|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace anerg\OAuth2\Gateways; |
|
4
|
|
|
|
|
5
|
|
|
use anerg\OAuth2\Connector\Gateway; |
|
6
|
|
|
use anerg\OAuth2\Helper\Str; |
|
7
|
|
|
|
|
8
|
|
|
class Alipay extends Gateway |
|
9
|
|
|
{ |
|
10
|
|
|
const RSA_PRIVATE = 1; |
|
11
|
|
|
const RSA_PUBLIC = 2; |
|
12
|
|
|
|
|
13
|
|
|
const API_BASE = 'https://openapi.alipay.com/gateway.do'; |
|
14
|
|
|
protected $AuthorizeURL = 'https://openauth.alipay.com/oauth2/publicAppAuthorize.htm'; |
|
15
|
|
|
protected $AccessTokenURL = 'https://openapi.alipay.com/gateway.do'; |
|
16
|
|
|
/** |
|
17
|
|
|
* 得到跳转地址 |
|
18
|
|
|
*/ |
|
19
|
|
|
public function getRedirectUrl() |
|
20
|
|
|
{ |
|
21
|
|
|
$params = [ |
|
22
|
|
|
'app_id' => $this->config['app_id'], |
|
23
|
|
|
'redirect_uri' => $this->config['callback'], |
|
24
|
|
|
'scope' => $this->config['scope'], |
|
25
|
|
|
'state' => $this->config['state'], |
|
26
|
|
|
]; |
|
27
|
|
|
return $this->AuthorizeURL . '?' . http_build_query($params); |
|
28
|
|
|
} |
|
29
|
|
|
|
|
30
|
|
|
/** |
|
31
|
|
|
* 获取当前授权用户的openid标识 |
|
32
|
|
|
*/ |
|
33
|
|
|
public function openid() |
|
34
|
|
|
{ |
|
35
|
|
|
$this->getToken(); |
|
36
|
|
|
|
|
37
|
|
|
if (isset($this->token['openid'])) { |
|
38
|
|
|
return $this->token['openid']; |
|
39
|
|
|
} else { |
|
40
|
|
|
throw new \Exception('没有获取到支付宝用户ID!'); |
|
41
|
|
|
} |
|
42
|
|
|
} |
|
43
|
|
|
|
|
44
|
|
|
/** |
|
45
|
|
|
* 获取格式化后的用户信息 |
|
46
|
|
|
*/ |
|
47
|
|
|
public function userinfo() |
|
48
|
|
|
{ |
|
49
|
|
|
$rsp = $this->userinfoRaw(); |
|
50
|
|
|
|
|
51
|
|
|
$userinfo = [ |
|
52
|
|
|
'openid' => $this->token['openid'], |
|
53
|
|
|
'channel' => 'alipay', |
|
54
|
|
|
'nick' => $rsp['nick_name'], |
|
55
|
|
|
'gender' => strtolower($rsp['gender']), |
|
56
|
|
|
'avatar' => $rsp['avatar'], |
|
57
|
|
|
]; |
|
58
|
|
|
return $userinfo; |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
/** |
|
62
|
|
|
* 获取原始接口返回的用户信息 |
|
63
|
|
|
*/ |
|
64
|
|
|
public function userinfoRaw() |
|
65
|
|
|
{ |
|
66
|
|
|
$this->getToken(); |
|
67
|
|
|
|
|
68
|
|
|
$rsp = $this->call('alipay.user.info.share'); |
|
69
|
|
|
return $rsp['alipay_user_info_share_response']; |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
/** |
|
73
|
|
|
* 发起请求 |
|
74
|
|
|
* |
|
75
|
|
|
* @param string $api |
|
76
|
|
|
* @param array $params |
|
77
|
|
|
* @param string $method |
|
78
|
|
|
* @return array |
|
79
|
|
|
*/ |
|
80
|
|
|
private function call($api, $params = [], $method = 'POST') |
|
81
|
|
|
{ |
|
82
|
|
|
$method = strtoupper($method); |
|
83
|
|
|
|
|
84
|
|
|
$_params = [ |
|
85
|
|
|
'app_id' => $this->config['app_id'], |
|
86
|
|
|
'method' => $api, |
|
87
|
|
|
'charset' => 'UTF-8', |
|
88
|
|
|
'sign_type' => 'RSA2', |
|
89
|
|
|
'timestamp' => date("Y-m-d H:i:s"), |
|
90
|
|
|
'version' => '1.0', |
|
91
|
|
|
'auth_token' => $this->token['access_token'], |
|
92
|
|
|
]; |
|
93
|
|
|
$params = array_merge($_params, $params); |
|
94
|
|
|
$params['sign'] = $this->signature($params); |
|
95
|
|
|
|
|
96
|
|
|
$data = $this->$method(self::API_BASE, $params); |
|
97
|
|
|
$data = mb_convert_encoding($data, 'utf-8', 'gbk'); |
|
98
|
|
|
