Página inicial Explorar Ajuda
Registrar Entrar
zhangjidong
/
mall
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
mall
/
utils
/
WechatMerchant
/
WxV3.php

WxV3.php 23 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * 重庆赤晓店信息科技有限公司
    5. 

  5.  * https://www.chixiaodian.com
    6. 

  6.  * Copyright (c) 2023 赤店商城 All rights reserved.
    7. 

  7.  */
    8. 

  8. 

  9. namespace app\utils\WechatMerchant;
    10. 

  10. 

  11. use app\models\Cash;
    12. 

  12. use app\models\MerchantInfo;
    13. 

  13. use app\models\Option;
    14. 

  14. use EasyWeChat\Factory;
    15. 

  15. use yii\base\Exception;
    16. 

  16. use yii\helpers\Json;
    17. 

  17. use app\models\Store;
    18. 

  18. 

  19. class WxV3 {
    20. 

  20. 

  21.     public $wechat;
    22. 

  22.     // 服务商小程序appid
    23. 

  23.     private $service_app_id;
    24. 

  24.     // 商户mchid
    25. 

  25.     private $mch_id;
    26. 

  26.     // 商户API v3密钥(微信服务商-账户中心-API安全 api v3密钥 https://pay.weixin.qq.com/index.php/core/cert/api_cert)
    27. 

  27.     private $mch_api_key;
    28. 

  28.     // 证书编号 (apiclient_cert.pem证书解析后获得)
    29. 

  29.     private $serial_no;
    30. 

  30.     // 私钥 apiclient_key.pem(微信服务商-账户中心-API安全 自行下载 https://pay.weixin.qq.com/index.php/core/cert/api_cert)
    31. 

  31.     private $mch_private_key;
    32. 

  32.     // 支付平台公钥(接口获取)
    33. 

  33.     private $public_key_path;
    34. 

  34. 

  35.     private $pay_public_key;
    36. 

  36.     private $pay_public_key_id;
    37. 

  37.     /**
    38. 

  38.      * @var string 获取平台证书接口
    39. 

  39.      */
    40. 

  40.     private $certificates_url = 'https://api.mch.weixin.qq.com/v3/certificates';
    41. 

  41. 

  42.     public function __construct($wechat = null) {
    43. 

  43.         $wechat && $this->setWechat($wechat);
    44. 

  44.     }
    45. 

  45. 

  46.     public function setWechat($wechat) {
    47. 

  47.         $this->wechat = $wechat;
    48. 

  48.         $data = $this->wechat->getConfig();
    49. 

  49.         $this->service_app_id = $data['app_id'];
    50. 

  50.         $this->mch_private_key = $data['key_path'];
    51. 

  51.         $this->public_key_path = $data['cert_path'];
    52. 

  52.         $this->mch_id = $data['mch_id'];
    53. 

  53.         $this->mch_api_key = $data['key'];
    54. 

  54. //        $this->serial_no = $this->parseSerialNo($this->getCertFicates());
    55. 

  55.         \Yii::error([$this->mch_id, $this->mch_api_key, $this->serial_no, $this->service_app_id]);
    56. 

  56.     }
    57. 

  57. 

  58.     /**
    59. 

  59.      * 获取微信支付平台证书
    60. 

  60.      */
    61. 

  61.     public function certFicates() {
    62. 

  62.         $url = $this->certificates_url;
    63. 

  63. 

  64.         // 获取认证信息
    65. 

  65.         $authorization = $this->getAuthorization($url);
    66. 

  66.         $header = [
    67. 

  67.             'Content-Type:application/json',
    68. 

  68.             'Accept:application/json',
    69. 

  69.             'User-Agent:' . $this->mch_id,
    70. 

  70.             'Authorization:' . $authorization
    71. 

  71.         ];
    72. 

  72.         $json = $this->getCurl('GET', $url, '', $header);
    73. 

  73.         $data = json_decode($json, true);
    74. 

  74.         if (isset($data['code']) && isset($data['message'])) {
    75. 

  75.             return [
    76. 

  76.                 'code' => 1,
    77. 

  77.                 'msg' => $data['message']
    78. 

  78.             ];
    79. 

  79.         }
    80. 

