开发者社区> 问答> 正文

#支付宝 周期扣款无线端唤起签约页面提示“免密支付安全验证”?

周期扣款使用“先签约后代扣”场景,并且在商户app的客户端进行唤起签约页面时,提示:免密支付安全验证。

展开
收起
保持可爱mmm 2020-05-07 09:35:40 3461 0
1 条回答
写回答
取消 提交回答
  • 问题原因

    通过签约接口(alipay.user.agreement.page.sign)拿到的签约URL不能直接使用在无线端唤起签约页面的场景中,需拼接跳转链接唤起,具体方式见 无线端唤起签约说明。

    解决方案

    检查签约url是否进行过跳转链接的拼接,格式如下:

    alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=封装后的签约URL

    无线端唤起签约流程说明:

    1、通过sdk签名生成url方式,建议参考pageExecute()方法如何get请求。

    注:如果开发者使用开放平台官方 SDK则无需对参数进行 encode处理,否则需要对每个参数对应的 value 做一次encode(UTF-8),转义如下:

    http://openapi.alipay.com/gateway.do?biz_content={"access_params"%3A{"channel"%3A"ALIPAYAPP"}%2C"external_agreement_no"%3A"beijignditie_1"%2C"identity_params"%3A{"cert_no"%3A"610402196908019453"%2C"user_name"%3A"jbuflp"}%2C"personal_product_code"%3ACYCLE_PAY_AUTH_P"%2C"sign_scene"%3A"INDUSTRY|METRO"%2C"zm_auth_params"%3A{"buckle_app_id"%3A"1001164"%2C"buckle_merchant_id"%3A"268820000000414397785"}}&sign=CxxysLRx0P%2FdEuSTw%2FxsH%2ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%2BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%2F1RUI0sT%2FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%2FGsXQJ04c%3D&timestamp=2017-06-29+21%3A06%3A02&sign_type=RSA&charset=UTF-8&app_id=2017060101317939&method=alipay.user.agreement.page.sign&version=1.0

    2、 除去http://openapi.alipay.com/gateway.do?,并将 http://openapi.alipay.com/gateway.do? 后面的所有参数作为入参,做一次整体的 encode(UTF-8),如下段代码中所示

    biz_content%3d%257B%2522access_params%2522%253A%257B%2522channel%2522%253A%2522ALIPAYAPP%2522%257D%252C%2522external_agreement_no%2522%253A%2522beijignditie_1%2522%252C%2522identity_params%2522%253A%257B%2522cert_no%2522%253A%2522610402196908019453%2522%252C%2522user_name%2522%253A%2522jbuflp%2522%257D%252C%2522personal_product_code%2522%253A%2522CYCLE_PAY_AUTH_P%2522%252C%2522sign_scene%2522%253A%2522INDUSTRY%257CMETRO%2522%252C%2522zm_auth_params%2522%253A%257B%2522buckle_app_id%2522%253A%25221001164%2522%252C%2522buckle_merchant_id%2522%253A%2522268820000000414397785%2522%257D%257D%26sign%3dCxxysLRx0P%252FdEuSTw%252FxsH%252ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%252BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%252F1RUI0sT%252FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%252FGsXQJ04c%253D%26timestamp%3d2017-06-29%2b21%253A06%253A02%26sign_type%3dRSA%26charset%3dUTF-8%26app_id%3d2017060101317939%26method%3dalipay.user.agreement.page.sign%26version%3d1.0

    3、将第2步转义生成好的数据拼接在“alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=”后,拼接完整的数据如下:

    alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=biz_content%3d%257B%2522access_params%2522%253A%257B%2522channel%2522%253A%2522ALIPAYAPP%2522%257D%252C%2522external_agreement_no%2522%253A%2522beijignditie_1%2522%252C%2522identity_params%2522%253A%257B%2522cert_no%2522%253A%2522610402196908019453%2522%252C%2522user_name%2522%253A%2522jbuflp%2522%257D%252C%2522personal_product_code%2522%253A%2522CYCLE_PAY_AUTH_P%2522%252C%2522sign_scene%2522%253A%2522INDUSTRY%257CMETRO%2522%252C%2522zm_auth_params%2522%253A%257B%2522buckle_app_id%2522%253A%25221001164%2522%252C%2522buckle_merchant_id%2522%253A%2522268820000000414397785%2522%257D%257D%26sign%3dCxxysLRx0P%252FdEuSTw%252FxsH%252ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%252BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%252F1RUI0sT%252FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%252FGsXQJ04c%253D%26timestamp%3d2017-06-29%2b21%253A06%253A02%26sign_type%3dRSA%26charset%3dUTF-8%26app_id%3d2017060101317939%26method%3dalipay.user.agreement.page.sign%26version%3d1.0

    此时就是一个完整的访问地址,可通过scheme唤起,可现在浏览器测试是否可正常唤起签约页面。

    2020-05-07 09:35:49
    赞同 1 展开评论 打赏
问答分类:
问答地址:
问答排行榜
最热
最新

相关电子书

更多
十分钟上线-使用函数计算构建支付宝小程序服务 立即下载
低代码开发师(初级)实战教程 立即下载
阿里巴巴DevOps 最佳实践手册 立即下载

相关实验场景

更多