php api_token验证

chen 提交于 周日, 08/23/2020 - 15:21

<?php

/**
* 使用cURL模拟api_token认证并获取数据
* 此为客户端
*/

//模拟数据
$mod = 'home';
$ctl = 'user';
$act = 'getuserinfo';
$appid = 'abc123';
$timestamp;
$token;
$secret = 'MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIALOp5LJJJ+gCAggA
MBQGCCqGSIb3DQMHBAjJbiZV281R5gSCBMiGPZUyMFjURnD3qjYHfcW/YHoevPa+
JFjJz4US+EhMKvPreLvZGYN3nk4u7okuEGKL9J2H4XRHFHqNayWxiaOW4reaXHqw
n5b+ZgyRe089nVcyl+FpRbpC1OfkUxQp/l+POlIV5gGKnlnjXgL3hOAg2KyJYr39
drlCz4Oc+WFNg2mhbeKom9IYjUeP+tcrwFhZ1r9zt0g9BhSuBuV9l92rddQw43Un
02nC9orzY6HBtJPLRwBFAVFp4X4URQG+/xefJRPiAXvCyl0JyKoYEpgOs05/84ll
AHWEh5E0ghqFduOHvDkkSgaArX8DD5VtRfs3Hwh1k91VRFawkiNihDeHfTgENEjx
XwJaq9MhJpYqt6fZV5NcVfoxKDsYw+ztzhFRM5n4BKW4hGxNQlUUz7ovMEvrE0eZ
r2hl0zhyZ5qmwPBPDTIUjL0kclE34A0LBKC05YSDLDU7lXK0rm3luLFFwbw9V2ZI
+vYhESFECtcKSB+Vsj0FHSkIjJ5shWMcC9tZeZLRv+nU5o6A6hJOGG/749GgAWP1
ISGjbDDKofq3bt/VXllrBwTVmyAgtO+CaB7hzWOAg+hmyqbLi3GzOQ45OPuMZPeQ
LKQ/DLpzKXBtDZE4Hi/PkVfvQC9JTB2lBg5zqN4DR1P74jpikV0+d4HuXyKItOyT
5MTzi9G0uqDc1BoBoYpYsqL76t30N59f35EH93CQlciLxHrb9IAbxKZU43UGDSD+
p2tpVInK1xo2zWenVNabpcDk/sdkjB3I4PvjzfMMNoVhAqUBbgPg3niQCc6G/IFm
t7JnyAdsTNCCqsH52O5ha6GW6vhYAGRM1v+jUwmLht9F7AYHezTeHm9I8NSQD0hv
ap1uEd+ZW4H914SWNgearZPzfGDAJhyepmNPb0YDNtgpJabVUthe50afKM0j7jPI
HXXJFHuKUCoXf/e4s2oSJw7f6MF1U9XHr1I54O2xDIA/7Rq1EEtbEZNdHlrPXBr4
zKoKso6fv7o0CnE37SuSJPvuKEj8dM4N5NGnz0GslDitWbY9Pve5DdJyDhhA6Kj2
+KdTCQWQUnveX0/Wxs2wry71Ac+Lspttis7EJEWn4bLnDTFRMiwOFfOSpMAN22Qq
qJBIoEcRaZw2wIKSljrmEesUa0EQDFFdNAeTznZqM3mBpruTVYoBeYFaS82S1UNr
A7lSckc66oLU4sSjdJH8SCPqxgVn68WC59gdtkFSUUz8B37ZYClQ7ubCls1j/95P
5yDTXiQHyyyc/32nsskm5qSAoNDcbGp7QU/+a/0fOpyBTz/+KdppQihl8eb0W4xL
yZmChwJSLsH5RSCrCeEH+/vQlP8ZHZPjy+jDtBMofMJWho7HwdgaGxz3WvQMnqom
QxuME1SZAY52dVSgMHk6VPOJEuD83otVxiO3bUKvs9SSISbLSljDQAMXdDLcRhR+
qfCF55P32iWOQaE4cs2KzLsI8vO5uXdrzroObw9NZ4M6FzX+WwyyNMtuT9Phf3ry
Ugau7kjAGNmXPEqz5oHPXUo4V8RlKlI8HgD9PKR6LwTpznaE82fSCz2DQXqlrYL9
CGk7AZro/gNan/HqAtmuTalTXpLgUT2wF08GOTgVR0YrmJQrOf64O4PeLukmEdgl
pTc=';

$data = array(
'mod' => $mod,
'ctl' => $ctl,
'act' => $act,
'appid' => $appid,
);

//api_token生成方法
function createApiToken($data, $secret) {
//加入时间戳
global $timestamp;
//$timestamp = time();
//token过期验证
$timestamp = 1597408247;
$data['timestamp'] = time();
//对请求参数进行签名
ksort($data);
$str = http_build_query($data) . $secret;
$sign = strtoupper(md5($str));
return $sign;
}

$token = createApiToken($data,$secret);
$url = 'http://test.com/'.$mod.'/'.$ctl.'/'.$act.'.php?appid='.$appid.'&token='…;
//var_dump($url);

//使用cURL模拟请求
function httpGet($url) {
//初始化一个会话
$ch = curl_init();
//输入api地址
curl_setopt($ch, CURLOPT_URL, $url);
//以变量存储不直接输出
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//指向并接受返回的数据
$result = curl_exec($ch);
//关闭会话
curl_close($ch);
//返回数据
return $result;
}