  80.         if (empty($cfdata = $data['data'][0])) {
    81. 

  81.             return [
    82. 

  82.                 'code' => 1,
    83. 

  83.                 'msg' => '返回错误'
    84. 

  84.             ];
    85. 

  85.         }
    86. 

  86.         return $cfdata;
    87. 

  87.     }
    88. 

  88. 

  89.     /**
    90. 

  90.      * 获取认证信息
    91. 

  91.      * @param string $url
    92. 

  92.      * @param string $http_method
    93. 

  93.      * @param string $body
    94. 

  94.      * @return string
    95. 

  95.      * @throws Exception
    96. 

  96.      */
    97. 

  97.     private function getAuthorization($url, $http_method = 'GET', $body = '') {
    98. 

  98.         if (!in_array('sha256WithRSAEncryption', \openssl_get_md_methods(true))) {
    99. 

  99.             throw new \Exception("当前PHP环境不支持SHA256withRSA");
    100. 

  100.         }
    101. 

  101.         //私钥地址
    102. 

  102.         $mch_private_key = $this->mch_private_key;
    103. 

  103.         //商户号
    104. 

  104.         $merchant_id = $this->mch_id;
    105. 

  105.         //当前时间戳
    106. 

  106.         $timestamp = time();
    107. 

  107.         //随机字符串
    108. 

  108.         $nonce = $this->getNonceStr();
    109. 

  109.         //证书编号
    110. 

  110.         $serial_no = $this->serial_no;
    111. 

  111. 

  112.         $url_parts = parse_url($url);
    113. 

  113.         $canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : ""));
    114. 

  114.         $message = $http_method . "\n" .
    115. 

  115.                 $canonical_url . "\n" .
    116. 

  116.                 $timestamp . "\n" .
    117. 

  117.                 $nonce . "\n" .
    118. 

  118.                 $body . "\n";
    119. 

  119.         openssl_sign($message, $raw_sign, \openssl_get_privatekey(\file_get_contents($mch_private_key)), 'sha256WithRSAEncryption');
    120. 

  120.         $sign = base64_encode($raw_sign);
    121. 

  121.         $schema = 'WECHATPAY2-SHA256-RSA2048';
    122. 

  122.         $token = sprintf('mchid="%s",nonce_str="%s",timestamp="%d",serial_no="%s",signature="%s"',
    123. 

  123.                 $merchant_id, $nonce, $timestamp, $serial_no, $sign);
    124. 

  124.         return $schema . ' ' . $token;
    125. 

  125.     }
    126. 

  126. 

  127.     /**
    128. 

  128.      * 敏感字符加密
    129. 

  129.      * @param $str
    130. 

  130.      * @return string
    131. 

  131.      * @throws Exception
    132. 

  132.      */
    133. 

  133.     private function getEncrypt($str) {
    134. 

  134.         static $content;
    135. 

  135.         if (empty($content)) {
    136. 

  136.             $content = $this->getCertFicates();
    137. 

  137.         }
    138. 

  138.         // 去除内容中的空格
    139. 

  139.         $str = preg_replace("/\s| /", '', $str);
    140. 

  140.         $encrypted = '';
    141. 

  141.         if (openssl_public_encrypt($str, $encrypted, $content, OPENSSL_PKCS1_OAEP_PADDING)) {
    142. 

  142.             //base64编码
    143. 

  143.             $sign = base64_encode($encrypted);
    144. 

  144.         } else {
    145. 

  145.             throw new \Exception('encrypt failed');
    146. 

  146.         }
    147. 

  147.         return $sign;
    148. 

  148.     }
    149. 

  149. 

  150.     /**
    151. 

  151.      * 获取支付平台证书
    152. 

  152.      * @return false|string
    153. 

  153.      */
    154. 

  154.     private function getCertFicates() {
    155. 

  155.         if($this->pay_public_key){
    156. 

  156.             return $this->pay_public_key;
    157. 

  157.         }
    158. 

  158.         if(!$this->public_key_path){
    159. 

  159.             $Merchant = new Merchant();
    160. 

  160.             return $Merchant->getCertFicates();
    161. 

  161.         }
    162. 

  162.         $public_key_path = $this->public_key_path;
    163. 

