fix: validate wxpay payments against order snapshots

2026-04-21 12:57:35 +08:00
parent 35aeeaa6e1
commit 119f784d19
9 changed files with 239 additions and 22 deletions
--- a/backend/internal/service/payment_fulfillment_test.go
+++ b/backend/internal/service/payment_fulfillment_test.go
@@ -264,3 +264,46 @@ func TestExpectedNotificationProviderKeyForOrderUsesSnapshotProviderKey(t *testi
 		expectedNotificationProviderKeyForOrder(registry, order, ""),
 	)
 }
+
+func TestValidateProviderNotificationMetadataRejectsWxpaySnapshotMismatch(t *testing.T) {
+	t.Parallel()
+
+	order := &dbent.PaymentOrder{
+		PaymentType: payment.TypeWxpay,
+		ProviderSnapshot: map[string]any{
+			"schema_version":  1,
+			"merchant_app_id": "wx-app-expected",
+			"merchant_id":     "mch-expected",
+			"currency":        "CNY",
+		},
+	}
+
+	err := validateProviderNotificationMetadata(order, payment.TypeWxpay, map[string]string{
+		"appid":       "wx-app-other",
+		"mchid":       "mch-expected",
+		"currency":    "CNY",
+		"trade_state": "SUCCESS",
+	})
+	assert.ErrorContains(t, err, "wxpay appid mismatch")
+}
+
+func TestValidateProviderNotificationMetadataAllowsLegacyOrdersWithoutSnapshotFields(t *testing.T) {
+	t.Parallel()
+
+	order := &dbent.PaymentOrder{
+		PaymentType: payment.TypeWxpay,
+		ProviderSnapshot: map[string]any{
+			"schema_version":       1,
+			"provider_instance_id": "9",
+			"provider_key":         payment.TypeWxpay,
+		},
+	}
+
+	err := validateProviderNotificationMetadata(order, payment.TypeWxpay, map[string]string{
+		"appid":       "wx-app-runtime",
+		"mchid":       "mch-runtime",
+		"currency":    "CNY",
+		"trade_state": "SUCCESS",
+	})
+	assert.NoError(t, err)
+}