签名算法
签名生成规则如下:
参与签名的参数有四个: noncestr(随机字符串), jsapi_ticket, timestamp(时间戳), url(当前网页的URL,不包含#及其后面部分)
将这些参数使用URL键值对的格式 (即 key1=value1&key2=value2…)拼接成字符串string1。
有两个注意点:1. 字段值采用原始值,不要进行URL转义;2. 必须严格按照如下格式拼接,不可变动字段顺序。
(以上内容摘自企业微信开发文档)
具体实现代码如下:
- index.php
<?
// 设置跨域请求头
header("Access-Control-Allow-Origin: *");
header('Access-Control-Allow-Headers: X-Requested-With,X_Requested_With');
include_once('Http.php');
// 如果存在缓存文件,用缓存文件中的信息初始化签名数据
$cacheData = array();
if (file_exists('cache.php')) {
$cacheData = include_once('cache.php');
// 判断缓存信息是否过期,如果过期删除缓存文件,并将data重置
if (time() - $cacheData['timestamp']/1 >= 7200) {
unlink('cache.php');
$cacheData = array();
}
}
// 企业号信息
$corpId = 'XXXXXXXXXXXXXXXXXX';
$agentId = 'XXXXXXX';
$secret = 'XXXXXXXXXXXXXXXXXXXXX';
$getTokenUrl = 'https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid='.$corpId.'&corpsecret='.$secret;
$getTicketUrl = 'https://qyapi.weixin.qq.com/cgi-bin/get_jsapi_ticket?access_token=';
// 生成nonce_str的方法--参数:生成的长度
function randomkeys($length) {
$returnStr='';
$pattern = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
for($i = 0; $i < $length; $i ++) {
$returnStr .= $pattern {mt_rand ( 0, 61 )};
}
return $returnStr;
}
// 如果缓存文件中已经存在token
if (isset($cacheData['access_token'])) {
$token = $cacheData['access_token'];
$onceStr = $cacheData['nonce_str'];
$timeStamp = $cacheData['timestamp'];
} else {
$onceStr = randomkeys(16);
$timeStamp = time();
// 请求微信接口获取access_token
$data = json_decode(send_post($getTokenUrl, array()), true);
$token = $data['access_token'];
}
$getTicketUrl = $getTicketUrl.$token;
// 如果缓存文件中已经存在ticket
$ticket = '';
if (isset($cacheData['access_token'])) {
$ticket = $cacheData['jsapi_ticket'];
} else {
// 请求微信接口获取ticket
$jsTicketRes = json_decode(send_post($getTicketUrl, array()), true);
if ($jsTicketRes['errcode'] == 0) {
$ticket = $jsTicketRes['ticket'];
}
}
// 缓存ticket和accessToken的配置信息
$cacheData = array(
'jsapi_ticket' => $ticket,
'access_token' => $token,
'nonce_str' => $onceStr,
'timestamp' => $timeStamp
);
// 签名的参数信息--参数的key值必须要按照ASCII码排序
$cacheParams = 'jsapi_ticket='.$ticket.'&noncestr='.$onceStr.'×tamp='.$timeStamp.'&url='.urldecode($_POST['signUrl']);
// 生成签名的函数--php自带shal算法函数,直接调用即可
function makeSignature($args){
return sha1($args);
}
// 如果不存在缓存文件,则缓存, 否则不缓存
if (!file_exists('cache.php')) {
$path = 'cache.php';
$str = '<?php return ';
$str .= var_export($cacheData,true);//数组转字符串
$str .= ';';
file_put_contents($path,$str);
}
// 生成签名
$signature = makeSignature($cacheParams, $onceStr);
// 返回签名信息
echo json_encode(array(
'signature' => $signature,
'timestamp' => $timeStamp,
'onceStr' => $onceStr
));
?>
- Http.php (http请求工具函数)
<?
/**
* 发送post请求
* @param string $url 请求地址
* @param array $post_data post键值对数据
* @return string
*/
function send_post($url, $post_data, $type = 'GET') {
$postdata = http_build_query($post_data);
$options = array(
'http' => array(
'method' => $type,
'header' => 'Content-type:text/json',
'content' => $postdata,
'timeout' => 15 * 60 // 超时时间(单位:s)
)
);
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
return $result;
}
?>
- cache.php(生成的access_token和ticket缓存文件)
<?php return array (
'jsapi_ticket' => 'HoagFKDcsGMVCIY2vOjf9i-5XABPegggM0ZkCdJVgMv_WFPkNNg94gBf3pfJ4E8ohxc4b5eXSYEjuq41TYtclA',
'access_token' => 'Kzz-XRg8MEdT3-CbQWcp4f_1VOIFhM-dpvGWUDHuIIYXRhnjF5Pa4F8apWZ7oBjgzS2kruL6LZjayiIx3yS1cr0oUlI1PqiFF9UZ9SlZLwem9JzHlWD02eqAWOTYlEd3JZk0o39D3TuKcn_XHBd4jFl9TCuVEqwe7KtHRheil61LXewtDwClaLznhWykJNYJbaSfpy0-pRmnTb6iwwHoyA',
'nonce_str' => 'CTjKeEp5nwskvgqn',
'timestamp' => 1524100235,
);
666
666