320 lines
11 KiB
PHP
320 lines
11 KiB
PHP
<?php
|
||
/**
|
||
* Tiffany SMS API重构-接口类
|
||
* @author QZQ
|
||
*/
|
||
header("Content-Type:text/html; Charset=utf-8");
|
||
|
||
class Oauth2Controller extends ControllerBase{
|
||
|
||
function initialize(){
|
||
parent::initialize();
|
||
}
|
||
|
||
// http://weapp.wemediacn.net/d/tiffany/api/oauth2/wmqtest
|
||
function wmqtestAction(){
|
||
if($_SERVER['HTTP_HOST']!="127.0.0.1"){
|
||
$this->_LogObj->LogWrite(TIFFANY_API_CHECK_LOG, file_get_contents("php://input"));
|
||
}
|
||
echo time();die;
|
||
}
|
||
|
||
/**
|
||
* 测试方法
|
||
* http://127.0.0.1/tiffany/api/oauth2/test?qaz=wsx
|
||
* http://weapp.wemediacn.net/d/tiffany/api/oauth2/test?qaz=wsx
|
||
*/
|
||
function testAction(){
|
||
//$url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/code";
|
||
// $url = "http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx";
|
||
//$url = "http://wxapp.wemediacn.com/smsoauth2_qa/api/oauth2/accesstoken";
|
||
$url = "http://127.0.0.1/tiffany/api/oauth2/accesstoken?qaz=wsx";
|
||
$post_arr = array();
|
||
$post_arr['appid'] = "0e355010-67b9-4aa6-a53f-c92c972094a7";
|
||
$post_arr['appsecrect'] = "b82015bd-8d4c-4df8-87a8-c25477a8976f";
|
||
$post_arr['code'] = "734fcd9ed0681461faa1eace9583e0d1";
|
||
$post_json = json_encode($post_arr);
|
||
$result = $this->__http_post_request($url, $post_json, true);
|
||
print_r($result); die;
|
||
}
|
||
|
||
/**
|
||
* 获取code(Get code)
|
||
* http://127.0.0.1/tiffany/api/oauth2/code?qaz=wsx
|
||
* http://weapp.wemediacn.net/d/tiffany/api/oauth2/code?qaz=wsx
|
||
*/
|
||
function codeAction(){
|
||
//校验是否有收到请求数据
|
||
$rs = $this->__check_request_arr();
|
||
//如果有收到请求数据
|
||
if(!empty($rs['data']['request_arr'])){
|
||
//获取请求数据
|
||
$request_arr = $rs['data']['request_arr'];
|
||
//准备校验基本参数是否都不为空
|
||
$params_arr[] = "appid";
|
||
//校验基本参数是否都不为空
|
||
$rs = $this->__check_params_arr($request_arr, $params_arr);
|
||
//如果基本参数都不为空
|
||
if(empty($rs['errcode'])){
|
||
//准备校验所传appid是否有效
|
||
$appid = $request_arr['appid'];
|
||
//校验所传appid是否有效
|
||
$rs = $this->__check_appid($appid);
|
||
//如果所传appid有效
|
||
if(empty($rs['errcode'])){
|
||
//获取接口信息
|
||
$AppInfo = $rs['data']['AppInfo'];
|
||
//获取上次请求code日期
|
||
$last_req_time = $AppInfo->LastReqTime;
|
||
$last_req_date = date("Y-m-d", strtotime($last_req_time));
|
||
//获取上次请求code日期所在日的请求code次数
|
||
$today_req_times = $AppInfo->TodayReqTimes;
|
||
//获取接口请求code次数限制
|
||
$day_max_req_times = $AppInfo->DayMaxReqTimes;
|
||
//如果上次请求code日期是当天日期
|
||
if($last_req_date==$this->current_date){
|
||
//如果当天请求code次数已达到接口请求code次数限制
|
||
if($today_req_times>=$day_max_req_times){
|
||
//告知用户"request today reached the request limit,err detail:超过请求上限限制"
|
||
$rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制";
|
||
$rs['errcode'] = 80102;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果当天请求code次数尚未达到接口请求code次数限制
|
||
else{
|
||
//当天请求code次数加一
|
||
$today_req_times = $today_req_times+1;
|
||
}
|
||
}
|
||
//如果上次请求code日期不是当天日期
|
||
else{
|
||
//如果接口请求code次数限制不大于0
|
||
if($day_max_req_times<=0){
|
||
//告知用户"request today reached the request limit,err detail:超过请求上限限制"
|
||
