Home > Backend Development > PHP Tutorial > Native PHP implements third-party login in Alipay App to obtain user information

Native PHP implements third-party login in Alipay App to obtain user information

藏色散人
Release: 2023-04-07 08:58:01
forward
4337 people have browsed it

Background

The App project requires the implementation of third-party WeChat and Alipay logins. WeChat can directly complete authentication on the App side to obtain user information, while Alipay requires back-end acquisition.

Process

1. The server first obtains the infoStr required by the App to call Alipay SDK

2. The App obtains user authorization through infoStr code

3. The server obtains the request token through the authorization code

4. The server obtains the user information through the token

Code

Before this, you should have some understanding of the Alipay interface docking process.

1. Create RSA2 method: get sign:

/**
 * enRSA2 RSA加密
 * 
 * @param String $data
 * @return String
 */
private function enRSA2($data)
{
    $str = chunk_split(trim($this->private_key), 64, "\n");
    $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
    // $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入
    $signature = '';
    $signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL;
    return $signature;
}
Copy after login

2. Create a Get parameter splicing method to ensure that it meets the Alipay signature string requirements:

/**
 * myHttpBuildQuery
 * 之所以不用 自带函数 `http_build_query` 
 * 是因为格式化的时间带有  ‘:’  会被转换成十六进制 utf-8 码
 * 
 * @param Array
 * @return String
 */
private function myHttpBuildQuery($dataArr)
{
    ksort($dataArr);
    $signStr = '';
    foreach ($dataArr as $key => $val) {
        if (empty($signStr)) {
            $signStr = $key.'='.$val;
        } else {
            $signStr .= '&'.$key.'='.$val;
        }
    }
    return $signStr;  
}
Copy after login

3. Give Go to the infoStr required on the APP:

/**
 * InfoStr APP登录需要的的infostr
 * 
 * @return String
 */
public function infoStr()
{
    $infoStr = http_build_query([
        'apiname' => 'com.alipay.account.auth',
        'method' => 'alipay.open.auth.sdk.code.get',
        'app_id' => $this->app_id,
        'app_name' => 'mc',
        'biz_type' => 'openservice',
        'pid' => $this->pid,
        'product_id' => 'APP_FAST_LOGIN',
        'scope' => 'kuaijie',
        'target_id' => mt_rand(999, 99999), //商户标识该次用户授权请求的ID,该值在商户端应保持唯一
        'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权;LOGIN代表登录
        'sign_type' => 'RSA2',
    ]);
    $infoStr .= '&sign='.$this->enRSA2($infoStr);
    return $infoStr;
}
Copy after login

4. Get user information:

 /**
     * AlipayToken 获得用户 请求token, 通过它获得 用户信息
     * 
     * 需要按照支付宝加签流程来。
     */
    public function userInfo($app_auth_token)
    {
        $infoArr = [
            'method' => 'alipay.system.oauth.token',
            'app_id' => $this->app_id,
            'charset' => 'utf-8',
            'sign_type' => 'RSA2',
            'timestamp' => date('Y-m-d H:i:s'),
            'version' => '1.0',
            'code' => $app_auth_token,
            'grant_type' => 'authorization_code',
        ];
        $signStr = $this->myHttpBuildQuery($infoArr);
        $sign = urlencode($this->enRSA2($signStr));
        $qureStr = $signStr.'&sign='.$sign;
        $res = new Client();
        $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents();
        $body = json_decode($body);
        if (!isset($body->alipay_system_oauth_token_response->access_token)) {
            return '接口异常';
        } else {
            $autho_token = $body->alipay_system_oauth_token_response->access_token;
            $userinfo = $this->aliPayUserInfo($autho_token);
            return $userinfo; // 或则 返回 json_encode($userinfo) 根据实际需求来 
        }
    }
    /**
     * AliPayUserInfo 通过 token 获取用户信息
     */
    private function aliPayUserInfo($autho_token)
    {
        $infoArr = [
            'method' => 'alipay.user.info.share',
            'app_id' => $this->app_id,
            'charset' => 'utf-8',
            'sign_type' => 'RSA2',
            'timestamp' => date('Y-m-d H:i:s'),
            'version' => '1.0',
            'auth_token' => $autho_token,
        ];
        $signStr = $this->myHttpBuildQuery($infoArr);
        $sign = urlencode($this->enRSA2($signStr));
        $qureStr = $signStr.'&sign='.$sign;
        $res = new Client();
        $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents();
        $body = json_decode($body);
        if (!isset($body->alipay_user_info_share_response)) {
            return '接口异常';
        }
        $body = $body->alipay_user_info_share_response;
        return $body;
    }
Copy after login

