尝试在沙盒中调用支付宝支付 API 时获取 "illegal parameter"
Getting "illegal parameter" when trying to call the alipay Payment API in the Sandbox
所以我想做的是用支付宝打几个 API 电话 https://global.alipay.com/docs/ac/ams/api API
我按照集成指南创建了必要的私钥/public 密钥和客户端 ID。我也在这里遵循了生成签名指南:https://global.alipay.com/docs/ac/ams/digital_signature#gNWs0
我也是从支付宝的开发者工具iTest上复制了部分代码,所以实际上signWithSHA256RSA这个函数是来自支付宝的
我知道我的私钥应该可以用,因为我用支付宝的开发者工具成功测试了相同的请求。
// generate ISO 8601 date
$oDateTime = new \DateTime();
$sDate = $oDateTime->format('c');
$privatekey = '<private_key_removed>';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://open-eu.alipay.com/ams/api/v1/payments/pay');
$reqBody = json_encode(array('productCode' => 'IN_STORE_PAYMENT'));
$headers = array();
$headers[] = "Content-Type:application/json; charset=UTF-8";
$headers[] = "Request-Time:".$sDate;
$headers[] = "client-id:<client_id_removed>";
$headers[] = "Signature:". "algorithm=RSA256,keyVersion=1,signature=".signWithSHA256RSA($sDate, $reqBody, $privatekey);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $reqBody);
$rspContent = curl_exec($curl);
function signWithSHA256RSA($timeString, $reqBody, $privateKey){
$priKey = "-----BEGIN RSA PRIVATE KEY-----\n".
wordwrap($privateKey, 64, "\n", true).
"\n-----END RSA PRIVATE KEY-----";
$signContent = "POST /ams/api/v1/payments/pay"."\n<client_id_removed>".".".$timeString. ".".$reqBody;
openssl_sign($signContent, $signValue, $priKey, OPENSSL_ALGO_SHA256);
return base64_encode($signValue);
}
我收到的错误代码是:
{"result":
{
"resultCode":"PARAM_ILLEGAL",
"resultMessage":"illegal parameter:OpenapiV2签名字段异常: algorithm=RSA256,keyVersion=1,signature=<signature_removed>",
"resultStatus":"F"}
}
Error via Google Translate: '签名字段异常' -> 'Signature field exception'
- 验证签名。用你的秘密替换
$privateKey 和 $publicKey。
$data = 'POST ...';
$keyPair = openssl_pkey_new(
[
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]
);
openssl_pkey_export($keyPair, $privateKey);
$details = openssl_pkey_get_details($keyPair);
$publicKey = $details['key'];
openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA256);
var_dump($signature);
//verify signature
$isValidSignature = openssl_verify(
$data,
$signature,
$publicKey,
'sha256WithRSAEncryption'
);
var_dump($isValidSignature);
- 文档中说
generatedSignature=base64UrlEncode(sha256withrsa(<Content_To_Be_Signed>), <privateKey>))
并提供了java示例
return URLEncoder.encode(new String(Base64.encodeBase64(signed), "UTF-8"), "UTF-8");
php等价于
urlencode(base64_encode($signature))
所以我想做的是用支付宝打几个 API 电话 https://global.alipay.com/docs/ac/ams/api API
我按照集成指南创建了必要的私钥/public 密钥和客户端 ID。我也在这里遵循了生成签名指南:https://global.alipay.com/docs/ac/ams/digital_signature#gNWs0
我也是从支付宝的开发者工具iTest上复制了部分代码,所以实际上signWithSHA256RSA这个函数是来自支付宝的
我知道我的私钥应该可以用,因为我用支付宝的开发者工具成功测试了相同的请求。
// generate ISO 8601 date
$oDateTime = new \DateTime();
$sDate = $oDateTime->format('c');
$privatekey = '<private_key_removed>';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://open-eu.alipay.com/ams/api/v1/payments/pay');
$reqBody = json_encode(array('productCode' => 'IN_STORE_PAYMENT'));
$headers = array();
$headers[] = "Content-Type:application/json; charset=UTF-8";
$headers[] = "Request-Time:".$sDate;
$headers[] = "client-id:<client_id_removed>";
$headers[] = "Signature:". "algorithm=RSA256,keyVersion=1,signature=".signWithSHA256RSA($sDate, $reqBody, $privatekey);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $reqBody);
$rspContent = curl_exec($curl);
function signWithSHA256RSA($timeString, $reqBody, $privateKey){
$priKey = "-----BEGIN RSA PRIVATE KEY-----\n".
wordwrap($privateKey, 64, "\n", true).
"\n-----END RSA PRIVATE KEY-----";
$signContent = "POST /ams/api/v1/payments/pay"."\n<client_id_removed>".".".$timeString. ".".$reqBody;
openssl_sign($signContent, $signValue, $priKey, OPENSSL_ALGO_SHA256);
return base64_encode($signValue);
}
我收到的错误代码是:
{"result":
{
"resultCode":"PARAM_ILLEGAL",
"resultMessage":"illegal parameter:OpenapiV2签名字段异常: algorithm=RSA256,keyVersion=1,signature=<signature_removed>",
"resultStatus":"F"}
}
Error via Google Translate: '签名字段异常' -> 'Signature field exception'
- 验证签名。用你的秘密替换
$privateKey和$publicKey。
$data = 'POST ...';
$keyPair = openssl_pkey_new(
[
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]
);
openssl_pkey_export($keyPair, $privateKey);
$details = openssl_pkey_get_details($keyPair);
$publicKey = $details['key'];
openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA256);
var_dump($signature);
//verify signature
$isValidSignature = openssl_verify(
$data,
$signature,
$publicKey,
'sha256WithRSAEncryption'
);
var_dump($isValidSignature);
- 文档中说
generatedSignature=base64UrlEncode(sha256withrsa(<Content_To_Be_Signed>), <privateKey>))
并提供了java示例
return URLEncoder.encode(new String(Base64.encodeBase64(signed), "UTF-8"), "UTF-8");
php等价于
urlencode(base64_encode($signature))