php 支付宝 h5授权 获取用户信息 存到数据库 自行签名(无验签)

h5测试页面
<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>测试</title>
</head>

<body>
    <p id="p1">测试</p>
</body>

</html>
<script src="../jquery-3.5.1.min.js"></script>
<script src = "https://gw.alipayobjects.com/as/g/h5-lib/alipayjsapi/3.1.1/alipayjsapi.min.js"> </script>
<script type="text/javascript">
window.onload = function(){
    var s='https://abc.com/api/xd/ali_info';//接口地址
    var s1 = encodeURIComponent(s);
    window.location.href='https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=xxx&scope=auth_user&redirect_uri='+s1+'&state=STATE';
};
</script>
控制器
public function ali_info(Request $request)
    {
    	$data = $request->all();
    	$md = new AaAli();
    	$info = $md->ali_info_0($data);
    	return $info;
    }
模型
<?php

namespace App\Models;

use Carbon\Carbon;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\DB;
use Auth;
class AaAli extends Model
{
    public function __construct()
    {
        $alipay = config('alipay');

        $this->app_id = $alipay['app_id'];
        $this->ali_public_key = $alipay['ali_public_key'];
        $this->private_key = $alipay['private_key'];
        $this->timeout = $alipay['timeout'];
        $this->connect_timeout = $alipay['connect_timeout'];
        $app_font_url = config('app.front_url');
        $this->config = [
            'app_id' => $this->app_id,
            'notify_url' => $app_font_url . '/api/alipay_notify',
            /* 'return_url'=>'http://192.168.1.137:3001/pay/success',*/
            'return_url' => $app_font_url . '/paySuccess',

            'ali_public_key' => $this->ali_public_key,
            'private_key' => $this->private_key,
            'log' => [
                'file' => '../storage/logs/alipay.log',
                'level' => 'info', // 建议生产环境等级调整为 info,开发环境为 debug
                'type' => 'single', // optional, 可选 daily.
                'max_file' => 30, // optional, 当 type 为 daily 时有效,默认 30],
            'http' => [ // optional
                'timeout' => $this->timeout,
                'connect_timeout' => $this->connect_timeout,
            ],
            /* 'mode' => 'dev', // optional,设置此参数,将进入沙箱模式*/
        ];
        parent::__construct();
    }
   
    //根据code获取用户信息
    public function ali_info_0($data)
    {
        logz($data,'alipay_sq_login2');
        $auth_token = $data['code'] ?? '';
        if(empty($auth_token)){
            $auth_token = $data['auth_code'] ?? '';
        }
        $uri = "https://openapi.alipay.com/gateway.do";
        $data = [
            'timestamp' => date('Y-m-d H:i:s'),
            'method' => 'alipay.system.oauth.token',
            'app_id' => $this->app_id,
            'sign_type' => 'RSA2',
            'version' => '1.0',
            'charset' => 'utf-8',
            'grant_type' => 'authorization_code',
            'code' => $auth_token,
        ];

