1

zj

2026-03-23 efb07bcec37c49228d9760794f215c8549243ad2

 src/main/java/com/nq/service/impl/PayServiceImpl.java

@@ -6,6 +6,7 @@
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.gson.Gson;
import com.nq.common.CmcPayConfig;
import com.nq.common.PayV2GatewayKeys;
import com.nq.common.ServerResponse;
import com.nq.dao.*;
import com.nq.enums.EStockType;
@@ -14,7 +15,9 @@
import com.nq.pojo.*;
import com.nq.service.*;
import com.nq.utils.*;
import com.nq.utils.http.HttpClientRequest;
import com.nq.utils.http.HttpClientUtil;
import com.nq.utils.pay.PayV2RsaSignUtil;
import com.nq.utils.pay.CmcPayOuterRequestUtil;
import com.nq.utils.pay.CmcPayTool;
import com.nq.utils.timeutil.DateTimeUtil;
@@ -25,6 +28,7 @@
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.math.BigDecimal;
import java.math.RoundingMode;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.Key;
@@ -41,6 +45,9 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.nq.vo.pay.PayOutMD5Util;
import com.nq.vo.pay.PayoutCallbackData;
import com.nq.vo.pay.PayoutCallbackRequest;
import net.sf.json.JSON;
import net.sf.json.JSONObject;
import okhttp3.*;
@@ -101,6 +108,11 @@
    private static final String KEY_ALGORITHM = "AES";
    private static final String AES128CBC = "AES/CBC/PKCS5Padding";

    /** 代收 v2/payCreate 完整 URL（由商户后台提供域名与路径） */
    private static final String PAY_V2_PAY_CREATE_URL = "https://pay.kkpay100.com/v2/payCreate";
    /** 商户 id */
    private static final int PAY_V2_MID = 10724;

    public ServerResponse thirdPartyRecharge(HttpServletRequest request, String tradeAmount, Integer type) throws Exception {
        // 支付1
        String reqUrl = "https://api.watchglb.com/pay/web";
@@ -119,19 +131,137 @@
        if(type == 0){//支付1
            return getPaymentZero(tradeAmount, uipReqRul, user,request);
        }else if(type == 2){//支付2
            return getPaymentZero(tradeAmount, uipReqRul, user,request);
            return getPaymentOne(tradeAmount, reqUrl,user,request);
        } else if(type == 3){//支付2
            return getPaymentTwo(tradeAmount, uipReqRul, user,request);
        }else if(type == 1){
//            return getPaymentThree(tradeAmount, threeUrl, user,request);
            return getPaymentOne(tradeAmount, reqUrl,user,request);
            return getPaymentThree(tradeAmount, threeUrl, user,request);
        }else if(type == 4){
            return getPaymentFour(tradeAmount, user, request);
        }
        return ServerResponse.createByErrorMsg("获取支付方式失败",request);
    }

    /**
     * 支付4：代收 v2/payCreate（JSON）
     */
    private ServerResponse getPaymentFour(String tradeAmount, User user, HttpServletRequest request) throws Exception {
        String orderId = generatePayOrderId();
        BigDecimal amount = new BigDecimal(tradeAmount).setScale(2, RoundingMode.HALF_UP);

        String notifyUrl = "https://api.greenbackcaps.top/user/rechargeCallbackFour.do";
        String custId = "U" + user.getId();
        String mobile = StringUtils.isNotBlank(user.getPhone()) ? user.getPhone() : "0000000000";
        if (mobile.length() > 16) {
            mobile = mobile.substring(0, 16);
        }
        String fn = UserNameUtil.formatCustomerName(user.getNickName());
        if (StringUtils.isBlank(fn)) {
            fn = "User";
        }
        if (fn.length() > 16) {
            fn = fn.substring(0, 16);
        }
        String ln = String.valueOf(user.getId());
        if (ln.length() > 16) {
            ln = ln.substring(0, 16);
        }
        String email = custId + "@user.local";
        if (email.length() > 64) {
            email = email.substring(0, 64);
        }

