From bdf7fdb7d837e921ec695ccc0830972fde3abea7 Mon Sep 17 00:00:00 2001
From: dingzhiwei <jmdhappy@126.com>
Date: Wed, 9 Jun 2021 19:57:45 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=94=AF=E4=BB=98=E5=9B=9E?=
 =?UTF-8?q?=E8=B0=83=E5=A4=84=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/sql/init.sql                             |  2 +-
 .../jeequan/jeepay/core/utils/StringKit.java  | 32 +++++++++++++++++++
 .../src/main/resources/application.yml        |  2 +-
 .../src/main/resources/application.yml        |  2 +-
 .../payorder/AbstractPayOrderController.java  |  8 +++++
 .../pay/service/PayMchNotifyService.java      | 29 ++++++-----------
 .../jeepay/service/impl/SysUserService.java   |  4 +--
 7 files changed, 54 insertions(+), 25 deletions(-)

diff --git a/docs/sql/init.sql b/docs/sql/init.sql
index e058d44..c20fc3c 100644
--- a/docs/sql/init.sql
+++ b/docs/sql/init.sql
@@ -512,7 +512,7 @@ insert into t_sys_role values ('ROLE_OP', '普通操作员', 'MGR', '0', '2021-0
 -- insert into t_sys_role_ent_rela select '801', ent_id from t_sys_entitlement;
 
 -- 超管用户： jeepay / jeepay123
-insert into t_sys_user values (801, 'jeepay', '超管', '13000000001', '1', 'https://edu-system.oss-cn-beijing.aliyuncs.com/1/img/z/avatar_1.jpg', 'D0001', 1, 1, 'MGR', '0', '2020-06-13', '2020-06-13');
+insert into t_sys_user values (801, 'jeepay', '超管', '13000000001', '1', 'https://jeequan.oss-cn-beijing.aliyuncs.com/jeepay/img/defava_m.png', 'D0001', 1, 1, 'MGR', '0', '2020-06-13', '2020-06-13');
 insert into t_sys_user_auth values (801, '801', '1', 'jeepay', '$2a$10$WKuPJKE1XhX15ibqDM745eOCaZZVUiRitUjEyX6zVNd9k.cQXfzGa', 'testkey', 'MGR');
 
 -- insert into t_sys_user_role_rela values (801, 801);
diff --git a/jeepay-core/src/main/java/com/jeequan/jeepay/core/utils/StringKit.java b/jeepay-core/src/main/java/com/jeequan/jeepay/core/utils/StringKit.java
index 095dd16..178e72f 100644
--- a/jeepay-core/src/main/java/com/jeequan/jeepay/core/utils/StringKit.java
+++ b/jeepay-core/src/main/java/com/jeequan/jeepay/core/utils/StringKit.java
@@ -15,6 +15,10 @@
  */
 package com.jeequan.jeepay.core.utils;
 
+import cn.hutool.core.net.url.UrlBuilder;
+import org.apache.commons.lang3.StringUtils;
+
+import java.util.Map;
 import java.util.UUID;
 
