签名

1. 获取所有支付参数

假设所有发送和接收的数据都是集合M。按照M的升序字母顺序(即字典顺序),并通过相应的URL键值格式(例如key1=value1&key2=value2…)将它们连接到字符串A中。

请注意:

根据ASCII编码的名称(例如字典顺序)按升序字母排列参数名称;

参数名称区分大小写;

当检查返回的数据或YabandPay推送通知签名时,传输的“sign”和“data”不参与签名数据。

2. 使用stringA和secret_key获取stringSign

对stringA执行HMAC-SHA256算法,从而获取sign的值(signValue)。

Use stringA and secret_key to get stringSign, perform HMAC-SHA256 arithmetic on stringSign, thus get sign's value (signValue).

例如:

a) 获取所有支付参数
array(13) {
  ["description"] => string(27) "YabandPay test"
  ["timeout"] => string(1) "0"
  ["pay_method"] => string(8) "online"
  ["sub_pay_method"] => string(6) "WeChat Pay"
  ["order_id"] => string(17) "20180902014018888"
  ["amount"] => string(3) "0.1"
  ["currency"] => string(3) "EUR"
  ["redirect_url"] => string(49) "https://www.yabandmedia.com/pay/redirectpage.php"
  ["notify_url"] => string(44) "https://www.yabandmedia.com/pay/webhook.php"
  ["demo"] => string(4) "test"
  ["user"] => string(20) "016683"
  ["method"] => string(17) "v3.CreatePayments"
  ["time"] => int(1555498137)
}
b) 对所有支付参数排序
array(13) {
  ["amount"] => string(3) "0.1"
  ["currency"] => string(3) "EUR"
  ["demo"] => string(3) "test"
  ["description"] => string(27) "YabandPay test"
  ["method"] => string(17) "v3.CreatePayments"
  ["notify_url"] => string(44) "https://www.yabandmedia.com/pay/webhook.php"
  ["order_id"] => string(17) "20180902014018888"
  ["pay_method"] => string(8) "online"
  ["redirect_url"] => string(49) "https://www.yabandmedia.com/pay/redirectpage.php"
  ["sub_pay_method"] => string(6) "WeChat Pay"
  ["time"] => int(1555498137)
  ["timeout"] => string(1) "0"
  ["user"] => string(20) "016683"
}
c) 拼接为URL方式的字符串
string(326) "amount=0.1&currency=EUR&demo=test&description=YabandPay test&method=v3.CreatePayments&#notify_url=https://www.yabandmedia.com/pay/webhook.php&order_id=20180902014018888&pay_method=online&redirect_url=https://www.yabandmedia.com/pay/redirectpage.php&sub_pay_method=WeChat Pay&time=1555498137&timeout=0&user=016683"
d) 得到的 stringA 使用 secret_key做签名

secret_key 在本案例中为 62184c09df1aeb63239e07079875be81

得到的签名如下:

string(64) "5bc00d6a2fdf336958828e646a354c41ac2cf881d9043221fed731a1ccaa1636"

results matching ""

    No results matching ""