抖音担保支付 PHP demo附带详细解释

//仔细检查下前端  order_id  order_token  格式，数据是由发布支付的接口回调得到的。
orderInfo: { // 订单信息
      order_id: config.order_id,
      order_token: config.order_token
}

担保支付闭坑说明：

1、关于前端发起支付报错CD0015

2、关于后端，长常见就是发起支付有问题、回调有问题

这里的坑点是：仔细看开发手册你就发现抖音担保支付，发起支付跟回调签名算法不一样。

注意：发起支付签名加密是MD5、回调验证签名是SHA1加密

（一）发起担保支付

    /**
     * 抖音担保支付 - 处理数据
     * @param $openId
     * @param $out_order_no
     * @param $total_amount
     * @param string $body
     * User: huweikeji
     * Date: 2021/7/31 14:44
     */
    public function DouyinPay($openId,$out_order_no,$total_amount,$body = '抖音担保支付'){
 
        $outOrderNo = $out_order_no;//开发者侧的订单号
        $totalAmount = $total_amount;//支付价格; 接口中参数支付金额单位为[分]
        $subject = "订单号：".$out_order_no; //商品描述也就是标题
        $body = $body;
        $validTimestamp = 60 * 60;//订单过期时间(秒);
        $notifyUrl = "域名/tt_notify"; //这里可以忽略，走字节跳动小程序 -支付 -担保配置-设置回调地址
       //创建订单 
        $response = $this->createOrder($outOrderNo, $totalAmount, $subject, $body, $validTimestamp, $notifyUrl);
 
        return $response;
 
    }
 /**
  * 创建订单
  */
    public function CreateOrder($outOrderNo, $totalAmount, $subject, $body, $validTimestamp, $notifyUrl)
    {
        $params = [
            'app_id'       => $this->appid,
            'out_order_no' => $outOrderNo,
            'total_amount' => intval($totalAmount) * 100,
            'subject'      => $subject,
            'body'         => $body,
            'valid_time'   => $validTimestamp,
            //'notify_url'   => $notifyUrl,
            //'cp_extra' => $cpExtra,
            //'thirdparty_id' => $thirdPartyId,
            //'disable_msg' => $disableMsg,
            //'msg_page' => $msgPage,
            //'store_uid' => $storeUid
        ];
 
        $params = array_filter($params);
        $params['sign'] = $this->getSign($params, $this->payment['secret']);
 
        $res = $this->post(
            'https://developer.toutiao.com/api/apps/ecpay/v1/create_order',
            $params
        );
        return $res;
    }

（二）发起支付签名

    /**
     * 支付签名
     * @param array $body
     * @param string $secret
     * @return string
     * User: huweikeji
     * Date: 2021/8/1 16:14
     */
    public function getSign(array $body, string $secret)
    {
        $filtered = [];
        foreach ($body as $key => $value) {
            if (in_array($key, ['sign', 'app_id', 'thirdparty_id'])) {
                continue;
            }
 
            $filtered[] =
                is_string($value)
                    ? trim($value)
                    : $value;
        }
 
        $filtered[] = trim($secret);
        sort($filtered, SORT_STRING);
        return md5(trim(implode('&', $filtered)));
    }

（三）验证回调签名

    // **************** 以下方法 是字节小程序支付 签名处理方式
 
    public function getNotifySign(array $body, string $secret)
    {
 
        $filtered = [];
        foreach ($body as $key => $value) {
            if (in_array($key, ['msg_signature', 'type'])) {
                continue;
            }
            $filtered[] =
                is_string($value)
                    ? trim($value)
                    : $value;
        }
        $filtered[] = trim($secret);
        sort($filtered, SORT_STRING);
        $filtered = trim(implode('', $filtered));
 
        return sha1($filtered);
    }

（四）支付回调

    public function notify()
    {
        $notify = \request()->param();
 
        if ($notify['msg_signature'] !== $this->getNotifySign($notify, $this->payment['app_id'])) {
            Log::info('回调验证错误');
        } else {
            //获取订单信息
            $order = json_decode($notify['msg'], true);
            //处理订单
            $data = ['order_sn' => $order['cp_orderno']];
            Log::info('抖音担保支付效验成功');
        }
        $data = ['err_no' => '0', 'err_tips' => 'success'];
        return json($data);
    }

（五）回调即CURL post提交