return json_decode($data, true); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* 默认的AccessToken请求参数 |
|
103
|
|
|
* @return array |
|
104
|
|
|
*/ |
|
105
|
|
|
protected function accessTokenParams() |
|
106
|
|
|
{ |
|
107
|
|
|
$params = [ |
|
108
|
|
|
'app_id' => $this->config['app_id'], |
|
109
|
|
|
'method' => 'alipay.system.oauth.token', |
|
110
|
|
|
'charset' => 'UTF-8', |
|
111
|
|
|
'sign_type' => 'RSA2', |
|
112
|
|
|
'timestamp' => date("Y-m-d H:i:s"), |
|
113
|
|
|
'version' => '1.0', |
|
114
|
|
|
'grant_type' => $this->config['grant_type'], |
|
115
|
|
|
'code' => isset($_GET['auth_code']) ? $_GET['auth_code'] : '', |
|
116
|
|
|
]; |
|
117
|
|
|
$params['sign'] = $this->signature($params); |
|
118
|
|
|
return $params; |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
/** |
|
122
|
|
|
* 支付宝签名 |
|
123
|
|
|
*/ |
|
124
|
|
|
private function signature($data = []) |
|
125
|
|
|
{ |
|
126
|
|
|
ksort($data); |
|
127
|
|
|
$str = Str::buildParams($data); |
|
128
|
|
|
|
|
129
|
|
|
$rsaKey = $this->getRsaKeyVal(self::RSA_PRIVATE); |
|
130
|
|
|
$res = openssl_get_privatekey($rsaKey); |
|
131
|
|
|
if ($res !== false) { |
|
132
|
|
|
$sign = ''; |
|
133
|
|
|
openssl_sign($str, $sign, $res, OPENSSL_ALGO_SHA256); |
|
134
|
|
|
openssl_free_key($res); |
|
135
|
|
|
return base64_encode($sign); |
|
136
|
|
|
} |
|
137
|
|
|
throw new \Exception('支付宝RSA私钥不正确'); |
|
138
|
|
|
} |
|
139
|
|
|
|
|
140
|
|
|
/** |
|
141
|
|
|
* 获取密钥 |
|
142
|
|
|
* |
|
143
|
|
|
* @param int $type |
|
144
|
|
|
* @return string |
|
145
|
|
|
*/ |
|
146
|
|
|
private function getRsaKeyVal($type = self::RSA_PUBLIC) |
|
147
|
|
|
{ |
|
148
|
|
|
if ($type === self::RSA_PUBLIC) { |
|
149
|
|
|
$keyname = 'pem_public'; |
|
150
|
|
|
$header = '-----BEGIN PUBLIC KEY-----'; |
|
151
|
|
|
$footer = '-----END PUBLIC KEY-----'; |
|
152
|
|
|
} else { |
|
153
|
|
|
$keyname = 'pem_private'; |
|
154
|
|
|
$header = '-----BEGIN RSA PRIVATE KEY-----'; |
|
155
|
|
|
$footer = '-----END RSA PRIVATE KEY-----'; |
|
156
|
|
|
} |
|
157
|
|
|
$rsa = $this->config[$keyname]; |
|
158
|
|
|
if (is_file($rsa)) { |
|
159
|
|
|
$rsa = file_get_contents($rsa); |
|
160
|
|
|
} |
|
161
|
|
|
if (empty($rsa)) { |
|
162
|
|
|
throw new \Exception('支付宝RSA密钥未配置'); |
|
163
|
|
|
} |
|
164
|
|
|
$rsa = str_replace([PHP_EOL, $header, $footer], '', $rsa); |
|
165
|
|
|
$rsaVal = $header . PHP_EOL . chunk_split($rsa, 64, PHP_EOL) . $footer; |
|
166
|
|
|
return $rsaVal; |
|
167
|
|
|
} |
|
168
|
|
|
|
|
169
|
|
|
/** |
|
170
|
|
|
* 解析access_token方法请求后的返回值 |
|
171
|
|
|
* @param string $token 获取access_token的方法的返回值 |
|
172
|
|
|
*/ |
|
173
|
|
|
protected function parseToken($token) |
|
174
|
|
|
{ |
|
175
|
|
|
$token = mb_convert_encoding($token, 'utf-8', 'gbk'); |
|
176
|
|
|
$data = json_decode($token, true); |
|
177
|
|
|
|
|
178
|
|
|
if (isset($data['alipay_system_oauth_token_response'])) { |
|
179
|
|
|
$data = $data['alipay_system_oauth_token_response']; |
|
180
|
|
|
$data['openid'] = $data['user_id']; |
|
181
|
|
|
return $data; |
|
182
|
|
|
} else { |
|
183
|
|
|
throw new \Exception("获取支付宝 ACCESS_TOKEN 出错:{$token}"); |
|
184
|
|
|
} |
|
185
|
|
|
} |
|
186
|
|
|
} |
|
187
|
|
|
|
anerg2046 /
sns_auth
