PHP对接网络游戏防沉迷实名认证系统
本次开发是自己结合他人的经验开发,但是源文章找不到了,所以自己写了一篇,直接上代码
<?phpnamespace Handlers;class NetworkRealname {protected $biz_id;protected $app_id;protected $secret_key;public function __construct(){$this->biz_id = "";$this->app_id = "";$this->secret_key = "";}/** 请求身份验证接口* $name 姓名,$card 身份证号,$member_id 平台用户id,$test_code 测试码*/function getIdCard($name,$card,$member_id,$test_code=''){$timestamps = $this->getMillisecond(); //当前毫秒时间戳$url = 'https://api.wlc./idcard/authentication/check';if($test_code) {$this->secret_key = 'caebad8c543aa2154b325f9831baa'; //测试secret_key$this->app_id = '36fce80d09454712bbb0a7c52ec16'; //测试appId$this->biz_id = '1101999999'; //测试bizId$url = 'https://wlc./test/collection/loginout/'.$test_code;}$head = ['appId'=>$this->app_id,'bizId'=>$this->biz_id,'timestamps'=>$timestamps];//请求头$header[] = 'Content-Type:application/json;charset=utf-8';$header[] = 'appId:' . $this->app_id;$header[] = 'bizId:' . $this->biz_id;$header[] = 'timestamps:' . $timestamps;//请求体$body['ai'] = md5($member_id); //32位 不然也会报错 测试时 用文档提供得ai 不需要md5$body['name'] = $name;$body['idNum'] = $card;//请求体加密$data['data'] = $this->bodyEncrypt($body, $this->secret_key);//请求头签名 一般报错1011是签名错误$header[]= 'sign:'. $this->getSign($data, [], $this->secret_key, $head);//请求查询接口$res = $this->reqCurl($url,3,'post', $data, $header);$res = json_decode($res,true);return $res;}/** 查询身份接口* $name 姓名,$card 身份证号,$member_id 平台用户id,$test_code 测试码*/function queryIdCard($member_id,$test_code=''){$timestamps = $this->getMillisecond();$member_id = md5($member_id);$url = 'http://api2.wlc./idcard/authentication/query?ai='.$member_id;if($test_code) {$this->secret_key = 'caebad8c543aa2191b325f9831baa';$this->app_id = '36fce80d09454712bbc7a7c52ec16';$this->biz_id = '1101999999';//查询接口是get请求 所以ai拼接到 url后面$url = 'https://wlc./test/authentication/query/'.$test_code.'?ai='.$member_id;}//get请求携带ai 所以签名得时候ai也要参与 不然会1011$head = ['ai'=>$member_id,'appId'=>$this->app_id,'bizId'=>$this->biz_id,'timestamps'=>$timestamps];$header[] = 'Content-Type:application/json;charset=utf-8';$header[] = 'appId:'.$this->app_id;$header[] = 'bizId:'.$this->biz_id;$header[] ='timestamps:'.$timestamps;$header[]= 'sign:'. $this->getSign('',[],$this->secret_key,$head);//请求查询接口$res = $this->reqCurl($url,3,'get',[],$header);$res = json_decode($res,true);return $res ;}/** 游戏用户行为数据上报接口说明* @param $member_id 用户id* @param $pi已通过实名认证用户的唯一标识* @param $di游客模式设备标识,由游戏运营单位生成,游客用户下必填* @param $bt游戏用户行为类型: 0:下线; 1:上线* @param $ct用户行为数据上报类型 0:已认证通过用户 2:游客用户* @return res array*/function queryLoginout($member_id,$pi,$di,$bt=0,$ct=0,$test_code=''){$timestamps = $this->getMillisecond();$time = time();$url = 'http://api2.wlc./behavior/collection/loginout';if($test_code) {$this->secret_key = 'caebad8c543aa2151b325f9831baa';$this->app_id = '36fce80d09454712bbb7a7c52ec16';$this->biz_id = '1101999999';$url = 'https://wlc./test/collection/loginout/'.$test_code;}$head = ['appId'=>$this->app_id,'bizId'=>$this->biz_id,'timestamps'=>$timestamps];$header[] = 'Content-Type:application/json;charset=utf-8';$header[] = 'appId:'.$this->app_id;$header[] = 'bizId:'.$this->biz_id;$header[] ='timestamps:'.$timestamps;//这里值得注意 没有collections 也会1011$body['collections'][] = ['no'=>1,'si'=>md5($member_id),'bt'=>$bt,'ot'=>$time,'ct'=>$ct,'pi'=>$pi,'di'=>$di];$data['data'] = $this->bodyEncrypt($body,$this->secret_key);$header[]= 'sign:'. $this->getSign($data,[],$this->secret_key,$head);//请求查询接口$res = $this->reqCurl($url,3,'post',$data,$header);$res = json_decode($res,true);return $res;}//返回当前的毫秒时间戳function getMillisecond(){list($t1, $t2) = explode(' ', microtime());return (float)sprintf('%.0f',(floatval($t1)+floatval($t2))*1000);}/*** 对请求报文体进行加密* @param $body* @return string*/function bodyEncrypt($body,$secret_key){$key = hex2bin($secret_key);$cipher = "aes-128-gcm";$ivlen = openssl_cipher_iv_length($cipher);$iv = openssl_random_pseudo_bytes($ivlen);$encrypt = openssl_encrypt(json_encode($body), $cipher, $key, OPENSSL_RAW_DATA,$iv,$tag);return base64_encode(($iv.$encrypt.$tag));}/*** 接口签名* @param $body* @param $query_params*/function getSign($body_data='',$query_params,$secret_key,$header){if(!empty($body_data)) {$encrypted_body = json_encode($body_data);} else {$encrypted_body = '';}$sys_params = $header;$final_params = array_merge($sys_params, $query_params);ksort($final_params);$str_params = '';foreach ($final_params as $k => $v) {$str_params .= $k.$v;}$str_params .= $encrypted_body;$str_params = $secret_key.$str_params;$hash = hash('sha256', $str_params);return $hash;}//自定义curlfunction reqCurl($url,$timeout = 3,$method="get",$body = [],$header=['Content-Type: application/json;charset=utf-8']){$ret = "";$ch = curl_init($url);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_HTTPHEADER, $header);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);// https请求 不验证证书和hostscurl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);// 从证书中检查SSL加密算法是否存在(默认不需要验证)curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);if($method == "post"){curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($body));}$buffer = curl_exec($ch);curl_close($ch);if ($buffer === false || empty($buffer)) {$ret = "";} else {$ret = $buffer;}return $ret;}}
