首先这里硬编码的session_key和open_id是由客户端发出请求，得到code，然后后端通过接口调用得到的openid和对应desession_key.


var appsecret = "1234567890xxxxxxxxxxx";
var session_key = "1234567890xxxxxxxxxxx";
var openid ="1234567890xxxxxxxxxxx";
var appid = "1234567890xxxxxxxxxxx";
var offer_id ="1234567890xxxxxxxxxxx";
var ts = parseInt(Date.now()/1000);
var zone_id = "1";
var pf = "android";
var amt = 10;
var bill_no = "angus123";
var misecret = "1234567890xxxxxxxxxxx"; // 米大师密钥
var apiUrl = "/cgi-bin/midas/sandbox/pay?access_token=";


var sig;
var mp_sig;


function makeSig(amt, appid, bill_no, offer_id, openid, pf, ts, zone_id, access_token, session_key) {


console.log('-----------------begin to makeSig ---------------\n');
var stringA = ""
stringA += "amt=" + amt + "&";
stringA += "appid=" + appid + "&";
stringA += "bill_no=" + bill_no + "&";
stringA += "offer_id=" + offer_id + "&";
stringA += "openid=" + openid + "&";
stringA += "pf=" + pf + "&";
stringA += "ts=" + ts + "&";
stringA += "zone_id=" + zone_id;


console.log("---------stringA is:\n" + stringA);
var stringSignTemp = stringA + "&org_loc="+ apiUrl + access_token + "&method=POST&secret=" + misecret;
console.log("---------stringSignTemp is :\n" + stringSignTemp);


var signer = cryptImp.createHmac('sha256', misecret);
sig = signer.update(stringSignTemp).digest('hex');
console.log("---------sig is:\n" + sig);


//-----------------------------------------------------


var stringB = "access_token=" + access_token + "&";
stringB += "amt=" + amt + "&";
stringB += "appid=" + appid + "&";
stringB += "bill_no=" + bill_no + "&";
stringB += "offer_id=" + offer_id + "&";
stringB += "openid=" + openid + "&";
stringB += "pf=" + pf + "&";
stringB += "sig=" + sig + "&";
stringB += "ts=" + ts + "&";
stringB += "zone_id=" + zone_id;


console.log("-----------stringB is:\n" + stringB);
var stringSignTempB = stringB + "&org_loc=" + apiUrl + access_token + "&method=POST&session_key=" + session_key;
console.log("-----------stringSignTempB is:\n" + stringSignTempB);


var signer2 = cryptImp.createHmac('sha256', session_key);
mp_sig = signer2.update(stringSignTempB).digest('hex');
console.log("-----------mp_sig is :" + mp_sig);


};


const get_access_token_options = {
hostname: 'api.weixin.qq.com',
port: 443,
path: '/cgi-bin/token?grant_type=client_credential&appid='+appid+'&secret='+appsecret,
method: 'GET'
};



const req = https.request(get_access_token_options, function (res) {
res.on('data', function (d) {
var access_token = JSON.parse(d).access_token; /*这里得到access_token*/
console.log("----------the access_token is : \n" + access_token);
{
makeSig(amt, appid, bill_no, offer_id, openid, pf, ts, zone_id, access_token, session_key);
post_sandbox_body = JSON.stringify({
"access_token": access_token,
"amt": amt,
"appid": appid,
"bill_no": bill_no,
"offer_id": offer_id,
"openid": openid,
"pf": pf,
"ts": ts,
"zone_id": zone_id,
"sig": sig,
"mp_sig": mp_sig
});


const post_sandbox_options = {
hostname: 'api.weixin.qq.com',
port: 443,
path: '/cgi-bin/midas/sandbox/pay?access_token=' + access_token,
method: 'POST',
headers: {
'Content-Type':'application/octet-stream',/* 使用application/json也出错 */
'Content-Length':Buffer.byteLength(post_sandbox_body),
}
};


console.log("---------post_sandbox_options is:"+JSON.stringify(post_sandbox_options));
console.log("---------post_sandbox_body is :"+ post_sandbox_body);
console.log("---------post_path is:" + post_sandbox_options.path);


var post_req = https.request(post_sandbox_options,function(res){
//res.setEncoding('utf8');
var _data="";
res.on('data',function(thunk){
_data+=thunk;
});


res.on('end',function(){
console.log(JSON.parse(_data));
});
});


post_req.write(post_sandbox_body);
post_req.end();
}
});
});


req.on('error', function (e) {
console.error(e);
});
req.end();


返回错误：
{ errcode: 90009,
errmsg: 'mp_sig error hint: [d5I4Fa05393037]' }


请官方或者各路大神帮忙看看，是否由问题。

项目马上要收费了，迫在眉睫啊。
再次跪求，谢谢！

微信小程序开发问题解答

本文网址：http://www.91bianli.com/weixinxiaochengxu/22471.html