179 lines
4.8 KiB
PHP
179 lines
4.8 KiB
PHP
|
|
<?php
|
||
|
|
|
||
|
|
|
||
|
|
namespace officialaccount;
|
||
|
|
|
||
|
|
|
||
|
|
use officialaccount\dcaler\Prpcrypt;
|
||
|
|
use officialaccount\dcaler\XMLParse;
|
||
|
|
|
||
|
|
class NewsManager extends AfficialAccount
|
||
|
|
{
|
||
|
|
|
||
|
|
const OK = 0;
|
||
|
|
const ValidateSignatureError = -40001;
|
||
|
|
const ParseXmlError = -40002;
|
||
|
|
const ComputeSignatureError = -40003;
|
||
|
|
const IllegalAesKey = -40004;
|
||
|
|
const ValidateAppidError = -40005;
|
||
|
|
const EncryptAESError = -40006;
|
||
|
|
const DecryptAESError = -40007;
|
||
|
|
const IllegalBuffer = -40008;
|
||
|
|
const EncodeBase64Error = -40009;
|
||
|
|
const DecodeBase64Error = -40010;
|
||
|
|
const GenReturnXmlError = -40011;
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @param $code
|
||
|
|
* @return mixed|string
|
||
|
|
*/
|
||
|
|
public function toError($code)
|
||
|
|
{
|
||
|
|
$messages = [
|
||
|
|
self::ValidateSignatureError => '签名验证错误',
|
||
|
|
self::ParseXmlError => 'xml解析失败',
|
||
|
|
self::ComputeSignatureError => 'sha加密生成签名失败',
|
||
|
|
self::IllegalAesKey => 'encodingAesKey 非法',
|
||
|
|
self::ValidateAppidError => 'appid 校验错误',
|
||
|
|
self::EncryptAESError => 'aes 加密失败',
|
||
|
|
self::DecryptAESError => 'aes 解密失败',
|
||
|
|
self::IllegalBuffer => '解密后得到的buffer非法',
|
||
|
|
self::EncodeBase64Error => 'base64加密失败',
|
||
|
|
self::DecodeBase64Error => 'base64解密失败',
|
||
|
|
self::GenReturnXmlError => '生成xml失败',
|
||
|
|
];
|
||
|
|
return $messages[$code] ?? 'OK';
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* 将公众平台回复用户的消息加密打包.
|
||
|
|
* <ol>
|
||
|
|
* <li>对要发送的消息进行AES-CBC加密</li>
|
||
|
|
* <li>生成安全签名</li>
|
||
|
|
* <li>将消息密文和安全签名打包成xml格式</li>
|
||
|
|
* </ol>
|
||
|
|
*
|
||
|
|
* @param $replyMsg string 公众平台待回复用户的消息,xml格式的字符串
|
||
|
|
* @param $timeStamp string 时间戳,可以自己生成,也可以用URL参数的timestamp
|
||
|
|
* @param $nonce string 随机串,可以自己生成,也可以用URL参数的nonce
|
||
|
|
* @param &$encryptMsg string 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
|
||
|
|
* 当return返回0时有效
|
||
|
|
*
|
||
|
|
* @return int 成功0,失败返回对应的错误码
|
||
|
|
*/
|
||
|
|
public function encryptMsg($replyMsg, $timeStamp, $nonce, &$encryptMsg)
|
||
|
|
{
|
||
|
|
$pc = new Prpcrypt($this->config->getEncodingAesKey());
|
||
|
|
|
||
|
|
//加密
|
||
|
|
$array = $pc->encrypt($replyMsg, $this->config->getAppid());
|
||
|
|
$ret = $array[0];
|
||
|
|
if ($ret != 0) {
|
||
|
|
return $ret;
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($timeStamp == null) {
|
||
|
|
$timeStamp = time();
|
||
|
|
}
|
||
|
|
$encrypt = $array[1];
|
||
|
|
|
||
|
|
//生成安全签名
|
||
|
|
$array = $this->getSHA1($this->config->getToken(), $timeStamp, $nonce, $encrypt);
|
||
|
|
$ret = $array[0];
|
||
|
|
if ($ret != 0) {
|
||
|
|
return $ret;
|
||
|
|
}
|
||
|
|
$signature = $array[1];
|
||
|
|
|
||
|
|
//生成发送的xml
|
||
|
|
$xmlparse = new XMLParse;
|
||
|
|
$encryptMsg = $xmlparse->generate($encrypt, $signature, $timeStamp, $nonce);
|
||
|
|
return self::OK;
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
/**
|
||
|
|
* 检验消息的真实性,并且获取解密后的明文.
