SignatureHelper.php 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
  1. <?php
  2. /**
  3. * 签名助手 2017/11/19
  4. *
  5. * Class SignatureHelper
  6. */
  7. class SignatureHelper {
  8. /**
  9. * 生成签名并发起请求
  10. *
  11. * @param $accessKeyId string AccessKeyId (https://ak-console.aliyun.com/)
  12. * @param $accessKeySecret string AccessKeySecret
  13. * @param $domain string API接口所在域名
  14. * @param $params array API具体参数
  15. * @param $security boolean 使用https
  16. * @param $method boolean 使用GET或POST方法请求,VPC仅支持POST
  17. * @return bool|\stdClass 返回API接口调用结果,当发生错误时返回false
  18. */
  19. public function request($accessKeyId, $accessKeySecret, $domain, $params, $security=false, $method='POST') {
  20. $apiParams = array_merge(array (
  21. "SignatureMethod" => "HMAC-SHA1",
  22. "SignatureNonce" => uniqid(mt_rand(0,0xffff), true),
  23. "SignatureVersion" => "1.0",
  24. "AccessKeyId" => $accessKeyId,
  25. "Timestamp" => gmdate("Y-m-d\TH:i:s\Z"),
  26. "Format" => "JSON",
  27. ), $params);
  28. ksort($apiParams);
  29. $sortedQueryStringTmp = "";
  30. foreach ($apiParams as $key => $value) {
  31. $sortedQueryStringTmp .= "&" . $this->encode($key) . "=" . $this->encode($value);
  32. }
  33. $stringToSign = "${method}&%2F&" . $this->encode(substr($sortedQueryStringTmp, 1));
  34. $sign = base64_encode(hash_hmac("sha1", $stringToSign, $accessKeySecret . "&",true));
  35. $signature = $this->encode($sign);
  36. $url = ($security ? 'https' : 'http')."://{$domain}/";
  37. try {
  38. $content = $this->fetchContent($url, $method, "Signature={$signature}{$sortedQueryStringTmp}");
  39. return json_decode($content);
  40. } catch( \Exception $e) {
  41. return false;
  42. }
  43. }
  44. private function encode($str)
  45. {
  46. $res = urlencode($str);
  47. $res = preg_replace("/\+/", "%20", $res);
  48. $res = preg_replace("/\*/", "%2A", $res);
  49. $res = preg_replace("/%7E/", "~", $res);
  50. return $res;
  51. }
  52. private function fetchContent($url, $method, $body) {
  53. $ch = curl_init();
  54. if($method == 'POST') {
  55. curl_setopt($ch, CURLOPT_POST, 1);//post提交方式
  56. curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
  57. } else {
  58. $url .= '?'.$body;
  59. }
  60. curl_setopt($ch, CURLOPT_URL, $url);
  61. curl_setopt($ch, CURLOPT_TIMEOUT, 5);
  62. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  63. curl_setopt($ch, CURLOPT_HTTPHEADER, array(
  64. "x-sdk-client" => "php/2.0.0"
  65. ));
  66. if(substr($url, 0,5) == 'https') {
  67. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  68. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  69. }
  70. $rtn = curl_exec($ch);
  71. if($rtn === false) {
  72. // 大多由设置等原因引起,一般无法保障后续逻辑正常执行,
  73. // 所以这里触发的是E_USER_ERROR,会终止脚本执行,无法被try...catch捕获,需要用户排查环境、网络等故障
  74. trigger_error("[CURL_" . curl_errno($ch) . "]: " . curl_error($ch), E_USER_ERROR);
  75. }
  76. curl_close($ch);
  77. return $rtn;
  78. }
  79. }