key

1.1 partnerid

Merchant partner identity.

Enter my merchant service to get the PID

Paste_Image.png

Note: Alipay also has an open platform, each application has an AppID, and a PID can have multiple Appids. However, the three payment channels, mobile payment, instant payment and payment on mobile website, are payment methods that only need PID to pay, and do not need application

1.2 sellerid

Login alipay account, usually email or mobile phone number

1.3 RSA Private Key and Alipay Public Key

Rsa private key The public key is generated by itself, and then the public key is uploaded to Alipay. The private key is saved by itself.

See documentation on the official website.

Paste_Image.png

2 Access Process

Refer to alipay mobile payment access document

The main steps are:

  1. Generate payment parameters (on the server side, need to generate signature)
  2. Invokes the client SDK to initiate payment
  3. The server receives the payment result asynchronously

2.1 Generate payment parameters

$partner = "";  / / your pid
$seller_id = "";  //seller_id
$subject = "Alipay Mobile Payment Test";  // Transaction theme
$body = "Alipay mobile payment test detail";  // Transaction details
$total_fee = "0.01";    // The unit of payment is yuan
$out_trade_no = "";  // Transaction no generated by your own business system can be uniquely identified
$rsa_path = "";  // Path of the RSA private key
$notify_url = "";    // Receive payment result notification URL

$data = array(a); $data['service'] = "mobile.securitypay.pay"; 
$data['partner'] =$partner;
$data['_input_charset'] = "utf-8";
$data['notify_url'] = $notify_url;
$data['out_trade_no'] = $out_trade_no;    
$data['subject'] = $subject;
$data['payment_type'] = "1";
$data['seller_id'] = seller_id;
$data['total_fee'] = $total_fee;
$data['body'] = $body;

/ / signature
$unsign_str =createLinkString(argSort($data));
$sign =rsaSign($unsign_str, $rsa_path);
$sign = urlencode(mb_convert_encoding($sign, "UTF-8"));  // UtF8 format conversion is required

$pay_params = $unsign_str . "&sign=" . $sign . "&sign_type=RSA";Copy the code

Some functions:

/** * concatenates all elements of the array into a string * using the ampersand character in the pattern "parameter = parameter value"@param$para mixed specifies the array to concatenate@returnString The concatenated string */
public static function createLinkString($para) {    
  $arg  = "";    
  while (list ($key, $val) = each ($para)) {        
    if($val == "") {            
      continue;        
    }        
    $arg.=$key."=".$val."&";    
  }    
  // Remove the last & character
  $arg = substr($arg,0,count($arg)2 -);    
  // If there are escape characters, remove the escape
  if(get_magic_quotes_gpc()){
    $arg = stripslashes($arg);
  }    
  return $arg;
  }

/** * Array sort by ASCII dictionary ascending *@param$para mixed pre-sort array *@returnMixed sorted array */
public static function argSort($para) {    
  ksort($para);    
  reset($para);    
  return $para;
}

/** * RSA signature *@param$data string Data to be signed *@param$private_RSA_PATH string User private key address *@returnMixed * failed :false * successful: signature result */
public static function rsaSign($data, $private_rsa_path) {    
  $private_rsa = file_get_contents($private_rsa_path);    
  $res = openssl_get_privatekey($private_rsa);    
  if(! $res) {return false;    
  }    
  openssl_sign($data, $sign, $res);    
  openssl_free_key($res);    
  / / base64 encoding
  $sign = base64_encode($sign);    
  return $sign;
}Copy the code

3. Call payment

3.1 the Android

You can refer directly to the Android SDK that I repackaged. Pay_param will be generated directly into Alipay payment can initiate payment. Github address: github.com/tsy12321/Pa…

IOS 3.2

Repackaged iOS SDK. Github address: github.com/tsy12321/Pa…

4 Asynchronous result notification

Note: in particular, it is necessary to correctly deal with repeated notifications after successful verification of notification results, and to place multiple shipments resulting in capital losses

Verify signature can directly download Alipay SDK example, direct call. Download address: doc.open.alipay.com/doc2/detail… Open the server Demo which will verify the notification part out to use.

? alipay_partnerid ="";  / / your pid? alipay_public_key_path ="";  // Alipay public key path

$alipayNotify = new AlipayNotify($alipay_partnerid, $alipay_public_key_path);
$verify_result = $alipayNotify->verifyNotify();
if(! $verify_result) {// Signature verification failed todo
  die("fail");
}

// The notification was successfully received and validated
echo("success");

if($_POST['trade_status']! = ="TRADE_SUCCESS" && $_POST['trade_status']! = ="TRADE_FINISHED") {    
  if($_POST['trade_status'= = ="WAIT_BUYER_PAY") {                    
    // Wait bueyer pay notifications can be ignored
    die("success");    
  } else if($_POST['trade_status'= = ="TRADE_CLOSED" && $_POST['refund_status'= = ="REFUND_SUCCESS") {   // A full refund is also successful
    // A notification to closed may be triggered when the refund is successful, which can also be regarded as successful payment
  } else {    // Payment failed
    // Payment failure handles todo}}// Payment successfully processed shipment
//todoCopy the code

Five other

  1. After receiving the synchronous payment result, the client recommends polling and checking the server for a period of time to obtain the result of the server. The final payment status is subject to the server

At the end

More articles follow my public account

My official account