탐색 도움말
가입하기 로그인
ccadmin
/
crazy_god_API
1
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
브렌치: master
브랜치 태그
crazy_god_API
/
model
/
verifyhwos.php

verifyhwos.php 6.1 KB
고유링크 히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 
  1. <?php
    2. 

  2. /**
    3. 

  3. * LINE相关
    4. 

  4. */
    5. 

  5. class ModelVerifyhwos
    6. 

  6. {
    7. 

  7.     protected $_privateKey = 'MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCM2+tRuKho8j8D5hPJnTrFItWQCaZQ8S0WvUWc2rUiYnc9V5l42Mfvc8weYoT+Na5foaHyljDXtn3rvi3QnrZqwt7vDWlVyP4bMx/tSQVqNInilV0aJlWmkPvKpMK5Ofvh1FsezImSx6SBsnDhJtW4zJDoXmiTaiYWgBzbaMl0/G2Z2Ves30pEWc1/BLFldPgIdrEu+X7Kdq5/1SmCiMKZbIoPXmr3qmZgopdfKET/2c0qoJLRVdFWP93Vw8GiKrTKkGDsZDiGKdJ0vItlugyVExjn480/oGwijOC+mlIPRSTJZOEtC6vwzfSeYrhYL/vlLNhnPRaK4sGz1Xj/IVXdAgMBAAECggEACgbJfFqxmi7ML4HcHLjVaxzsqMEXFqHkPL8iSmUDCbyKklI++Wws5y2N9Qe8QcAedm4x8eug9GnoErTJ3BTAFV9jsQ56VgHlnJgKCMDu4r10py1MoETkSeP+GFGcDsVC2bNc/RdAH7OYUScbg9tY0Tu2gOPfe8bNiUJ7S17tICeQk6SAfUlvvPXt0ZEbtxebQIWee6IdcIzN8g1wvwghpEyzNC6J2RNXXF6BOc5fWBIQXszLI9YQY46McYkFy8TG5yhl8ZGjG3qPEL5vEpoaWamw0hIhmBrq1ubWtUdu/E17a4fzvg6mmCo6qFKJASf53bPg93FQEl3vdYFmQtfkoQKBgQDSpR8eQgN1DiIlF1e/2QPzz2dRzjY2KeJ29wDnUdA94BY5ppYxqCHP2pJZmV0XWtdUQyq2fPPdeqJzZdnr4X5IuP4DfRy1okRNJ5RdINGsOrcNu0sLJxtrpV2BYH++gy0tda6O/KBDQydFo6oWXgOhDQDcC0LMICRXRXqfaSEuNQKBgQCrMCeWHaa19xKSwZ9fns66IdqwzRyQbKb1JDgJF7Qlby4P02v5dJChg9IknzzD0WHvAaCq9fvCfVcQUy/zA21U+Benr0njhZTuidK/aosktv0+t3AAzpKPO7wZEGP8ppLLpPbXUdFjlbwKUaKqAZUrEH1GwSezTdLI2Ylz/uqeCQKBgQCGmtuaw0ZgS6rIFvWM88mRyExWuzZrQDKmIMskBmTS1Vp+dpRtoOoSX7K7rMQPA46sGsu1l31iX1Zl9YTfNdYz9HrlkdKBwvJwd0VYiXtS2qZVEQUwWEoubJqm7RpUjJCXByeH2akzsjrrRl2PM36QMLYG5u9Fb5ipaA2mxlBcrQKBgEnfUOXly8Awa5Jq/ZRs2nbWDyJGkPH+ARo+U/QQh4uz66Omr6yJUbRxRyjIkpdJ7sIN6MB9v/PQ1NZVn5Z1vyNwn/yblv4Y8gjx7sDtgDgKw0PiMvIWMoae12/Vc+BeHXDFskN+qiYYQnoNem10m2NnDTiQN8qXZcOIpFkrAyHJAoGATpY+pqYamwN0NXYbrB9b1HvNGqRp8uptc2agf7AA0FPeH/M620uVx02mL70ypC9b3iGozQM+YS913JQGISeOHot9auqtaYoX15p8BqK9yP15v0bn1EdLebF0YZ04oC39nx8siEnwRHvfynogUAIMeZR/16YiIoGQKazaaH0H0Qk=';
    8. 

  8.     protected $url = 'https://gss-cn.game.hicloud.com/gameservice/api/gbClientApi';
    9. 

  9.     private $_appid = 100440289;
    10. 

  10.     private $_cpid = '890086000102155510';
    11. 

  11. 

  12.     /**
    13. 

  13.      * 验证该用户信息的合法性
    14. 

  14.      * @param $data
    15. 

  15.      * @return string
    16. 

  16.      */
    17. 

  17. 	public function validateHW($data)
    18. 

  18.     {
    19. 

  19.         if(empty($data)) {
    20. 

  20.             return [];
    21. 

  21.         }
    22. 

  22. 

  23.         $param['method'] = 'external.hms.gs.checkPlayerSign';
    24. 

  24.         $param['appId'] = $this->_appid;
    25. 

  25.         $param['cpId'] = $this->_cpid;
    26. 

  26.         $param['ts'] = $data['ts'];
    27. 

  27.         $param['playerId'] = $data['playerId'];
    28. 

  28.         $param['playerLevel'] = $data['playerLevel'];
    29. 

  29.         $playerSSign = $data['playerSSign'];
    30. 

  30.         $playerSSign = str_replace('\\', '', $playerSSign);
    31. 

  31.         $playerSSign = str_replace(' ', '+', $playerSSign);
    32. 

  32.         $param['playerSSign'] = $playerSSign;
    33. 

  33. 

  34.         $urlParam = $this->dealUrlParam($param);
    35. 

  35.         $signature = $this->sign($urlParam);
    36. 

