<?php//private key and public key in Sesame Credit background settings, official website has detailed description class zhimaaction extends commonaction {//Sesame Credit Gateway address public $GATEWAYURL = "https://zmopenapi.zmxy.com.cn/openapi.do";//Merchant private key file public $privateKeyFile = "Merchant private key file (absolute path)";//Sesame Public key file public $zmPublicKeyFile = "Sesame key file (absolute path)";//Data Encoding format public $charset = "UTF-8";//Application idpublic $app _id = "*******";//Interface name to invoke public $ method = "Zhima.credit.score.get";//source platform, default to zmoppublic $platform = "ZMOP";//Interface version, Currently only support 1.0public $version = "1.0";//after encrypting the information rsa business parameters public $params = " ";///post-encryption information signature before the params parameter is encrypted, the algorithm is sha1withrsapublic $sign = " 1.0 ";/* process 1, the first step in the encryption process , we get the business parameters that are stitched together, and also take the Sesame credit score as an example, the stitching parameters are as follows: Transaction_id=urlencode (1234567) &product_code=urlencode ( w1010100100000000001) &open_id=urlencode (268810000007909449496) 2, using the SHA1WithRSA algorithm and the merchant's own private key to sign, Get byte array sha1withrsa (transactIon_id=urlencode (1234567) &product_code=urlencode (w1010100100000000001) &open_id=urlencode ( 268810000007909449496) 3, the byte array is Base64 encoded to get a signed string Base64 (Sha1withrsa (transaction_id =urlencode (1234567) &product_code=urlencode (w1010100100000000001) &open_id=urlencode ( 268810000007909449496)) After the above three steps, we get the signature of the business parameters, finally we put the value of this signature into the system parameters sign : Sign=base64 (Sha1withrsa ( Transaction_id=urlencode (1234567) &product_code=urlencode (w1010100100000000001) &open_id=urlencode ( 268810000007909449496))) decryption and Verification */public function __construct () {parent::__construct (); //Download vendor (' Zhima.zmop.ZmopClient ') on the website; Vendor (' Zhima.zmop.RSAUtil '); Vendor (' zhima.zmop.ZhimaCreditIvsDetailGetRequest '); Vendor (' Zhima. Zmopsdk ');} Public function grant () {if (is_post) {$name = i (' name ');//Name $idnumber = i (' IDnumber ') //xxx number $client = new zmopclient ($this->gatewAyurl, $this->app_id, $this->charset, $this->privatekeyfile, $this->zmpublickeyfile); $RSAUtil = new rsautil (); $identity _type = ' 2 '; $identity _param =json_encode (Array (' certno ' = $IDnumber, ' name ' = $name, ' certtype ' = ' identity_card '); $request [' app_id '] = $this->app_id;$ request[' CharSet '] = $this->charset; $request [' method '] = ' zhima.auth.info.authorize '; $ request[' version '] = $this->version; $request [' Platform '] = $this->platform; $request [ ' Params '] = $RSAUtil->rsaencrypt ($str, $this->zmpublickeyfile); $request [' Sign '] = $ Rsautil->sign ($str, $this->privatekeyfile) $request [' Identity_type '] = $identity _type; $request [ ' Identity_param '] = $identity _param; $str = ' identity_type= '. UrlEncode ($identity _type). ' &identity_param= '. UrlEncode ($identity _param). "; $request = new ZhimaAuthInfoAuthorizeRequest () $request->setidentitytype ("2");//$request->setparams ("2"); $request->setidentityparam ($ Identity_param);//$request->setbizparams ( "{\" auth_code\ ": \" m_apppc_cert\ ", \" state\ ": \" pass-through parameters \ "}" //$url = $client->generatepageredirectinvokeurl ( $request );//dump ( $url) if ($url) {$json [' msg '] =1; $json [' url '] = $url; }else{$json [' msg '] =0; $json [' info '] = ' parameter error '; }echo json_encode ($json); exit;} else{$json [' msg '] =0; $json [' info '] = ' parameter error '; echo json_encode ($json); exit;}} Return public function returndata () {$params =$_get[' params ']; $sign =$_get[' sign '] ; if (! $sign) {$this->redirect (' Member/rz '); exit;} Determine if there is a percentage in the string, Decode//dump ($sign) is required; $params = strstr ( $params, '% ' ) ? urldecode ( $params ) : $params, $sign = strstr ( $sign, '% ' ) ? urldecode ( $sign ) : $sign, $client = new ZmopClient ( $this->gatewayurl, $this->app_id, $this->charset, $this->privatekeyfile, $this->zmpublickeyfile ); $result = $client->decryptandverifysign ( $ params, $sign );//Turn array $parts = explode (' & ', $result); $array =array (); foreach ($parts as $k + $v) {$parts [$k] = explode (' = ', $v); $array [$parts [$k] [' 0 ']] = $parts [$k] [' 1 '];} Dump ($array [' Success ']= ' false '), if ($array [' Success ']!= ' false ') {//dump ($array); exit; $res = $this->torz ($array), if ($res->success) {//Return Data Update member Information $is_zhima = m (' member ')->where (' id ' = >cookie (' id ')))->find (), if ($is _zhima[' Zhima ']!= $res->zm_score) {$save [' open_id '] = $array [' Open_id ']; $save [' Zhima '] = $res->zm_score; $save [' State '] = ' 1 '; $save [' Optime '] = time (); $save [' RztimE '] = time (); $member = m (' member ')->where (array (' ID ' =>cookie (' id '))->save ($save) ;} echo ' <script>alert ("certified Success"); window.location.href = "/member/rz" </script> ";} Dump ($member);//dump ($result);} else{//echo ' <script>alert ("failed verification"), window.location.href = "/member/rz" </script> "; $this- >redirect (' Member/rz '); exit;} }}
PHP Ant Sesame Credit sub-interface