Начало Каталог Помощ
Регистрация Вход
zhengwentao
/
game-sdk
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
Клон: master
Клонове Маркери
game-sdk
/
simplewind
/
extend
/
huoMpay
/
MpaySign.php

MpaySign.php 9.3 KB
Постоянна връзка История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * MpaySign.php UTF-8
    4. 

  4.  * 米大师支付签名
    5. 

  5.  *
    6. 

  6.  * @date    : 2018/8/16 11:26
    7. 

  7.  *
    8. 

  8.  * @license 这不是一个自由软件,未经授权不许任何使用和传播。
    9. 

  9.  * @author  : wuyonghong <wyh@huosdk.com>
    10. 

  10.  * @version : HuoMp 1.0
    11. 

  11.  */
    12. 

  12. 

  13. namespace huoMpay;
    14. 

  14. 

  15. use huolib\constant\CacheConst;
    16. 

  16. use huolib\status\OrderStatus;
    17. 

  17. use think\Cache;
    18. 

  18. use think\Controller;
    19. 

  19. use think\Log;
    20. 

  20. 

  21. class MpaySign extends Controller {
    22. 

  22.     private static $url    = "https://api.weixin.qq.com";
    23. 

  23.     private static $method = "POST";
    24. 

  24. 

  25.     /**
    26. 

  26.      * @param string $uri
    27. 

  27.      * @param array  $params
    28. 

  28.      * @param string $app_secret    小游戏AppSecret
    29. 

  29.      * @param string $midas_app_key 米大师AppKey
    30. 

  30.      * @param string $session_key
    31. 

  31.      *
    32. 

  32.      * @return int|mixed
    33. 

  33.      */
    34. 

  34.     public static function apiPay($uri = '', $params = [], $app_secret, $midas_app_key, $session_key) {
    35. 

  35.         $_method = strtoupper(self::$method);
    36. 

  36.         if (empty($params['openid'])
    37. 

  37.             || empty($params['appid'])
    38. 

  38.             || empty($params['offer_id'])
    39. 

  39.             || empty($params['ts'])
    40. 

  40.             || empty($params['zone_id'])
    41. 

  41.             || empty($params['pf'])) {
    42. 

  42.             Log::write(
    43. 

  43.                 "func=".__FUNCTION__."&class=".__CLASS__."&step=1&method=$_method&uri=$uri&params=".json_encode($params)
    44. 

  44.                 ."&app_secret=$app_secret"."&secret=$midas_app_key", Log::ERROR
    45. 

  45.             );
    46. 

  46.             $_rdata = [
    47. 

  47.                 'code' => OrderStatus::INVALID_PARAMS,
    48. 

  48.                 'msg'  => OrderStatus::getMsg(OrderStatus::INVALID_PARAMS)
    49. 

  49.             ];
    50. 

  50. 

  51.             return $_rdata;
    52. 

  52.         }
    53. 

  53.         $_access_token = self::getAccessToken($params['appid'], $app_secret);
    54. 

  54.         if (false == $_access_token) {
    55. 

  55.             $_rdata = [
    56. 

  56.                 'code' => OrderStatus::ACCESS_TOKEN_GET_ERROR,
    57. 

  57.                 'msg'  => OrderStatus::getMsg(OrderStatus::ACCESS_TOKEN_GET_ERROR)
    58. 

  58.             ];
    59. 

  59. 

  60.             return $_rdata;
    61. 

  61.         }
    62. 

  62.         $_params = $params;
    63. 

  63.         $_params['sig'] = self::makeSign($_method, $uri, $_params, $midas_app_key);
    64. 

  64.         $_params['access_token'] = $_access_token;
    65. 

  65.         $_params['mp_sig'] = self::makeMpSign($_method, $uri, $_params, $session_key);
    66. 

  66.         $_url = self::$url.$uri.'?access_token='.$_access_token;
    67. 

  67.         unset($_params['access_token']);
    68. 

  68.         $_query_param_json = json_encode($_params);
    69. 

  69.         Log::write("==========Request Info==========\n url:$_url,query_string:$_query_param_json", Log::WECHAT);
    70. 

  70.         $header = ['Content-Type: application/octet-stream; charset=utf-8'];
    71. 

  71.         $_ret = self::curl($_url, $_query_param_json, 'POST', $header);
    72. 

  72.         Log::write('The resp is '.$_ret, Log::WECHAT);
    73. 

  73.         $_ret_arr = json_decode($_ret, true);
    74. 

  74.         // 远程返回的不是 json 格式, 说明返回包有问题
    75. 

  75.         if (is_null($_ret_arr)) {
    76. 

  76.             $_rdata = array(
    77. 

  77.                 'code' => OPENAPI_ERROR_RESPONSE_DATA_INVALID,
    78. 

  78.                 'msg'  => $_ret
    79. 

  79.             );
    80. 

  80. 

  81.             return $_rdata;
    82. 

  82.         }
    83. 

