支付宝订单监控
API 版
更新: 2025-04-03 17:00:09 字数: 0 字 时长: 0 分钟
一个服务,多账户登录和管理,基于 .NET 8.0 最小 API 开发,高性能、内存占用小。
参数签名
- 采用
HMACSHA256
加密 - 验证时间戳(timestamp)是否在允许的时间窗口内(默认 5 分钟有效)
- 验证随机字符串(nonce),重复的请求会验证失败,推荐使用
GUID
签名规则
- 1、将所有请求参数按照
字典序升序
排列并对参数的值进行URI
编码 - 2、用
&
符号对参数名和参数值进行拼接,例如:nonce=16fec978-6f0d-40b4-8b8e-d1539f54bbf0×tamp=1743568955 - 3、对拼接好的字符串进行
HMACSHA256
签名 - 4、可以使用 HMACSHA256 在线加密工具 校验签名的准确性
请求示例
一个标准的 POST
请求必须包含以下 Body
参数:
json
{
"nonce": "12a3d10f-0bf0-48a6-bc2d-1fef1ae6ab7d",
"timestamp": "1743665207",
"sign": "496a602f817ce3a1dac5987f74bbc0cef6fa56c875a1a06e49b1bd874deafb6d"
}
参数签名代码示例
C#
static void SignatureParameters(Dictionary<string, string?> parameters)
{
var secretKey = "签名秘钥";
parameters.Add("nonce", Guid.NewGuid().ToString());
parameters.Add("timestamp", DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString());
// 排序并编码参数
var sortedParams = parameters.OrderBy(p => p.Key).ToDictionary(p => p.Key, p => Uri.EscapeDataString(p.Value?.ToString() ?? ""));
// 拼接参数
var signString = string.Join("&", sortedParams.Select(p => $"{p.Key}={p.Value}"));
// 计算签名
using var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(secretKey));
byte[] hashBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(signString));
var clientSign = BitConverter.ToString(hashBytes).Replace("-", "").ToLower();
parameters.Add("sign", clientSign);
}
接口文档
目前只支持 POST
请求, Content-Type
为 application/json
创建登录二维码
- 接口路径:/api/account/qrcode/create
- 请求方式:POST
- 请求 Bodyjson
{ "nonce": "9c1a419f-668a-4e97-bebe-ba16e93f1ef3", "timestamp": "1743665614", "sign": "0ecb66499ee641ff7c13bb5e295c2bc78d20797d46ffd71eb6cba40010d6c728" }
- 请求返回json
{ "data": { "key": "f1e09464-2205-4379-aa40-f3ce73f18ab8", "qrCodeString": "data:image/jpg;base64,iVBORw0KGgoAAAANSUh......" }, "code": 0, "message": "成功" }
检查登录扫码状态
- 接口路径:/api/account/qrcode/check
- 请求方式:POST
- 请求 Bodyjson
{ "key": "f1e09464-2205-4379-aa40-f3ce73f18ab8", "nonce": "777a5966-a17e-46a6-986b-bb75e76c0511", "timestamp": "1743663927", "sign": "514b5f6c748bb89906622fca88ce50f4b52b9a2a612127408a343e078aea2c81" }
- 请求返回json
{ "code": 1, "message": "未登录" }
获取账户列表
- 接口路径:/api/account/page/get
- 请求方式:POST
- 请求 Bodyjson
{ "page": "1", "size": "20", "nonce": "b4459a27-47b4-42d4-83f9-79899d685c83", "timestamp": "1743664083", "sign": "53a3a318682883f8ec5d3e010d0ca04d5c114b8e36b755e0d1a5eceab6ed58e4" }
- 请求返回json
{ "total": 1, "data": [ { "id": "1661424094438100992", "mId": "76ddfth888acbec7aac39f2c1bc17516", "uId": "2088652424583801", "aId": "1684996247610966", "key": "290e7770cee74167a04a225c0bed3c43", "avatar": "https://tfs.alipayobjects.com/images/......", "userName": "138******98", "realName": "个人账户 | **平", "balance": 9.48, "status": 0, "statusRemark": "未登录", "qrCodeString": null, "interval": 30, "lastLoginTime": "2023-05-31 09:19:28", "createTime": "2023-05-25 11:29:08" } ], "code": 0, "message": "成功" }
退出所有登录账户
- 接口路径:/api/account/logout/all
- 请求方式:POST
- 请求 Bodyjson
{ "nonce": "6bb0f99a-9785-4c2d-9e37-c3d54671e165", "timestamp": "1743664116", "sign": "7e3047d03c3ffa7b2f5cd3051e9c72a5e305a3a21e270d83fb91e4aa16d1add2" }
- 请求返回json
{ "code": 0, "message": "成功" }
退出指定登录账户
- 接口路径:/api/account/logout/single
- 请求方式:POST
- 请求 Bodyjson
{ "key": "f1e09464-2205-4379-aa40-f3ce73f18ab8", "nonce": "485c0488-1a49-4b78-838f-8489f3e4ca82", "timestamp": "1743664152", "sign": "1c88e488f99693b3129d966c0d528517eaae1ecd82f21d84626dbcbfc53ad0e7" }
- 请求返回json
{ "code": 0, "message": "成功" }
获取订单列表
- 接口路径:/api/order/page/get
- 请求方式:POST
- 请求 Bodyjson