        Map<String, String> signParams = new TreeMap<>();
        signParams.put("amount", amount.toPlainString());
        signParams.put("currency", "INR");
        signParams.put("custId", custId);
        signParams.put("email", email);
        signParams.put("firstName", fn);
        signParams.put("lastName", ln);
        signParams.put("mid", String.valueOf(PAY_V2_MID));
        signParams.put("mobile", mobile);
        signParams.put("notifyUrl", notifyUrl);
        signParams.put("orderId", orderId);
        String signBaseString = PayV2RsaSignUtil.buildStringA(signParams);
        String sign = PayV2RsaSignUtil.sign(signBaseString, PayV2GatewayKeys.MERCHANT_PRIVATE_KEY_PEM);
        log.info("支付4代收签名串 stringA={}", signBaseString);

        Map<String, Object> body = new LinkedHashMap<>();
        body.put("mid", PAY_V2_MID);
        body.put("orderId", orderId);
        body.put("amount", amount.toPlainString());
        body.put("currency", "INR");
        body.put("custId", custId);
        body.put("firstName", fn);
        body.put("lastName", ln);
        body.put("mobile", mobile);
        body.put("email", email);
        body.put("notifyUrl", notifyUrl);
        body.put("sign", sign);

        String json = new Gson().toJson(body);
        log.info("支付4代收请求：{}", json);
        String result = HttpClientRequest.doPostJsonBody(PAY_V2_PAY_CREATE_URL, json);
        log.info("支付4代收返回：{}", result);

        ObjectMapper objectMapper = new ObjectMapper();
        PayV2PayCreateResponse resp = objectMapper.readValue(result, PayV2PayCreateResponse.class);
        if (resp.getStatus() != 1 || resp.getData() == null) {
            log.error("支付4下单失败：{}", result);
            return ServerResponse.createByErrorMsg(
                    StringUtils.isNotBlank(resp.getMsg()) ? resp.getMsg() : "获取支付链接失败", request);
        }

        PayV2PayCreateResponse.Data data = resp.getData();
        Map<String, String> respSignParams = new TreeMap<>();
        if (StringUtils.isNotBlank(data.getAmount())) {
            respSignParams.put("amount", data.getAmount());
        }
        if (StringUtils.isNotBlank(data.getMOrder())) {
            respSignParams.put("m_order", data.getMOrder());
        }
        if (StringUtils.isNotBlank(data.getOrderId())) {
            respSignParams.put("order_id", data.getOrderId());
        }
        if (StringUtils.isNotBlank(data.getUrl())) {
            respSignParams.put("url", data.getUrl());
        }
        if (!PayV2RsaSignUtil.verify(respSignParams, data.getSign(), PayV2GatewayKeys.PLATFORM_PUBLIC_KEY)) {
            log.warn("支付4返回签名验证未通过，stringA={}, sign={}",
                    PayV2RsaSignUtil.buildStringA(respSignParams), data.getSign());
        }

        PaymentRecharge paymentRecharge = new PaymentRecharge();
        paymentRecharge.setUserId(user.getId());
        paymentRecharge.setOrderNo(orderId);
        paymentRecharge.setMchOrderNo(data.getOrderId());
        paymentRecharge.setAmount(amount);
        paymentRecharge.setStatus(1);
        paymentRecharge.setPaymentTime(new Date());
        paymentRecharge.setCreatedAt(new Date());
        paymentRecharge.setNotifyUrl(notifyUrl);
        paymentRecharge.setPayInfo(result);
        paymentRechargeService.save(paymentRecharge);

        UserRecharge userRecharge = new UserRecharge();
        userRecharge.setUserId(user.getId());
        userRecharge.setNickName(user.getRealName());
        userRecharge.setAgentId(user.getAgentId());
        userRecharge.setOrderSn(orderId);
        userRecharge.setPayChannel("Payment 4");
        userRecharge.setPayAmt(amount);
        userRecharge.setAddTime(new Date());
        userRecharge.setPayTime(new Date());
        userRecharge.setOrderStatus(0);
        userRecharge.setPayId(4);
        userRechargeMapper.insert(userRecharge);