$rs['errmsg'] = "request today reached the request limit,err detail:超过请求上限限制";
|
||
$rs['errcode'] = 80102;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果接口请求code次数限制大于0
|
||
else{
|
||
//初始当天请求code次数
|
||
$today_req_times = 1;
|
||
}
|
||
}
|
||
//如果以上判断都通过
|
||
if(empty($rs['errcode'])){
|
||
//准备更新当天请求code次数
|
||
$AppInfo->LastModifiedTime = $this->current_datetime;
|
||
//其他字段
|
||
$AppInfo->TodayReqTimes = $today_req_times;
|
||
$AppInfo->LastReqTime = $this->current_date;
|
||
//如果更新失败
|
||
if(!($AppInfo->save())){
|
||
//告知用户"系统繁忙,请稍候再试"
|
||
$rs['errmsg'] = "系统繁忙,请稍候再试";
|
||
$rs['errcode'] = -1;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果更新成功
|
||
else{
|
||
//查询当前接口过去是否有生成过code
|
||
$TempCode = TempCode::findFirst("AppId = '$appid'");
|
||
//如果当前接口过去未生成过code
|
||
if(empty($TempCode)){
|
||
//准备新增临时code
|
||
$TempCode = new TempCode();
|
||
$TempCode->AppId = $appid;
|
||
$TempCode->CreateTime = $this->current_datetime;
|
||
$TempCode->LastModifiedTime = $this->current_datetime;
|
||
}
|
||
//如果当前接口过去有生成过code
|
||
else{
|
||
//准备更新临时code
|
||
$TempCode->LastModifiedTime = $this->current_datetime;
|
||
}
|
||
//其他字段
|
||
$TempCode->Code = $code = md5(uniqid(mt_rand(), true));
|
||
$TempCode->IsUsed = 0;
|
||
$TempCode->ExpireTime = date("Y-m-d H:i:s", $this->current_time+300);
|
||
//如果保存失败
|
||
if(!($TempCode->save())){
|
||
//告知用户"系统繁忙,请稍候再试"
|
||
$rs['errmsg'] = "系统繁忙,请稍候再试";
|
||
$rs['errcode'] = -1;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果保存成功
|
||
else{
|
||
//告知用户"ok"
|
||
$rs['errmsg'] = "ok";
|
||
$rs['errcode'] = 0;
|
||
$rs['data'] = array();
|
||
$rs['data']['code'] = $code;
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
//输出结果
|
||
echo json_encode($rs, JSON_UNESCAPED_UNICODE);
|
||
}
|
||
|
||
/**
|
||
* 根据code获取access_token(Get access token by code)
|
||
* http://127.0.0.1/tiffany/api/oauth2/accesstoken?qaz=wsx
|
||
* http://weapp.wemediacn.net/d/tiffany/api/oauth2/accesstoken?qaz=wsx
|
||
*/
|
||
function accesstokenAction(){
|
||
//校验是否有收到请求数据
|
||
$rs = $this->__check_request_arr();
|
||
//如果有收到请求数据
|
||
if(!empty($rs['data']['request_arr'])){
|
||
//获取请求数据
|
||
$request_arr = $rs['data']['request_arr'];
|
||
//准备校验基本参数是否都不为空
|
||
//注意:
|
||
//接口中的appsecrect字段本身就是用了错别词,比secret多了一个字母
|
||
//但接口信息表AppInfo里的AppSecret字段则没有多出一个字母,要当心
|
||
$request_arr = $rs['data']['request_arr'];
|
||
$params_arr[] = "appid";
|
||
$params_arr[] = "appsecrect";
|
||
$params_arr[] = "code";
|
||
//校验基本参数
|
||
$rs = $this->__check_params_arr($request_arr, $params_arr);
|
||
//如果基本参数都不为空
|
||
if(empty($rs['errcode'])){
|
||
//准备校验所传appid是否有效
|
||
$appid = $request_arr['appid'];
|
||
//校验所传appid是否有效
|
||
$rs = $this->__check_appid($appid);
|
||
//如果所传appid有效
|
||
if(empty($rs['errcode'])){
|
||
//获取接口信息
|
||
$AppInfo = $rs['data']['AppInfo'];
|
||
//准备判断appsecrect是否匹配
|
||
$appsecrect = $request_arr['appsecrect'];
|
||
//如果appsecrect不匹配
|
||
if($appsecrect!=$AppInfo->AppSecret){
|
||
//告知用户"密钥不匹配,err detail:密钥不匹配"
|
||
$rs['errmsg'] = "密钥不匹配,err detail:密钥不匹配";
|
||
$rs['errcode'] = 40037;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果appsecrect匹配
|
||
else{
