← Back to Skills Marketplace
90
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ijpay-sdk
Description
支付接入技能 — 基于 IJPay SDK 封装微信支付、支付宝、QQ支付、银联、京东、PayPal 等主流支付渠道。触发场景包括:用户说"接入支付"、"配置支付"、"微信支付"、"支付宝"、"订单支付"、"支付回调"、"支付对账"、"IJPay"等关键词,或需要为项目添加在线支付功能时激活。
README (SKILL.md)
Pay Skill — 小龙虾支付接入技能
让小龙虾具备接入主流支付渠道的能力。基于 IJPay(Javen205 开源,6.4k⭐,Apache-2.0)封装。
支持的支付渠道
| 渠道 | 模块 | 签名方式 |
|---|---|---|
| 支付宝 | IJPay-AliPay |
RSA2 普通公钥 / 证书模式 |
| 微信支付 | IJPay-WxPay |
Api-v2 / Api-v3 |
| QQ 钱包 | IJPay-QQ |
API |
| 银联 | IJPay-UnionPay |
银联标准 |
| 京东支付 | IJPay-JDPay |
API |
| PayPal | IJPay-PayPal |
OAuth2 |
快速集成流程(Spring Boot)
1. 引入 Maven 依赖
\x3C!-- 按需引入以下依赖(选一个或多个) -->
\x3C!-- 完整包(含所有渠道) -->
\x3Cdependency>
\x3CgroupId>com.github.javen205\x3C/groupId>
\x3CartifactId>IJPay-All\x3C/artifactId>
\x3Cversion>2.9.12.1\x3C/version>
\x3C/dependency>
\x3C!-- 或按渠道引入(推荐,按需选择) -->
\x3Cdependency>
\x3CgroupId>com.github.javen205\x3C/groupId>
\x3CartifactId>IJPay-AliPay\x3C/artifactId>
\x3Cversion>2.9.12.1\x3C/version>
\x3C/dependency>
\x3Cdependency>
\x3CgroupId>com.github.javen205\x3C/groupId>
\x3CartifactId>IJPay-WxPay\x3C/artifactId>
\x3Cversion>2.9.12.1\x3C/version>
\x3C/dependency>
⚠️ 如果 Maven 无法拉取,检查是否配置了 JitPack 仓库:
\x3CpluginRepositories> \x3CpluginRepository> \x3Cid>jitpack.io\x3C/id> \x3Curl>https://jitpack.io\x3C/url> \x3C/pluginRepository> \x3C/pluginRepositories>
2. 配置参数(application-prod.yml)
# 支付宝配置
ali-pay:
app-id: 2021xxxxx # 支付宝应用AppID
server-url: https://openapi.alipay.com/gateway.do # 支付宝网关
private-key: MIIBIjANBgkq... # 应用私钥(RSA2)
alipay-public-key: MIIBIjANBgkq... # 支付宝公钥
sign-type: RSA2 # 签名方式
callback-url: https://your-domain.com/api/pay/ali-callback # 回调地址
# 微信支付配置
wx-pay:
app-id: wx1234567890abcdef # 微信应用AppID
mch-id: 1234567890 # 商户号
api-key: xxxxxxxx # APIv2 密钥(32位)
cert-path: /path/to/apiclient_cert.p12 # 证书路径(退款/红包用)
callback-url: https://your-domain.com/api/pay/wx-callback # 回调地址
🔐 私钥等敏感配置禁止硬编码,必须通过环境变量或配置中心注入。
3. 支付接口示例
支付宝 PC 网站支付
@RestController
@RequestMapping("/api/pay")
public class PayController {
@Value("${ali-pay.app-id}")
private String appId;
@Value("${ali-pay.private-key}")
private String privateKey;
@PostMapping("/create-ali")
public String createAliPayOrder(@RequestParam("orderId") String orderId,
@RequestParam("amount") BigDecimal amount) {
AliPayApiConfig config = AliPayApiConfig.builder()
.setAppId(appId)
.setPrivateKey(privateKey)
.setCharset("UTF-8")
.setServiceUrl("https://openapi.alipay.com/gateway.do")
.setSignType("RSA2")
.build();
AliPayApiConfigKit.setThreadLocalAliPayApiConfig(config);
AlipayTradePagePayRequest request = new AlipayTradePagePayRequest();
