From c06885775e92d9c92487c48c260200b3c1344641 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=80=99=E5=AD=A6=E6=9D=B0?= Date: Thu, 15 Mar 2018 18:29:40 +0800 Subject: [PATCH] bug fix --- composer.json | 5 ++++- src/Client.php | 16 +++------------- src/Middleware/InternalApi.php | 27 +++++++++++++-------------- src/helpers.php | 17 +++++++++++++++++ 4 files changed, 37 insertions(+), 28 deletions(-) create mode 100644 src/helpers.php diff --git a/composer.json b/composer.json index 46c3897..f422ce2 100644 --- a/composer.json +++ b/composer.json @@ -8,6 +8,9 @@ "autoload": { "psr-4": { "InternalApi\\": "src/" - } + }, + "files": [ + "helpers.php" + ] } } diff --git a/src/Client.php b/src/Client.php index dbc6758..f695e4c 100644 --- a/src/Client.php +++ b/src/Client.php @@ -39,23 +39,13 @@ class Client $client = new \GuzzleHttp\Client($config); $params['appid'] = $config['appid']; $params['timestamp'] = time(); - $params['sign'] = $this->sign($params); + $key = $this->config[$this->currentApp]['secret']; + $params['sign'] = sign($params, $key); $resp = $client->post($uri, ['form_params' => $params]); if ($resp->getStatusCode() == 200) { return \GuzzleHttp\json_decode($resp->getBody(), true); - } else { - throw new \Exception('request failed'); } - } - - protected function sign($params) - { - $key = $this->config[$this->currentApp]['secret']; - - unset($params['sign']); - ksort($params); - $str = http_build_query($params, null, '&'); - return md5($str . $key); + return false; } } \ No newline at end of file diff --git a/src/Middleware/InternalApi.php b/src/Middleware/InternalApi.php index dbd520b..8cafe7d 100644 --- a/src/Middleware/InternalApi.php +++ b/src/Middleware/InternalApi.php @@ -5,6 +5,7 @@ namespace InternalApi\Middleware; use Closure; use Illuminate\Http\JsonResponse; use Illuminate\Support\Str; +use function InternalApi\sign; class InternalApi { @@ -34,22 +35,29 @@ class InternalApi $params = $request->all(); if (empty($params['appid'])) { - $data = ['error' => '参数错误',]; + $data = ['error' => 'require appid',]; return new JsonResponse($data, 403); } if (empty($params['timestamp'])) { - $data = ['error' => '签名已过有效期',]; + $data = ['error' => 'require time',]; return new JsonResponse($data, 403); } elseif (intval($params['timestamp']) + 60 < time()) { - $data = ['error' => '签名已过有效期',]; + $data = ['error' => 'sign expired',]; return new JsonResponse($data, 403); } - $sign = $this->sign($params); + $key = config('internal_api.server.' . $params['appid']); + + if (empty($key)) { + $data = ['error' => 'config error',]; + return new JsonResponse($data, 403); + } + + $sign = sign($params, $key); if ($sign != $params['sign']) { $data = [ - 'error' => '签名错误', + 'error' => 'sign error', ]; return new JsonResponse($data, 403); } @@ -57,13 +65,4 @@ class InternalApi return $next($request); } - protected function sign($params) - { - $key = config('internal_api.server.' . $params['appid']); - unset($params['sign']); - ksort($params); - $str = http_build_query($params, null, '&'); - return md5($str . $key); - } - } diff --git a/src/helpers.php b/src/helpers.php new file mode 100644 index 0000000..c15772c --- /dev/null +++ b/src/helpers.php @@ -0,0 +1,17 @@ +