{ "uid": "", "remark": "", "page": "1", "size": "20", "nonce": "745d9a7f-e823-492c-95dd-ca9256d82bda", "timestamp": "1743663398", "sign": "ba1616132ca357a13f5b39f7846d676c23a743783f7a4d83b076e364006d12db" }
- 请求返回json
{ "total": 1, "data": [ { "id": "1661578076565409792", "accountId": "1661424094438100992", "orderNo": "流水号:20230546400040011100440036983750", "orderName": "AS1234567890", "toUserName": "清风徐来", "orderType": 1, "amount": 0.01, "remark": "AS1234567890", "status": "交易成功", "postStatus": 1, "postStatusRemark": "回调成功", "orderTime": "2023-05-25 11:40:00", "createTime": "2023-05-25 11:40:58" } ], "code": 0, "message": "成功" }
获取订单安全二维码
- 接口路径:/api/order/security/scan
- 请求方式:POST
- 请求 Bodyjson
{ "key": "f1e09464-2205-4379-aa40-f3ce73f18ab8", "nonce": "dc75d8ad-9ba5-46a5-823e-e16ff0eced69", "timestamp": "1743664195", "sign": "7b8b67e560939a974fb664b9c461d8baef451cc7689d22e964e2a73a773d1a6f" }
- 请求返回json
{ "data": { "qrCodeString": "data:image/jpg;base64,iVBORw0KGgoAAAANSUh......" }, "code": 0, "message": "成功" }
检查订单扫码状态
- 接口路径:/api/order/security/check
- 请求方式:POST
- 请求 Bodyjson
{ "key": "f1e09464-2205-4379-aa40-f3ce73f18ab8", "nonce": "6b6f4daa-6b39-4b1e-8de3-04bda0168d2f", "timestamp": "1743664218", "sign": "08c239aec3a76e7a16718d285374a44ce091eedb092bb366c23ecbdc4fe3a25d" }
- 请求返回json
{ "code": 0, "message": "状态正常" }
手动回调订单
- 接口路径:/api/order/notify/manual
- 请求方式:POST
- 请求 Bodyjson
{ "id": "1867467836251836416", "nonce": "2893abce-0366-41cf-8e19-ce38c306b9b2", "timestamp": "1743664431", "sign": "2c229c6c5d2e1decf1de85fdfc4cc7a1df18522ff4dff4ab7af349778efd51b5" }
- 请求返回json
{ "code": 0, "message": "成功" }
获取接口异常日志
- 接口路径:/api/log/page/get
- 请求方式:POST
- 请求 Bodyjson
{ "page": "1", "size": "20", "nonce": "010cd9b2-8ba5-498e-8cf4-59a4fd847f8e", "timestamp": "1743666023", "sign": "bfe3a661a8c8f9a31fdf85f009289a8872d6d2116ecffcd5f0755d92bdf66ceb" }
- 请求返回json
{ "total": 1, "data": [ { "id": "1907692162322141184", "message": "", "stackTrace": "", "innerException": "", "exceptionType": "", "requestIP": "", "requestPath": "", "requestMethod": "", "requestQuery": "", "requestBody": "", "userAgent": "", "createTime": "2025-04-03 15:10:29" } ], "code": 0, "message": "成功" }
回调说明
- 请求方式:POST
- Content-Type:application/json
向指定 url 地址的服务器发送回调请求,服务器响应成功时,请返回 HTTP 状态码:200
服务器心跳
服务器每次请求订单时,会向指定 url 地址请求并回调服务器健康状态,当请求订单出现异常时,心跳回调停止。
回调参数:
json
{
"id": "账户id",
"aid": "支付宝唯一标识id",
"uid": "账户唯一标识id",
"mid": "机器码",
"key": "key",
"name": "账户名",
"real": "真实姓名",
"balance": "账户余额",
"status": 0,
"timestamp": 1743666023,
"msg": "心跳正常"
}
订单回调
服务器每次请求订单时,如果有新的订单,会向指定 url 地址请求并回调订单信息,当请求订单出现异常时,订单回调停止。
*注:默认有 3 次失败重试,如果 3 次都响应失败,直接失败处理。
回调参数:
json
{
"id": "账户id",
"aid": "支付宝唯一标识id",
"uid": "账户唯一标识id",
"mid": "机器码",
"key": "key",
"name": "账户名",
"real": "真实姓名",
"balance": "账户余额",
"status": 1,
"timestamp": 1743666023,
"msg": "有新的订单",
"order": {
"no": "订单号",
"name": "订单名称",
"amount": "交易金额",
"type": "交易类型:1收入,2支出",
"time": "交易时间",
"state": "交易状态",
"toname": "对方账户名",
"remark": "备注"
}
}
扫码安全验证
服务器每次请求订单时,如果出现订单异常,需要安全扫码验证时,会向指定 url 地址请求并回调二维码信息,当请求订单正常时,扫码回调停止。
回调参数:
json
{
"id": "账户id",
"aid": "支付宝唯一标识id",
"uid": "账户唯一标识id",
"mid": "机器码",
"key": "key",
"name": "账户名",
"real": "真实姓名",
"balance": "账户余额",
"status": 2,
"timestamp": 1743666023,
"msg": "扫码安全验证",
"code": "data:image/jpg;base64,iVBORw0KGgoAAAANSUh......"
}
环境部署
目前只支持 Windows
服务器部署,Docker
容器部署版本正在努力研发中,敬请期待!
Windows Server 服务器
部署前,请先安装 Chrome 浏览器,支持独立包部署,不依赖任何 .NET
环境
部署包包含 exe
可执行文件,双击运行即可启动接口服务
支持分布式部署,每台服务器相对独立,互不影响
Linux Docker 容器
正在努力研发中,敬请期待!
开始试用
可提供免费试用版本,有需要可联系。