/**
* 服务端验证签名
*/
class ApiValidate {
// 加入签名中的秘钥
private $salt = 'G#rl;*49-T?%v,.';
/**
* 获取签名sign
* [getSign description]
* @param [type] $data [description]
* @return [type] [description]
*/
private function getSign($data)
{
ksort($data);
$param = http_build_query($data);
return hash_hmac('sha256', $param, $this->salt);
}
/**
* 获取用户信息返回给服务端
* [getUserInfo description]
* @return [type] [description]
*/
public function getUserInfo()
{
$data = [
'name' => '张三',
'age' => 18,
'sex' => '男',
'time' => time()
];
$sign = $this->getSign($data);
$data['sign'] = $sign;
return $data;
}
/**
* 验证签名
* [validateSign description]
* @param [type] $data [description]
* @return [type] [description]
*/
public function validateSign($data)
{
if (empty($data['sign'])) {
return '请发送数据签名';
}
if (empty($data['time'])) {
return '请求参数有误';
}
// 验证时间是否过期
if (time() > $data['time']+300) {
return '签名时间已过期';
}
// 验证签名是否正确
$apiSign = $data['sign'];
unset($data['sign']);
$sign = $this->getSign($data);
if ($sign !== $apiSign) {
return '签名验证失败';
}
return '验证成功';
}
}