一、擷取流程
1、擷取 access_token
2、通過access_token換取 jsapi_ticket
3、簽名演算法
簽名建置規則如下:參與簽名的欄位包括noncestr(隨機字串), 有效jsapi_ticket, timestamp(時間戳記), url(當前網頁的URL,不包含#及其後面部分) 。對所有待簽名參數按照欄位名的ASCII 碼從小到大排序(字典序)後,使用URL索引值對的格式(即key1=value1&key2=value2…)拼接成字串string1。這裡需要注意的是所有參數名均為小寫字元。對string1作sha1加密,欄位名和欄位值都採用原始值,不進行URL 轉義。
二、具體實現方式
1、擷取access_token
/** * [getAccessToken description] 擷取access_token * @return [type] [description] */private function getAccessToken() { $data = $this->getFile($this->accessTokenFile); if(time() - $data['time'] > 0){ $url = "{$this->appID}&secret={$this->appsecret}"; $re = $this->httpGet($url); $access_token = $re['access_token']; if(isset($access_token)){ $data['access_token'] = $access_token; $data['time'] = time() + 7200; $this->setFile($this->accessTokenFile,json_encode($data)); } }else{ $access_token = $data['access_token']; } return $access_token;}
access_token 的有效時間是7200s,故可以採用檔案儲存體的方法進行儲存,避免多次請求;
2、擷取jsapi_ticket
/** * [getJsapiTicket description] 擷取jsapi_ticket * @return [type] [description] */private function getJsapiTicket() { $access_token = $this->getAccessToken(); $jsapi_ticket = $this->getFile($this->jsapiTicketFile); if(time() - $jsapi_ticket['time'] > 0) { $url = "{$access_token}&type=jsapi"; $re = $this->httpGet($url); $this->preArr($re); $jsapi_ticket = $re['ticket']; if(isset($jsapi_ticket)){ $data['jsapi_ticket'] = $jsapi_ticket; $data['time'] = time() + 7200; $this->setFile($this->jsapiTicketFile, json_encode($data)); } }else{ $jsapi_ticket = $jsapi_ticket['jsapi_ticket']; } return $jsapi_ticket;}
通過access_token進行交換,得到jsapi_ticket,有效期間也是7200s;
3、產生簽名
/** * [getSignpackage description] 擷取簽名 * @return [type] [description] */public function getSignpackage(){ $jsapi_ticket = $this->getJsapiTicket(); // 注意 URL 一定要動態擷取,不能 hardcode.$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://"; $url = "$protocol$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $noncestr = $this->createNonceStr(); $timestamp = time(); $string1 = "jsapi_ticket={$jsapi_ticket}&noncestr={$noncestr}×tamp={$timestamp}&url={$url}"; $signature = sha1($string1); $signPackage = array( 'appId' => $this->appID, 'nonceStr' => $noncestr, 'timestamp' => $timestamp, 'signature' => $signature, ); return $signPackage;}
簽名演算法,
使用URL索引值對的格式(即key1=value1&key2=value2…)拼接成字串string1:
對string1進行sha1簽名,得到signature:
注意事項:
1.簽名用的noncestr和timestamp必須與wx.config中的nonceStr和timestamp相同。
2.簽名用的url必須是調用JS介面頁面的完整URL。
3.出於安全考慮,開發人員必須在伺服器端實現簽名的邏輯。
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
