服务器端代码
class AppController extends Controller
{
//定义秘钥常量
const TOKEN = 'API';
public function check($t,$r,$s)
{
//验证身份
$timeStamp = $t;
$randomStr = $r;
$signature = $s;
$str = $this ->arithmetic($timeStamp,$randomStr);
if($str != $signature){
$data = [
'status' => 0,
'msg' => '验证失败非法请求'
];
return json_encode($data);
}else{
$data = [
'status' => 1,
'msg' => '验证请求成功'
];
return json_encode($data);
}
}
//数字签名
public function arithmetic($timeStamp,$randomStr){
$arr['timeStamp'] = $timeStamp;
$arr['randomStr'] = $randomStr;
$arr['token'] = self::TOKEN;
//按照首字母大小写顺序排序
sort($arr,SORT_STRING);
//拼接成字符串
$str = implode($arr);
//进行加密
$signature = sha1($str);
$signature = md5($signature);
//转换成大写
$signature = strtoupper($signature);
return $signature;
}
}
用另外一台客户端服务器测试
class diaoyongController extends Controller
{
const TOKEN ='API';
public function index(){
$timeStamp = time();
$randomStr = rand(11,99);
$s = $this->arithmetic($timeStamp,$randomStr);
$url="http://xd_lyshop.com/home/app/check/$timeStamp/$randomStr/$s";
$data=$this->curl_get_https($url);
exit($data);
}
//数字签名
public function arithmetic($timeStamp,$randomStr){
$arr['timeStamp'] = $timeStamp;
$arr['randomStr'] = $randomStr;
$arr['token'] = self::TOKEN;
//按照首字母大小写顺序排序
sort($arr,SORT_STRING);
//拼接成字符串
$str = implode($arr);
//进行加密
$signature = sha1($str);
$signature = md5($signature);
//转换成大写
$signature = strtoupper($signature);
return $signature;
}
public function curl_get_https($url){
$curl = curl_init(); // 启动一个CURL会话
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); // 跳过证书检查
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); // 从证书中检查SSL加密算法是否存在
$tmpInfo = curl_exec($curl); //返回api的json对象
//关闭URL请求
curl_close($curl);
return $tmpInfo; //返回json对象
}
}
返回json格式数据
失败0 ,成功1
如:
{"status":0,"msg":"\u9a8c\u8bc1\u5931\u8d25\u975e\u6cd5\u8bf7\u6c42"}
本例子代码非完整,缺少开发环境,代码功能是完整的,可以参考