  83.         if ('0' != $_ret_arr['errcode']) {
    84. 

  84.             $_rdata = [
    85. 

  85.                 'code' => $_ret_arr['errcode'],
    86. 

  86.                 'msg'  => 'midas error!'.$_ret_arr['errmsg']
    87. 

  87.             ];
    88. 

  88. 

  89.             return $_rdata;
    90. 

  90.         }
    91. 

  91.         $_rdata = [
    92. 

  92.             'code' => OrderStatus::NO_ERROR,
    93. 

  93.             'msg'  => $_ret_arr['errmsg'],
    94. 

  94.             'data' => $_ret_arr,
    95. 

  95.         ];
    96. 

  96. 

  97.         return $_rdata;
    98. 

  98.     }
    99. 

  99. 

  100.     /**
    101. 

  101.      * 获取 access_token
    102. 

  102.      * https://developers.weixin.qq.com/miniprogram/dev/api/token.html
    103. 

  103.      *
    104. 

  104.      * @param string $appid      第三方用户唯一凭证
    105. 

  105.      * @param string $app_secret 第三方用户唯一凭证密钥,即appsecret
    106. 

  106.      *
    107. 

  107.      * @return string|bool
    108. 

  108.      */
    109. 

  109.     public static function getAccessToken($appid, $app_secret) {
    110. 

  110.         $_cache_key = CacheConst::CACHE_ACCESS_TOKEN_PREFIX.$appid;
    111. 

  111.         $_data = Cache::get($_cache_key);
    112. 

  112.         if (!empty($_data)) {
    113. 

  113.             $_data = json_decode($_data, true);
    114. 

  114.             $_now_time = time();
    115. 

  115.             if (isset($_data['expires_time']) && $_now_time < $_data['expires_time']) {
    116. 

  116.                 return $_data['access_token'];
    117. 

  117.             }
    118. 

  118.         }
    119. 

  119.         $_url = 'https://api.weixin.qq.com/cgi-bin/token';
    120. 

  120.         $_param['grant_type'] = 'client_credential';
    121. 

  121.         $_param['appid'] = $appid;
    122. 

  122.         $_param['secret'] = $app_secret;
    123. 

  123.         $_rdata = self::curl($_url, http_build_query($_param));
    124. 

  124.         $_rdata = json_decode($_rdata, true);
    125. 

  125.         if (!isset($_rdata['access_token'])) {
    126. 

  126.             Log::write(
    127. 

  127.                 "func=".__FUNCTION__."&class=".__CLASS__."&step=1&appid=$appid&app_secret=$app_secret".
    128. 

  128.                 json_encode($_rdata), Log::ERROR
    129. 

  129.             );
    130. 

  130. 

  131.             return false;
    132. 

  132.         }
    133. 

  133.         $_data['access_token'] = $_rdata['access_token'];
    134. 

  134.         $_data['expires_in'] = $_rdata['expires_in'];
    135. 

  135.         $_data['expires_time'] = time() + $_rdata['expires_in'];
    136. 

  136.         $_rs = Cache::set($_cache_key, json_encode($_data));
    137. 

  137.         if (false == $_rs) {
    138. 

  138.             return false;
    139. 

  139.         }
    140. 

  140. 

  141.         return $_data['access_token'];
    142. 

  142.     }
    143. 

  143. 

  144.     /**
    145. 

  145.      * CURL请求
    146. 

  146.      *
    147. 

  147.      * @param string $url    请求的URL
    148. 

  148.      * @param string $params 请求的参数
    149. 

  149.      * @param string $is_get 是否是get请求
    150. 

  150.      * @param array  $header 头
    151. 

  151.      *
    152. 

  152.      * @return int|mixed
    153. 

  153.      */
    154. 

  154.     public static function curl($url, $params, $is_get = "GET", $header = []) {
    155. 

  155.         $_header = $header;
    156. 

  156.         $ch = curl_init();
    157. 

  157.         if ("GET" == $is_get) {
    158. 

  158.             $url = $url.'?'.$params;
    159. 

  159.             curl_setopt($ch, CURLOPT_HEADER, 0); // 过滤HTTP头
    160. 

  160.         } else {
    161. 

  161.             curl_setopt($ch, CURLOPT_POST, 1);
    162. 

  162.             curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
    163. 

  163.         }
    164. 

  164.         curl_setopt($ch, CURLOPT_URL, $url);
    165. 

  165.         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);//设置等待时间
    166. 

  166.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);//要求结果为字符串且输出到屏幕上
    167. 

  167.         /* https 请求 */
    168. 

  168.         if (strlen($url) > 5 && strtolower(substr($url, 0, 5)) == "https") {
    169. 

  169.             curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    170. 

  170.             curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    171. 

  171.         }
    172. 

  172.         if (!empty($_header)) {
    173. 

  173.             array_push($_header, 'Content-Length: '.strlen($params));
    174. 

  174.             curl_setopt($ch, CURLOPT_HTTPHEADER, $_header);
    175. 