 /*
@@ -33,4 +37,32 @@ public class StringKit {
 	public static String getUUID(int endAt){
 		return getUUID().substring(0, endAt);
 	}
+
+	/** 拼接url参数 **/
+	public static String appendUrlQuery(String url, Map<String, Object> map){
+
+		if(StringUtils.isEmpty(url) || map == null || map.isEmpty()){
+			return url;
+		}
+		UrlBuilder result = UrlBuilder.create().of(url);
+		map.forEach((k, v) -> {
+			if(k != null && v != null){
+				result.addQuery(k, v.toString());
+			}
+		});
+
+		return result.toURI().toString();
+	}
+
+
+	/** 是否 http 或 https连接 **/
+	public static boolean isAvailableUrl(String url){
+
+		if(StringUtils.isEmpty(url)){
+			return false;
+		}
+
+		return url.startsWith("http://") ||url.startsWith("https://");
+	}
+
 }
diff --git a/jeepay-manager/src/main/resources/application.yml b/jeepay-manager/src/main/resources/application.yml
index 5daf840..0f0bdfa 100644
--- a/jeepay-manager/src/main/resources/application.yml
+++ b/jeepay-manager/src/main/resources/application.yml
@@ -71,5 +71,5 @@ isys:
     # 文件系统配置项（系统内oss， 并非云oss）
     oss-file:
         root-path: E:/home/jeepay/files #存储根路径 ( 无需以‘/’结尾 )
-        public-path: ${isys.oss-file.root-path}/pubic #公共读取块  ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾 )
+        public-path: ${isys.oss-file.root-path}/public #公共读取块  ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾 )
         private-path: ${isys.oss-file.root-path}/private #私有化本地访问，不允许url方式公共读取 ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾  )
diff --git a/jeepay-merchant/src/main/resources/application.yml b/jeepay-merchant/src/main/resources/application.yml
index f57e287..b0e43c0 100644
--- a/jeepay-merchant/src/main/resources/application.yml
+++ b/jeepay-merchant/src/main/resources/application.yml
@@ -71,6 +71,6 @@ isys:
     # 文件系统配置项（系统内oss， 并非云oss）
     oss-file:
         root-path: E:/home/jeepay/files #存储根路径 ( 无需以‘/’结尾 )
-        public-path: ${isys.oss-file.root-path}/pubic #公共读取块  ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾 )
+        public-path: ${isys.oss-file.root-path}/public #公共读取块  ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾 )
         private-path: ${isys.oss-file.root-path}/private #私有化本地访问，不允许url方式公共读取 ( 一般配合root-path参数进行设置，需以‘/’ 开头, 无需以‘/’结尾  )
 
diff --git a/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/ctrl/payorder/AbstractPayOrderController.java b/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/ctrl/payorder/AbstractPayOrderController.java
index 167c00d..95f45c0 100644
--- a/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/ctrl/payorder/AbstractPayOrderController.java
+++ b/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/ctrl/payorder/AbstractPayOrderController.java
@@ -24,6 +24,7 @@ import com.jeequan.jeepay.core.exception.BizException;
 import com.jeequan.jeepay.core.model.ApiRes;
 import com.jeequan.jeepay.core.utils.SeqKit;
 import com.jeequan.jeepay.core.utils.SpringBeansUtil;
+import com.jeequan.jeepay.core.utils.StringKit;
 import com.jeequan.jeepay.pay.channel.IPaymentService;
 import com.jeequan.jeepay.pay.ctrl.ApiController;
 import com.jeequan.jeepay.pay.exception.ChannelException;
@@ -107,6 +108,13 @@ public abstract class AbstractPayOrderController extends ApiController {
                 throw new BizException("商户订单["+bizRQ.getMchOrderNo()+"]已存在");
             }
 