        $sign = $this->sign($data);
        logz($sign,'alipay_sq_login2');
        $data['sign'] = $sign;
        $res = $this->curl_get($uri, $data);
        $data = json_decode($res, true);
        logz($data,'alipay_sq_login2');
        if(!empty($data['alipay_system_oauth_token_response']) && !empty($data['alipay_system_oauth_token_response']['access_token'])){
            $rt = $this->get_ali_user_info($data['alipay_system_oauth_token_response']['access_token']);
            logz($rt,'alipay_sq_login2');
            return $rt;
        }else{
            return ['code'=>0,'msg'=>'失败'];
        }
    }
    private function get_ali_user_info($access_token)
    {
        $uri = "https://openapi.alipay.com/gateway.do";
        $data = [
            'timestamp' => date('Y-m-d H:i:s'),
            'method' => 'alipay.user.info.share',
            'app_id' => $this->app_id,
            'sign_type' => 'RSA2',
            'version' => '1.0',
            'charset' => 'UTF-8',
            'auth_token' => $access_token
        ];
        logger($data);
        $sign = $this->sign($data);
        $data['sign'] = $sign;
        $res = $this->curl_get($uri, $data);
        $data = json_decode($res, true);
        if(isset($data['alipay_user_info_share_response']) &&
            isset($data['alipay_user_info_share_response']['code']) &&
            $data['alipay_user_info_share_response']['code'] == "10000" &&
            $data['alipay_user_info_share_response']['msg'] == "Success")
        {
            //session(['ali.oauth_user.user' => $data['alipay_user_info_share_response']]);
            $user_info = User::query()->where('app_openid', $data['alipay_user_info_share_response']['user_id'])->first();;
            if (!$user_info) {
                $user_info = new User();
                $user_info->app_openid = $data['alipay_user_info_share_response']['user_id'];
                $user_info->nick_name = $data['alipay_user_info_share_response']['nick_name']??'';
                $user_info->avatar = $data['alipay_user_info_share_response']['avatar']??'';
                $user_info->name = $user_info->create_name('ali');
                $user_info->type = User::ALI;
                $user_info->from = 1;
                $user_info->save();
            }
            $user_info = User::query()->where('app_openid', $user_info['app_openid'])->first();
            $token = Auth::guard('user')->login($user_info);
            $expiration = config('jwt.ttl') * 60;
            $res = compact('token', 'user_info', 'expiration');
            UsersToken::addToken($user_info->id,$token,$expiration);
            return ['code'=>1,'data'=>$res];
        }else{
            return ['code'=>0,'msg'=>'失败'];
        }
    }
    private function sign($data){
        ksort($data);
        $stringToBeSigned = "";
        foreach ($data as $k => $v) {
            $isarray = is_array($v);
            if ($isarray) {
                $stringToBeSigned .= "$k" . "=" . json_encode($v, 320) . "&";
            } else {
                $stringToBeSigned .= "$k" . "=" . "$v" . "&";
            }
        }
        unset ($k, $v);
        $stringToBeSigned = substr($stringToBeSigned, 0, strlen($stringToBeSigned) - 1);
        $sign = self::rsaSign($stringToBeSigned);
        return $sign;
    }
    protected function rsaSign($data, $signType = "RSA2")
    {
        $res = "-----BEGIN RSA PRIVATE KEY-----\n" .
            wordwrap($this->private_key, 64, "\n", true) .
            "\n-----END RSA PRIVATE KEY-----";
        ($res) or die('您使用的私钥格式错误,请检查RSA私钥配置');
        if ("RSA2" == $signType) {
            openssl_sign($data, $sign, $res, OPENSSL_ALGO_SHA256);
        } else {
            openssl_sign($data, $sign, $res);
        }

        $sign = base64_encode($sign);
        return $sign;
    }
    private function curl_get ($url, $data)
    {
        $ch     = curl_init ();
        $header = ["Accept-Charset: utf-8", 'Expect:'];
        $url    = $url . '?' . http_build_query ( $data );
        curl_setopt ( $ch, CURLOPT_URL, $url );
        curl_setopt ( $ch, CURLOPT_CUSTOMREQUEST, "GET" );
        curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, FALSE );
        curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, FALSE );
        curl_setopt ( $ch, CURLOPT_HTTPHEADER, $header );
        curl_setopt ( $ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)' );
        curl_setopt ( $ch, CURLOPT_FOLLOWLOCATION, 1 );
        curl_setopt ( $ch, CURLOPT_AUTOREFERER, 1 );
        curl_setopt ( $ch, CURLOPT_TIMEOUT, 60 );

        curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
        $result = curl_exec ( $ch );
        curl_close ( $ch );
        return $result;
    }
}
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
微信H5网页授权是指在使用微信浏览器访问H5网页时通过微信授权登录,获取用户的基本信息。这个过程分为三个步骤:引导用户授权获取授权码、通过授权获取用户信息。 首先,用户进入H5网页后,网页需要引导用户进行授权登录。网页可以通过调用微信JS-SDK中的微信授权接口,弹出微信授权登录的窗口。用户点击确认后,微信会生成一个授权码,并跳转回H5网页。 然后,网页需要使用授权码去微信服务器获取用户的基本信息。网页可以通过HTTP请求,将授权码发送给微信服务器的接口,并附上AppID和AppSecret等参数。微信服务器验证授权码的有效性后,会返回用户的基本信息,如openid、昵称、头像等。 最后,网页可以根据获取的用户基本信息,进行相应的业务操作。比如显示用户的头像和昵称,或者根据openid等唯一标识,将用户与其它业务系统进行关联。 需要注意的是,进行微信H5网页授权需要先申请微信开放平台的开发者账号,并创建一个公众号或移动应用。通过在微信开放平台进行配置,获取AppID和AppSecret等必要的参数,用于网页授权的流程中。 总结起来,微信H5网页授权获取用户基本信息是通过使用微信的授权接口,引导用户进行授权登录,再通过授权码和微信服务器进行交互,最终获取用户的基本信息。这个过程可以实现在H5网页上使用微信账号登录,并获取用户信息的功能。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值