  163.         if (!file_exists($public_key_path)) {
    164. 

  164.             \Yii::error([__METHOD__]);
    165. 

  165.             $cfData = $this->certFicates();
    166. 

  166.             $content = $this->decryptToString($cfData['encrypt_certificate']['associated_data'], $cfData['encrypt_certificate']['nonce'], $cfData['encrypt_certificate']['ciphertext'], $this->mch_api_key);
    167. 

  167.             file_put_contents($public_key_path, $content);
    168. 

  168.         } else {
    169. 

  169.             $content = file_get_contents($public_key_path);
    170. 

  170.         }
    171. 

  171.         return $content;
    172. 

  172.     }
    173. 

  173. 

  174.     /**
    175. 

  175.      * 业务编号
    176. 

  176.      * @return string
    177. 

  177.      */
    178. 

  178.     public function getBusinessCode() {
    179. 

  179.         return date('Ymd') . substr(time(), -5) . substr(microtime(), 2, 5) . sprintf('%02d', rand(0, 99));
    180. 

  180.     }
    181. 

  181. 

  182.     /**
    183. 

  183.      * 随机字符串
    184. 

  184.      * @param int $length
    185. 

  185.      * @return string
    186. 

  186.      */
    187. 

  187.     private function getNonceStr($length = 16) {
    188. 

  188.         // 密码字符集,可任意添加你需要的字符
    189. 

  189.         $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
    190. 

  190.         $str = "";
    191. 

  191.         for ($i = 0; $i < $length; $i++) {
    192. 

  192.             $str .= $chars[mt_rand(0, strlen($chars) - 1)];
    193. 

  193.         }
    194. 

  194.         return $str;
    195. 

  195.     }
    196. 

  196. 

  197.     /**
    198. 

  198.      * @param string       $method
    199. 

  199.      * @param string       $url
    200. 

  200.      * @param array|string $data
    201. 

  201.      * @param array        $headers
    202. 

  202.      * @param int          $timeout
    203. 

  203.      * @return bool|string
    204. 

  204.      */
    205. 

  205.     private function getCurl($method = 'GET', $url, $data, $headers = [], $timeout = 30) {
    206. 

  206.         $curl = curl_init();
    207. 

  207.         curl_setopt($curl, CURLOPT_URL, $url);
    208. 

  208.         curl_setopt($curl, CURLOPT_HEADER, false);
    209. 

  209.         curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    210. 

  210.         curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
    211. 

  211.         curl_setopt($curl, CURLOPT_SSLVERSION, false);
    212. 

  212.         curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    213. 

  213.         curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
    214. 

  214.         if (!empty($headers)) {
    215. 

  215.             curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    216. 

  216.         }
    217. 

  217.         if ($method == 'POST') {
    218. 

  218.             curl_setopt($curl, CURLOPT_POST, TRUE);
    219. 

  219.             curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
    220. 

  220.         }
    221. 

  221.         $result = curl_exec($curl);
    222. 

  222.         curl_close($curl);
    223. 

  223.         return $result;
    224. 

  224.     }
    225. 

  225. 

  226.     /**
    227. 

  227.      * Decrypt AEAD_AES_256_GCM ciphertext(官方案例-已改造)
    228. 

  228.      *
    229. 

  229.      * @param string $associatedData AES GCM additional authentication data
    230. 

  230.      * @param string $nonceStr       AES GCM nonce
    231. 

  231.      * @param string $ciphertext     AES GCM cipher text
    232. 

  232.      *
    233. 

  233.      * @return string|bool      Decrypted string on success or FALSE on failure
    234. 

  234.      */
    235. 

  235.     public function decryptToString($associatedData, $nonceStr, $ciphertext, $aesKey) {
    236. 

  236.         $auth_tag_length_byte = 16;
    237. 

  237. 

  238.         $ciphertext = \base64_decode($ciphertext);
    239. 

  239.         if (strlen($ciphertext) <= $auth_tag_length_byte) {
    240. 

  240.             return false;
    241. 

  241.         }
    242. 

  242. 

  243.         // ext-sodium (default installed on >= PHP 7.2)
    244. 

  244.         if (function_exists('\sodium_crypto_aead_aes256gcm_is_available') &&
    245. 

