From dde64031d4240865282c7f403ef284d176922416 Mon Sep 17 00:00:00 2001 From: "taylor.dang" Date: Fri, 27 Mar 2020 11:39:27 +0800 Subject: [PATCH] apidoc --- src/document/cn/apis.js | 6 ++++-- src/document/en/apis.js | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/document/cn/apis.js b/src/document/cn/apis.js index 36c8acdfb..b5a612d04 100644 --- a/src/document/cn/apis.js +++ b/src/document/cn/apis.js @@ -703,8 +703,10 @@ * @apiVersion 1.0.0 * @apiDescription * 若订单创建时提供了notify_url,系统会在用户支付成功后向这个地址主动发送支付成功状态推送,请求方式为POST - * 与服务器API不同,推送校验参数会包含在json内,商户系统应该验证校验参数,确定来源正确后再进行后续操作。 - * 商户系统收到请求后应按要求返回参数,若RoyalPay未收到合法参数,视为商户未接收成功,推送动作最多会重试3次,商户系统应当能够处理收到的重复请求。 + * 与服务器API不同,推送校验参数会包含在json内,商户系统应该验证校验参数,确定来源正确后再次进行订单接口查询确认订单支付状态再进行后续操作。 + * 商户系统收到请求后应按要求返回参数,若RoyalPay未收到合法参数,视为商户未接收成功,推送动作最多会重试3次,商户系统应当能够处理收到的重复请求 + * + * 建议在收到推送后主动调用查询接口确认支付状态,避免其他第三方伪造推送!!! * @apiHeader Accept application/json * @apiHeader Content-Type application/json * @apiParam (JSON) {long} time UTC时间戳 diff --git a/src/document/en/apis.js b/src/document/en/apis.js index 351482eb1..8c248a39e 100644 --- a/src/document/en/apis.js +++ b/src/document/en/apis.js @@ -714,6 +714,8 @@ * Different from Server APIs, sign parameters will be included in json entity. Partner system shall valid them to prevent fake requests. * Partner system shall response with correct parameters. If RoyalPay did not receive valid response, system will regard as receiving failed and retry the notification. * System will retry up to3 times. Partner system shall be able to handle the repeated requests. + * + * It is recommended to actively call the query API to confirm the payment status after receiving the push, so as to prevent other third parties from forging the push! * @apiHeader Accept application/json * @apiHeader Content-Type application/json * @apiParam (JSON) {long} time UTC timestamp in millis