php - PHP 中的 Swish 支付 API
问题描述
Swish 是瑞典的支付提供商。您只需向电话号码汇款即可付款。
这是 Swish 提供的新 PAYOUT 服务的 API。与 PAYMENT 服务不同,因此请不要混淆。
他们的网站上没有可用的 PHP 示例,我无法获得 200 响应。
如果您的专业人士可以帮助我解决这个问题,我认为将来还有很多其他人可以从该解决方案中受益。
所以这是我当前的代码。
$payload = [
"payoutInstructionUUID" => "E4D773858AF5459B96ABCA4B9DBFF94D",
"payerPaymentReference" => "payerRef",
"payerAlias" => "1231388446",
"payeeAlias" => "46712345678",
"payeeSSN" => "198602111638",
"amount" => "100.00",
"currency" => "SEK",
"payoutType" => "PAYOUT",
"message" => "Message to the recipient.",
"instructionDate" => carbon::now(),
"signingCertificateSerialNumber" => "667A2C6E068B76988AB657351F5AF636"
];
$pkey = openssl_pkey_get_private(file_get_contents('Swish_Merchant_TestSigningCertificate_1234679304.key'), 'swish');
$payloadHash = hash('sha512', json_encode($payload));
$signature = openssl_sign($payloadHash, $signature, $pkey) ? base64_encode($signature) : null;
$request = [
"payload" => $payload,
"callbackUrl" => "https://postb.in/1634560192746-3820346647407",
"signature" => $signature
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://mss.cpc.getswish.net/swish-cpcapi/api/v1/payouts');
curl_setopt($ch, CURLOPT_PORT, 443);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_SSLCERT, 'Swish_Merchant_TestCertificate_1234679304.p12');
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'P12');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'swish');
curl_setopt($ch, CURLOPT_SSLKEY, 'Swish_Merchant_TestCertificate_1234679304.key');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'swish');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
curl_setopt($ch, CURLOPT_CAINFO, 'Swish_TLS_RootCA.pem');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSLVERSION, 6);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($request));
$f = tmpfile();
curl_setopt($ch, CURLOPT_STDERR, $f);
$results = curl_exec($ch);
fseek($f, 0);
echo "Verbose information:\n<pre>", fread($f, 32 * 1024), "</pre>\n";
fclose($f);
$info =curl_errno($ch)>0 ? array("curl_error_".curl_errno($ch)=>curl_error($ch)) : curl_getinfo($ch);
print_r($info);
curl_close($ch);
它给了我这个回应
* Trying 213.132.115.90:443...
* Connected to mss.cpc.getswish.net (213.132.115.90) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: Swish_TLS_RootCA.pem
* CApath: none
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=SE; ST=Stockholms l�n; L=Stockholm; O=GetSwish AB; OU=IT; CN=mss.cpc.getswish.net
* start date: Feb 18 00:00:00 2020 GMT
* expire date: May 19 12:00:00 2022 GMT
* subjectAltName: host "mss.cpc.getswish.net" matched cert's "mss.cpc.getswish.net"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA 2018
* SSL certificate verify ok.
> POST /swish-cpcapi/api/v1/payouts HTTP/1.1
Host: mss.cpc.getswish.net
Accept: */*
Content-Type:application/json
Content-Length: 1172
* Mark bundle as not supporting multiuse
< HTTP/1.1 400
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Thu, 21 Oct 2021 19:52:53 GMT
< Connection: close
<
* Closing connection 0
[
{
"errorCode":"PA01",
"errorMessage":"Parameter is not correct.",
"additionalInformation":null
}
]
如您所见,响应不是很准确,告诉我出了什么问题。我尝试将签名更改为一些随机数,但仍然收到相同的错误消息。这让我相信签名不正确。
测试环境无需注册。您可以在自己的计算机上进行测试。
这是文档的链接https://developer.swish.nu/documentation/getting-started/swish-payout-api
证书可在此处找到(在管理证书下) https://developer.swish.nu/documentation/environments
解决方案
尝试改变
$signature = openssl_sign($payloadHash, $signature, $pkey) ? base64_encode($signature) : null;
至
$signature = openssl_sign($payloadHash, $signature, $pkey, OPENSSL_ALGO_SHA512) ? base64_encode($signature) : null;
推荐阅读
- javascript - NuxtJS 和自定义 JS 文件
- python - 点集的霍夫变换实现
- java - 为什么此 JPA 查询中未使用转换器?
- image-processing - 如何阻止图像被 file_get_contents 或 wget 抓取,以及如何应对?
- c++ - 将浮点数乘以 0 时,我得到了 inf,而我想说“错误”
- version-control - 撤消 Mercurial 中的错误组织编辑
- parsing - 删除 S -> S(S)S 的左递归 | e
- socket.io - EJS 中的无限滚动
- windows - 如何在 Windows 上更改命令行的 git login?
- sql - 如何使用 like 语句检查 where 子句中 json 数组的每个项目