|
||
//准备判断所传code是否匹配
|
||
$code = $request_arr['code'];
|
||
//查询临时code
|
||
$TempCode = TempCode::findFirst("AppId = '$appid' AND Code = '$code'");
|
||
//如果未查询到临时code
|
||
if(empty($TempCode)){
|
||
//告知用户"code 不正确,err detail:code 不匹配"
|
||
$rs['errmsg'] = "code 不正确,err detail:code 不匹配";
|
||
$rs['errcode'] = 40038;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果有查询到临时code
|
||
else{
|
||
//准备判断所传code是否已失效
|
||
$expire_time = $TempCode->ExpireTime;
|
||
//如果所传code已失效
|
||
if($this->current_datetime>=$expire_time){
|
||
//告知用户"authorize code is expired,err detail:code 已过期"
|
||
$rs['errmsg'] = "authorize code is expired,err detail:code 已过期";
|
||
$rs['errcode'] = 80103;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果所传code未失效
|
||
else{
|
||
//准备判断所传code是否已使用过
|
||
$is_used = $TempCode->IsUsed;
|
||
//如果所传code已使用过
|
||
if(!empty($is_used)){
|
||
//告知用户"authorize code is used,err detail:code已使用"
|
||
$rs['errmsg'] = "authorize code is used,err detail:code已使用";
|
||
$rs['errcode'] = 80104;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果所传code未使用过
|
||
else{
|
||
//开启事务
|
||
$this->db->begin();
|
||
//准备更新临时code
|
||
$TempCode->LastModifiedTime = $this->current_datetime;
|
||
//其他字段
|
||
$TempCode->IsUsed = 1;
|
||
//如果保存失败
|
||
if(!($TempCode->save())){
|
||
//回滚事务
|
||
$this->db->rollback();
|
||
//告知用户"系统繁忙,请稍候再试"
|
||
$rs['errmsg'] = "系统繁忙,请稍候再试";
|
||
$rs['errcode'] = -1;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果保存成功
|
||
else{
|
||
//查询当前接口过去是否有生成过access_token
|
||
$AccessToken = AccessToken::findFirst("AppId = '$appid'");
|
||
//如果当前接口过去未生成过access_token
|
||
if(empty($AccessToken)){
|
||
//准备新增AccessToken
|
||
$AccessToken = new AccessToken();
|
||
$AccessToken->Id = md5(uniqid(mt_rand(), true));
|
||
$AccessToken->AppId = $appid;
|
||
$AccessToken->PrevAccessToken = null;
|
||
$AccessToken->CreateTime = $this->current_datetime;
|
||
$AccessToken->LastModifiedTime = $this->current_datetime;
|
||
}
|
||
//如果当前接口过去有生成过access_token
|
||
else{
|
||
//准备更新AccessToken
|
||
$AccessToken->LastModifiedTime = $this->current_datetime;
|
||
//如果前access_token已过期
|
||
if($this->current_datetime>$AccessToken->ExpireTime){
|
||
$AccessToken->PrevAccessToken = null;
|
||
}
|
||
//如果前access_token未过期
|
||
else{
|
||
$AccessToken->PrevAccessToken = $AccessToken->AccessToken;
|
||
}
|
||
}
|
||
//其他字段
|
||
$AccessToken->AccessToken = $access_token = md5(uniqid(mt_rand(), true));
|
||
$AccessToken->ExpireTime = date("Y-m-d H:i:s", $this->current_time+14400);
|
||
//如果保存失败
|
||
if(!($AccessToken->save())){
|
||
//回滚事务
|
||
$this->db->rollback();
|
||
//告知用户"系统繁忙,请稍候再试"
|
||
$rs['errmsg'] = "系统繁忙,请稍候再试";
|
||
$rs['errcode'] = -1;
|
||
$rs['data'] = null;
|
||
}
|
||
//如果保存成功
|
||
else{
|
||
//执行事务
|
||
$this->db->commit();
|
||
//告知用户"ok"
|
||
$rs['errmsg'] = "ok";
|
||
$rs['errcode'] = 0;
|
||
$rs['data'] = array();
|
||
$rs['data']['access_token'] = $access_token;
|
||
$rs['data']['expire_in'] = 14400;
|
||
$rs['data']['refresh_token'] = null;
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
//输出结果
|
||
echo json_encode($rs, JSON_UNESCAPED_UNICODE);
|
||
}
|
||
|
||
}
|
||
?>
|