/**
* OAuth 协议的签名
*
* @param string $url
* @param string $method
* @param array $params
* @return string
*/
protected function sign($url, $method, $params, $multi)
{
if ($multi && is_array($multi)) {
//上传图片专用签名
//囧 图片内容需要做签名,并且图片上传时 。
//囧 整个sign_parts不做urlencode 。
foreach ($multi as $field => $path) {
$params[$field] = file_get_contents($path);
}
uksort($params, 'strcmp');
$pairs = array();
foreach ($params as $key => $value) {
// $key = self::urlencode_rfc1738($key);
// $pairs[] = $key . '=' . self::urlencode_rfc1738($value);
//囧 qq opensns 竟然不编码
$pairs[] = $key . '=' . $value;
}
$sign_parts = implode('&', $pairs);
$base_string = implode('&', array(strtoupper($method), $url, $sign_parts));
} else {
uksort($params, 'strcmp');
$pairs = array();
foreach ($params as $key => $value) {
// $key = self::urlencode_rfc1738($key);
// $pairs[] = $key . '=' . self::urlencode_rfc1738($value);
//囧 qq opensns 竟然不编码
$pairs[] = $key . '=' . $value;
}
$sign_parts = self::urlencode_rfc1738(implode('&', $pairs));
$base_string = implode('&', array(strtoupper($method), self::urlencode_rfc1738($url), $sign_parts));
}
//囧 官方不对appkey_secret 和 token_secret编码
//是否编码都无所谓,因为appkey_secret 和 token_secret 都没有需要编码的字符。
//但是不编码不合规范。为了符合规范还是编码一下。
$key_parts = array(self::urlencode_rfc1738($this->_app_secret), self::urlencode_rfc1738($this->_token_secret));
$key = implode('&', $key_parts);
$sign = base64_encode(OpenSDK_Util::hash_hmac('sha1', $base_string, $key, true));
if ($this->_debug) {
echo 'base_string: ', $base_string, "\n";
echo 'sign key: ', $key, "\n";
echo 'sign: ', $sign, "\n";
}
return $sign;
}
/**
* OAuth 协议的签名
*
* @param string $url
* @param string $method
* @param array $params
* @return string
*/
private function sign($url, $method, $params)
{
uksort($params, 'strcmp');
$pairs = array();
foreach ($params as $key => $value) {
$key = OpenSDK_Util::urlencode_rfc3986($key);
if (is_array($value)) {
// If two or more parameters share the same name, they are sorted by their value
// Ref: Spec: 9.1.1 (1)
natsort($value);
foreach ($value as $duplicate_value) {
$pairs[] = $key . '=' . OpenSDK_Util::urlencode_rfc3986($duplicate_value);
}
} else {
$pairs[] = $key . '=' . OpenSDK_Util::urlencode_rfc3986($value);
}
}
$sign_parts = OpenSDK_Util::urlencode_rfc3986(implode('&', $pairs));
$base_string = implode('&', array(strtoupper($method), OpenSDK_Util::urlencode_rfc3986($url), $sign_parts));
$key_parts = array(OpenSDK_Util::urlencode_rfc3986($this->_app_secret), OpenSDK_Util::urlencode_rfc3986($this->_token_secret));
$key = implode('&', $key_parts);
$sign = base64_encode(OpenSDK_Util::hash_hmac('sha1', $base_string, $key, true));
if ($this->_debug) {
echo 'base_string: ', $base_string, "\n";
echo 'sign key: ', $key, "\n";
echo 'sign: ', $sign, "\n";
}
return $sign;
}
/**
* 统一调用接口的方法
* 照着官网的参数往里填就行了
* http://wiki.open.qq.com/wiki/API%E5%88%97%E8%A1%A8
* 需要调用哪个就填哪个,如果方法调用得频繁,可以封装更方便的方法。
*
* 如果上传文件 $method = 'POST';
* $multi 是一个二维数组
*
* array(
* '{fieldname}' => array( //第一个文件
* 'type' => 'mine 类型',
* 'name' => 'filename',
* 'data' => 'filedata 字节流',
* ),
* ...如果接受多个文件,可以再加
* )
*
* @param string $command 官方说明中去掉 http://[域名或IP]/ 后面剩余的部分
* @param array $params 官方说明中接受的参数列表,一个关联数组
* @param string $method 官方说明中的 method GET/POST
* @param false|array $multi 是否上传文件 false:普通post array: array ( '{fieldname}'=>'/path/to/file' ) 文件上传
* @param bool $decode 是否对返回的字符串解码成数组
* @param OpenSDK_Tencent_Weibo::RETURN_JSON|OpenSDK_Tencent_Weibo::RETURN_XML $format 调用格式使用默认的json即可
*/
public static function call($command, $params = array(), $method = 'GET', $multi = false, $decode = true, $format = 'json')
{
if ($format == self::RETURN_XML) {
// DO NOTHING