  245.                 \sodium_crypto_aead_aes256gcm_is_available()) {
    246. 

  246.             return \sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $aesKey);
    247. 

  247.         }
    248. 

  248. 

  249.         // ext-libsodium (need install libsodium-php 1.x via pecl)
    250. 

  250.         if (function_exists('\Sodium\crypto_aead_aes256gcm_is_available') &&
    251. 

  251.                 \Sodium\crypto_aead_aes256gcm_is_available()) {
    252. 

  252.             return \Sodium\crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $aesKey);
    253. 

  253.         }
    254. 

  254. 

  255.         // openssl (PHP >= 7.1 support AEAD)
    256. 

  256.         if (PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', \openssl_get_cipher_methods())) {
    257. 

  257.             $ctext = substr($ciphertext, 0, -$auth_tag_length_byte);
    258. 

  258.             $authTag = substr($ciphertext, -$auth_tag_length_byte);
    259. 

  259. 

  260.             return \openssl_decrypt($ctext, 'aes-256-gcm', $aesKey, \OPENSSL_RAW_DATA, $nonceStr,
    261. 

  261.                     $authTag, $associatedData);
    262. 

  262.         }
    263. 

  263. 

  264.         throw new \Exception('AEAD_AES_256_GCM需要PHP 7.1以上或者安装libsodium-php');
    265. 

  265.     }
    266. 

  266. 

  267.     /**
    268. 

  268.      * 获取证书编号(官方案例-已改造)
    269. 

  269.      * @param $certificate
    270. 

  270.      * @return string
    271. 

  271.      */
    272. 

  272.     private function parseSerialNo($certificate) {
    273. 

  273.         $info = \openssl_x509_parse($certificate);
    274. 

  274.         if (!isset($info['serialNumber']) && !isset($info['serialNumberHex'])) {
    275. 

  275.             throw new \InvalidArgumentException('证书格式错误');
    276. 

  276.         }
    277. 

  277.         $serialNo = '';
    278. 

  278.         // PHP 7.0+ provides serialNumberHex field
    279. 

  279.         if (isset($info['serialNumberHex'])) {
    280. 

  280.             $serialNo = $info['serialNumberHex'];
    281. 

  281.         } else {
    282. 

  282.             // PHP use i2s_ASN1_INTEGER in openssl to convert serial number to string,
    283. 

  283.             // i2s_ASN1_INTEGER may produce decimal or hexadecimal format,
    284. 

  284.             // depending on the version of openssl and length of data.
    285. 

  285.             if (\strtolower(\substr($info['serialNumber'], 0, 2)) == '0x') { // HEX format
    286. 

  286.                 $serialNo = \substr($info['serialNumber'], 2);
    287. 

  287.             } else { // DEC format
    288. 

  288.                 $value = $info['serialNumber'];
    289. 

  289.                 $hexvalues = ['0', '1', '2', '3', '4', '5', '6', '7',
    290. 

  290.                     '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'];
    291. 

  291.                 while ($value != '0') {
    292. 

  292.                     $serialNo = $hexvalues[\bcmod($value, '16')] . $serialNo;
    293. 

  293.                     $value = \bcdiv($value, '16', 0);
    294. 

  294.                 }
    295. 

  295.             }
    296. 

  296.         }
    297. 

  297. 

  298.         return \strtoupper($serialNo);
    299. 

  299.     }
    300. 

  300. 

  301.     //商家转账
    302. 

  302.     public function transferBatches($store_id, $data) {
    303. 

  303.         $url = 'https://api.mch.weixin.qq.com/v3/transfer/batches';
    304. 

  304.         $_data = [
    305. 

  305.             'appid' => $this->service_app_id,
    306. 

  306.             'out_batch_no' => $data['partner_trade_no'],
    307. 

  307.             'batch_name' => $data['partner_trade_no'],
    308. 

  308.             'batch_remark' => $data['desc'],
    309. 

  309.             'total_amount' => (int)$data['amount'],
    310. 

  310.             'total_num' => 1,
    311. 

  311.             'transfer_detail_list' => [[
    312. 

  312.                 'out_detail_no' => $data['partner_trade_no'],
    313. 

  313.                 'transfer_amount' => (int)$data['amount'],
    314. 