+            if(StringUtils.isNotEmpty(bizRQ.getNotifyUrl()) && !StringKit.isAvailableUrl(bizRQ.getNotifyUrl())){
+                throw new BizException("异步通知地址协议仅支持http:// 或 https:// !");
+            }
+            if(StringUtils.isNotEmpty(bizRQ.getReturnUrl()) && !StringKit.isAvailableUrl(bizRQ.getReturnUrl())){
+                throw new BizException("同步通知地址协议仅支持http:// 或 https:// !");
+            }
+
             //获取支付参数 (缓存数据) 和 商户信息
             MchConfigContext mchConfigContext = configContextService.getMchConfigContext(mchNo);
             if(mchConfigContext == null){
diff --git a/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/service/PayMchNotifyService.java b/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/service/PayMchNotifyService.java
index bd9102f..2feccee 100644
--- a/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/service/PayMchNotifyService.java
+++ b/jeepay-payment/src/main/java/com/jeequan/jeepay/pay/service/PayMchNotifyService.java
@@ -20,6 +20,7 @@ import com.jeequan.jeepay.core.entity.MchInfo;
 import com.jeequan.jeepay.core.entity.MchNotifyRecord;
 import com.jeequan.jeepay.core.entity.PayOrder;
 import com.jeequan.jeepay.core.utils.JeepayKit;
+import com.jeequan.jeepay.core.utils.StringKit;
 import com.jeequan.jeepay.pay.mq.queue.MqQueue4PayOrderMchNotify;
 import com.jeequan.jeepay.pay.rqrs.QueryPayOrderRS;
 import com.jeequan.jeepay.service.impl.MchInfoService;
@@ -29,9 +30,6 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-
 /*
 * 商户通知 service
 *
@@ -101,15 +99,11 @@ public class PayMchNotifyService {
         JSONObject jsonObject = (JSONObject)JSONObject.toJSON(queryPayOrderRS);
         jsonObject.put("reqTime", System.currentTimeMillis()); //添加请求时间
 
-        // 先对原文签名
-        String reqSign = JeepayKit.getSign(jsonObject, mchKey);
+        // 报文签名
+        jsonObject.put("sign", JeepayKit.getSign(jsonObject, mchKey));
 
-        jsonObject.put("sign", reqSign);   // 签名
-        // 生成参数串
-        String param = JeepayKit.genUrlParams(jsonObject);
-
-        //响应结果
-        return payOrder.getNotifyUrl() + "?" + param;
+        // 生成通知
+        return StringKit.appendUrlQuery(payOrder.getNotifyUrl(), jsonObject);
     }
 
 
@@ -126,17 +120,12 @@ public class PayMchNotifyService {
         JSONObject jsonObject = (JSONObject)JSONObject.toJSON(queryPayOrderRS);
         jsonObject.put("reqTime", System.currentTimeMillis()); //添加请求时间
 
-        jsonObject.keySet().stream().forEach(key -> jsonObject.put(key, ( jsonObject.getString(key) == null ? null : URLEncoder.encode(jsonObject.getString(key))) ));
+        // 报文签名
+        jsonObject.put("sign", JeepayKit.getSign(jsonObject, mchKey));   // 签名
 
-        // 先对原文签名
-        String reqSign = JeepayKit.getSign(jsonObject, mchKey);
+        // 生成跳转地址
+        return StringKit.appendUrlQuery(payOrder.getReturnUrl(), jsonObject);
 
-        jsonObject.put("sign", reqSign);   // 签名
-        // 生成参数串
-        String param = JeepayKit.genUrlParams(jsonObject);
-
-        //响应结果
-        return payOrder.getReturnUrl() + "?" + param;
     }
 
 }
diff --git a/jeepay-service/src/main/java/com/jeequan/jeepay/service/impl/SysUserService.java b/jeepay-service/src/main/java/com/jeequan/jeepay/service/impl/SysUserService.java
index 0c477b7..28d895f 100644
--- a/jeepay-service/src/main/java/com/jeequan/jeepay/service/impl/SysUserService.java
+++ b/jeepay-service/src/main/java/com/jeequan/jeepay/service/impl/SysUserService.java
@@ -76,9 +76,9 @@ public class SysUserService extends ServiceImpl<SysUserMapper, SysUser> {
 
         //女  默认头像
         if(sysUser.getSex() != null && CS.SEX_FEMALE == sysUser.getSex()){
-            sysUser.setAvatarUrl("/imgs/defava_f.png");
+            sysUser.setAvatarUrl("https://jeequan.oss-cn-beijing.aliyuncs.com/jeepay/img/defava_f.png");
         }else{
-            sysUser.setAvatarUrl("/imgs/defava_m.png");
+            sysUser.setAvatarUrl("https://jeequan.oss-cn-beijing.aliyuncs.com/jeepay/img/defava_m.png");
         }
 
         //1. 插入用户主表