support epay submit form params

This commit is contained in:
jiamovo
2026-04-14 20:44:26 +08:00
parent 786c5e8175
commit 8cd816c35e
2 changed files with 107 additions and 16 deletions
+33 -15
View File
@@ -77,11 +77,42 @@ func RegisterRoute(e *echo.Echo) {
epayV1 := paymentRoute.Group("/epay/v1")
epayV1.Match([]string{http.MethodPost, http.MethodGet}, "/order/create-transaction/submit.php", func(ctx echo.Context) error {
params := make(map[string]interface{})
for k, v := range ctx.QueryParams() {
copyParams := func(values map[string][]string) {
for k, v := range values {
if len(v) == 0 {
continue
}
params[k] = v[0]
}
}
copyParams(ctx.QueryParams())
formParams, err := ctx.FormParams()
if err != nil && ctx.Request().Method == http.MethodPost {
return comm.Ctrl.FailJson(ctx, fmt.Errorf("invalid epay form params: %w", err))
}
if err == nil {
copyParams(formParams)
}
getString := func(m map[string]interface{}, key string) string {
v, ok := m[key]
if !ok {
return ""
}
s, ok := v.(string)
if !ok {
return ""
}
return s
}
signstr := getString(params, "sign")
if signstr == "" {
return constant.SignatureErr
}
signstr := params["sign"].(string)
delete(params, "sign")
delete(params, "sign_type")
@@ -96,19 +127,6 @@ func RegisterRoute(e *echo.Echo) {
return constant.SignatureErr
}
// safely get string value from map
getString := func(m map[string]interface{}, key string) string {
v, ok := m[key]
if !ok {
return ""
}
s, ok := v.(string)
if !ok {
return ""
}
return s
}
money := getString(params, "money")
name := getString(params, "name")
notifyURL := getString(params, "notify_url")
+73
View File
@@ -5,6 +5,7 @@ import (
"fmt"
"net/http"
"net/http/httptest"
"net/url"
"os"
"strings"
"testing"
@@ -28,6 +29,7 @@ func setupTestEnv(t *testing.T) *echo.Echo {
viper.Reset()
viper.Set("db_type", "sqlite")
viper.Set("api_auth_token", testAPIToken)
viper.Set("epay_pid", 1)
viper.Set("app_uri", "http://localhost:8080")
viper.Set("order_expiration_time", 10)
viper.Set("api_rate_url", "")
@@ -78,6 +80,28 @@ func doPost(e *echo.Echo, path string, body map[string]interface{}) *httptest.Re
return rec
}
func signEpayValues(values url.Values) url.Values {
signParams := make(map[string]interface{})
for key, items := range values {
if key == "sign" || key == "sign_type" || len(items) == 0 {
continue
}
signParams[key] = items[0]
}
sig, _ := sign.Get(signParams, testAPIToken)
values.Set("sign", sig)
values.Set("sign_type", "MD5")
return values
}
func doFormPost(e *echo.Echo, path string, values url.Values) *httptest.ResponseRecorder {
req := httptest.NewRequest(http.MethodPost, path, strings.NewReader(values.Encode()))
req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationForm)
rec := httptest.NewRecorder()
e.ServeHTTP(rec, req)
return rec
}
// TestCreateOrderEpusdtDefaultTron tests the epusdt compatibility route defaults to tron network.
func TestCreateOrderEpusdtDefaultTron(t *testing.T) {
e := setupTestEnv(t)
@@ -401,3 +425,52 @@ func TestCreateOrderNetworkIsolation(t *testing.T) {
t.Errorf("expected SolTestAddress001, got %v", data["receive_address"])
}
}
func TestEpaySubmitPhpGetCompatible(t *testing.T) {
e := setupTestEnv(t)
values := signEpayValues(url.Values{
"pid": {"1"},
"name": {"epay-get-001"},
"type": {"alipay"},
"money": {"1.00"},
"out_trade_no": {"epay-get-001"},
"notify_url": {"http://localhost/notify"},
"return_url": {"http://localhost/return"},
})
req := httptest.NewRequest(http.MethodGet, "/payments/epay/v1/order/create-transaction/submit.php?"+values.Encode(), nil)
rec := httptest.NewRecorder()
e.ServeHTTP(rec, req)
if rec.Code != http.StatusFound {
t.Fatalf("expected 302, got %d body=%s", rec.Code, rec.Body.String())
}
if !strings.HasPrefix(rec.Header().Get("Location"), "/pay/checkout-counter/") {
t.Fatalf("expected checkout redirect, got %q", rec.Header().Get("Location"))
}
}
func TestEpaySubmitPhpPostFormCompatible(t *testing.T) {
e := setupTestEnv(t)
values := signEpayValues(url.Values{
"pid": {"1"},
"name": {"epay-post-001"},
"type": {"alipay"},
"money": {"1.00"},
"out_trade_no": {"epay-post-001"},
"notify_url": {"http://localhost/notify"},
"return_url": {"http://localhost/return"},
"sitename": {"example-shop"},
})
rec := doFormPost(e, "/payments/epay/v1/order/create-transaction/submit.php", values)
if rec.Code != http.StatusFound {
t.Fatalf("expected 302, got %d body=%s", rec.Code, rec.Body.String())
}
if !strings.HasPrefix(rec.Header().Get("Location"), "/pay/checkout-counter/") {
t.Fatalf("expected checkout redirect, got %q", rec.Header().Get("Location"))
}
}