  314.                 'transfer_remark' => $data['desc'],
    315. 

  315.                 'openid' => $data['openid'],
    316. 

  316.             ]],
    317. 

  317.             'notify_url' => 'https://' . \Yii::$app->request->hostName . '/index.php/wechat/transfer-batches-notify',
    318. 

  318.         ];
    319. 

  319.         $serial_no = $this->serial_no;
    320. 

  320.         $store = Store::findOne($store_id);
    321. 

  321.         $wechat_cash = Option::get('wechat_cash', $store_id, 'store')['value'];
    322. 

  322.         if($store->is_platform_transfers == 1){
    323. 

  323.             $wechat_cash = Option::get('store_wechat_cash', $store_id, 'store')['value'];
    324. 

  324.         }
    325. 

  325. 

  326.         if ($wechat_cash) {
    327. 

  327.             $wechat_cash = json_decode($wechat_cash, true);
    328. 

  328.         }
    329. 

  329. 

  330.         if ($wechat_cash && $wechat_cash['appid']) {
    331. 

  331.             $this->serial_no = $wechat_cash['serial_no'];
    332. 

  332.             $this->pay_public_key = $wechat_cash['pay_public_key'];
    333. 

  333.             $this->pay_public_key_id = $wechat_cash['pay_public_key_id'];
    334. 

  334.             if (intval($wechat_cash['is_open']) === 2) {
    335. 

  335.                 $url = 'https://api.mch.weixin.qq.com/v3/fund-app/mch-transfer/transfer-bills';
    336. 

  336.                 $_data = [
    337. 

  337.                     'appid' => $wechat_cash['appid'],
    338. 

  338.                     'out_bill_no' => $data['partner_trade_no'],
    339. 

  339.                     'transfer_scene_id' => '1000',//转账场景ID
    340. 

  340.                     'openid' => $data['openid'],
    341. 

  341.                     'user_name' => $this->getEncrypt($data['user_name']),//收款方真实姓名
    342. 

  342.                     'transfer_amount' => (int)$data['amount'],
    343. 

  343.                     'transfer_remark' => $data['desc'],
    344. 

  344.                     'notify_url' => pay_notify_url('wechat/transfer-batches-notify', $store_id),
    345. 

  345. //                    'user_recv_perception' => '劳务报酬',
    346. 

  346.                     'transfer_scene_report_infos' => [
    347. 

  347.                         [
    348. 

  348.                             "info_type" =>"活动名称",
    349. 

  349.                             "info_content" => "账户提现"
    350. 

  350.                         ],
    351. 

  351.                         [
    352. 

  352.                             "info_type" =>"奖励说明",
    353. 

  353.                             "info_content" => "账户金额提现"
    354. 

  354.                         ]
    355. 

  355.                     ]
    356. 

  356.                 ];
    357. 

  357.                 if ((int)$data['amount'] < 200000) {
    358. 

  358.                     $_data['user_name'] = '';
    359. 

  359.                 }
    360. 

  360.             } else {
    361. 

  361.                 $_data['appid'] = $wechat_cash['appid'];
    362. 

  362.             }
    363. 

  363. 

  364.             if($this->pay_public_key){
    365. 

  365.             $serial_no = $this->pay_public_key_id;
    366. 

  366.             }else{
    367. 

  367.             $serial_no = $this->serial_no;
    368. 

  368.             }
    369. 

  369.             $bodyData = json_encode($_data,JSON_UNESCAPED_UNICODE);
    370. 

  370.             debug_log(['data' => $bodyData], 'wechatTransferBatchesNotify.log');
    371. 

  371.             $authorization = $this->getWechatAuthorization($url, 'POST', $bodyData, $store_id);
    372. 

  372. //            $wechat_cash = json_decode($wechat_cash, true);
    373. 

  373. //            $_data['appid'] = $wechat_cash['appid'];
    374. 

  374. //            $_data['mch_id'] = $wechat_cash['mch_id'];
    375. 

  375. //
    376. 

  376. //            $config = $_data;
    377. 

  377. ////            $cert_pem_file = null;
    378. 

  378. ////            if ($this->wechat_config->cert_pem) {
    379. 