        return ServerResponse.createBySuccess(data.getUrl());
    }

    private ServerResponse getPaymentZero(String tradeAmount, String uipReqRul, User user, HttpServletRequest request) throws Exception {
        //int
        String url = "https://gateway.kings-pays.com/gateway/payout/init";//正式地址
        String url = "https://gateway.kings-pays.com/gateway/payment/init";//正式地址
        String merchantKey = "qqaC1DH/LeR9iPvm";//商户key 需替换
        String aesKey = "ge6vK40fHNZPFJ4p";//商户aesKey 需替换
        String aesIv = "6gJoHTEE1i2O3ovE";//商户aesIv 需替换
@@ -145,6 +275,7 @@
        dataObj.put("merchantOrderNo",generatePayOrderId());//自定义订单号
        dataObj.put("notifyUrl", "https://api.greenbackcaps.top/user/rechargeCallbackZero.do");//回调通知地址
        JSONObject requestObj = new JSONObject();
        log.info("代收参数：{}", dataObj);
        // 加密数据
        byte[] encryptedData = encrypt(dataObj.toString(), aesKey, aesIv);
        String base64EncodedData = Base64.getEncoder().encodeToString(encryptedData);
@@ -153,6 +284,7 @@
        Headers headers = new Headers.Builder().add("merchant_key", merchantKey).build();//merchant_key需替换
        //请求
        String resp = doPost(url, requestObj.toString(), headers);
        log.info("代收返回："+resp);
        Gson gson = new Gson();
        PaymentResponseZero paymentResponse = gson.fromJson(resp, PaymentResponseZero.class);
        if(paymentResponse.getCode() != 0 && !paymentResponse.getMsg().equals("success")){
@@ -1338,6 +1470,112 @@
        }
    }

    @Override
    public void rechargeCallbackFour(PayV2NotifyRequest vo, HttpServletResponse response) throws IOException {
        log.info("支付4充值回调：{}", vo);
        PrintWriter pw = response.getWriter();
        response.setStatus(200);
        response.setContentType("text/plain;charset=UTF-8");
        if (vo == null || StringUtils.isBlank(vo.getMOrder())) {
            pw.print("FAIL");
            pw.flush();
            pw.close();
            return;
        }
        synchronized (vo.getMOrder()) {
            Map<String, String> signParams = new TreeMap<>();
            if (vo.getMid() != null) {
                signParams.put("mid", String.valueOf(vo.getMid()));
            }
            signParams.put("m_order", vo.getMOrder());
            signParams.put("order_id", vo.getOrderId());
            signParams.put("amount", vo.getAmount());
            if (StringUtils.isNotBlank(vo.getUtr())) {
                signParams.put("utr", vo.getUtr());
            }
            if (vo.getPayStatus() != null) {
                signParams.put("pay_status", String.valueOf(vo.getPayStatus()));
            }
            if (vo.getRTime() != null) {
                signParams.put("r_time", String.valueOf(vo.getRTime()));
            }
            if (!PayV2RsaSignUtil.verify(signParams, vo.getSign(), PayV2GatewayKeys.PLATFORM_PUBLIC_KEY)) {
                log.error("支付4回调签名验证失败：{}, stringA={}", vo, PayV2RsaSignUtil.buildStringA(signParams));
                pw.print("FAIL");
                pw.flush();
                pw.close();
                return;
            }

            PaymentRecharge paymentRecharge = paymentRechargeService.getOne(new LambdaQueryWrapper<>(PaymentRecharge.class)
                    .eq(PaymentRecharge::getOrderNo, vo.getMOrder())
                    .eq(PaymentRecharge::getStatus, 1)
                    .last("limit 1"));
            if (ObjectUtils.isEmpty(paymentRecharge)) {
                log.info("支付4未找到充值订单");
                pw.print("FAIL");
                pw.flush();
                pw.close();
                return;
            }
            UserRecharge userRecharge = userRechargeMapper.selectOne(new LambdaQueryWrapper<>(UserRecharge.class)
                    .eq(UserRecharge::getOrderSn, paymentRecharge.getOrderNo())
                    .eq(UserRecharge::getOrderStatus, 0)
                    .last("limit 1"));
            if (ObjectUtils.isEmpty(userRecharge)) {
                log.info("支付4未找到待支付充值记录");
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }

            Integer ps = vo.getPayStatus();
            if (ps != null && ps == 0) {
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }
            if (ps != null && (ps == 3 || ps == 4)) {
                paymentRecharge.setStatus(2);
                paymentRecharge.setAmount(new BigDecimal(vo.getAmount()));
                paymentRecharge.setPayInfo(vo.toString());
                paymentRechargeService.updateById(paymentRecharge);
                userRecharge.setOrderStatus(2);
                userRechargeMapper.updateById(userRecharge);
                log.warn("支付4回调失败状态 pay_status={}：{}", ps, vo);
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }
            if (ps == null || ps != 1) {
                log.error("支付4回调未知状态：{}", vo);
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }

            userAssetsServices.availablebalanceChange(EStockType.IN.getCode(),
                    paymentRecharge.getUserId(), EUserAssets.TOP_UP, new BigDecimal(vo.getAmount()), "", "");

            paymentRecharge.setStatus(2);
            paymentRecharge.setAmount(new BigDecimal(vo.getAmount()));
            paymentRecharge.setPayInfo(vo.toString());
            paymentRechargeService.updateById(paymentRecharge);

            userRecharge.setOrderStatus(1);
            userRechargeMapper.updateById(userRecharge);

            log.info("支付4充值回调完成");
            pw.print("OK");
            pw.flush();
            pw.close();
        }
    }

    /**
     * 代付回调处理
     */
@@ -1422,7 +1660,7 @@
                transferResponseService.updateById(transferResponse);
                
                userWithdraw.setWithStatus(2); // 失败
                userWithdraw.setWithMsg("代付失败：" + vo.getMsg());
                userWithdraw.setWithMsg("Withdrawal failed：" + vo.getMsg());
                userWithdraw.setTransTime(new Date());
                userWithdrawMapper.updateByPrimaryKeySelective(userWithdraw);
                
@@ -1481,4 +1719,266 @@
            pw.close();
        }
    }

    public Map<String, Object> payoutCallbackTwo(PayoutCallbackRequest request, HttpServletResponse response) {


        String merchantKey = "qqaC1DH/LeR9iPvm";//商户key 需替换
        String aesKey = "ge6vK40fHNZPFJ4p";//商户aesKey 需替换

        Map<String, Object> result = new HashMap<>();
        result.put("code", 200);   // 固定返回 200

        try {
            PayoutCallbackData data = request.getData();
            String signature = request.getSignature_n();

            // 1. 签名验证
            String signStr = merchantKey
                    + nullToEmpty(data.getMessage())
                    + nullToEmpty(data.getAmount())
                    + nullToEmpty(data.getStatus())
                    + nullToEmpty(data.getMerchantOrderNo())
                    + nullToEmpty(data.getOrderNo())
                    + aesKey;

            String calculatedSign = PayOutMD5Util.md5(signStr).toLowerCase();

            if (!calculatedSign.equals(signature)) {
                log.error("代付回调签名验证失败，merchantOrderNo={}，本地签名={}，回调签名={}",
                        data.getMerchantOrderNo(), calculatedSign, signature);
                // 签名失败不处理业务，但依旧返回 200
                return result;
            }

            // 2. 查询本地代付记录
            TransferResponse transfer = transferResponseService.getOne(
                    new LambdaQueryWrapper<TransferResponse>()
                            .eq(TransferResponse::getMerTransferId, data.getMerchantOrderNo())
                            .last("limit 1")
            );

            if (transfer == null) {
                log.error("代付回调未找到对应记录，merchantOrderNo={}", data.getMerchantOrderNo());
                return result;
            }

            // 3. 防止重复回调
            if (transfer.getCallbackState() != 0) {
                log.info("代付回调已处理过，merchantOrderNo={}，状态={}", data.getMerchantOrderNo(), transfer.getCallbackState());
                return result;
            }

            // 4. 查询提现记录
            UserWithdraw withdraw = userWithdrawMapper.selectByPrimaryKey(transfer.getWithId());
            if (withdraw == null) {
                log.error("代付回调未找到提现记录，withId={}", transfer.getWithId());
                return result;
            }

