PHP中的Swish Payout API

Question

Swish是一家瑞典支付供应商。你只需把钱寄给一个电话号码就可以了。

这是Swish提供的新支付服务的API。与支付服务不一样，所以不要混淆自己。

他们的网站上没有PHP的例子，我无法得到200的响应。

如果你的专业人士能帮我解决这个问题，我想其他很多人都可以从未来的解决方案中受益。

这是我目前的代码。

$payload = [
  "payoutInstructionUUID" => "E4D773858AF5459B96ABCA4B9DBFF94D",
  "payerPaymentReference" => "payerRef",
  "payerAlias" => "1231388446",
  "payeeAlias" => "46712345678",
  "payeeSSN" => "198602111638",
  "amount" => "100.00",
  "currency" => "SEK",
  "payoutType" => "PAYOUT",
  "message" => "Message to the recipient.",
  "instructionDate" => carbon::now(),
  "signingCertificateSerialNumber" => "667A2C6E068B76988AB657351F5AF636"
];

$pkey =     openssl_pkey_get_private(file_get_contents('Swish_Merchant_TestSigningCertificate_1234679304.key'), 'swish');
$payloadHash =  hash('sha512', json_encode($payload));


$signature =   openssl_sign($payloadHash, $signature, $pkey) ? base64_encode($signature) : null;


 $request = [
  "payload" => $payload,
  "callbackUrl" => "https://postb.in/1634560192746-3820346647407",
  "signature" => $signature 
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://mss.cpc.getswish.net/swish-cpcapi/api/v1/payouts');
curl_setopt($ch, CURLOPT_PORT, 443);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_SSLCERT, 'Swish_Merchant_TestCertificate_1234679304.p12');
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'P12');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'swish');
curl_setopt($ch, CURLOPT_SSLKEY, 'Swish_Merchant_TestCertificate_1234679304.key');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'swish');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
curl_setopt($ch, CURLOPT_CAINFO, 'Swish_TLS_RootCA.pem');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSLVERSION, 6);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);


curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($request));
$f = tmpfile();
curl_setopt($ch, CURLOPT_STDERR, $f);
 $results = curl_exec($ch);

fseek($f, 0);
echo "Verbose information:\n<pre>", fread($f, 32 * 1024), "</pre>\n";
fclose($f);

$info =curl_errno($ch)>0 ? array("curl_error_".curl_errno($ch)=>curl_error($ch)) : curl_getinfo($ch);
print_r($info);

curl_close($ch);

它给了我这样的回应

*   Trying 213.132.115.90:443...
* Connected to mss.cpc.getswish.net (213.132.115.90) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: Swish_TLS_RootCA.pem
*  CApath: none
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=SE; ST=Stockholms l�n; L=Stockholm; O=GetSwish AB; OU=IT; CN=mss.cpc.getswish.net
*  start date: Feb 18 00:00:00 2020 GMT
*  expire date: May 19 12:00:00 2022 GMT
*  subjectAltName: host "mss.cpc.getswish.net" matched cert's "mss.cpc.getswish.net"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA 2018
*  SSL certificate verify ok.
> POST /swish-cpcapi/api/v1/payouts HTTP/1.1
Host: mss.cpc.getswish.net
Accept: */*
Content-Type:application/json
Content-Length: 1172

* Mark bundle as not supporting multiuse
< HTTP/1.1 400 
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Thu, 21 Oct 2021 19:52:53 GMT
< Connection: close
< 
* Closing connection 0
[
   {
      "errorCode":"PA01",
      "errorMessage":"Parameter is not correct.",
      "additionalInformation":null
   }
]

正如你所看到的，答案并不十分准确，告诉我出了什么问题。我试着将签名更改为现在的签名，但仍然得到了相同的错误消息。这使我相信签名是不正确的。

测试环境不需要注册。你可以在你自己的电脑上测试这个。

下面是一个指向文档https://developer.swish.nu/documentation/getting-started/swish-payout-api的链接

证书在这里找到(在管理证书下) https://developer.swish.nu/documentation/environments

Answer 1

试着改变

$signature =   openssl_sign($payloadHash, $signature, $pkey) ? base64_encode($signature) : null;

至

$signature =   openssl_sign($payloadHash, $signature, $pkey, OPENSSL_ALGO_SHA512) ? base64_encode($signature) : null;