Wechat.php 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
  1. <?php
  2. namespace addons\epay\library;
  3. use fast\Http;
  4. use think\Cache;
  5. use think\Session;
  6. /**
  7. * 微信授权
  8. *
  9. */
  10. class Wechat
  11. {
  12. private $app_id = '';
  13. private $app_secret = '';
  14. private $scope = 'snsapi_userinfo';
  15. public function __construct($app_id, $app_secret)
  16. {
  17. $this->app_id = $app_id;
  18. $this->app_secret = $app_secret;
  19. }
  20. /**
  21. * 获取微信授权链接
  22. *
  23. * @return string
  24. */
  25. public function getAuthorizeUrl()
  26. {
  27. $redirect_uri = addon_url('epay/api/wechat', [], true, true);
  28. $redirect_uri = urlencode($redirect_uri);
  29. $state = \fast\Random::alnum();
  30. Session::set('state', $state);
  31. return "https://open.weixin.qq.com/connect/oauth2/authorize?appid={$this->app_id}&redirect_uri={$redirect_uri}&response_type=code&scope={$this->scope}&state={$state}#wechat_redirect";
  32. }
  33. /**
  34. * 获取微信openid
  35. *
  36. * @return mixed|string
  37. */
  38. public function getOpenid()
  39. {
  40. $openid = Session::get('openid');
  41. if (!$openid) {
  42. if (!isset($_GET['code'])) {
  43. $url = $this->getAuthorizeUrl();
  44. Header("Location: $url");
  45. exit();
  46. } else {
  47. /*$state = Session::get('state');
  48. if ($state == $_GET['state']) {*/
  49. $code = $_GET['code'];
  50. $token = $this->getAccessToken($code);
  51. if (!isset($token['openid']) && isset($token['errmsg'])) {
  52. exception($token['errmsg']);
  53. }
  54. $openid = isset($token['openid']) ? $token['openid'] : '';
  55. if ($openid) {
  56. Session::set("openid", $openid);
  57. }
  58. /* }*/
  59. }
  60. }
  61. return $openid;
  62. }
  63. /**
  64. * 获取授权token网页授权
  65. *
  66. * @param string $code
  67. * @return mixed|string
  68. */
  69. public function getAccessToken($code = '')
  70. {
  71. $params = [
  72. 'appid' => $this->app_id,
  73. 'secret' => $this->app_secret,
  74. 'code' => $code,
  75. 'grant_type' => 'authorization_code'
  76. ];
  77. $ret = Http::sendRequest('https://api.weixin.qq.com/sns/oauth2/access_token', $params, 'GET');
  78. if ($ret['ret']) {
  79. $ar = json_decode($ret['msg'], true);
  80. return $ar;
  81. }
  82. return [];
  83. }
  84. public function getJsticket($code = '')
  85. {
  86. $jsticket = Session::get('jsticket');
  87. if (!$jsticket) {
  88. $token = $this->getAccessToken($code);
  89. $params = [
  90. 'access_token' => 'token',
  91. 'type' => 'jsapi',
  92. ];
  93. $ret = Http::sendRequest('https://api.weixin.qq.com/cgi-bin/ticket/getticket', $params, 'GET');
  94. if ($ret['ret']) {
  95. $ar = json_decode($ret['msg'], true);
  96. return $ar;
  97. }
  98. }
  99. return $jsticket;
  100. }
  101. public function getSignPackage($url) {
  102. $jsapiTicket = $this->getWechatJsApiTicket();
  103. // 注意 URL 一定要动态获取,不能 hardcode.
  104. // $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
  105. // $url = $this->url?$this->url:"$protocol$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
  106. $timestamp = time();
  107. $nonceStr = $this->getRandString(16);
  108. // 这里参数的顺序要按照 key 值 ASCII 码升序排序
  109. $string = "jsapi_ticket=$jsapiTicket&noncestr=$nonceStr&timestamp=$timestamp&url=$url";
  110. $signature = sha1($string);
  111. $signPackage = array(
  112. "appId" => $this->app_id,
  113. "nonceStr" => $nonceStr,
  114. "timestamp" => $timestamp,
  115. "url" => $url,
  116. "signature" => $signature,
  117. "rawString" => $string
  118. );
  119. return $signPackage;
  120. }
  121. /**
  122. * 获取微信基础access_token
  123. * @param bool $updatenow 是否立即刷新
  124. * @return string
  125. */
  126. public function getWechatBasicAccesstoken($updatenow = false)
  127. {
  128. //有效期一般为7200秒,开发者必须在自己的服务全局缓存access_token
  129. //此处保存的access_token为基础的,并非授权的(授权的需要实时获取)
  130. //读取缓存
  131. $access_token = cache('access_token');
  132. //过期或强制刷新时,需重新请求
  133. if(!$access_token || $updatenow) {
  134. $rs = json_decode(curl_get('https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid='.$this->app_id.'&secret='.$this->app_secret), true);
  135. if(!empty($rs['errmsg'])) {
  136. abort(500, $rs['errmsg']); //请求失败
  137. }
  138. //缓存存储
  139. $access_token = $rs['access_token'];
  140. cache('access_token', $access_token, $rs['expires_in'] - 1000);
  141. }
  142. return $access_token;
  143. }
  144. /**
  145. * 获取微信jsapi_ticket
  146. * @param string $updatenow 是否立即更新
  147. * @return string
  148. */
  149. private function getWechatJsApiTicket($updatenow = false)
  150. {
  151. //有效期7200秒,开发者必须在自己的服务全局缓存jsapi_ticket
  152. //读取缓存
  153. $ticket = cache('jsapi_ticket');
  154. //过期或强制刷新时,需重新请求
  155. if(!$ticket || $updatenow) {
  156. //读取access_token
  157. $access_token = $this->getWechatBasicAccesstoken();
  158. //请求ticket
  159. $rs = json_decode(curl_get('https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token='.$access_token.'&type=jsapi'), true);
  160. if($rs['errmsg'] != 'ok') { //失败时,强制刷新access_token,再次请求
  161. $access_token = $this->getWechatBasicAccesstoken(true);
  162. $rs = json_decode(curl_get('https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token='.$access_token.'&type=jsapi'), true);
  163. if($rs['errmsg'] != 'ok') {
  164. abort(500, $rs['errmsg']); //请求失败
  165. }
  166. }
  167. //缓存存储
  168. $ticket = $rs['ticket'];
  169. cache('jsapi_ticket', $ticket, $rs['expires_in'] - 1000);
  170. }
  171. return $ticket;
  172. }
  173. /**
  174. * 获取随机字符串
  175. * @param int $length 字符串长度
  176. * @return null|string
  177. */
  178. private function getRandString($length = 1)
  179. {
  180. $str = null;
  181. $strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
  182. $max = strlen($strPol) - 1;
  183. for($i = 0; $i < $length; $i++) {
  184. $str .= $strPol[rand(0, $max)];
  185. }
  186. return $str;
  187. }
  188. }