前端部分
后端部分:
public function getSessionKey()
{
$code = input('code');
$url = 'https://spapi.baidu.com/oauth/jscode2sessionkey';
$params = [
'code' =>$code,
'client_id' =>'PSGL75oGUczjixdMzlzQtTvXi2xVQqik',
'sk' =>'7yrYM3PP2P7gwOK25dbzCsGDqrHtVa47',
];
//发起get请求
$res = httpCurl($url,$params,'GET');
return json(json_decode($res));
}
public function getPhone()
{
$encryptedData = input('encryptedData');
$iv = input('iv');
$app_key = 'PSGL75oGUczjixdMzlzQtTvXi2xVQqik';
$session_key = input('session_key');
//进行解密
$data = decrypt($encryptedData,$iv,$app_key,$session_key);
return json(json_decode($data));
}
后端公共函数部分
/**
* 数据解密:低版本使用mcrypt库(PHP < 5.3.0),高版本使用openssl库(PHP >= 5.3.0)。
*
* @param string $ciphertext 待解密数据,返回的内容中的data字段
* @param string $iv 加密向量,返回的内容中的iv字段
* @param string $app_key 创建小程序时生成的app_key
* @param string $session_key 登录的code换得的
* @return string | false
*/
function decrypt($ciphertext, $iv, $app_key, $session_key) {
$session_key = base64_decode($session_key);
$iv = base64_decode($iv);
$ciphertext = base64_decode($ciphertext);
$plaintext = false;
if (function_exists("openssl_decrypt")) {
$plaintext = openssl_decrypt($ciphertext, "AES-192-CBC", $session_key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv);
} else {
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, null, MCRYPT_MODE_CBC, null);
mcrypt_generic_init($td, $session_key, $iv);
$plaintext = mdecrypt_generic($td, $ciphertext);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
if ($plaintext == false) {
return false;
}
// trim pkcs#7 padding
$pad = ord(substr($plaintext, -1));
$pad = ($pad < 1 || $pad > 32) ? 0 : $pad;
$plaintext = substr($plaintext, 0, strlen($plaintext) - $pad);
// trim header
$plaintext = substr($plaintext, 16);
// get content length
$unpack = unpack("Nlen/", substr($plaintext, 0, 4));
// get content
$content = substr($plaintext, 4, $unpack['len']);
// get app_key
$app_key_decode = substr($plaintext, $unpack['len'] + 4);
return $app_key == $app_key_decode ? $content : false;
}
/**
* 发送HTTP请求方法
* @param string $url 请求URL
* @param array $params 请求参数
* @param string $method 请求方法GET/POST
* @return array $data 响应数据
*/
function httpCurl($url, $params, $method = 'POST', $header = array(), $multi = false){
date_default_timezone_set('PRC');
$opts = array(
CURLOPT_TIMEOUT => 30,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_HTTPHEADER => $header,
CURLOPT_COOKIESESSION => true,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_COOKIE =>session_name().'='.session_id(),
);
/* 根据请求类型设置特定参数 */
switch(strtoupper($method)){
case 'GET':
// $opts[CURLOPT_URL] = $url . '?' . http_build_query($params);
// 链接后拼接参数 & 非?
$opts[CURLOPT_URL] = $url . '?' . http_build_query($params);
break;
case 'POST':
//判断是否传输文件
$params = $multi ? $params : http_build_query($params);
$opts[CURLOPT_URL] = $url;
$opts[CURLOPT_POST] = 1;
$opts[CURLOPT_POSTFIELDS] = $params;
break;
default:
throw new Exception('不支持的请求方式!');
}
/* 初始化并执行curl请求 */
$ch = curl_init();
curl_setopt_array($ch, $opts);
$data = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
if($error) throw new Exception('请求发生错误:' . $error);
return $data;
}
0条评论