  379. ////                $cert_pem_file = \Yii::$app->runtimePath . '/pem/' . md5($this->wechat_config->cert_pem);
    380. 

  380. ////                if (!file_exists($cert_pem_file)) {
    381. 

  381. ////                    file_put_contents($cert_pem_file, $this->wechat_config->cert_pem);
    382. 

  382. ////                }
    383. 

  383. ////            }
    384. 

  384. //
    385. 

  385. //            $wechat = Factory::payment($config);
    386. 

  386. 

  387.         } else {
    388. 

  388.             $bodyData = json_encode($_data);
    389. 

  389.             // 获取认证信息
    390. 

  390.             $hasIncoming = \app\models\Store::hasIncoming($store_id);
    391. 

  391.             if($hasIncoming){
    392. 

  392.                 return $this->res([
    393. 

  393.                     'code' => 1,
    394. 

  394.                     'msg' => '店铺内未配置提现参数',
    395. 

  395.                 ]);
    396. 

  396. //                $Merchant = new Merchant();
    397. 

  397. //                $authorization = $Merchant->getAuthorization($url, 'POST', $bodyData);
    398. 

  398.             }else{
    399. 

  399. 

  400.                 $this->serial_no = Option::get('platform_mch_api_serial_no', 0, 'saas')['value'];
    401. 

  401.                 $this->pay_public_key = Option::get('platform_mch_public_key', 0, 'saas')['value'];
    402. 

  402.                 $this->pay_public_key_id = Option::get('platform_mch_public_key_id', 0, 'saas')['value'];
    403. 

  403.                 if($this->pay_public_key){
    404. 

  404.                 $serial_no = $this->pay_public_key_id;
    405. 

  405.                 }else{
    406. 

  406.                 $serial_no = $this->serial_no;
    407. 

  407.                 }
    408. 

  408. 

  409.                 //商城提现
    410. 

  410.                 $url = 'https://api.mch.weixin.qq.com/v3/fund-app/mch-transfer/transfer-bills';
    411. 

  411.                 $_data = [
    412. 

  412.                     'appid' => $this->service_app_id,
    413. 

  413.                     'out_bill_no' => $data['partner_trade_no'],
    414. 

  414.                     'transfer_scene_id' => '1000',//转账场景ID
    415. 

  415.                     'openid' => $data['openid'],
    416. 

  416.                     'user_name' => '',//收款方真实姓名 $this->getEncrypt($data['user_name'])这块先给空 因为前端没有设置真实姓名的地方
    417. 

  417.                     'transfer_amount' => (int)$data['amount'],
    418. 

  418.                     'transfer_remark' => $data['desc'],
    419. 

  419.                     'notify_url' => pay_notify_url('wechat/transfer-batches-notify', $store_id, 1),
    420. 

  420. //                    'user_recv_perception' => '劳务报酬',
    421. 

  421.                     'transfer_scene_report_infos' => [
    422. 

  422.                         [
    423. 

  423.                             "info_type" =>"活动名称",
    424. 

  424.                             "info_content" => "账户提现"
    425. 

  425.                         ],
    426. 

  426.                         [
    427. 

  427.                             "info_type" =>"奖励说明",
    428. 

  428.                             "info_content" => "账户金额提现"
    429. 

  429.                         ]
    430. 

  430.                     ]
    431. 

  431.                 ];
    432. 

  432.                 if ((int)$data['amount'] < 200000) {
    433. 

  433.                     $_data['user_name'] = '';
    434. 

  434.                 }
    435. 

  435.                 $bodyData = json_encode($_data,JSON_UNESCAPED_UNICODE);
    436. 

  436. 

  437.                 $authorization = $this->getAuthorization($url, 'POST', $bodyData);
    438. 

  438.             }
    439. 

  439.         }
    440. 

  440. 

  441.         $header = [
    442. 

  442.             'Content-Type:application/json',
    443. 

  443.             'Accept:application/json',
    444. 

  444.             'User-Agent:*/*',
    445. 

  445.             'Authorization:' . $authorization,
    446. 

  446.             'Wechatpay-Serial:' . $serial_no
    447. 

  447.         ];
    448. 

  448.         $json = $this->getCurl('POST', $url, $bodyData, $header);
    449. 