|
||
|
|
* <ol>
|
||
|
|
* <li>利用收到的密文生成安全签名,进行签名验证</li>
|
||
|
|
* <li>若验证通过,则提取xml中的加密消息</li>
|
||
|
|
* <li>对消息进行解密</li>
|
||
|
|
* </ol>
|
||
|
|
*
|
||
|
|
* @param $msgSignature string 签名串,对应URL参数的msg_signature
|
||
|
|
* @param $timestamp string 时间戳 对应URL参数的timestamp
|
||
|
|
* @param $nonce string 随机串,对应URL参数的nonce
|
||
|
|
* @param $postData string 密文,对应POST请求的数据
|
||
|
|
* @param &$msg string 解密后的原文,当return返回0时有效
|
||
|
|
*
|
||
|
|
* @return int 成功0,失败返回对应的错误码
|
||
|
|
*/
|
||
|
|
public function decryptMsg($msgSignature, $timestamp, $nonce, $postData, &$msg)
|
||
|
|
{
|
||
|
|
if (strlen($this->config->getEncodingAesKey()) != 43) {
|
||
|
|
return self::IllegalAesKey;
|
||
|
|
}
|
||
|
|
|
||
|
|
$pc = new Prpcrypt($this->config->getEncodingAesKey());
|
||
|
|
|
||
|
|
//提取密文
|
||
|
|
$xmlparse = new XMLParse();
|
||
|
|
$array = $xmlparse->extract($postData);
|
||
|
|
$ret = $array[0];
|
||
|
|
|
||
|
|
if ($ret != 0) {
|
||
|
|
return $ret;
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($timestamp == null) {
|
||
|
|
$timestamp = time();
|
||
|
|
}
|
||
|
|
|
||
|
|
$encrypt = $array[1];
|
||
|
|
$touser_name = $array[2];
|
||
|
|
|
||
|
|
//验证安全签名
|
||
|
|
$array = $this->getSHA1($this->config->getToken(), $timestamp, $nonce, $encrypt);
|
||
|
|
$ret = $array[0];
|
||
|
|
|
||
|
|
if ($ret != 0) {
|
||
|
|
return $ret;
|
||
|
|
}
|
||
|
|
|
||
|
|
$signature = $array[1];
|
||
|
|
if ($signature != $msgSignature) {
|
||
|
|
return self::ValidateSignatureError;
|
||
|
|
}
|
||
|
|
|
||
|
|
$result = $pc->decrypt($encrypt, $this->config->getAppid());
|
||
|
|
if ($result[0] != 0) {
|
||
|
|
return $result[0];
|
||
|
|
}
|
||
|
|
$msg = $result[1];
|
||
|
|
|
||
|
|
return self::OK;
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* @param $token
|
||
|
|
* @param $timestamp
|
||
|
|
* @param $nonce
|
||
|
|
* @param $encrypt_msg
|
||
|
|
* @return array
|
||
|
|
*/
|
||
|
|
private function getSHA1($token, $timestamp, $nonce, $encrypt_msg)
|
||
|
|
{
|
||
|
|
//排序
|
||
|
|
try {
|
||
|
|
$array = array($encrypt_msg, $token, $timestamp, $nonce);
|
||
|
|
sort($array, SORT_STRING);
|
||
|
|
$str = implode($array);
|
||
|
|
return array(self::OK, sha1($str));
|
||
|
|
} catch (\Exception $e) {
|
||
|
|
//print $e . "\n";
|
||
|
|
return array(self::ComputeSignatureError, null);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
}
|