  175.         }
    176. 

  176.         $_rs = curl_exec($ch);
    177. 

  177.         if (false === $_rs) {
    178. 

  178.             $_rs = curl_errno($ch);
    179. 

  179.         }
    180. 

  180.         curl_close($ch);
    181. 

  181. 

  182.         return $_rs;
    183. 

  183.     }
    184. 

  184. 

  185.     /**
    186. 

  186.      * 获取原始拼接的链接
    187. 

  187.      *
    188. 

  188.      * @param array $params
    189. 

  189.      *
    190. 

  190.      * @return bool|string
    191. 

  191.      */
    192. 

  192.     public static function createRawLinkString($params = []) {
    193. 

  193.         $_arg = "";
    194. 

  194.         foreach ($params as $_k => $_v) {
    195. 

  195.             $_arg .= $_k."=".$_v."&";
    196. 

  196.         }
    197. 

  197.         // 去掉最后一个&字符
    198. 

  198.         $_arg = substr($_arg, 0, strlen($_arg) - 1);
    199. 

  199. 

  200.         return $_arg;
    201. 

  201.     }
    202. 

  202. 

  203.     /**
    204. 

  204.      * 米大师支付签名 sig签名
    205. 

  205.      *
    206. 

  206.      * @param string $method HTTP请求方式
    207. 

  207.      * @param string $uri    请求的URI
    208. 

  208.      * @param array  $params 参数
    209. 

  209.      * @param string $secret 秘钥
    210. 

  210.      *
    211. 

  211.      * @return string
    212. 

  212.      */
    213. 

  213.     public static function makeSign($method, $uri = '', $params = array(), $secret = '') {
    214. 

  214.         /* 1. 参与米大师签名请求参数 */
    215. 

  215.         $_sign_data = $params;
    216. 

  216.         /* 2. 对参与米$_sign_data大师签名的参数按照key=value的格式,并按照参数名ASCII字典序升序排序如下: */
    217. 

  217.         ksort($_sign_data);
    218. 

  218.         $_sign_data_str = self::createRawLinkString($_sign_data);
    219. 

  219.         /* 3. 拼接uri、method和米大师密钥: */
    220. 

  220.         $_sign_str = $_sign_data_str."&org_loc=".$uri."&method=".strtoupper($method)."&secret=".$secret;
    221. 

  221.         /* 4. 把米大师密钥作为key,使用HMAC-SHA256得到签名。 */
    222. 

  222.         $_sig = hash_hmac('sha256', $_sign_str, $secret);
    223. 

  223. 

  224.         return $_sig;
    225. 

  225.     }
    226. 

  226. 

  227.     /**
    228. 

  228.      * 米大师支付开平签名 mp_sig签名
    229. 

  229.      *
    230. 

  230.      * @param string $method      HTTP请求方式
    231. 

  231.      * @param string $uri         请求的URI
    232. 

  232.      * @param array  $params      参数
    233. 

  233.      * @param string $session_key 秘钥
    234. 

  234.      *
    235. 

  235.      * @return string
    236. 

  236.      */
    237. 

  237.     public static function makeMpSign($method, $uri = '', $params = [], $session_key = '') {
    238. 

  238.         /* 1. 参与开平签名请求参数 */
    239. 

  239.         if (empty($params['openid'])
    240. 

  240.             || empty($params['appid'])
    241. 

  241.             || empty($params['offer_id'])
    242. 

  242.             || empty($params['ts'])
    243. 

  243.             || empty($params['zone_id'])
    244. 

  244.             || empty($params['sig'])
    245. 

  245.             || empty($params['access_token'])
    246. 

  246.             || empty($params['pf'])) {
    247. 

  247.             Log::write(
    248. 

  248.                 "func=".__FUNCTION__."&class=".__CLASS__."&step=1&method=$method&uri=$uri&params=".json_encode($params)
    249. 

  249.                 ."&session_key=$session_key", Log::ERROR
    250. 

  250.             );
    251. 

  251. 

  252.             return false;
    253. 

  253.         }
    254. 

  254.         $_sign_data = $params;
    255. 

  255.         /* 2. 对参与开平签名的参数按照key=value的格式,并按照参数名ASCII字典序升序排序如下: */
    256. 

  256.         ksort($_sign_data);
    257. 

  257.         $_sign_data_str = self::createRawLinkString($_sign_data);
    258. 

  258.         /* 3. 拼接uri、method和米大师密钥: */
    259. 

  259.         $_sign_str = $_sign_data_str."&org_loc=".$uri."&method=".strtoupper($method)."&session_key=".$session_key;
    260. 

  260.         /* 4. 把米大师密钥作为key,使用HMAC-SHA256得到签名。 */
    261. 

  261.         $_mp_sig = hash_hmac('sha256', $_sign_str, $session_key);
    262. 

  262. 

  263.         return $_mp_sig;
    264. 

  264.     }
    265. 

  265. }
    266.