ICBC Online Banking third party interface development

Recently done online shopping mall of a network of silver payment interface, can calculate to me burnt dead, all kinds of rules ah, overall is more troublesome, also not difficult, as long as clear process is good. The following to clarify the idea to say;

need to prepare something.

First, you need to bring your bank card and ID card to the local branch to apply for the development of third-party internet banking interface. The local bank will then give you a. pfx file. This is actually an encrypted certificate, then you click Install, enter the official document you applied for the key, will be the. pfx file, split into the. CRT and. Key files. The purpose of these documents is to say, now regardless, the local ICBC will also give you a merchant number, and merchant code.

Business Description.

First of all, we have to look at this picture, the main thing we developers do is the two-to-one. Simply describe, from the Add Order page, fill in the order you want to add, then submit the data to the background, then we use ICBC's encryption and signature method to encapsulate our data, and then return to a client, That is, a view page, and then we submit the order data to the bank. The rest is left to the bank to deal with, and finally we have to make a page to take the data returned by the receiving bank, to determine whether the transaction is successful, and then we adjust the status of the order.

Add Order

This is the simplest one, the simple point is to put our page form data submitted to the background, that is, simply add, oneself in the form inside the definition of attributes, and then submitted to the background, whether it is with struts or spring, as long as the background can accept the data to be finished.

Encapsulating Data

The hardest and most important is this step, which is more troublesome and more complicated. The first thing to understand is what this step is all about, and simply put, we're going to give our data to the data that we need to encapsulate it for ICBC to submit the past. First look at the ICBC development documentation is how to say:

Form form data is as follows:

Variable name	Variable naming	Length definition	Description
Interface Name	InterfaceName	MAX (30)	Will lose, Value: "ICBC_PERBANK_B2C"
Interface version number	Interfaceversion	MAX (15)	Will lose, Value: "1.0.0.11"
Transaction data	Trandata	Unlimited	Must lose, signature; Integration of all transaction data formed by the XML plaintext string, and do BASE64 encoding; The specific format definition is shown below; Attention: The XML header attribute is required; the entire field uses BASE64 encoding; There are no carriage returns and extra spaces in the XML plaintext;
Order signature Data	Mersignmsg	Unlimited	Will lose, The merchant uses the signed API and merchant certificate provided by ICBC to sign the XML plaintext string of Trandata, obtains the binary signature data, then obtains the visual mersignmsg after BASE64 encoding; Note: The signature is for Trandata XML plaintext, not the string that Trandata is BASE64 encoded;
Marketplace Certificate Public key	Mercert	Unlimited	Will lose, After the merchant uses the binary method to read the certificate public key file, the BASE64-encoded string is generated;

The first one, the second one is fixed, the value is already defined, then the third one, the document has been made very clear, we have to follow the development of the document to the XML format, to integrate our transaction data. Here I use Simpleframework.xml to parse XML technology, this method is very suitable for which kind of less repetition, the data volume is small, parsing is very convenient. A brief introduction to his specifications.

Root stands for his root node, @Element identity element, @Attribute identity element attribute. In addition to the root element and the deepest layer element, the bean classes corresponding to the other layer elements are required to introduce the beans of their child elements as attributes. All we have to do here is to assign values to these elements, turn our form data into the element data, and then execute his serialization method into an XML file.

The serialized XML file is shown in the following figure:

<?xml version= "1.0" encoding= "GBK" standalone= "no"?>

<B2CReq>

<interfaceName>ICBC_PERBANK_B2C</interfaceName>

<interfaceVersion>1.0.0.11</interfaceVersion>

<orderInfo>

<orderDate>20100308141629</orderDate>

<curType>001</curType>

<merID>0200EC20001119</merID>

<subOrderInfoList>

<subOrderInfo>

<orderid>201003081416290</orderid>

<amount>1</amount>

<installmentTimes>1</installmentTimes>

<merAcct>0200026009018372212</merAcct>

<goodsID>001</goodsID>

<goodsName> the Bear </goodsName>

<goodsNum>2</goodsNum>

<carriageAmt>20</carriageAmt>

</subOrderInfo>

<subOrderInfo>

<orderid>201003081416291</orderid>

<amount>1</amount>

<installmentTimes>1</installmentTimes>

<merAcct>0200026009018372212</merAcct>

<goodsID>001</goodsID>

<goodsName> the Bear </goodsName>

<goodsNum>2</goodsNum>

<carriageAmt>20</carriageAmt>

</subOrderInfo>

</subOrderInfoList>

</orderInfo>

<custom>

<verifyJoinFlag>0</verifyJoinFlag>

<Language>ZH_CN</Language>

</custom>

<message>

<creditType>2</creditType>

<notifyType>AG</notifyType>

<resultType>1</resultType>

<merReference>localhost</merReference>

<merCustomIp>127.0.0.1</merCustomIp>

<goodsType>1</goodsType>

<merCustomID>123456</merCustomID>

<merCustomPhone>13466780886</merCustomPhone>

<goodsAddress> three Sanlitun </goodsAddress>

<merOrderRemark> Anti-fraud interface exclusive </merOrderRemark>

<merHint> Please keep packing </merHint>

<remark1></remark1>

<remark2></remark2>

<merURL>http://localhost:9080/EbizSimulate/emulator/Newb2c_Pay_Mer.jsp</merURL>

<merVAR>test</merVAR>

</message>

</B2CReq> inside the data there are many rules, here we must pay attention to, carefully read our development documents, attention must be careful, do not careless, otherwise it will be very troublesome;

Okay, here we are going to read the XML data and encrypt it;

Well, now our trandata data are basically encapsulated. Then take a look at our mersignmsg data. We're going to use our key and CRT, plus our secret key.

Now that we have obtained the mersignmsg data, and finally we want to get mercert this data, below is not an example, this is relatively simple. Then we go to the controller, the control layer to put the data into the session. Then jump to the page form.

<from method= "POST" action= "

Https://mybank3.dccnet.com.cn/servlet/ICBCINBSEBusinessServlet ">

<input name= "InterfaceName" type= "text" value= "ICBC_PERBANK_B2C" >

<input name= "interfaceversion" type= "text" value= "1.0.0.11" >

<input name= "Trandata" type= "text" value= "${trandata}" >

<input name= "mersignmsg" type= "text" value= "${mersignmsg}" >

<input name= "Mercert" type= "text" value= "${mercert}" >

<input type= "Submit" >

</from>

Should pay attention to the time of submission, because ICBC test time is uncertain, and ICBC testing personnel to contact, in the form data, time difference and ICBC test time to stay within 10 minutes or will be error. Well today is how many, should go to bed, June has passed, July also came, hope oneself can harvest more in July, refueling. Eat bitter bitter, side for people, I always firmly believe that efforts, there is harvest, hope to see this article friend, can put down the impetuous heart, not because of his friend's salary than their high and temporarily inspire their morale, think to learn, until which day and suddenly give up, I think learning Java must love him, So that we can learn.