Beispiel #1
0
 public function testSign()
 {
     $method = 'GET';
     $path = '/api/test/test';
     $headers = array('X_API_UNITTEST1' => 'A', 'X_API_UNITTEST2' => 'B');
     $query = array('param1' => 'C', 'param2' => 'D');
     $postData = array('param1' => 'E', 'param2' => 'F');
     $secret = $this->secret;
     $r = PrismSign::produce($method, $path, $headers, $query, $postData, $secret);
     $this->assertEquals(32, strlen($r));
 }
Beispiel #2
0
 /**
  * 发起请求
  */
 protected function createRequest($http_method, $path, $headers = array(), $params = null)
 {
     // 获取完整URL信息
     $url = $this->base_url . '/' . ltrim($path, '/');
     if (substr($path, 0, 6) == '/oauth') {
         // oauth url fix
         $url = str_replace('/api', '', $url);
     }
     $url_arr = parse_url($url);
     // 准备query, headers, postData
     $query = array();
     $postData = array();
     $headers['Pragma'] = 'no-cache';
     $headers['Cache-Control'] = 'no-cache';
     switch ($http_method) {
         case 'GET':
         case 'DELETE':
             if ($params) {
                 $query = array_merge($query, $params);
             }
             break;
         case 'POST':
         case 'PUT':
             if ($params) {
                 $postData = array_merge($postData, $params);
             }
             $headers['Content-Type'] = 'application/x-www-form-urlencoded';
             break;
     }
     $query['client_id'] = $this->app_key;
     $query['sign_method'] = 'md5';
     $query['sign_time'] = time();
     if ($this->access_token) {
         $headers["Authorization"] = "Bearer " . $this->access_token;
     }
     // 生成数字签名
     $query['sign'] = PrismSign::produce($http_method, $url_arr['path'], $headers, $query, $postData, $this->app_secret);
     // https
     if ($url_arr['scheme'] == 'https') {
         $query = array();
         $query['client_id'] = $this->app_key;
         $query['client_secret'] = $this->app_secret;
     }
     // 拼装最后Url
     $final_url = preg_replace("/\\?.*/", '', $url) . '?' . http_build_query($query);
     // 发起请求 CURL/SOCKET
     return $this->http->sendRequest($http_method, $final_url, $headers, $postData);
 }
Beispiel #3
0
 public function validate($request, $response)
 {
     // 获取sign的值并清理params
     $sign = $request->params['sign'];
     unset($request->params['sign']);
     $http_method = $request->getMethod();
     $path = $request->getPath();
     $headers = $request->getHeaders();
     $query = $request->getQuery();
     $postData = $request->getPostData();
     $app_info = $request->getAppInfo();
     $app_secret = '';
     unset($query['sign']);
     // 输入参数和Token进行校验
     if ($sign == PrismSign::produce($http_method, $path, $headers, $query, $postData, $app_secret)) {
         return;
     } else {
         $response->setError('Invalid Request', 'Sign is not valid.')->send();
     }
 }