_LogObj->LogWrite(TIFFANY_API_CHECK_LOG, '123213123'); } echo time();die; } /** * 测试方法 * http://127.0.0.1/tiffany/api/oauth2/test?qaz=wsx * http://weapp.wemediacn.net/d/tiffany/api/oauth2/test?qaz=wsx */ function testAction(){ //$url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/code"; // $url = "http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx"; //$url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/accesstoken"; $url = "http://127.0.0.1/tiffany/api/oauth2/accesstoken?qaz=wsx"; $post_arr = array(); $post_arr['appid'] = "0e355010-67b9-4aa6-a53f-c92c972094a7"; $post_arr['appsecrect'] = "b82015bd-8d4c-4df8-87a8-c25477a8976f"; $post_arr['code'] = "734fcd9ed0681461faa1eace9583e0d1"; $post_json = json_encode($post_arr); $result = $this->__http_post_request($url, $post_json, true); print_r($result); die; } /** * 获取code（Get code） * http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx * http://weapp.wemediacn.net/d/tiffany/api/oauth2/code?qaz=wsx */ function codeAction(){ //校验是否有收到请求数据 $rs = $this->__check_request_arr(); //如果有收到请求数据 if(!empty($rs['data']['request_arr'])){ //获取请求数据 $request_arr = $rs['data']['request_arr']; //准备校验基本参数是否都不为空 $params_arr[] = "appid"; //校验基本参数是否都不为空 $rs = $this->__check_params_arr($request_arr, $params_arr); //如果基本参数都不为空 if(empty($rs['errcode'])){ //准备校验所传appid是否有效 $appid = $request_arr['appid']; //校验所传appid是否有效 $rs = $this->__check_appid($appid); //如果所传appid有效 if(empty($rs['errcode'])){ //获取接口信息 $AppInfo = $rs['data']['AppInfo']; //获取上次请求code日期 $last_req_time = $AppInfo->LastReqTime; $last_req_date = date("Y-m-d", strtotime($last_req_time)); //获取上次请求code日期所在日的请求code次数 $today_req_times = $AppInfo->TodayReqTimes; //获取接口请求code次数限制 $day_max_req_times = $AppInfo->DayMaxReqTimes; //如果上次请求code日期是当天日期 if($last_req_date==$this->current_date){ //如果当天请求code次数已达到接口请求code次数限制 if($today_req_times>=$day_max_req_times){ //告知用户"request today reached the request limit,err detail:超过请求上限限制" $rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制"; $rs['errcode'] = 80102; $rs['data'] = null; } //如果当天请求code次数尚未达到接口请求code次数限制 else{ //当天请求code次数加一 $today_req_times = $today_req_times+1; } } //如果上次请求code日期不是当天日期 else{ //如果接口请求code次数限制不大于0 if($day_max_req_times<=0){ //告知用户"request today reached the request limit,err detail:超过请求上限限制" $rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制"; $rs['errcode'] = 80102; $rs['data'] = null; } //如果接口请求code次数限制大于0 else{ //初始当天请求code次数 $today_req_times = 1; } } //如果以上判断都通过 if(empty($rs['errcode'])){ //准备更新当天请求code次数 $AppInfo->LastModifiedTime = $this->current_datetime; //其他字段 $AppInfo->TodayReqTimes = $today_req_times; $AppInfo->LastReqTime = $this->current_date; //如果更新失败 if(!($AppInfo->save())){ //告知用户"系统繁忙，请稍候再试" $rs['errmsg'] = "系统繁忙，请稍候再试"; $rs['errcode'] = -1; $rs['data'] = null; } //如果更新成功 else{ //查询当前接口过去是否有生成过code $TempCode = TempCode::findFirst("AppId = '$appid'"); //如果当前接口过去未生成过code if(empty($TempCode)){ //准备新增临时code $TempCode = new TempCode(); $TempCode->AppId = $appid; $TempCode->CreateTime = $this->current_datetime; $TempCode->LastModifiedTime = $this->current_datetime; } //如果当前接口过去有生成过code else{ //准备更新临时code $TempCode->LastModifiedTime = $this->current_datetime; } //其他字段 $TempCode->Code = $code = md5(uniqid(mt_rand(), true)); $TempCode->IsUsed = 0; $TempCode->ExpireTime = date("Y-m-d H:i:s", $this->current_time+300); //如果保存失败 if(!