  449.         \Yii::error([__METHOD__, $store_id, $_data, $header, $json]);
    450. 

  450.         $res = json_decode($json, true);
    451. 

  451.         debug_log([$store_id, $_data, $header, $res], 'wechatTransferBatchesNotify.log');
    452. 

  452.         if (isset($res['code']) && isset($res['message'])) {
    453. 

  453.             return $this->res([
    454. 

  454.                 'code' => 1,
    455. 

  455.                 'msg' => $res['code'] . $res['message']
    456. 

  456.             ]);
    457. 

  457.         }
    458. 

  458.         if (!($wechat_cash && intval($wechat_cash['is_open']) === 2)) {
    459. 

  459.             if (empty($res['batch_id'])) {
    460. 

  460. //                return $this->res([
    461. 

  461. //                    'code' => 1,
    462. 

  462. //                    'msg' => '返回错误'
    463. 

  463. //                ]);
    464. 

  464.             }
    465. 

  465.         }
    466. 

  466.         return $this->res(['code' => 0, 'data' => $res]);
    467. 

  467.     }
    468. 

  468. 

  469. 

  470.     /**
    471. 

  471.      * 获取认证信息
    472. 

  472.      * @param string $url
    473. 

  473.      * @param string $http_method
    474. 

  474.      * @param string $body
    475. 

  475.      * @return string
    476. 

  476.      * @throws Exception
    477. 

  477.      */
    478. 

  478.     private function getWechatAuthorization($url, $http_method = 'GET', $body = '', $store_id = 0) {
    479. 

  479.         if (!in_array('sha256WithRSAEncryption', \openssl_get_md_methods(true))) {
    480. 

  480.             throw new \Exception("当前PHP环境不支持SHA256withRSA");
    481. 

  481.         }
    482. 

  482. 

  483.         $store = Store::findOne($store_id);
    484. 

  484.         $wechat_cash = Option::get('wechat_cash', $store_id, 'store')['value'];
    485. 

  485.         if($store->is_platform_transfers == 1){
    486. 

  486.             $wechat_cash = Option::get('store_wechat_cash', $store_id, 'store')['value'];
    487. 

  487.         }
    488. 

  488.        
    489. 

  489.         if ($wechat_cash) {
    490. 

  490.             $wechat_cash = json_decode($wechat_cash, true);
    491. 

  491.             $mch_private_key = $wechat_cash['mch_private_key'];
    492. 

  492.             $merchant_id = $wechat_cash['mch_id'];
    493. 

  493.             $serial_no = $wechat_cash['serial_no'];
    494. 

  494.             $timestamp = time();
    495. 

  495.             $nonce = $this->getNonceStr();
    496. 

  496.             $url_parts = parse_url($url);
    497. 

  497.             $canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : ""));
    498. 

  498.             $message = $http_method . "\n" .
    499. 

  499.                 $canonical_url . "\n" .
    500. 

  500.                 $timestamp . "\n" .
    501. 

  501.                 $nonce . "\n" .
    502. 

  502.                 $body . "\n";
    503. 

  503.             openssl_sign($message, $raw_sign, \openssl_get_privatekey($mch_private_key), 'sha256WithRSAEncryption');
    504. 

  504.             $sign = base64_encode($raw_sign);
    505. 

  505.             $schema = 'WECHATPAY2-SHA256-RSA2048';
    506. 

  506.             $token = sprintf('mchid="%s",nonce_str="%s",timestamp="%d",serial_no="%s",signature="%s"',
    507. 

  507.                 $merchant_id, $nonce, $timestamp, $serial_no, $sign);
    508. 

  508.             return $schema . ' ' . $token;
    509. 

  509.         }
    510. 

  510. 

  511. 

  512.     }
    513. 

  513. 

  514.     public function res($res){
    515. 

  515.         if($res['code'] == 0){
    516. 

  516.             $res['result_code'] = 'SUCCESS';
    517. 

  517.         }else{
    518. 

  518.             $res['err_code_des'] = $res['msg'];
    519. 

  519.         }
    520. 

  520.         return $res;
    521. 

  521.     }
    522. 

  522. 

  523. 

  524.     public function getBatchDetail($store_id, $data) {
    525. 

