Merge pull request #93 from TheNorthMemory/v1.4

APIv2客户端增加白名单URLs，对于无sign返回的请求，自动忽略验签
wechatpay-apiv3 · May 19, 2022 · 0ddd126 · 0ddd126
2 parents 3a64295 + 0516328
commit 0ddd126
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # 变更历史
 
+## [1.4.4](../../compare/v1.4.3...v1.4.4) - 2022-05-19
+
+- 新增`APIv3`[客诉图片下载](https://pay.weixin.qq.com/wiki/doc/apiv3/apis/chapter10_2_18.shtml)测试用例，示例说明如何避免[double-pctencoded](https://github.com/guzzle/uri-template/issues/18)问题;
+- PHP内置函数`hash`方法在`PHP8`变更了返回值逻辑，代之为抛送`ValueError`异常，优化`MediaUtilTest`测试用例，以兼容`PHP7`;
+- 新增`APIv2`请求/响应白名单`URL`及调整验签逻辑，对于白名单内的请求，已知无`sign`返回，应用侧自动忽略验签；
+
 ## [1.4.3](../../compare/v1.4.2...v1.4.3) - 2022-01-04
 
 - 优化，严格限定初始化时`mchid`为字符串;

diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@
 
 ## 项目状态
 
-当前版本为 `1.4.3` 测试版本。项目版本遵循 [语义化版本号](https://semver.org/lang/zh-CN/)。如果你使用的版本 `<=v1.3.2`，升级前请参考 [升级指南](UPGRADING.md)。
+当前版本为 `1.4.4` 测试版本。项目版本遵循 [语义化版本号](https://semver.org/lang/zh-CN/)。如果你使用的版本 `<=v1.3.2`，升级前请参考 [升级指南](UPGRADING.md)。
 
 为了向广大开发者提供更好的使用体验，微信支付诚挚邀请您将**使用微信支付 API v3 SDK**中的感受反馈给我们。本问卷可能会占用您不超过2分钟的时间，感谢您的支持。
 

diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "wechatpay/wechatpay",
-    "version": "1.4.3",
+    "version": "1.4.4",
     "description": "[A]Sync Chainable WeChatPay v2&v3's OpenAPI SDK for PHP",
     "type": "library",
     "keywords": [

diff --git a/src/ClientDecoratorInterface.php b/src/ClientDecoratorInterface.php
@@ -14,7 +14,7 @@ interface ClientDecoratorInterface
     /**
      * @var string - This library version
      */
-    public const VERSION = '1.4.3';
+    public const VERSION = '1.4.4';
 
     /**
      * @var string - The HTTP transfer `xml` based protocol

diff --git a/src/ClientXmlTrait.php b/src/ClientXmlTrait.php
@@ -5,6 +5,7 @@
 use function strlen;
 use function trigger_error;
 use function sprintf;
+use function in_array;
 
 use const E_USER_DEPRECATED;
 
@@ -30,6 +31,38 @@ trait ClientXmlTrait
         'Content-Type' => 'text/xml; charset=utf-8',
     ];
 
+    /**
+     * @var string[] - Special URLs whose were designed that none signature respond.
+     */
+    protected static $noneSignatureRespond = [
+        '/mchrisk/querymchrisk',
+        '/mchrisk/setmchriskcallback',
+        '/mchrisk/syncmchriskresult',
+        '/mmpaymkttransfers/gethbinfo',
+        '/mmpaymkttransfers/gettransferinfo',
+        '/mmpaymkttransfers/pay_bank',
+        '/mmpaymkttransfers/promotion/paywwsptrans2pocket',
+        '/mmpaymkttransfers/promotion/querywwsptrans2pocket',
+        '/mmpaymkttransfers/promotion/transfers',
+        '/mmpaymkttransfers/query_bank',
+        '/mmpaymkttransfers/sendgroupredpack',
+        '/mmpaymkttransfers/sendminiprogramhb',
+        '/mmpaymkttransfers/sendredpack',
+        '/papay/entrustweb',
+        '/papay/h5entrustweb',
+        '/papay/partner/entrustweb',
+        '/papay/partner/h5entrustweb',
+        '/pay/downloadbill',
+        '/pay/downloadfundflow',
+        '/payitil/report',
+        '/risk/getpublickey',
+        '/risk/getviolation',
+        '/sandboxnew/pay/downloadbill',
+        '/sandboxnew/pay/getsignkey',
+        '/secapi/mch/submchmanage',
+        '/xdc/apiv2getsignkey/sign/getsignkey',
+    ];
+
     abstract protected static function body(MessageInterface $message): string;
 
