How do I wechat perform payment in Wechat mini programs?

Question

微信文档相当晦涩，部分是由于管理授权的复杂方法造成的。

Answer 1

This answer is meant for mini-programs. Use the chinese version of the documentation, the english versions are outdated.

First off, you'll need to prepare the following information. Note that there are two consoles involved: Wechat and Wechat Pay. These preparations will take a few days to process, so get them before you begin development on payment features.

1. App Id aka appid and App Secret : You can get it after your app has been submitted for approval in Wechat console.

2. Merchant Id aka mchid : You can get it after you have submited approval for a business account in Wechat Pay console, AND after you've linked your mini-program to your wechat pay account.

3. A CA certificate : Wechat Pay now uses a certificate issued by a CA, which can be generated from App Security in Wechat Pay console. It will automatically come with a apiclient_key.pem which is what you need, as well as a certificate serial number that you can find in the console.

4. Allocate a HTTPS fully qualified domain name on both Wechat and Wechat Pay console. Wechat Pay console. has a rather weird behaviour where it will prompt you for sms verification but after that you need to repeat the action that prompted you to enter sms.

Now you're ready to begin. You will need a server for this because only verified and approved HTTPS fully qualified domain names that has been registered in the Wechat console can be accessed from the mini-program

1. Get a temporary code from wx.login . This code will expire if you call wx.login again, so use wx.checkSession to check if the session is valid before you continue.

2. Now, make a GET request to https://api.weixin.qq.com/sns/jscode2session?appid=${appid}&secret=${appsecret}&js_code=${code}&grant_type=authorization_code ( https://developers.weixin.qq.com/miniprogram/en/dev/api-backend/open-api/login/auth.code2Session.html ). This will return you the openId required for access to other items.

3. At this point you should bind the openId to some internal id in your database.

4. Now you need to create a trading session. This is rather complicated ( https://pay.weixin.qq.com/wiki/doc/apiv3/apis/chapter3_5_1.shtml and https://pay.weixin.qq.com/wiki/doc/apiv3/wechatpay/wechatpay4_0.shtml ). This requires a custom authorisation scheme by Weixin. If you're using NodeJS, it looks like the following:

const { v4: uuidv4 } = require('uuid')
var crypto = require('crypto')
var fs = require('fs')

const pem = fs.readFileSync('./certs/apiclient_key.pem')
const key = pem.toString('ascii')

let minifiedRawData = JSON.stringify(JSON.parse(JSON.stringify(rawData)))
const currentUnixTime = parseInt((new Date().getTime() / 1000).toFixed(0))
const randomString = uuidv4()
// weixin uses a CA authorised certificate but uses a custom authorisation scheme.
let sign = crypto.createSign('RSA-SHA256')
sign.update(
  `POST\n/v3/pay/transactions/jsapi\n${currentUnixTime}\n${randomString}\n${minifiedRawData}\n`
)
const token = sign.sign(key, 'base64')
const r = await axios.post(
  `https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi`,
  rawData,
  {
    headers: {
      Authorization: `WECHATPAY2-SHA256-RSA2048 mchid="${mchid}",nonce_str="${randomString}",signature="${token}",timestamp="${currentUnixTime}",serial_no="${certSerialNumber}"`
    }
  }
)

Do note all error messages are in chinese. This will provide you with a prepay_id that you can finally use in your wechat application.

5. https://developers.weixin.qq.com/miniprogram/en/dev/api/open-api/payment/wx.requestPayment.html is wrong. Do not use this. This is already outdated. Use https://pay.weixin.qq.com/wiki/doc/apiv3/apis/chapter3_5_4.shtml instead. Use the same algorithm you've created in 4. to generate a signature. You need to send the randomString, timestamp, signature and prepay_id to the frontend for it to make the request using the mini program.

6. use wx.requestPayment and you're set.