微信支付的退款申请,微信支付端的通知是加密的。按照文档说明(https://pay.weixin.qq.com/wiki/doc/api/jsapi.php?chapter=9_16&index=10):
解密步骤如下:
(1)对加密串A做base64解码,得到加密串B
(2)对商户key做md5,得到32位小写key* ( key设置路径:微信商户平台(pay.weixin.qq.com)-->账户设置-->API安全-->密钥设置 )
(3)用key*对加密串B做AES-256-ECB解密(PKCS7Padding)
由于Php7.1之后,老式的mcrypt包被换成openssl包,以前的函数都不能用了。这里,用新的包实现解密。
微信的通知大体是这样的:<xml><return_code>SUCCESS</return_code><appid><![CDATA[xxxxxxxxx.......]]></appid><mch_id><![CDATA[xxxxxxxx..]]></mch_id><nonce_str><![CDATA[xxxxxxxxxxxxxxx.........]]></nonce_str><req_info><![CDATA[6t1QTxFSseNG7xXzH1EZm67bk3n00FqmrGIwgaNIY7WZEcul2iVY18fTy08RVtHwmWEaKhZKzg8FO7KLXtDGxGjeUZ0ojIr47+bDuMFYMbsDdPDtBxvjgjUEeKkOP++/x7jF1CEWuRClnpjrpshXKacZuq+ilGFcAJHORtKRBqs+BuB4qBWyrpTcP4848TZp9BTJzYRSQznV5xwHp8XaxpMqYQaPSc75cs3ixt073A8wSmgEiopdJaV6rjlIN4Fao3eephB5f7m7gztdMff4UAfRwgIrIIZxU8Dg69ffqNhehNXNp8NRaUZbbdHvl4q4MziZ9XpbJRUqkWMjLqJt1vxpP5OpyXqotxSrVg9B92bhmd9JTuAaYNq/9EzRTHsHMH99U1yQXS720aMLt+jHtg5/DB7BrB11ZbB47unM263wxCJOwJydyRhCqttr8mRgW38pnDENyxu2o3i+lScFnq1ZlqWKRyCD4l/Le4NPmQJqg1tAcFvEPw6OXUrlNZ2R9syh785pHU69E31t1LMFXDPWQRyYdOrF9Yu4a1V8D6I+QPC1bn3JhJL2mM/Z8lIX5HDMqtW61KVzPi29TGKijhcm8oCtu+7XcQrAF8mY3/90DJ1SyEPMjaevFgEt6eI3oHeFlBEdQTx34j2Dbv8hQJMqw8GAS3bOVAzqrTuT7pxpTQ908f3GlTkM/wgjwgUqOsEyQzX72OEl60RiekIZ/NGh+MGNF7XLpV9kFbt1z7tMLh9F8To/TRJSS5c0FvQCuAFhpKS6L3qUuYKWpFKn/XpOe26jWAy+5WMvTvo/hXCtf3kwdBRzinPwH6oe8q+gBQAAkyGM029asoqzXKULi5h3vGUPMibZtUyIh8gXx9bVpQsBiY0tfTx0MDh/kl0Xet78jXy4foeMqMnX8bstzCphdzpIR4pjq0lohdW/bRJ+4UrHxtwj7bw6U/eGn08dc6BDxu1cI4xka+L/wbgIeNYuFLF12Pco8+L9DGD1ma9kotn88IaSYbdvb3ZYMHjkCWpuOi+DcZwcgDVWBBGOrOXP87EdOS/0D+QCHbenUKrimUEIAArzOjAu5bPkwF4V]]></req_info></xml>
这里,需要对上述消息里的req_info解密。
$key="32位的微信支付api key"; $msg="req_info里的CDATA[ ]之间的加密过的字符串"; $xml= openssl_decrypt(base64_decode($msg), 'AES-256-ECB', MD5($key), OPENSSL_RAW_DATA, '');
最终,那个$xml应该就是标准的xml,大体如下:
<out_refund_no><!--[CDATA[2020.....]]--></out_refund_no>
<out_trade_no><!--[CDATA[2020...................]]--></out_trade_no>
<refund_account><!--[CDATA[REFUND_SOURCE_RECHARGE_FUNDS]]--></refund_account>
<refund_fee><!--[CDATA[1]]--></refund_fee>
<refund_id><!--[CDATA[5030......]]--></refund_id>
<refund_recv_accout><!--[CDATA[支付用户零钱]]--></refund_recv_accout>
<refund_request_source><!--[CDATA[API]]--></refund_request_source>
<refund_status><!--[CDATA[SUCCESS]]--></refund_status>
<settlement_refund_fee><!--[CDATA[1]]--></settlement_refund_fee>
<settlement_total_fee><!--[CDATA[1]]--></settlement_total_fee>
<success_time><!--[CDATA[2020-05-19 20:20:55]]--></success_time>
<total_fee><!--[CDATA[1]]--></total_fee>
<transaction_id><!--[CDATA[4200....................]]--></transaction_id>