#支付宝 周期扣款无线端唤起签约页面提示“免密支付安全验证”？

问题原因

通过签约接口(alipay.user.agreement.page.sign)拿到的签约URL不能直接使用在无线端唤起签约页面的场景中，需拼接跳转链接唤起，具体方式见 无线端唤起签约说明。

解决方案

检查签约url是否进行过跳转链接的拼接，格式如下：

alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=封装后的签约URL

无线端唤起签约流程说明：

1、通过sdk签名生成url方式，建议参考pageExecute（）方法如何get请求。

注：如果开发者使用开放平台官方 SDK则无需对参数进行 encode处理，否则需要对每个参数对应的 value 做一次encode(UTF-8)，转义如下：

http://openapi.alipay.com/gateway.do?biz_content={"access_params"%3A{"channel"%3A"ALIPAYAPP"}%2C"external_agreement_no"%3A"beijignditie_1"%2C"identity_params"%3A{"cert_no"%3A"610402196908019453"%2C"user_name"%3A"jbuflp"}%2C"personal_product_code"%3ACYCLE_PAY_AUTH_P"%2C"sign_scene"%3A"INDUSTRY|METRO"%2C"zm_auth_params"%3A{"buckle_app_id"%3A"1001164"%2C"buckle_merchant_id"%3A"268820000000414397785"}}&sign=CxxysLRx0P%2FdEuSTw%2FxsH%2ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%2BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%2F1RUI0sT%2FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%2FGsXQJ04c%3D&timestamp=2017-06-29+21%3A06%3A02&sign_type=RSA&charset=UTF-8&app_id=2017060101317939&method=alipay.user.agreement.page.sign&version=1.0

2、 除去http://openapi.alipay.com/gateway.do?，并将 http://openapi.alipay.com/gateway.do? 后面的所有参数作为入参，做一次整体的 encode(UTF-8)，如下段代码中所示

biz_content%3d%257B%2522access_params%2522%253A%257B%2522channel%2522%253A%2522ALIPAYAPP%2522%257D%252C%2522external_agreement_no%2522%253A%2522beijignditie_1%2522%252C%2522identity_params%2522%253A%257B%2522cert_no%2522%253A%2522610402196908019453%2522%252C%2522user_name%2522%253A%2522jbuflp%2522%257D%252C%2522personal_product_code%2522%253A%2522CYCLE_PAY_AUTH_P%2522%252C%2522sign_scene%2522%253A%2522INDUSTRY%257CMETRO%2522%252C%2522zm_auth_params%2522%253A%257B%2522buckle_app_id%2522%253A%25221001164%2522%252C%2522buckle_merchant_id%2522%253A%2522268820000000414397785%2522%257D%257D%26sign%3dCxxysLRx0P%252FdEuSTw%252FxsH%252ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%252BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%252F1RUI0sT%252FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%252FGsXQJ04c%253D%26timestamp%3d2017-06-29%2b21%253A06%253A02%26sign_type%3dRSA%26charset%3dUTF-8%26app_id%3d2017060101317939%26method%3dalipay.user.agreement.page.sign%26version%3d1.0

3、将第2步转义生成好的数据拼接在“alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=”后，拼接完整的数据如下：

alipays://platformapi/startapp?appId=60000157&appClearTop=false&startMultApp=YES&sign_params=biz_content%3d%257B%2522access_params%2522%253A%257B%2522channel%2522%253A%2522ALIPAYAPP%2522%257D%252C%2522external_agreement_no%2522%253A%2522beijignditie_1%2522%252C%2522identity_params%2522%253A%257B%2522cert_no%2522%253A%2522610402196908019453%2522%252C%2522user_name%2522%253A%2522jbuflp%2522%257D%252C%2522personal_product_code%2522%253A%2522CYCLE_PAY_AUTH_P%2522%252C%2522sign_scene%2522%253A%2522INDUSTRY%257CMETRO%2522%252C%2522zm_auth_params%2522%253A%257B%2522buckle_app_id%2522%253A%25221001164%2522%252C%2522buckle_merchant_id%2522%253A%2522268820000000414397785%2522%257D%257D%26sign%3dCxxysLRx0P%252FdEuSTw%252FxsH%252ButBXMDto5ez2fvtg5NmtxAhbp45BIUJfjM%252BKRsqNMTSPqtTXuOWxieUvFxTHA9aodPpc7Wbjx%252F1RUI0sT%252FYJI34PH2Xv0qtCMBT4wunP3J2ZKYByVNRKRGZ0etb0LuhuxPikSyQy8qKn%252FGsXQJ04c%253D%26timestamp%3d2017-06-29%2b21%253A06%253A02%26sign_type%3dRSA%26charset%3dUTF-8%26app_id%3d2017060101317939%26method%3dalipay.user.agreement.page.sign%26version%3d1.0

此时就是一个完整的访问地址，可通过scheme唤起，可现在浏览器测试是否可正常唤起签约页面。