            // 5. 根据状态处理
            String status = data.getStatus();
            if ("SUCCESS".equals(status)) {
                handleSuccess(transfer, withdraw, data, signature);
            } else if ("FAILURE".equals(status)) {
                handleFailure(transfer, withdraw, data, signature);
            } else {
                log.info("代付回调未知状态：{}，暂不处理，merchantOrderNo={}", status, data.getMerchantOrderNo());
            }

        } catch (Exception e) {
            log.error("代付回调处理异常", e);
        }

        return result;
    }

    /**
     * 代付 v2（payOutCreate）异步通知
     */
    @Override
    public void payoutCallbackThree(PayV2PayoutNotifyRequest vo, HttpServletResponse response) throws IOException {
        log.info("代付v2回调：{}", vo);
        response.setStatus(200);
        response.setContentType("text/plain;charset=UTF-8");
        PrintWriter pw = response.getWriter();
        if (vo == null || StringUtils.isBlank(vo.getMOrder()) || vo.getMid() == null
                || vo.getPayStatus() == null || vo.getRTime() == null) {
            pw.print("FAIL");
            pw.flush();
            pw.close();
            return;
        }
        Map<String, String> signParams = new TreeMap<>();
        if (StringUtils.isNotBlank(vo.getAmount())) {
            signParams.put("amount", vo.getAmount());
        }
        if (StringUtils.isNotBlank(vo.getErrMsg())) {
            signParams.put("err_msg", vo.getErrMsg());
        }
        signParams.put("mid", String.valueOf(vo.getMid()));
        signParams.put("m_order", vo.getMOrder());
        signParams.put("order_id", vo.getOrderId());
        signParams.put("pay_status", String.valueOf(vo.getPayStatus()));
        signParams.put("r_time", String.valueOf(vo.getRTime()));
        if (StringUtils.isNotBlank(vo.getUtr())) {
            signParams.put("utr", vo.getUtr());
        }
        if (!PayV2RsaSignUtil.verify(signParams, vo.getSign(), PayV2GatewayKeys.PLATFORM_PUBLIC_KEY)) {
            log.error("代付v2回调签名验证失败, stringA={}", PayV2RsaSignUtil.buildStringA(signParams));
            pw.print("FAIL");
            pw.flush();
            pw.close();
            return;
        }
        synchronized (vo.getMOrder()) {
            TransferResponse transfer = transferResponseService.getOne(
                    new LambdaQueryWrapper<>(TransferResponse.class)
                            .eq(TransferResponse::getMerTransferId, vo.getMOrder())
                            .last("limit 1"));
            if (transfer == null) {
                pw.print("FAIL");
                pw.flush();
                pw.close();
                return;
            }
            if (transfer.getCallbackState() != 0) {
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }
            UserWithdraw withdraw = userWithdrawMapper.selectByPrimaryKey(transfer.getWithId());
            if (withdraw == null) {
                pw.print("FAIL");
                pw.flush();
                pw.close();
                return;
            }
            Integer ps = vo.getPayStatus();
            if (ps != null && ps == 0) {
                pw.print("OK");
                pw.flush();
                pw.close();
                return;
            }
            if (ps != null && ps == 1) {
                transfer.setTradeResult(1);
                transfer.setCallbackState(1);
                transfer.setRespCode("SUCCESS");
                transfer.setSignType("MD5");
                transfer.setSign(vo.getSign());
                transfer.setUpdatedAt(new Date());
                transferResponseService.updateById(transfer);

                withdraw.setWithStatus(1);
                withdraw.setWithMsg("代付成功");
                withdraw.setTransTime(new Date());
                userWithdrawMapper.updateByPrimaryKeySelective(withdraw);