request.setBizContent(JSON.toJSONString(ImmutableMap.of(
"out_trade_no", orderId,
"product_code", "FAST_INSTANT_TRADE_PAY",
"total_amount", amount.toString(),
"subject", "FMT治疗费用"
)));
request.setReturnUrl("https://your-domain.com/pay/success");
AlipayTradePagePayResponse response = config.getAlipayClient().execute(request);
return response.isSuccess() ? response.getBody() : "支付创建失败";
}
@PostMapping("/ali-callback")
public String aliPayCallback(HttpServletRequest request) {
Map\x3CString, String> params = getParams(request);
if (TradeStatus.SUCCESS.name().equals(params.get("trade_status"))) {
String orderId = params.get("out_trade_no");
// ✅ 支付成功:更新订单状态
orderService.updatePaid(orderId);
}
return "success";
}
}
微信 H5 支付
@PostMapping("/create-wx")
public Map\x3CString, String> createWxPayOrder(@RequestParam("orderId") String orderId,
@RequestParam("amount") int amountFen) {
Map\x3CString, String> params = new HashMap\x3C>();
params.put("appid", wxAppId);
params.put("mchid", wxMchId);
params.put("description", "FMT治疗费用");
params.put("out_trade_no", orderId);
params.put("amount", JSON.toJSONString(ImmutableMap.of("total", amountFen, "currency", "CNY")));
params.put("notify_url", wxCallbackUrl);
WxPayApiV3Util v3Util = new WxPayApiV3Util();
String result = v3Util.push(wechatCertPath, wechatMchId, params);
Map\x3CString, Object> resp = JSON.parseObject(result);
return Collections.singletonMap("h5_url", ((Map)resp.get("h5")).get("h5_url"));
}
4. 支付回调处理
@PostMapping("/ali-callback")
public String aliCallback(HttpServletRequest request) {
if (!AliPayApiConfigKit.validateResponse(request)) {
return "fail";
}
if (!AlipaySignature.checksum(request.getParameterMap(), ...)) {
return "fail";
}
String status = request.getParameter("trade_status");
if (TradeStatus.TRADE_SUCCESS.name().equals(status)) {
String orderId = request.getParameter("out_trade_no");
orderService.markPaid(orderId, request.getParameter("trade_no"));
}
return "success";
}
@PostMapping("/wx-callback")
public String wxCallback(HttpServletRequest request) {
String body = StreamUtils.readToString(request.getInputStream());
if (WxPayApiKit.verifyNotify(body, signKey)) {
Map\x3CString, Object> data = JSON.parseObject(body);
if ("SUCCESS".equals(data.get("trade_state"))) {
orderService.markPaid((String)data.get("out_trade_no"), (String)data.get("transaction_id"));
}
}
return "success";
}
参考文档
| 文档 | 说明 | 何时读取 |
|---|---|---|
| ijpay-guide.md | IJPay 完整指南(项目结构/版本/Maven坐标) | 首次集成时 |
| alipay-guide.md | 支付宝完整接入(6个支付场景/字段详解/沙箱) | 选择支付宝时 |
| wxpay-guide.md | 微信支付完整接入(Api-v2/v3差异/场景/证书) | 选择微信时 |
| callback-handler.md | 支付回调高级处理(幂等/并发/补偿) | 实现回调时 |
常用场景决策
需要接入支付?