Code Overview

 'com.alipay.account.auth',
            'method' => 'alipay.open.auth.sdk.code.get',
            'app_id' => $this->app_id,
            'app_name' => 'mc',
            'biz_type' => 'openservice',
            'pid' => $this->pid,
            'product_id' => 'APP_FAST_LOGIN',
            'scope' => 'kuaijie',
            'target_id' => mt_rand(999, 99999), //商户标识该次用户授权请求的ID,该值在商户端应保持唯一
            'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权;LOGIN代表登录
            'sign_type' => 'RSA2',
        ]);
        $infoStr .= '&sign='.$this->enRSA2($infoStr);
        return $infoStr;
    }
     /**
     * AlipayToken 获得用户 请求token, 通过它获得 用户信息
     * 
     * 需要按照支付宝加签流程来。
     */
    public function userInfo($app_auth_token)
    {
        $infoArr = [
            'method' => 'alipay.system.oauth.token',
            'app_id' => $this->app_id,
            'charset' => 'utf-8',
            'sign_type' => 'RSA2',
            'timestamp' => date('Y-m-d H:i:s'),
            'version' => '1.0',
            'code' => $app_auth_token,
            'grant_type' => 'authorization_code',
        ];
        $signStr = $this->myHttpBuildQuery($infoArr);
        $sign = urlencode($this->enRSA2($signStr));
        $qureStr = $signStr.'&sign='.$sign;
        $res = new Client();
        $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents();
        $body = json_decode($body);
        if (!isset($body->alipay_system_oauth_token_response->access_token)) {
            return '接口异常';
        } else {
            $autho_token = $body->alipay_system_oauth_token_response->access_token;
            $userinfo = $this->aliPayUserInfo($autho_token);
            return $userinfo; // 或则 返回 json_encode($userinfo) 根据实际需求来 
        }
    }
    /**
     * AliPayUserInfo 通过 token 获取用户信息
     */
    private function aliPayUserInfo($autho_token)
    {
        $infoArr = [
            'method' => 'alipay.user.info.share',
            'app_id' => $this->app_id,
            'charset' => 'utf-8',
            'sign_type' => 'RSA2',
            'timestamp' => date('Y-m-d H:i:s'),
            'version' => '1.0',
            'auth_token' => $autho_token,
        ];
        $signStr = $this->myHttpBuildQuery($infoArr);
        $sign = urlencode($this->enRSA2($signStr));
        $qureStr = $signStr.'&sign='.$sign;
        $res = new Client();
        $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents();
        $body = json_decode($body);
        if (!isset($body->alipay_user_info_share_response)) {
            return '接口异常';
        }
        $body = $body->alipay_user_info_share_response;
        return $body;
    }
    /**
     * enRSA2 RSA加密
     * 
     * @param String $data
     * @return String
     */
    private function enRSA2($data)
    {
        $str = chunk_split(trim($this->private_key), 64, "\n");
        $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
        // $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入
        $signature = '';
        $signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL;
        return $signature;
    }
    /**
     * myHttpBuildQuery 返回一个 http Get 传参数组
     * 之所以不用 自带函数 http_build_query 时间带 ‘:’ 会被转换
     * 
     * @param Array
     * @return String
     */
    private function myHttpBuildQuery($dataArr)
    {
        ksort($dataArr);
        $signStr = '';
        foreach ($dataArr as $key => $val) {
            if (empty($signStr)) {
                $signStr = $key.'='.$val;
            } else {
                $signStr .= '&'.$key.'='.$val;
            }
        }
        return $signStr;  
    }
}
Copy after login

Others

1. Note: This code is extracted from the original project. It is mainly to provide a reference for developers who have this need. It has not been tested whether it can be used directly. Please test it yourself. .

2. The reason why Alipay php_SDK is not used is because the demand is limited: it is only necessary to obtain user information, which is not necessary.

3. Please point out any unreasonable parts of the code so that everyone can learn from each other.

The above is the detailed content of Native PHP implements third-party login in Alipay App to obtain user information. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
php
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Issues
php data acquisition?
From 1970-01-01 08:00:00
0
0
0
PHP extension intl
From 1970-01-01 08:00:00
0
0
0
How to learn php well
From 1970-01-01 08:00:00
0
0
0
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template