背景
App 專案要求實現第三方 微信 和 支付寶 登錄,微信可以直接在 App 端完成認證拿到用戶信息,支付寶則需要後端取得。
流程
1、服務端先拿到App 端呼叫支付寶SDK 所需的infoStr
2、App 端透過infoStr 取得使用者授權code
3、服務端透過授權code 拿到請求token
4、服務端透過token 取得使用者資訊
代碼
##在這之前,支付寶介面對接流程你應該有所了解。 1、建立RSA2 方法:取得sign:/** * enRSA2 RSA加密 * * @param String $data * @return String */ private function enRSA2($data) { $str = chunk_split(trim($this->private_key), 64, "\n"); $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n"; // $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入 $signature = ''; $signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL; return $signature; }
/** * myHttpBuildQuery * 之所以不用 自带函数 `http_build_query` * 是因为格式化的时间带有 ‘:’ 会被转换成十六进制 utf-8 码 * * @param Array * @return String */ private function myHttpBuildQuery($dataArr) { ksort($dataArr); $signStr = ''; foreach ($dataArr as $key => $val) { if (empty($signStr)) { $signStr = $key.'='.$val; } else { $signStr .= '&'.$key.'='.$val; } } return $signStr; }
/** * InfoStr APP登录需要的的infostr * * @return String */ public function infoStr() { $infoStr = http_build_query([ 'apiname' => 'com.alipay.account.auth', 'method' => 'alipay.open.auth.sdk.code.get', 'app_id' => $this->app_id, 'app_name' => 'mc', 'biz_type' => 'openservice', 'pid' => $this->pid, 'product_id' => 'APP_FAST_LOGIN', 'scope' => 'kuaijie', 'target_id' => mt_rand(999, 99999), //商户标识该次用户授权请求的ID,该值在商户端应保持唯一 'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权;LOGIN代表登录 'sign_type' => 'RSA2', ]); $infoStr .= '&sign='.$this->enRSA2($infoStr); return $infoStr; }
/** * AlipayToken 获得用户 请求token, 通过它获得 用户信息 * * 需要按照支付宝加签流程来。 */ public function userInfo($app_auth_token) { $infoArr = [ 'method' => 'alipay.system.oauth.token', 'app_id' => $this->app_id, 'charset' => 'utf-8', 'sign_type' => 'RSA2', 'timestamp' => date('Y-m-d H:i:s'), 'version' => '1.0', 'code' => $app_auth_token, 'grant_type' => 'authorization_code', ]; $signStr = $this->myHttpBuildQuery($infoArr); $sign = urlencode($this->enRSA2($signStr)); $qureStr = $signStr.'&sign='.$sign; $res = new Client(); $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents(); $body = json_decode($body); if (!isset($body->alipay_system_oauth_token_response->access_token)) { return '接口异常'; } else { $autho_token = $body->alipay_system_oauth_token_response->access_token; $userinfo = $this->aliPayUserInfo($autho_token); return $userinfo; // 或则 返回 json_encode($userinfo) 根据实际需求来 } } /** * AliPayUserInfo 通过 token 获取用户信息 */ private function aliPayUserInfo($autho_token) { $infoArr = [ 'method' => 'alipay.user.info.share', 'app_id' => $this->app_id, 'charset' => 'utf-8', 'sign_type' => 'RSA2', 'timestamp' => date('Y-m-d H:i:s'), 'version' => '1.0', 'auth_token' => $autho_token, ]; $signStr = $this->myHttpBuildQuery($infoArr); $sign = urlencode($this->enRSA2($signStr)); $qureStr = $signStr.'&sign='.$sign; $res = new Client(); $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents(); $body = json_decode($body); if (!isset($body->alipay_user_info_share_response)) { return '接口异常'; } $body = $body->alipay_user_info_share_response; return $body; }
程式碼總覽
'com.alipay.account.auth', 'method' => 'alipay.open.auth.sdk.code.get', 'app_id' => $this->app_id, 'app_name' => 'mc', 'biz_type' => 'openservice', 'pid' => $this->pid, 'product_id' => 'APP_FAST_LOGIN', 'scope' => 'kuaijie', 'target_id' => mt_rand(999, 99999), //商户标识该次用户授权请求的ID,该值在商户端应保持唯一 'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权;LOGIN代表登录 'sign_type' => 'RSA2', ]); $infoStr .= '&sign='.$this->enRSA2($infoStr); return $infoStr; } /** * AlipayToken 获得用户 请求token, 通过它获得 用户信息 * * 需要按照支付宝加签流程来。 */ public function userInfo($app_auth_token) { $infoArr = [ 'method' => 'alipay.system.oauth.token', 'app_id' => $this->app_id, 'charset' => 'utf-8', 'sign_type' => 'RSA2', 'timestamp' => date('Y-m-d H:i:s'), 'version' => '1.0', 'code' => $app_auth_token, 'grant_type' => 'authorization_code', ]; $signStr = $this->myHttpBuildQuery($infoArr); $sign = urlencode($this->enRSA2($signStr)); $qureStr = $signStr.'&sign='.$sign; $res = new Client(); $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents(); $body = json_decode($body); if (!isset($body->alipay_system_oauth_token_response->access_token)) { return '接口异常'; } else { $autho_token = $body->alipay_system_oauth_token_response->access_token; $userinfo = $this->aliPayUserInfo($autho_token); return $userinfo; // 或则 返回 json_encode($userinfo) 根据实际需求来 } } /** * AliPayUserInfo 通过 token 获取用户信息 */ private function aliPayUserInfo($autho_token) { $infoArr = [ 'method' => 'alipay.user.info.share', 'app_id' => $this->app_id, 'charset' => 'utf-8', 'sign_type' => 'RSA2', 'timestamp' => date('Y-m-d H:i:s'), 'version' => '1.0', 'auth_token' => $autho_token, ]; $signStr = $this->myHttpBuildQuery($infoArr); $sign = urlencode($this->enRSA2($signStr)); $qureStr = $signStr.'&sign='.$sign; $res = new Client(); $body = $res->get('https://openapi.alipay.com/gateway.do?'.$qureStr)->getBody()->getContents(); $body = json_decode($body); if (!isset($body->alipay_user_info_share_response)) { return '接口异常'; } $body = $body->alipay_user_info_share_response; return $body; } /** * enRSA2 RSA加密 * * @param String $data * @return String */ private function enRSA2($data) { $str = chunk_split(trim($this->private_key), 64, "\n"); $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n"; // $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入 $signature = ''; $signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL; return $signature; } /** * myHttpBuildQuery 返回一个 http Get 传参数组 * 之所以不用 自带函数 http_build_query 时间带 ‘:’ 会被转换 * * @param Array * @return String */ private function myHttpBuildQuery($dataArr) { ksort($dataArr); $signStr = ''; foreach ($dataArr as $key => $val) { if (empty($signStr)) { $signStr = $key.'='.$val; } else { $signStr .= '&'.$key.'='.$val; } } return $signStr; } }
其它
1.注意:這份程式碼是從原有專案扒出來,主要是為有此需求的開發人員提供參考,並未測試是否能直接使用,請自行測試。 2.之所以不用支付寶 php_SDK,是因為需求有限:只取得使用者的信息,沒必要。 3.程式碼有不合理的地方也請提出來,大家互相學習。以上是原生 PHP 實作支付寶 App 第三方登入以取得使用者訊息的詳細內容。更多資訊請關注PHP中文網其他相關文章!