│
├── 支付宝 ✅ → 优先推荐(个人/企业均可,费率低)
│ 参考:references/alipay-guide.md
│
├── 微信支付 ✅ → 必须有商户号,支持H5/小程序/App
│ 参考:references/wxpay-guide.md
│
├── 银联/京东/PayPal → 参考 references/ijpay-guide.md
│
└── 小程序内支付 → 微信支付服务商模式,参考 wxpay-guide.md
快速检查清单
- Maven 依赖已添加(IJPay-AliPay / IJPay-WxPay)
- 沙箱环境测试通过(先用沙箱,不花钱)
- 生产环境 AppID + 商户号 + 密钥配置完成
- 支付回调 URL 已填写(必须是公网可访问 HTTPS)
- 回调接口已加幂等处理(防止重复通知)
- 微信退款/企业付款需上传证书到服务器
- 支付宝签名验签通过
- 日志记录完整(支付请求/回调/异常)
Usage Guidance
This skill is a documentation/integration guide for IJPay and is internally consistent, but take these precautions before using it: 1) Verify the IJPay artifacts you add (use the official GitHub repo/releases) and avoid pulling unvetted packages from unknown forks; 2) Never hardcode private keys/API keys in source — use environment variables, a secrets manager, or a configuration center with appropriate access controls; 3) Protect logs: the examples log raw callback bodies (which may contain PII/payment data) — ensure logs are access-controlled and consider redacting sensitive fields; 4) Secure your callback endpoints: use HTTPS, signature verification, IP whitelisting where supported, and implement idempotency as shown; 5) Review build-time dependencies (JitPack) and confirm versions and checksums before deploying to production; 6) Because the skill source/homepage is unknown, treat the content as guidance only — cross-check sample code against the official IJPay repo and your organization’s security policies before applying in production.
Capability Analysis
Type: OpenClaw Skill
Name: ijpay-sdk
Version: 1.0.0
The ijpay-sdk skill bundle provides legitimate documentation and code templates for integrating the IJPay open-source payment library (com.github.javen205) into Spring Boot applications. It includes detailed guides for AliPay and WeChat Pay integration (SKILL.md, alipay-guide.md, wxpay-guide.md), emphasizing security best practices such as signature verification and avoiding hardcoded secrets. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description match the provided content: the files are integration guides and sample code for IJPay (Alipay, WeChat, QQ, UnionPay, JD, PayPal). The skill is documentation-only so it sensibly does not require binaries or environment variables. Nothing requested is unrelated to payment integration.
Instruction Scope
SKILL.md and reference files contain concrete integration steps and sample code (Maven deps, config keys, callback handlers). They instruct handling sensitive keys via env/config (correct). Minor caution: examples log raw callback payloads and suggest quick 'success' responses and asynchronous processing — while normal for payment callbacks, logging raw bodies can expose PII/payment data if logs are not protected. The instructions do not ask the agent to read system files or exfiltrate secrets.
Install Mechanism
There is no install spec and no code shipped to execute — lowest-risk. The docs recommend adding IJPay dependencies (via JitPack/GitHub) at build time, which is expected for a library integration; users should validate the upstream artifact/source when adding these dependencies.
Credentials
The skill does not declare or require any environment variables or credentials. The sample code and guides correctly show that integration will require sensitive values (private keys, API keys, merchant IDs) — these are proportional and expected for payment integration, but must be provided/stored securely by the project owner.
Persistence & Privilege
always:false and default invocation settings are used. The skill is documentation-only and does not request persistent system presence or modify other skills/configurations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ijpay-sdk - After installation, invoke the skill by name or use
/ijpay-sdk - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: supports Alipay/WeChatPay/QQPay/UnionPay/JDPay/PayPal with Spring Boot integration guide
Metadata
Frequently Asked Questions
What is IJPay支付SDK?
支付接入技能 — 基于 IJPay SDK 封装微信支付、支付宝、QQ支付、银联、京东、PayPal 等主流支付渠道。触发场景包括:用户说"接入支付"、"配置支付"、"微信支付"、"支付宝"、"订单支付"、"支付回调"、"支付对账"、"IJPay"等关键词,或需要为项目添加在线支付功能时激活。 It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.
How do I install IJPay支付SDK?
Run "/install ijpay-sdk" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is IJPay支付SDK free?
Yes, IJPay支付SDK is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does IJPay支付SDK support?
IJPay支付SDK is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created IJPay支付SDK?
It is built and maintained by mingyuan (@zmy1006-sudo); the current version is v1.0.0.
More Skills