收钱吧-回调验签修复

liquidnet-bus-common/liquidnet-common-third/liquidnet-common-third-sqb/src/main/java/com/liquidnet/common/third/sqb/biz/SqbBiz.java

@@ -423,8 +423,11 @@ public class SqbBiz {
      * 收钱吧回调推送验签
      */
     public boolean verifySignature(CallbackParams callbackParams) {
-        // 签名原串 = eventId + timestamp + nonce + content
-        String plaintext = callbackParams.getEventId() + callbackParams.getTimestamp() + callbackParams.getNonce() + callbackParams.getContent();
+        // 签名原串 = eventId + timestamp + nonce + content（必须字符串拼接；Long+Long 会先按数字相加）
+        String plaintext = String.valueOf(callbackParams.getEventId())
+                + String.valueOf(callbackParams.getTimestamp())
+                + callbackParams.getNonce()
+                + callbackParams.getContent();
         return verifySignatureSHA256WithRSA(plaintext, callbackParams.getSignature(), sqbConfig.getPublicKey());
     }
 

liquidnet-bus-service/liquidnet-service-order/liquidnet-service-order-impl/src/main/java/com/liquidnet/service/order/service/impl/GoblinSqbOrderServiceImpl.java

@@ -429,6 +429,7 @@ public class GoblinSqbOrderServiceImpl implements IGoblinSqbOrderService {
 
         // 可能需要根据收钱吧的orderSn查询正在的orderId
         final String orderId = goblinSqbRedisUtils.getOrderIdBySqbOrderSn(sqbOrderSn);
+        if (StringUtil.isBlank(orderId)) return ResponseDto.failure("订单不存在");
 
         GoblinSqbOrderVo orderVo = goblinSqbRedisUtils.getSqbOrder(orderId);
         if (orderVo == null) return ResponseDto.failure("订单不存在");