($TempCode->save())){ //告知用户"系统繁忙，请稍候再试" $rs['errmsg'] = "系统繁忙，请稍候再试"; $rs['errcode'] = -1; $rs['data'] = null; } //如果保存成功 else{ //告知用户"ok" $rs['errmsg'] = "ok"; $rs['errcode'] = 0; $rs['data'] = array(); $rs['data']['code'] = $code; } } } } } } //输出结果 echo json_encode($rs, JSON_UNESCAPED_UNICODE); } /** * 根据code获取access_token（Get access token by code） * http://127.0.0.1/tiffany/api/oauth2/accesstoken?qaz=wsx * http://weapp.wemediacn.net/d/tiffany/api/oauth2/accesstoken?qaz=wsx */ function accesstokenAction(){ //校验是否有收到请求数据 $rs = $this->__check_request_arr(); //如果有收到请求数据 if(!empty($rs['data']['request_arr'])){ //获取请求数据 $request_arr = $rs['data']['request_arr']; //准备校验基本参数是否都不为空 //注意： //接口中的appsecrect字段本身就是用了错别词，比secret多了一个字母 //但接口信息表AppInfo里的AppSecret字段则没有多出一个字母，要当心 $request_arr = $rs['data']['request_arr']; $params_arr[] = "appid"; $params_arr[] = "appsecrect"; $params_arr[] = "code"; //校验基本参数 $rs = $this->__check_params_arr($request_arr, $params_arr); //如果基本参数都不为空 if(empty($rs['errcode'])){ //准备校验所传appid是否有效 $appid = $request_arr['appid']; //校验所传appid是否有效 $rs = $this->__check_appid($appid); //如果所传appid有效 if(empty($rs['errcode'])){ //获取接口信息 $AppInfo = $rs['data']['AppInfo']; //准备判断appsecrect是否匹配 $appsecrect = $request_arr['appsecrect']; //如果appsecrect不匹配 if($appsecrect!=$AppInfo->AppSecret){ //告知用户"密钥不匹配,err detail:密钥不匹配" $rs['errmsg'] = "密钥不匹配,err detail:密钥不匹配"; $rs['errcode'] = 40037; $rs['data'] = null; } //如果appsecrect匹配 else{ //准备判断所传code是否匹配 $code = $request_arr['code']; //查询临时code $TempCode = TempCode::findFirst("AppId = '$appid' AND Code = '$code'"); //如果未查询到临时code if(empty($TempCode)){ //告知用户"code 不正确,err detail:code 不匹配" $rs['errmsg'] = "code 不正确,err detail:code 不匹配"; $rs['errcode'] = 40038; $rs['data'] = null; } //如果有查询到临时code else{ //准备判断所传code是否已失效 $expire_time = $TempCode->ExpireTime; //如果所传code已失效 if($this->current_datetime>=$expire_time){ //告知用户"authorize code is expired,err detail:code 已过期" $rs['errmsg'] = "authorize code is expired,err detail:code 已过期"; $rs['errcode'] = 80103; $rs['data'] = null; } //如果所传code未失效 else{ //准备判断所传code是否已使用过 $is_used = $TempCode->IsUsed; //如果所传code已使用过 if(!empty($is_used)){ //告知用户"authorize code is used,err detail:code已使用" $rs['errmsg'] = "authorize code is used,err detail:code已使用"; $rs['errcode'] = 80104; $rs['data'] = null; } //如果所传code未使用过 else{ //开启事务 $this->db->begin(); //准备更新临时code $TempCode->LastModifiedTime = $this->current_datetime; //其他字段 $TempCode->IsUsed = 1; //如果保存失败 if(!($TempCode->save())){ //回滚事务 $this->db->rollback(); //告知用户"系统繁忙，请稍候再试" $rs['errmsg'] = "系统繁忙，请稍候再试"; $rs['errcode'] = -1; $rs['data'] = null; } //如果保存成功 else{ //查询当前接口过去是否有生成过access_token $AccessToken = AccessToken::findFirst("AppId = '$appid'"); //如果当前接口过去未生成过access_token if(empty($AccessToken)){ //准备新增AccessToken $AccessToken = new AccessToken(); $AccessToken->Id = md5(uniqid(mt_rand(), true)); $AccessToken->AppId = $appid; $AccessToken->PrevAccessToken = null; $AccessToken->CreateTime = $this->current_datetime; $AccessToken->LastModifiedTime = $this->current_datetime; } //如果当前接口过去有生成过access_token else{ //准备更新AccessToken $AccessToken->LastModifiedTime = $this->current_datetime; //如果前access_token已过期 if($this->current_datetime>$AccessToken->ExpireTime){ $AccessToken->PrevAccessToken = null; } //如果前access_token未过期 else{ $AccessToken->PrevAccessToken = $AccessToken->AccessToken; } } //其他字段 $AccessToken->AccessToken = $access_token = md5(uniqid(mt_rand(), true)); $AccessToken->ExpireTime = date("Y-m-d H:i:s", $this->current_time+14400); //如果保存失败 if(!($AccessToken->save())){ //回滚事务 $this->db->rollback(); //告知用户"系统繁忙，请稍候再试" $rs['errmsg'] = "系统繁忙，请稍候再试"; $rs['errcode'] = -1; $rs['data'] = null; } //如果保存成功 else{ //执行事务 $this->db->commit(); //告知用户"ok" $rs['errmsg'] = "ok"; $rs['errcode'] = 0; $rs['data'] = array(); $rs['data']['access_token'] = $access_token; $rs['data']['expire_in'] = 14400; $rs['data']['refresh_token'] = null; } } } } } } } } } //输出结果 echo json_encode($rs, JSON_UNESCAPED_UNICODE); } } ?>