} else {
$format == self::RETURN_JSON;
}
//去掉空数据
foreach ($params as $key => $val) {
if (strlen($val) == 0) {
unset($params[$key]);
}
}
$params['appid'] = self::$client_id;
$params['openid'] = self::getParam(self::OAUTH_OPENID);
$params['openkey'] = self::getParam(self::OAUTH_OPENKEY);
!isset($params['pf']) && ($params['pf'] = self::getParam(self::OAUTH_PF));
$params['userip'] = self::getRemoteIp();
$params['format'] = $format;
ksort($params);
$signarr = array();
foreach ($params as $key => $val) {
if (strlen($val) == 0) {
unset($params[$key]);
continue;
}
$signarr[] = "{$key}={$val}";
}
$signstr = strtoupper($method) . '&' . rawurlencode('/' . ltrim($command, '/')) . '&' . rawurlencode(implode('&', $signarr));
$params['sig'] = base64_encode(OpenSDK_Util::hash_hmac('sha1', $signstr, self::$client_secret . '&', true));
if (self::$report) {
$start_time = self::microtime();
}
$response = self::request(self::$protocol . '://' . self::$host . '/' . ltrim($command, '/'), $method, $params, $multi);
if ($decode) {
if ($format == self::RETURN_JSON) {
$rt = OpenSDK_Util::json_decode($response, true);
if (self::$report) {
self::statReport($start_time, array('appid' => self::$client_id, 'pf' => $params['pf'], 'rc' => $rt['ret'], 'svr_name' => self::$host, 'interface' => $command, 'protocol' => self::$protocol, 'method' => $method));
}
return $rt;
} else {
//todo parse xml2array later
//没必要。用json即可!
return $response;
}
} else {
return $response;
}
}
/**
* 统一调用接口的方法
* 照着官网的参数往里填就行了
* 需要调用哪个就填哪个,如果方法调用得频繁,可以封装更方便的方法。
*
* 如果上传文件 $method = 'POST';
* $multi 是一个二维数组
*
* array(
* '{fieldname}' => array( //第一个文件
* 'type' => 'mine 类型',
* 'name' => 'filename',
* 'data' => 'filedata 字节流',
* ),
* ...如果接受多个文件,可以再加
* )
*
* @param string $command 官方说明中去掉 http://open.t.qq.com/api/ 后面剩余的部分
* @param array $params 官方说明中接受的参数列表,一个关联数组
* @param string $method 官方说明中的 method GET/POST
* @param false|array $multi 是否上传文件 false:普通post array: array ( '{fieldname}'=>'/path/to/file' ) 文件上传
* @param bool $decode 是否对返回的字符串解码成数组,默认true
* @param OpenSDK_Tencent_Weibo::RETURN_JSON|OpenSDK_Tencent_Weibo::RETURN_XML $format 调用格式
*/
public static function call($command, $params = array(), $method = 'GET', $multi = false, $decode = true, $format = self::RETURN_JSON)
{
if ($format == self::RETURN_XML) {
} else {
$format == self::RETURN_JSON;
}
$params['format'] = $format;
$oauth_token = self::getParam(self::ACCESS_TOKEN);
//使用OAuth鉴权
if ($oauth_token) {
//去掉空数据
foreach ($params as $key => $val) {
if (strlen($val) == 0) {
unset($params[$key]);
}
}
$params['oauth_token'] = $oauth_token;
$response = self::request('http://open.t.qq.com/api/' . ltrim($command, '/'), $method, $params, $multi);
} else {
$params['appid'] = self::$_appkey;
$params['openid'] = self::getParam(self::OAUTH_OPENID);
$params['openkey'] = self::getParam(self::OAUTH_OPENKEY);
$params['reqtime'] = self::getTimestamp();
$params['wbversion'] = 1;
$params['pf'] = 'tapp';
ksort($params);
$signarr = array();
foreach ($params as $key => $val) {
if (strlen($val) == 0) {
unset($params[$key]);
continue;
}
$signarr[] = "{$key}={$val}";
}
$signstr = strtoupper($method) . '&' . rawurlencode('/api/' . ltrim($command, '/')) . '&' . rawurlencode(implode('&', $signarr));
$params['sig'] = base64_encode(OpenSDK_Util::hash_hmac('sha1', $signstr, self::$_appsecret . '&', true));
$response = self::getOAuth()->http('http://open.t.qq.com/api/' . ltrim($command, '/'), $params, $method, $multi);
}
if ($decode) {
if ($format == self::RETURN_JSON) {
return OpenSDK_Util::json_decode($response, true);
} else {
//todo parse xml2array later
//其实没必要。用json即可
return $response;
}
} else {
return $response;
}
}
