人人商城

weixin.platform.class.php 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323
  1. <?php
  2. /**
  3. * [WeEngine System] Copyright (c) 2014 WE7.CC
  4. * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
  5. */
  6. defined('IN_IA') or exit('Access Denied');
  7. define('ACCOUNT_PLATFORM_API_ACCESSTOKEN', 'https://api.weixin.qq.com/cgi-bin/component/api_component_token');
  8. define('ACCOUNT_PLATFORM_API_PREAUTHCODE', 'https://api.weixin.qq.com/cgi-bin/component/api_create_preauthcode?component_access_token=');
  9. define('ACCOUNT_PLATFORM_API_LOGIN', 'https://mp.weixin.qq.com/cgi-bin/componentloginpage?component_appid=%s&pre_auth_code=%s&redirect_uri=%s&auth_type=%s');
  10. define('ACCOUNT_PLATFORM_API_QUERY_AUTH_INFO', 'https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token=');
  11. define('ACCOUNT_PLATFORM_API_ACCOUNT_INFO', 'https://api.weixin.qq.com/cgi-bin/component/api_get_authorizer_info?component_access_token=');
  12. define('ACCOUNT_PLATFORM_API_REFRESH_AUTH_ACCESSTOKEN', 'https://api.weixin.qq.com/cgi-bin/component/api_authorizer_token?component_access_token=');
  13. define('ACCOUNT_PLATFORM_API_OAUTH_CODE', 'https://open.weixin.qq.com/connect/oauth2/authorize?appid=%s&component_appid=%s&redirect_uri=%s&response_type=code&scope=snsapi_base&state=%s#wechat_redirect');
  14. define('ACCOUNT_PLATFORM_API_OAUTH_USERINFO', 'https://open.weixin.qq.com/connect/oauth2/authorize?appid=%s&redirect_uri=%s&response_type=code&scope=snsapi_userinfo&state=%s&component_appid=%s#wechat_redirect');
  15. define('ACCOUNT_PLATFORM_API_OAUTH_INFO', 'https://api.weixin.qq.com/sns/oauth2/component/access_token?appid=%s&component_appid=%s&code=%s&grant_type=authorization_code&component_access_token=');
  16. define('ACCOUNT_PLATFORM_API_LOGIN_ACCOUNT', 1); define('ACCOUNT_PLATFORM_API_LOGIN_WXAPP', 2); load()->classs('weixin.account');
  17. load()->func('communication');
  18. class WeixinPlatform extends WeixinAccount {
  19. protected $appid;
  20. protected $appsecret;
  21. protected $encodingaeskey;
  22. protected $token;
  23. protected $refreshtoken;
  24. protected $tablename = 'account_wechats';
  25. protected $menuFrame = 'account';
  26. protected $type = ACCOUNT_TYPE_OFFCIAL_AUTH;
  27. protected $typeName = '公众号';
  28. protected $typeSign = ACCOUNT_TYPE_SIGN;
  29. public function __construct($uniaccount = array()) {
  30. $setting = setting_load('platform');
  31. $this->appid = $setting['platform']['appid'];
  32. $this->appsecret = $setting['platform']['appsecret'];
  33. $this->token = $setting['platform']['token'];
  34. $this->encodingaeskey = $setting['platform']['encodingaeskey'];
  35. parent::__construct($uniaccount);
  36. }
  37. protected function getAccountInfo($acid) {
  38. if ($this->account['key'] == 'wx570bc396a51b8ff8') {
  39. $this->account['key'] = $this->appid;
  40. $this->openPlatformTestCase();
  41. }
  42. $account_table = table('account');
  43. $account = $account_table->getWechatappAccount($acid);
  44. $account['encrypt_key'] = $this->appid;
  45. return $account;
  46. }
  47. function getComponentAccesstoken() {
  48. $accesstoken = cache_load(cache_system_key('account_component_assesstoken'));
  49. if (empty($accesstoken) || empty($accesstoken['value']) || $accesstoken['expire'] < TIMESTAMP) {
  50. $ticket = cache_load(cache_system_key('account_ticket'));
  51. if (empty($ticket)) {
  52. return error(1, '缺少接入平台关键数据,等待微信开放平台推送数据,请十分钟后再试或是检查“授权事件接收URL”是否写错(index.php?c=account&amp;a=auth&amp;do=ticket地址中的&amp;符号容易被替换成&amp;amp;)');
  53. }
  54. $data = array(
  55. 'component_appid' => $this->appid,
  56. 'component_appsecret' => $this->appsecret,
  57. 'component_verify_ticket' => $ticket,
  58. );
  59. $response = $this->request(ACCOUNT_PLATFORM_API_ACCESSTOKEN, $data);
  60. if (is_error($response)) {
  61. $errormsg = $this->errorCode($response['errno'], $response['message']);
  62. return error($response['errno'], $errormsg);
  63. }
  64. $accesstoken = array(
  65. 'value' => $response['component_access_token'],
  66. 'expire' => TIMESTAMP + intval($response['expires_in']),
