From 429cc6d4d7cacd1faf49d829d760767cb6b1753d Mon Sep 17 00:00:00 2001 From: qinzongqing Date: Mon, 10 Apr 2023 17:45:27 +0800 Subject: [PATCH] =?UTF-8?q?=E5=BC=80=E5=8F=91=E8=8E=B7=E5=8F=96access=5Fto?= =?UTF-8?q?ken=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/Oauth2Controller.php | 164 ++++++++++++++++++++++++++- 1 file changed, 160 insertions(+), 4 deletions(-) diff --git a/app/controllers/Oauth2Controller.php b/app/controllers/Oauth2Controller.php index 5c4fa69..347b01f 100644 --- a/app/controllers/Oauth2Controller.php +++ b/app/controllers/Oauth2Controller.php @@ -16,11 +16,14 @@ class Oauth2Controller extends ControllerBase{ * http://127.0.0.1/tiffany/api/oauth2/test?qaz=wsx */ function testAction(){ - $url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/code"; - $url = "http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx"; + $url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/accesstoken"; + //$url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/code"; + //$url = "http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx"; + //$url = "http://127.0.0.1/tiffany/api/oauth2/accesstoken?qaz=wsx"; $post_arr = array(); - //$post_arr['appid'] = 111; $post_arr['appid'] = "0e355010-67b9-4aa6-a53f-c92c972094a7"; + $post_arr['appsecrect'] = "b82015bd-8d4c-4df8-87a8-c25477a8976f"; + $post_arr['code'] = "f74311c97fc7440895b6019a0d5234ae"; $post_json = json_encode($post_arr); $result = $this->__http_post_request($url, $post_json, true); print_r($result); die; @@ -177,7 +180,160 @@ class Oauth2Controller extends ControllerBase{ } //如果有获取到请求数据 else{ - + //准备获取appid、appsecrect和code + //注意: + //接口中的appsecrect字段本身就是用了错别词,比secret多了一个字母 + //但接口信息表AppInfo里的AppSecret字段则没有多出一个字母,要当心 + $request_arr = json_decode(file_get_contents("php://input"), true); + //如果未获取到appid + if(empty($request_arr['appid'])){ + //告知用户appid is empty; + $rs['errmsg'].= "appid is empty;"; + } + //如果未获取到appsecrect + if(empty($request_arr['appsecrect'])){ + //告知用户appsecrect is empty; + $rs['errmsg'].= "appsecrect is empty;"; + } + //如果未获取到code + if(empty($request_arr['code'])){ + //告知用户code is empty; + $rs['errmsg'].= "code is empty;"; + } + //如果以上判断未通过 + if(!empty($rs['errmsg'])){ + //告知用户参数错误 error detail: + $rs['errmsg'] = "参数错误 error detail:".$rs['errmsg']; + $rs['errcode'] = 61451; + $rs['data'] = null; + } + //如果以上判断都通过 + else{ + //准备判断appid是否有效 + $appid = $request_arr['appid']; + //查询接口信息 + $app_info = AppInfo::findFirst("AppId = '$appid' AND Enable = 0"); + //如果未查询到接口信息 + if(empty($app_info)){ + //告知用户找不到app配置信息,appid无效,err detail:找不到app配置信息 + $rs['errmsg'] = "找不到app配置信息,appid无效,err detail:找不到app配置信息"; + $rs['errcode'] = 40036; + $rs['data'] = null; + } + //如果有查询到接口信息 + else{ + //获取上次请求日期 + $last_req_time = $app_info->LastReqTime; + $last_req_date = date("Y-m-d", strtotime($last_req_time)); + //获取当前时间及当天日期 + $current_time = time(); + $current_datetime = date("Y-m-d H:i:s", $current_time); + $current_date = date("Y-m-d", $current_time); + //获取上次请求日期所在日的请求次数 + $today_req_times = $app_info->TodayReqTimes; + //获取接口请求次数限制 + $day_max_req_times = $app_info->DayMaxReqTimes; + //如果上次请求日期是当天日期 + if($last_req_date==$current_date){ + //如果当天请求次数已达到接口请求次数限制 + if($today_req_times>=$day_max_req_times){ + //告知用户request today reached the request limit,err detail:超过请求上限限制 + $rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制"; + $rs['errcode'] = 80102; + $rs['data'] = null; + } + //如果当天请求次数尚未达到接口请求次数限制 + else{ + //当天请求次数加一 + $today_req_times = $today_req_times+1; + } + } + //如果上次请求日期不是当天日期 + else{ + //如果接口请求次数限制不大于0 + if($day_max_req_times<=0){ + //告知用户request today reached the request limit,err detail:超过请求上限限制 + $rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制"; + $rs['errcode'] = 80102; + $rs['data'] = null; + } + //如果接口请求次数限制大于0 + else{ + //初始当天请求次数 + $today_req_times = 1; + } + } + //如果以上判断都通过 + if(empty($rs['errcode'])){ + //准备更新当天请求次数 + $app_info->LastModifiedTime = $current_datetime; + //更新字段 + $app_info->TodayReqTimes = $today_req_times; + $app_info->LastReqTime = $current_date; + //如果更新失败 + if(!($app_info->save())){ + //告知用户系统繁忙,请稍候再试 + $rs['errmsg'] = "系统繁忙,请稍候再试"; + $rs['errcode'] = -1; + $rs['data'] = null; + } + //如果更新成功 + else{ + //准备判断appsecrect是否匹配 + $appsecrect = $request_arr['appsecrect']; + //如果appsecrect不匹配 + if($appsecrect!=$app_info->AppSecret){ + //告知用户密钥不匹配,err detail:密钥不匹配 + $rs['errmsg'] = "密钥不匹配,err detail:密钥不匹配"; + $rs['errcode'] = 40037; + $rs['data'] = null; + } + //如果appsecrect匹配 + else{ + //准备判断code是否匹配 + $code = $request_arr['code']; + //查询临时code + $temp_code = TempCode::findFirst("AppId = '$appid' AND Code = '$code'"); + //如果未查询到临时code + if(empty($temp_code)){ + //告知用户code 不正确,err detail:code 不匹配 + $rs['errmsg'] = "code 不正确,err detail:code 不匹配"; + $rs['errcode'] = 40038; + $rs['data'] = null; + } + //如果有查询到临时code + else{ + //准备判断code是否已失效 + $expire_time = $temp_code->ExpireTime; + //如果code已失效 + if($current_datetime>=$expire_time){ + //告知用户authorize code is expired,err detail:code 已过期 + $rs['errmsg'] = "authorize code is expired,err detail:code 已过期"; + $rs['errcode'] = 80103; + $rs['data'] = null; + } + //如果code未失效 + else{ + //准备判断code是否已使用过 + $is_used = $temp_code->IsUsed; + //如果code已使用过 + if(!empty($is_used)){ + //告知用户 + $rs['errmsg'] = "authorize code is used,err detail:code已使用"; + $rs['errcode'] = 80104; + $rs['data'] = null; + } + //如果code未使用过 + else{ + + } + } + } + } + } + } + } + } } echo json_encode($rs, JSON_UNESCAPED_UNICODE); }