第一步:
登錄到螞蟻金服開放平台 https://open.alipay.com/platform/home.htm,前提是有商戶號。創建應用之后,然后到開發者中心開通對應功能。如圖:
第二步:
到應用信息里面填寫應用網關與授權回調地址。應用網關填寫域名即可,如:www.baidu.com;授權回調地址則需要具體到頁面或者方法,如:www.baidu.com/aliLogin.php。
第三步:
填寫接口加簽方式。去官方下載簽名生成器,然后生成一對秘鑰(應用公鑰和應用私鑰),設置好應用公鑰之后,能拿到對應的支付寶公鑰。(重點是 應用私鑰和支付寶公鑰)
第四步:
數據表的設計。可以新建數據表存儲支付寶返回數據,也可以在用戶表里面新加字段存儲。我的實現方法是后者,如圖:
下面代碼可以看到支付寶返回數據存入對應字段
第五步:
下載sdk,地址 https://doc.open.alipay.com/docs/doc.htm?spm=a219a.7629140.0.0.iw1InW&treeId=193&articleId=103419&docType=1 。根據以上步驟拿到的appid,應用私鑰(RSA_PRIVATE_KEY)和支付寶公鑰(ALIPAY_RSA_PBULIC_KEY),開始調用支付寶接口獲取數據。上代碼:
/** * 支付寶授權登錄 */ public function aliLogin(){ //獲取配置文件的ali參數 $ali_config = C("ALI_CONFIG"); //應用的APPID $app_id = "2017061407485473"; //【成功授權】后的回調地址 $my_url = "http://".$_SERVER['HTTP_HOST']."/Home/User/aliLogin"; //Step1:獲取auth_code $auth_code = $_REQUEST["auth_code"];//存放auth_code if(empty($auth_code)){ //state參數用於防止CSRF攻擊,成功授權后回調時會原樣帶回 $_SESSION['alipay_state'] = md5(uniqid(rand(), TRUE)); //拼接請求授權的URL $url = "https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=".$app_id."&scope=auth_user&redirect_uri=".$my_url."&state=" . $_SESSION['alipay_state']; echo("<script> top.location.href='" . $url . "'</script>"); } //Step2: 使用auth_code換取apauth_token if($_REQUEST['state'] == $_SESSION['alipay_state'] || 1) { vendor("Alipay.AopClient"); //引入sdk $aop = new \AopClient(); $aop->gatewayUrl = "https://openapi.alipay.com/gateway.do"; $aop->appId = $app_id; $aop->rsaPrivateKey = $ali_config['RSA_PRIVATE_KEY']; //應用私鑰 $aop->alipayrsaPublicKey = $ali_config['ALIPAY_RSA_PBULIC_KEY']; //支付寶公鑰 $aop->apiVersion = '1.0'; $aop->signType = 'RSA2'; $aop->postCharset = 'utf-8'; $aop->format = 'json'; //根據返回的auth_code換取access_token vendor("Alipay.AlipaySystemOauthTokenRequest"); //調用sdk里面的AlipaySystemOauthTokenRequest類 $request = new \AlipaySystemOauthTokenRequest(); $request->setGrantType("authorization_code"); $request->setCode($auth_code); $result = $aop->execute($request); $access_token = $result->alipay_system_oauth_token_response->access_token; //Step3: 用access_token獲取用戶信息 vendor("Alipay.AlipayUserInfoShareRequest"); //調用sdk里面的AlipayUserInfoShareRequest類 $request = new \AlipayUserInfoShareRequest(); $result = $aop->execute ( $request, $access_token); $responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response"; $resultCode = $result->$responseNode->code; if(!empty($resultCode)&&$resultCode == 10000){ $user_data = $result->$responseNode; $m = M("Member"); $data = array(); $data['sex'] = $user_data->gender=='m'?1:2; $data['province'] = $user_data->province; $data['city'] = $user_data->city; $data['person_name'] = $user_data->nick_name; $data['ali_openid'] = $user_data->user_id; $data['ali_name'] = $user_data->nick_name; $data['ali_img'] = $user_data->avatar; $data['addtime'] = date("Y-m-d H:i:s", time()); $data['person_img'] = $user_data->avatar; $data['signtime'] = date("Y-m-d H:i:s", time()); $user = M("Member")->where(array("ali_openid"=> $user_data->user_id))->find(); //判斷是否是第一次登錄 if($user){ $res = M("Member")->where(array("ali_openid"=> $user_data->user_id))->setField("signtime", date("Y-m-d H:i:s", time())); if($res){ //成功登錄業務邏輯 }else{ $this->error("操作異常,拒絕訪問!", U('user/login')); } }else{ $res=$m->add($data); if($res){ //成功登錄業務邏輯 }else{ $this->error("操作異常,拒絕訪問!", U('user/login')); } } } else { $this->error("操作異常,拒絕訪問!", U('user/login')); } } }