- <?php
- // 私钥和公钥在芝麻信用后台设置, 官网有详细说明
- class ZhimaAction extends CommonAction {
- // 芝麻信用网关地址
- public $gatewayUrl = "https://zmopenapi.zmxy.com.cn/openapi.do";
- // 商户私钥文件
- public $privateKeyFile = "商户私钥文件 (绝对路径)";
- // 芝麻公钥文件
- public $zmPublicKeyFile = "芝麻公钥文件 (绝对路径)";
- // 数据编码格式
- public $charset = "UTF-8";
- // 应用 id
- public $app_id = "*******";
- // 要调用的接口名
- public $method = "zhima.credit.score.get";
- // 来源平台, 默认为 zmop
- public $platform = "zmop";
- // 接口版本, 目前只支持 1.0
- public $version = "1.0";
- // 加密后信息 RSA 加密后的业务参数
- public $params = "";
- // 加密后信息 对 params 参数加密前的签名, 算法为 SHA1WithRSA
- public $sign = "1.0";
- /* 加签过程
- 1 在加密过程的第一步, 我们得到了拼接在一起的业务参数, 同样以芝麻信用评分为例, 拼接的参数如下:
- transaction_id=URLEncode(1234567)&product_code=URLEncode(w1010100100000000001)&open_id=URLEncode(268810000007909449496)
- 2 使用 SHA1WithRSA 算法以及商户自己的私钥进行签名, 得到 byte 数组
- SHA1WithRSA(transaction_id=URLEncode(1234567)&product_code=URLEncode(w1010100100000000001)&open_id=URLEncode(268810000007909449496))
- 3 将 byte 数组进行 Base64 编码, 得到一个签名的字符串
- Base64(SHA1WithRSA(transaction_id=URLEncode(1234567)&product_code=URLEncode(w1010100100000000001)&open_id=URLEncode(268810000007909449496)))
- 经过了上述三步, 我们便得到了业务参数的签名, 最后我们将这个签名的值放入系统参数 sign 中:
- sign=Base64(SHA1WithRSA(transaction_id=URLEncode(1234567)&product_code=URLEncode(w1010100100000000001)&open_id=URLEncode(268810000007909449496)))
- 解密和验签
- */
- public function __construct() {
- parent::__construct();
- // 在官网下载
- Vendor('zhima.zmop.ZmopClient');
- Vendor('zhima.zmop.RSAUtil');
- Vendor('zhima.zmop.ZhimaCreditIvsDetailGetRequest');
- Vendor('zhima.ZmopSdk');
- }
- public function grant(){
- if(IS_POST){
- $name = I('name');// 姓名
- $IDnumber = I('IDnumber'); //××× 号码
- $client = new ZmopClient($this->gatewayUrl,$this->app_id,$this->charset,$this->privateKeyFile,$this->zmPublicKeyFile);
- $RSAUtil = new RSAUtil();
- $identity_type ='2';
- $identity_param =json_encode(array('certNo'=>$IDnumber,'name'=>$name,'certType'=>"IDENTITY_CARD"));
- $request['app_id'] = $this->app_id;
- $request['charset'] = $this->charset;
- $request['method'] = 'zhima.auth.info.authorize';
- $request['version'] = $this->version;
- $request['platform'] = $this->platform;
- $request['params'] = $RSAUtil->rsaEncrypt($str,$this->zmPublicKeyFile);
- $request['sign'] = $RSAUtil->sign($str,$this->privateKeyFile);
- $request['identity_type'] = $identity_type;
- $request['identity_param'] = $identity_param;
- $str ='identity_type='.urlencode($identity_type).'&identity_param='.urlencode($identity_param).'';
- $request = new ZhimaAuthInfoAuthorizeRequest ();
- $request->setIdentityType ("2");
- // $request->setParams ("2");
- $request->setIdentityParam ($identity_param);
- //$request->setBizParams ( "{\"auth_code\":\"M_APPPC_CERT\",\"state\":\" 透传参数 \"}" ); //
- $url = $client->generatePageRedirectInvokeUrl ( $request );
- //dump($url);
- if($url){
- $json['msg'] =1;
- $json['url'] =$url;
- }else{
- $json['msg'] =0;
- $json['info'] ='参数错误';
- }
- echo json_encode($json);exit;
- }else{
- $json['msg'] =0;
- $json['info'] ='参数错误';
- echo json_encode($json);exit;
- }
- }
- // 返回
- public function returndata(){
- $params=$_GET['params'];
- $sign=$_GET['sign'];
- if(!$sign){
- $this->redirect('Member/rz');exit;
- }
- // 判断串中是否有 %, 有则需要 decode
- // dump($sign);
- $params = strstr ( $params, '%' ) ? urldecode ( $params ) : $params;
- $sign = strstr ( $sign, '%' ) ? urldecode ( $sign ) : $sign;
- $client = new ZmopClient ( $this->gatewayUrl, $this->app_id, $this->charset, $this->privateKeyFile, $this->zmPublicKeyFile );
- $result = $client->decryptAndVerifySign ( $params, $sign );
- // 转数组
- $parts = explode('&',$result);
- $array=array();
- foreach($parts as $k=>$v){
- $parts[$k] = explode('=',$v);
- $array[$parts[$k]['0']] = $parts[$k]['1'];
- }
- //dump($array['success']='false');
- if($array['success']!='false'){
- //dump($array);exit;
- $res =$this->ToRz($array);
- if($res->success){
- // 返回数据 更新会员信息
- $is_zhima = M('member')->where(array('id'=>cookie('id')))->find();
- if($is_zhima['zhima']!=$res->zm_score){
- $save['open_id'] = $array['open_id'];
- $save['zhima'] = $res->zm_score;
- $save['state'] = '1';
- $save['optime'] = time();
- $save['rztime'] = time();
- $member = M('member')->where(array('id'=>cookie('id')))->save($save);
- }
- echo '<script>alert(" 认证成功 ");window.location.href ="/Member/rz"</script>';
- }
- ///dump($member);
- // dump($result);
- }else{
- //echo '<script>alert(" 验签失败 ");window.location.href ="/Member/rz"</script>';
- $this->redirect('Member/rz');exit;
- }
- }
- }
来源: http://www.bubuko.com/infodetail-2533778.html