本文共 1800 字，大约阅读时间需要 6 分钟。

最近flask项目在使用支付宝沙箱支付时出现了以下问题：

def verify(self, data, signature):    if "sign_type" in data:        sign_type = data.pop("sign_type")        if sign_type != self._sign_type:            raise AliPayException(None, "Unknown sign type: {}".format(sign_type))        # 排序后的字符串        unsigned_items = self._ordered_data(data)        message = "&".join(u"{}={}".format(k, v) for k, v in unsigned_items)        return self._verify(message, signature)

verify函数接收两个变量，其中data是支付宝发送过的除了sign(签名信息)以外的其他信息，signature是支付宝发送过来的签名信息，verify函数会更具data信息来生成一个前面信息和支付宝的signature做比较，如果相等则返回true，不相等返回false。

def verify(self, data, signature):        # if "sign_type" in data:        #     sign_type = data.pop("sign_type")        #     if sign_type != self._sign_type:        #         raise AliPayException(None, "Unknown sign type: {}".format(sign_type))        # 排序后的字符串        unsigned_items = self._ordered_data(data)        message = "&".join(u"{}={}".format(k, v) for k, v in unsigned_items)        return self._verify(message, signature)

支付宝请求的网址如下：GET /payComplete.html?charset=utf-8&out_trade_no=25&method=alipay.trade.wap.pay.return&total_amount=5000.00&sign=TqQXWB0glO95D3usCbvES38L%2BZn4XjG8mR%2FhoTMmbR8CU0GJePMFTcN%2Flh%2FoaebCzZcQytmO2QV1DRdyJJhaVx618T0t0WlV4V%2F4ItVZbWt8VfUOJUD8Mvv5c1qmPwIo05FaoIa9crF6qX8SWKweSiuaU7bRFbmwGfIYGE1Ga00f7HpqH3BOUs6eT4KkmUq5mVVLIOPftsPyQDF9zs%2FYlcnHGsBb4RRMS1uRGASNuoax6VrPpOKC%2BpsMqAoROB5SPC2FZTBEKd48rEZ6MaGA9zdTnbKGyWajJ2lmZZwfjbKpgsDkCFgD%2F2VL4upxfDwMoqRv%2Fbn3F%2F4sDD%2FUCpUMPg%3D%3D&trade_no=2020090722001475820501161374&auth_app_id=2016101900722989&version=1.0&app_id=2016101900722989&sign_type=RSA2&seller_id=2088102180276586&timestamp=2020-09-07+11%3A22%3A56 HTTP/1.1" 200 -

如果有不对的地方希望大家多多指教！

转载地址：http://eihoz.baihongyu.com/