  67. );
  68. cache_write(cache_system_key('account_component_assesstoken'), $accesstoken);
  69. }
  70. return $accesstoken['value'];
  71. }
  72. function getPreauthCode() {
  73. $preauthcode = cache_load(cache_system_key('account_preauthcode'));
  74. if (true || empty($preauthcode) || empty($preauthcode['value']) || $preauthcode['expire'] < TIMESTAMP) {
  75. $component_accesstoken = $this->getComponentAccesstoken();
  76. if (is_error($component_accesstoken)) {
  77. return $component_accesstoken;
  78. }
  79. $data = array(
  80. 'component_appid' => $this->appid
  81. );
  82. $response = $this->request(ACCOUNT_PLATFORM_API_PREAUTHCODE . $component_accesstoken, $data);
  83. if (is_error($response)) {
  84. return $response;
  85. }
  86. $preauthcode = array(
  87. 'value' => $response['pre_auth_code'],
  88. 'expire' => TIMESTAMP + intval($response['expires_in']),
  89. );
  90. cache_write(cache_system_key('account_preauthcode'), $preauthcode);
  91. }
  92. return $preauthcode['value'];
  93. }
  94. public function getAuthInfo($code) {
  95. $component_accesstoken = $this->getComponentAccesstoken();
  96. if (is_error($component_accesstoken)) {
  97. return $component_accesstoken;
  98. }
  99. $post = array(
  100. 'component_appid' => $this->appid,
  101. 'authorization_code' => $code,
  102. );
  103. $response = $this->request(ACCOUNT_PLATFORM_API_QUERY_AUTH_INFO . $component_accesstoken, $post);
  104. if (is_error($response)) {
  105. return $response;
  106. }
  107. $this->setAuthRefreshToken($response['authorization_info']['authorizer_refresh_token']);
  108. return $response;
  109. }
  110. public function getAuthorizerInfo($appid = '') {
  111. $component_accesstoken = $this->getComponentAccesstoken();
  112. if (is_error($component_accesstoken)) {
  113. return $component_accesstoken;
  114. }
  115. $appid = !empty($appid) ? $appid : $this->account['key'];
  116. $post = array(
  117. 'component_appid' => $this->appid,
  118. 'authorizer_appid' => $appid,
  119. );
  120. $response = $this->request(ACCOUNT_PLATFORM_API_ACCOUNT_INFO . $component_accesstoken, $post);
  121. if (is_error($response)) {
  122. return $response;
  123. }
  124. return $response;
  125. }
  126. public function getAccessToken() {
  127. $cachekey = cache_system_key('account_auth_accesstoken', array('key' => $this->account['key']));
  128. $auth_accesstoken = cache_load($cachekey);
  129. if (empty($auth_accesstoken) || empty($auth_accesstoken['value']) || $auth_accesstoken['expire'] < TIMESTAMP) {
  130. $component_accesstoken = $this->getComponentAccesstoken();
  131. if (is_error($component_accesstoken)) {
  132. return $component_accesstoken;
  133. }
  134. $this->refreshtoken = $this->getAuthRefreshToken();
  135. $data = array(
  136. 'component_appid' => $this->appid,
  137. 'authorizer_appid' => $this->account['key'],
  138. 'authorizer_refresh_token' => $this->refreshtoken,
  139. );
  140. $response = $this->request(ACCOUNT_PLATFORM_API_REFRESH_AUTH_ACCESSTOKEN . $component_accesstoken, $data);
  141. if (is_error($response)) {
  142. return $response;
  143. }
  144. if ($response['authorizer_refresh_token'] != $this->refreshtoken) {
  145. $this->setAuthRefreshToken($response['authorizer_refresh_token']);
  146. }
  147. $auth_accesstoken = array(
  148. 'value' => $response['authorizer_access_token'],
  149. 'expire' => TIMESTAMP + intval($response['expires_in']),
  150. );
  151. cache_write($cachekey, $auth_accesstoken);
  152. }
  153. return $auth_accesstoken['value'];
  154. }
  155. public function fetch_token() {
  156. return $this->getAccessToken();
  157. }
  158. public function getAuthLoginUrl() {
  159. $preauthcode = $this->getPreauthCode();
  160. if (is_error($preauthcode)) {
  161. $authurl = "javascript:alert('{$preauthcode['message']}');";
  162. } else {
  163. $authurl = sprintf(ACCOUNT_PLATFORM_API_LOGIN, $this->appid,
  164. $preauthcode, urlencode($GLOBALS['_W']['siteroot'] . 'index.php?c=account&a=auth&do=forward'), ACCOUNT_PLATFORM_API_LOGIN_ACCOUNT);
  165. }
  166. return $authurl;
  167. }