                UserAssets assets = iUserAssetsServices.assetsByTypeAndUserId("IN", withdraw.getUserId());
                if (assets != null) {
                    assets.setFreezeMoney(assets.getFreezeMoney().subtract(withdraw.getWithAmt()));
                    userAssetsMapper.updateById(assets);
                }
            } else if (ps != null && (ps == 2 || ps == 3)) {
                String err = StringUtils.defaultIfBlank(vo.getErrMsg(), "");
                transfer.setTradeResult(2);
                transfer.setCallbackState(2);
                transfer.setRespCode("FAIL");
                transfer.setErrorMsg(err);
                transfer.setSignType("MD5");
                transfer.setSign(vo.getSign());
                transfer.setUpdatedAt(new Date());
                transferResponseService.updateById(transfer);

                withdraw.setWithStatus(2);
                withdraw.setWithMsg("Withdrawal failed：" + err);
                withdraw.setTransTime(new Date());
                userWithdrawMapper.updateByPrimaryKeySelective(withdraw);

                UserAssets assets = iUserAssetsServices.assetsByTypeAndUserId("IN", withdraw.getUserId());
                if (assets != null) {
                    assets.setAvailableBalance(assets.getAvailableBalance().add(withdraw.getWithAmt()));
                    assets.setFreezeMoney(assets.getFreezeMoney().subtract(withdraw.getWithAmt()));
                    userAssetsMapper.updateById(assets);
                }
            } else {
                log.warn("代付v2回调未知 pay_status={}", ps);
            }
            pw.print("OK");
            pw.flush();
            pw.close();
        }
    }

    /**
     * 处理成功回调
     */
    private void handleSuccess(TransferResponse transfer, UserWithdraw withdraw,
                               PayoutCallbackData data, String signature) {
        // 更新代付记录
        transfer.setTradeResult(1);          // 成功
        transfer.setCallbackState(1);        // 已处理成功
        transfer.setRespCode("SUCCESS");
        transfer.setSignType("MD5");
        transfer.setSign(signature);
        transfer.setUpdatedAt(new Date());
        transferResponseService.updateById(transfer);

        // 更新提现记录
        withdraw.setWithStatus(1);            // 成功
        withdraw.setWithMsg("代付成功");
        withdraw.setTransTime(new Date());
        userWithdrawMapper.updateByPrimaryKeySelective(withdraw);

        // 扣除冻结资金（提现时已冻结，此处只需将冻结减少，可用余额不变）
        UserAssets assets = iUserAssetsServices.assetsByTypeAndUserId("IN", withdraw.getUserId());
        if (assets != null) {
            assets.setFreezeMoney(assets.getFreezeMoney().subtract(withdraw.getWithAmt()));
            userAssetsMapper.updateById(assets);
        }

        log.info("代付成功处理完成，商户订单号={}，平台订单号={}", data.getMerchantOrderNo(), data.getOrderNo());
    }

    /**
     * 处理失败回调
     */
    private void handleFailure(TransferResponse transfer, UserWithdraw withdraw,
                               PayoutCallbackData data, String signature) {
        // 更新代付记录
        transfer.setTradeResult(2);          // 失败
        transfer.setCallbackState(2);        // 已处理失败
        transfer.setRespCode("FAIL");
        transfer.setErrorMsg(data.getMessage());
        transfer.setSignType("MD5");
        transfer.setSign(signature);
        transfer.setUpdatedAt(new Date());
        transferResponseService.updateById(transfer);

        // 更新提现记录
        withdraw.setWithStatus(2);            // 失败
        withdraw.setWithMsg("Withdrawal failed：" + data.getMessage());
        withdraw.setTransTime(new Date());
        userWithdrawMapper.updateByPrimaryKeySelective(withdraw);

        // 返还资金：解冻并增加可用余额
        UserAssets assets = iUserAssetsServices.assetsByTypeAndUserId("IN", withdraw.getUserId());
        if (assets != null) {
            assets.setAvailableBalance(assets.getAvailableBalance().add(withdraw.getWithAmt()));
            assets.setFreezeMoney(assets.getFreezeMoney().subtract(withdraw.getWithAmt()));
            userAssetsMapper.updateById(assets);
        }

        log.info("代付失败处理完成，商户订单号={}，平台订单号={}，失败原因={}",
                data.getMerchantOrderNo(), data.getOrderNo(), data.getMessage());
    }

    /**
     * 将 null 转为空字符串，防止拼接 NPE
     */
    private String nullToEmpty(String str) {
        return str == null ? "" : str;
    }
}