  36. 

  37.         if(empty($signature)) {
    38. 

  38.             oo::logs()->debug3('生成签名 signature:'.$signature.'  urlParam:'.$urlParam, 'hwosVerifyFail.php');
    39. 

  39.             return [];
    40. 

  40.         }
    41. 

  41.         $param['cpSign'] = $signature;
    42. 

  42.         $res = oo::functions()->curl($this->url, $param);
    43. 

  43.         $rtnCode = $res['rtnCode'] ?? -1;
    44. 

  44.         if($rtnCode !== 0){
    45. 

  45.             oo::logs()->debug3('登录验证不通过:'.json_encode($res).' data:'.json_encode($param), 'hwosVerifyFail.php');
    46. 

  46.             return [];
    47. 

  47.         }
    48. 

  48.         //验签
    49. 

  49.         $paramRet = $res;
    50. 

  50.         $rtnSign = $res['rtnSign'];
    51. 

  51.         unset($paramRet['rtnSign']);
    52. 

  52.         $retParam = $this->dealUrlParam($paramRet);
    53. 

  53.         $retSignature = $this->sign($retParam);
    54. 

  54.         if($retSignature != $rtnSign){
    55. 

  55.             oo::logs()->debug3('登录验证不通过:retSign:'.json_encode($retSignature).' rtnSign:'.json_encode($rtnSign), 'hwosVerifyFail.php');
    56. 

  56.             return [];
    57. 

  57.         }
    58. 

  58. 

  59.         return $data;
    60. 

  60.     }
    61. 

  61. 

  62. 

  63. 

  64. 

  65.     public function hwcurl($url, $postData)
    66. 

  66.     {
    67. 

  67.         $curl = curl_init();
    68. 

  68.         curl_setopt($curl, CURLOPT_URL, $url);
    69. 

  69.         curl_setopt($curl, CURLOPT_HEADER, 1);
    70. 

  70.         curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    71. 

  71.         curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);//这个是重点。
    72. 

  72.         curl_setopt($curl, CURLOPT_POST, true);
    73. 

  73.         curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
    74. 

  74.         $data = curl_exec($curl);
    75. 

  75.         curl_close($curl);
    76. 

  76.         return json_decode($data, 1);
    77. 

  77.     }
    78. 

  78. 

  79.     private function sign($sign, $algo = 'SHA256')
    80. 

  80.     {
    81. 

  81.         $key = "-----BEGIN PRIVATE KEY-----\n".chunk_split( $this->_privateKey, 64, "\n" ).'-----END PRIVATE KEY-----';
    82. 

  82.         $key = openssl_pkey_get_private( $key );
    83. 

  83. 

  84.         if ( empty( $key ) )
    85. 

  85.         {
    86. 

  86.             return 'Please pass a Base64-encoded private key from the Market portal';
    87. 

  87.         }
    88. 

  88.         $signature = '';
    89. 

  89.         openssl_sign($sign, $signature, $key, $algo);
    90. 

  90.         $sign = base64_encode($signature);
    91. 

  91.         return $sign;
    92. 

  92.     }
    93. 

  93. 

  94. 

  95.     /**
    96. 

  96.      * 对参数进行处理
    97. 

  97.      * @param $data
    98. 

  98.      * @return string
    99. 

  99.      */
    100. 

  100.     private function dealUrlParam($data)
    101. 

  101.     {
    102. 

  102.         $urlParam = '';
    103. 

  103.         //按ascii码升序排列
    104. 

  104.         ksort($data);
    105. 

  105.         foreach ($data as $key => $v) {
    106. 

  106. //            if(empty($v)) {
    107. 

  107. //                continue;
    108. 

  108. //            }
    109. 

  109.             $v = urlencode($v);
    110. 

  110.             $urlParam .= '&'.$key .'='.$v;
    111. 

  111.         }
    112. 

  112.         $urlParam = ltrim($urlParam, '&');
    113. 

  113.         return $urlParam;
    114. 

  114.     }
    115. 

  115. 

  116.     /**
    117. 

  117.      * 使用RSA算法  SHA1WithRSA进行签名  --取消(SHA256WithRSA)
    118. 

  118.      * @param $data
    119. 

  119.      * @return string
    120. 

  120.      */
    121. 

  121. 	protected function verify($data, $signature)
    122. 

  122.     {
    123. 

  123.         $key = "-----BEGIN PUBLIC KEY-----\n".chunk_split( $this->_publicKey, 64, "\n" ).'-----END PUBLIC KEY-----';
    124. 

  124.         $key = openssl_get_publickey( $key );
    125. 

  125. 

  126.         if ( empty( $key ) )
    127. 

  127.         {
    128. 

  128.             return 'Please pass a Base64-encoded public key from the Market portal';
    129. 

  129.         }
    130. 

  130.         $signature = str_replace('\\', '', $signature);
    131. 

  131.         $signature = str_replace(' ', '+', $signature);
    132. 

  132.         $result = openssl_verify( $data, base64_decode( $signature ), $key, OPENSSL_ALGO_SHA1 );
    133. 

  133. 

  134.         if ( 0 === $result )
    135. 

  135.         {
    136. 

  136.             oo::logs()->debug3('openssl error string:'.openssl_error_string()."\n".' 验签的参数:'.$data."\n".'  验签的signature:'.$signature, 'hw_verify.php');
    137. 

  137.             return 'fail to verify';
    138. 

  138.         }
    139. 

  139.         else if ( 1 !== $result )
    140. 

  140.         {
    141. 

  141.             return 'Unknown error verifying the signature in openssl_verify '.$result;
    142. 

  142.         }
    143. 

  143. 

  144.         return '';
    145. 

  145.     }
    146. 

  146. 

  147. 

  148. 

  149. 

  150. }
    151.