//执行请求
$result = httpGet($url);
//将返回的数据保存到文件中
$file = fopen("resopnse.txt", 'w');
fwrite($file, $result);
fclose($file);

<?php

/**
* 使用cURL模拟api_token认证并获取数据
* 此为服务端
*/

//获取参数
//模拟数据
$mod = 'home';
$ctl = 'user';
$act = 'getuserinfo';
$appid = $_GET['appid'];
$timestamp = $_GET['timestamp'];
$token = $_GET['token'];
$secret = 'MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIALOp5LJJJ+gCAggA
MBQGCCqGSIb3DQMHBAjJbiZV281R5gSCBMiGPZUyMFjURnD3qjYHfcW/YHoevPa+
JFjJz4US+EhMKvPreLvZGYN3nk4u7okuEGKL9J2H4XRHFHqNayWxiaOW4reaXHqw
n5b+ZgyRe089nVcyl+FpRbpC1OfkUxQp/l+POlIV5gGKnlnjXgL3hOAg2KyJYr39
drlCz4Oc+WFNg2mhbeKom9IYjUeP+tcrwFhZ1r9zt0g9BhSuBuV9l92rddQw43Un
02nC9orzY6HBtJPLRwBFAVFp4X4URQG+/xefJRPiAXvCyl0JyKoYEpgOs05/84ll
AHWEh5E0ghqFduOHvDkkSgaArX8DD5VtRfs3Hwh1k91VRFawkiNihDeHfTgENEjx
XwJaq9MhJpYqt6fZV5NcVfoxKDsYw+ztzhFRM5n4BKW4hGxNQlUUz7ovMEvrE0eZ
r2hl0zhyZ5qmwPBPDTIUjL0kclE34A0LBKC05YSDLDU7lXK0rm3luLFFwbw9V2ZI
+vYhESFECtcKSB+Vsj0FHSkIjJ5shWMcC9tZeZLRv+nU5o6A6hJOGG/749GgAWP1
ISGjbDDKofq3bt/VXllrBwTVmyAgtO+CaB7hzWOAg+hmyqbLi3GzOQ45OPuMZPeQ
LKQ/DLpzKXBtDZE4Hi/PkVfvQC9JTB2lBg5zqN4DR1P74jpikV0+d4HuXyKItOyT
5MTzi9G0uqDc1BoBoYpYsqL76t30N59f35EH93CQlciLxHrb9IAbxKZU43UGDSD+
p2tpVInK1xo2zWenVNabpcDk/sdkjB3I4PvjzfMMNoVhAqUBbgPg3niQCc6G/IFm
t7JnyAdsTNCCqsH52O5ha6GW6vhYAGRM1v+jUwmLht9F7AYHezTeHm9I8NSQD0hv
ap1uEd+ZW4H914SWNgearZPzfGDAJhyepmNPb0YDNtgpJabVUthe50afKM0j7jPI
HXXJFHuKUCoXf/e4s2oSJw7f6MF1U9XHr1I54O2xDIA/7Rq1EEtbEZNdHlrPXBr4
zKoKso6fv7o0CnE37SuSJPvuKEj8dM4N5NGnz0GslDitWbY9Pve5DdJyDhhA6Kj2
+KdTCQWQUnveX0/Wxs2wry71Ac+Lspttis7EJEWn4bLnDTFRMiwOFfOSpMAN22Qq
qJBIoEcRaZw2wIKSljrmEesUa0EQDFFdNAeTznZqM3mBpruTVYoBeYFaS82S1UNr
A7lSckc66oLU4sSjdJH8SCPqxgVn68WC59gdtkFSUUz8B37ZYClQ7ubCls1j/95P
5yDTXiQHyyyc/32nsskm5qSAoNDcbGp7QU/+a/0fOpyBTz/+KdppQihl8eb0W4xL
yZmChwJSLsH5RSCrCeEH+/vQlP8ZHZPjy+jDtBMofMJWho7HwdgaGxz3WvQMnqom
QxuME1SZAY52dVSgMHk6VPOJEuD83otVxiO3bUKvs9SSISbLSljDQAMXdDLcRhR+
qfCF55P32iWOQaE4cs2KzLsI8vO5uXdrzroObw9NZ4M6FzX+WwyyNMtuT9Phf3ry
Ugau7kjAGNmXPEqz5oHPXUo4V8RlKlI8HgD9PKR6LwTpznaE82fSCz2DQXqlrYL9
CGk7AZro/gNan/HqAtmuTalTXpLgUT2wF08GOTgVR0YrmJQrOf64O4PeLukmEdgl
pTc=';

$data = array(
'mod' => $mod,
'ctl' => $ctl,
'act' => $act,
'appid' => $appid,
'timestamp' => $timestamp
);

//api_token生成方法
function createApiToken($data, $secret) {

//对请求参数进行签名
ksort($data);
$str = http_build_query($data) . $secret;
$sign = strtoupper(md5($str));
return $sign;
}
$server_token = createApiToken($data,$secret);

//有效性验证:10秒有效期
$timeout = 10;
if ($timestamp + $timeout > time()) {
//token校验
if ($token == $server_token) {
$abc = array(
'age'=>18,
'password'=>'123456'
);
$data1 = array(
'code' => 200,
'message' => 'OK',
'data' => $abc
);
exit(json_encode($data1));
} else {
$data1 = array(
'code' => 100,
'message' => '请求错误'
);
exit(json_encode($data1));
}
} else {
$data1 = array(
'code' => 101,
'message' => '请求超时'
);
exit(json_encode($data1));
}

标签