fix bug

application/api/controller/Callback.php

@@ -1,12 +1,9 @@
 <?php
 
-
 namespace app\api\controller;
 
-
 use app\admin\command\Api;
 use app\api\service\CallbackService;
-use app\api\service\TencentCloudService;
 use app\api\service\WxService;
 use think\Response;
 use WeChatPay\Crypto\AesGcm;
@@ -54,13 +51,8 @@ class Callback extends Api
         return $headers;
     }
 
-
-    /**
-     * @throws \Exception
-     */
-    public function wxpay()
+    private function verify()
     {
-        //读取http头信息  见下文
         $header = $this->getHeaders();
         // 请根据实际情况获取
         $inWechatpaySignature = isset($header['WECHATPAY-SIGNATURE']) ? $header['WECHATPAY-SIGNATURE'] : "";
@@ -85,6 +77,20 @@ class Callback extends Api
             $inWechatpaySignature,
             $platformPublicKeyInstance
         );
+        return [
+            $timeOffsetStatus,
+            $verifiedStatus,
+            $inBody,
+            $apiv3Key
+        ];
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public function wxpay()
+    {
+        list($timeOffsetStatus, $verifiedStatus, $inBody, $apiv3Key) = $this->verify();
         if ($timeOffsetStatus && $verifiedStatus) {
             // 转换通知的JSON文本消息为PHP Array数组
             $inBodyArray = (array)json_decode($inBody, true);
@@ -128,34 +134,9 @@ class Callback extends Api
         return new Response(json_encode(["code" => "FAIL", "message" => "失败"]), 500);
     }
 
-
     public function wxrefund()
     {
-        //读取http头信息  见下文
-        $header = $this->getHeaders();
-        // 请根据实际情况获取
-        $inWechatpaySignature = isset($header['WECHATPAY-SIGNATURE']) ? $header['WECHATPAY-SIGNATURE'] : "";
-        // 请根据实际情况获取
-        $inWechatpayTimestamp = isset($header['WECHATPAY-TIMESTAMP']) ? $header['WECHATPAY-TIMESTAMP'] : "";
-        // 请根据实际情况获取
-//        $inWechatpaySerial = $header['WECHATPAY-SERIAL'];
-        // 请根据实际情况获取
-        $inWechatpayNonce = isset($header['WECHATPAY-NONCE']) ? $header['WECHATPAY-NONCE'] : "";
-        //读取微信传过来的信息，是一个json字符串
-        $inBody = file_get_contents('php://input');
-        $config = WxService::wxPayConfigByType("app");
-        // 在商户平台上设置的APIv3密钥
-        $apiv3Key = $config["mch_v3_api"];
-        // 根据通知的平台证书序列号，查询本地平台证书文件
-        $platformPublicKeyInstance = Rsa::from("file://" . $config["platform_certificate_file_path"], Rsa::KEY_TYPE_PUBLIC);
-        // 检查通知时间偏移量，允许5分钟之内的偏移
-        $timeOffsetStatus = 300 >= abs(Formatter::timestamp() - (int)$inWechatpayTimestamp);
-        // 构造验签名串
-        $verifiedStatus = Rsa::verify(
-            Formatter::joinedByLineFeed($inWechatpayTimestamp, $inWechatpayNonce, $inBody),
-            $inWechatpaySignature,
-            $platformPublicKeyInstance
-        );
+        list($timeOffsetStatus, $verifiedStatus, $inBody, $apiv3Key) = $this->verify();
         if ($timeOffsetStatus && $verifiedStatus) {
             // 转换通知的JSON文本消息为PHP Array数组
             $inBodyArray = (array)json_decode($inBody, true);
@@ -193,7 +174,8 @@ class Callback extends Api
         return new Response(json_encode(["code" => "FAIL", "message" => "失败"]), 500);
     }
 
-    public function alipay() {
+    public function alipay()
+    {
         echo "SUCCESS";
     }