  525.         $out_batch_no = $data['out_batch_no'];
    526. 

  526.         $url = "https://api.mch.weixin.qq.com/v3/transfer/batches/out-batch-no/". $out_batch_no . "/details/out-detail-no/". $out_batch_no;
    527. 

  527. 

  528. 

  529.         $serial_no = $this->serial_no;
    530. 

  530.         $wechat_cash = Option::get('wechat_cash', $store_id, 'store')['value'];
    531. 

  531.         if ($wechat_cash) {
    532. 

  532.             $wechat_cash = json_decode($wechat_cash, true);
    533. 

  533.             $serial_no = $wechat_cash['serial_no'];
    534. 

  534.             $bodyData = '';
    535. 

  535.             $authorization = $this->getWechatAuthorization($url, 'GET', $bodyData, $store_id);
    536. 

  536. //            $wechat_cash = json_decode($wechat_cash, true);
    537. 

  537. //            $_data['appid'] = $wechat_cash['appid'];
    538. 

  538. //            $_data['mch_id'] = $wechat_cash['mch_id'];
    539. 

  539. //
    540. 

  540. //            $config = $_data;
    541. 

  541. ////            $cert_pem_file = null;
    542. 

  542. ////            if ($this->wechat_config->cert_pem) {
    543. 

  543. ////                $cert_pem_file = \Yii::$app->runtimePath . '/pem/' . md5($this->wechat_config->cert_pem);
    544. 

  544. ////                if (!file_exists($cert_pem_file)) {
    545. 

  545. ////                    file_put_contents($cert_pem_file, $this->wechat_config->cert_pem);
    546. 

  546. ////                }
    547. 

  547. ////            }
    548. 

  548. //
    549. 

  549. //            $wechat = Factory::payment($config);
    550. 

  550. 

  551.         } else {
    552. 

  552.             $bodyData = '';
    553. 

  553.             // 获取认证信息
    554. 

  554.             $hasIncoming = \app\models\Store::hasIncoming($store_id);
    555. 

  555.             if($hasIncoming){
    556. 

  556.                 $Merchant = new Merchant();
    557. 

  557.                 $authorization = $Merchant->getAuthorization($url, 'GET', $bodyData);
    558. 

  558.             }else{
    559. 

  559.                 $authorization = $this->getAuthorization($url, 'GET', $bodyData);
    560. 

  560.             }
    561. 

  561.         }
    562. 

  562. 

  563.         $header = [
    564. 

  564.             'Content-Type:application/json',
    565. 

  565.             'Accept:application/json',
    566. 

  566.             'User-Agent:*/*',
    567. 

  567.             'Authorization:' . $authorization,
    568. 

  568.             'Wechatpay-Serial:' . $serial_no
    569. 

  569.         ];
    570. 

  570.         $json = $this->getCurl('GET', $url, $bodyData, $header);
    571. 

  571.         $res = json_decode($json, true);
    572. 

  572.         if (isset($res['code']) && isset($res['message'])) {
    573. 

  573.             return $this->res([
    574. 

  574.                 'code' => 1,
    575. 

  575.                 'msg' => $res['code'] . $res['message']
    576. 

  576.             ]);
    577. 

  577.         }
    578. 

  578. //        if ($res['detail_status'] === "WAIT_PAY") {
    579. 

  579. //            $res['fail_reason_text'] = "待确认";
    580. 

  580. //        }
    581. 

  581. //        if ($res['detail_status'] === "PROCESSING") {
    582. 

  582. //            $res['fail_reason_text'] = "转账中";
    583. 

  583. //        }
    584. 

  584. //        if ($res['detail_status'] === "SUCCESS") {
    585. 

  585. //            $res['fail_reason_text'] = "转账成功";
    586. 

  586. //        }
    587. 

  587. //        if ($res['detail_status'] === "FAIL") {
    588. 

  588. //            $res['fail_reason_text'] = "转账失败:" . Cash::WX_CASH_FAIL_REASON[$res['fail_reason']];
    589. 

  589. //        }
    590. 

  590.         return $this->res(['code' => 0, 'msg' => $res['fail_reason_text'], 'data' => $res]);
    591. 

  591.     }
    592. 

  592. 

  593. }
    594.