Gitinn 首頁 探索 說明
註冊 登入
u321574
/
bts
镜像来自 https://github.com/anyluckwell/bts
1
1
複刻 0
檔案 問題管理 0 Wiki
分支: master
分支列表 標籤列表
bts
/
php
/
extend
/
lemo
/
api
/
Oauth.php

Oauth.php 3.4 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 
  1. <?php
    2. 

  2. namespace lemo\api;
    3. 

  3. 

  4. use lemo\api\Send;
    5. 

  5. use think\Exception;
    6. 

  6. use think\facade\Request;
    7. 

  7. use think\facade\Cache;
    8. 

  8. 

  9. /**
    10. 

  10.  * API鉴权验证
    11. 

  11.  */
    12. 

  12. class Oauth
    13. 

  13. {
    14. 

  14.     use Send;
    15. 

  15.     
    16. 

  16.     /**
    17. 

  17.      * accessToken存储前缀
    18. 

  18.      *
    19. 

  19.      * @var string
    20. 

  20.      */
    21. 

  21.     public static $accessTokenPrefix = 'accessToken_';
    22. 

  22. 

  23.     /**
    24. 

  24.      * 过期时间秒数
    25. 

  25.      *
    26. 

  26.      * @var int
    27. 

  27.      */
    28. 

  28.     public static $expires = 7200;
    29. 

  29. 

  30.     /**
    31. 

  31.      * 认证授权 通过用户信息和路由
    32. 

  32.      * @param Request $request
    33. 

  33.      * @return \Exception|UnauthorizedException|mixed|Exception
    34. 

  34.      * @throws UnauthorizedException
    35. 

  35.      */
    36. 

  36.     final function authenticate()
    37. 

  37.     {      
    38. 

  38.         return self::certification(self::getClient());
    39. 

  39.     }
    40. 

  40. 

  41.     /**
    42. 

  42.      * 获取用户信息
    43. 

  43.      * @param Request $request
    44. 

  44.      * @return $this
    45. 

  45.      * @throws UnauthorizedException
    46. 

  46.      */
    47. 

  47.     public static function getClient()
    48. 

  48.     {   
    49. 

  49.         //获取头部信息
    50. 

  50.         try {
    51. 

  51.             $authorization = Request::header('authentication'); //获取请求中的authentication字段,值形式为USERID asdsajh..这种形式
    52. 

  52. 

  53.             $authorization = explode(" ", $authorization);//explode分割,获取后面一窜base64加密数据
    54. 

  54.             $authorizationInfo  = explode(":", base64_decode($authorization[1]));  //对base_64解密,获取到用:拼接的自字符串,然后分割,可获取appid、accesstoken、uid这三个参数
    55. 

  55.             $clientInfo['uid'] = $authorizationInfo[2];
    56. 

  56.             $clientInfo['appid'] = $authorizationInfo[0];
    57. 

  57.             $clientInfo['access_token'] = $authorizationInfo[1];
    58. 

  58.             return $clientInfo;
    59. 

  59.         } catch (Exception $e) {
    60. 

  60.             return self::returnMsg(401,'Invalid authorization credentials',Request::header(''));
    61. 

  61.         }
    62. 

  62.     }
    63. 

  63. 

  64.     /**
    65. 

  65.      * 获取用户信息后 验证权限
    66. 

  66.      * @return mixed
    67. 

  67.      */
    68. 

  68.     public static function certification($data = []){
    69. 

  69. 

  70.         $getCacheAccessToken = Cache::get(self::$accessTokenPrefix . $data['access_token']);  //获取缓存access_token
    71. 

  71.         if(!$getCacheAccessToken){
    72. 

  72.             return self::returnMsg(401,'fail',"access_token不存在或为空");
    73. 

  73.         }
    74. 

  74.         if($getCacheAccessToken['client']['appid'] !== $data['appid']){
    75. 

  75. 

  76.             return self::returnMsg(401,'fail',"appid错误");  //appid与缓存中的appid不匹配
    77. 

  77.         }
    78. 

  78.         return $data;
    79. 

  79.     }
    80. 

  80. 

  81.     /**
    82. 

  82.      * 检测当前控制器和方法是否匹配传递的数组
    83. 

  83.      *
    84. 

  84.      * @param array $arr 需要验证权限的数组
    85. 

  85.      * @return boolean
    86. 

  86.      */
    87. 

  87.     public static function match($arr = [])
    88. 

  88.     {
    89. 

  89.         $request = Request::instance();
    90. 

  90.         $arr = is_array($arr) ? $arr : explode(',', $arr);
    91. 

  91.         if (!$arr)
    92. 

  92.         {
    93. 

  93.             return false;
    94. 

  94.         }
    95. 

  95.         $arr = array_map('strtolower', $arr);
    96. 

  96.         // 是否存在
    97. 

  97.         if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr))
    98. 

  98.         {
    99. 

  99.             return true;
    100. 

  100.         }
    101. 

  101. 

  102.         // 没找到匹配
    103. 

  103.         return false;
    104. 

  104.     }
    105. 

  105. 

  106.     /**
    107. 

  107.      * 生成签名
    108. 

  108.      * _字符开头的变量不参与签名
    109. 

  109.      */
    110. 

  110.     public static function makeSign ($data = [],$app_secret = '')
    111. 

  111.     {   
    112. 

  112.         unset($data['version']);
    113. 

  113.         unset($data['sign']);
    114. 

  114.         return self::_getOrderMd5($data,$app_secret);
    115. 

  115.     }
    116. 

  116. 

  117.     /**
    118. 

  118.      * 计算ORDER的MD5签名
    119. 

  119.      */
    120. 

  120.     private static function _getOrderMd5($params = [] , $app_secret = '') {
    121. 

  121.         ksort($params);
    122. 

  122.         $params['key'] = $app_secret;
    123. 

  123.         return strtolower(md5(urldecode(http_build_query($params))));
    124. 

  124.     }
    125. 

  125. 

  126. }
    127.