     abstract protected static function withDefaults(array ...$config): array;
@@ -88,6 +121,10 @@ public static function transformResponse(string $secret = ''): callable
     {
         return static function (callable $handler) use ($secret): callable {
             return static function (RequestInterface $request, array $options = []) use ($secret, $handler): PromiseInterface {
+                if (in_array($request->getRequestTarget(), static::$noneSignatureRespond)) {
+                    return $handler($request, $options);
+                }
+
                 return $handler($request, $options)->then(static function(ResponseInterface $response) use ($secret) {
                     $result = Transformer::toArray(static::body($response));
 

diff --git a/tests/OpenAPI/V2/Mmpaymkttransfers/Promotion/TransfersTest.php b/tests/OpenAPI/V2/Mmpaymkttransfers/Promotion/TransfersTest.php
@@ -7,7 +7,6 @@
 use GuzzleHttp\HandlerStack;
 use GuzzleHttp\Psr7\Response;
 use Psr\Http\Message\ResponseInterface;
-use GuzzleHttp\Promise\RejectionException;
 use PHPUnit\Framework\TestCase;
 use WeChatPay\Transformer;
 use WeChatPay\ClientDecoratorInterface;
@@ -97,14 +96,9 @@ public function testPost(string $mchid, array $data, ResponseInterface $respondo
 
         $this->mock->reset();
         $this->mock->append($respondor);
-        try {
-            // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
-            @$endpoint->post(['xml' => $data]);
-        } catch (RejectionException $e) {
-            /** @var ResponseInterface $res */
-            $res = $e->getReason();
-            self::responseAssertion($res);
-        }
+        // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
+        $res = @$endpoint->post(['xml' => $data]);
+        self::responseAssertion($res);
     }
 
     /**
@@ -144,7 +138,7 @@ public function testPostAsync(string $mchid, array $data, ResponseInterface $res
         // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
         @$endpoint->postAsync([
             'xml' => $data
-        ])->otherwise(static function($res) {
+        ])->then(static function(ResponseInterface $res) {
             self::responseAssertion($res);
         })->wait();
     }

diff --git a/tests/OpenAPI/V2/Pay/DownloadbillTest.php b/tests/OpenAPI/V2/Pay/DownloadbillTest.php
@@ -105,6 +105,13 @@ public function testPost(string $mchid, array $data, ResponseInterface $respondo
             'xml'     => $data,
         ]);
         self::responseAssertion($res);
+
+        $this->mock->reset();
+        $this->mock->append($respondor);
+
+        // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
+        $res = @$endpoint->post(['xml' => $data]);
+        self::responseAssertion($res);
     }
 
     /**
@@ -159,6 +166,16 @@ public function testPostAsync(string $mchid, array $data, ResponseInterface $res
         $this->mock->reset();
         $this->mock->append($respondor);
 
+        // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
+        @$endpoint->postAsync([
+            'xml' => $data,
+        ])->then(static function(ResponseInterface $response) {
+            self::responseAssertion($response);
+        })->wait();
+
+        $this->mock->reset();
+        $this->mock->append($respondor);
+
         // yes, start with `@` to prevent the internal `E_USER_DEPRECATED`
         @$endpoint->postAsync([
             'handler' => $stack,