  168. public function getOauthCodeUrl($callback, $state = '') {
  169. return sprintf(ACCOUNT_PLATFORM_API_OAUTH_CODE, $this->account['key'], $this->appid, $callback, $state);
  170. }
  171. public function getOauthUserInfoUrl($callback, $state = '') {
  172. return sprintf(ACCOUNT_PLATFORM_API_OAUTH_USERINFO, $this->account['key'], $callback, $state, $this->appid);
  173. }
  174. public function getOauthInfo($code = '') {
  175. $component_accesstoken = $this->getComponentAccesstoken();
  176. if (is_error($component_accesstoken)) {
  177. return $component_accesstoken;
  178. }
  179. $apiurl = sprintf(ACCOUNT_PLATFORM_API_OAUTH_INFO . $component_accesstoken, $this->account['key'], $this->appid, $code);
  180. $response = $this->request($apiurl);
  181. if (is_error($response)) {
  182. return $response;
  183. }
  184. cache_write(cache_system_key('account_auth_accesstoken', array('key' => $this->account['key'])), $response['refresh_token']);
  185. return $response;
  186. }
  187. public function getJsApiTicket(){
  188. $cachekey = cache_system_key('jsticket', array('acid' => $this->account['acid']));
  189. $js_ticket = cache_load($cachekey);
  190. if (empty($js_ticket) || empty($js_ticket['value']) || $js_ticket['expire'] < TIMESTAMP) {
  191. $access_token = $this->getAccessToken();
  192. if(is_error($access_token)){
  193. return $access_token;
  194. }
  195. $apiurl = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token={$access_token}&type=jsapi";
  196. $response = $this->request($apiurl);
  197. $js_ticket = array(
  198. 'value' => $response['ticket'],
  199. 'expire' => TIMESTAMP + $response['expires_in'] - 200,
  200. );
  201. cache_write($cachekey, $js_ticket);
  202. }
  203. $this->account['jsapi_ticket'] = $js_ticket;
  204. return $js_ticket['value'];
  205. }
  206. public function getJssdkConfig($url = ''){
  207. global $_W;
  208. $jsapiTicket = $this->getJsApiTicket();
  209. if(is_error($jsapiTicket)){
  210. $jsapiTicket = $jsapiTicket['message'];
  211. }
  212. $nonceStr = random(16);
  213. $timestamp = TIMESTAMP;
  214. $url = empty($url) ? $_W['siteurl'] : $url;
  215. $string1 = "jsapi_ticket={$jsapiTicket}&noncestr={$nonceStr}&timestamp={$timestamp}&url={$url}";
  216. $signature = sha1($string1);
  217. $config = array(
  218. "appId" => $this->account['key'],
  219. "nonceStr" => $nonceStr,
  220. "timestamp" => "$timestamp",
  221. "signature" => $signature,
  222. );
  223. if(DEVELOPMENT) {
  224. $config['url'] = $url;
  225. $config['string1'] = $string1;
  226. $config['name'] = $this->account['name'];
  227. }
  228. return $config;
  229. }
  230. public function openPlatformTestCase() {
  231. global $_GPC;
  232. $post = file_get_contents('php://input');
  233. WeUtility::logging('platform-test-message', $post);
  234. $encode_message = $this->xmlExtract($post);
  235. $message = aes_decode($encode_message['encrypt'], $this->encodingaeskey);
  236. $message = $this->parse($message);
  237. $response = array(
  238. 'ToUserName' => $message['from'],
  239. 'FromUserName' => $message['to'],
  240. 'CreateTime' => TIMESTAMP,
  241. 'MsgId' => TIMESTAMP,
  242. 'MsgType' => 'text',
  243. );
  244. if ($message['content'] == 'TESTCOMPONENT_MSG_TYPE_TEXT') {
  245. $response['Content'] = 'TESTCOMPONENT_MSG_TYPE_TEXT_callback';
  246. }
  247. if ($message['msgtype'] == 'event') {
  248. $response['Content'] = $message['event'] . 'from_callback';
  249. }
  250. if (strexists($message['content'], 'QUERY_AUTH_CODE')) {
  251. list($sufixx, $authcode) = explode(':', $message['content']);
  252. $auth_info = $this->getAuthInfo($authcode);
  253. WeUtility::logging('platform-test-send-message', var_export($auth_info, true));
  254. $url = "https://api.weixin.qq.com/cgi-bin/message/custom/send?access_token=". $auth_info['authorization_info']['authorizer_access_token'];
  255. $data = array(
  256. 'touser' => $message['from'],
  257. 'msgtype' => 'text',
  258. 'text' => array('content' => $authcode.'_from_api'),
  259. );
  260. $response = ihttp_request($url, urldecode(json_encode($data)));
  261. exit('');
  262. }
  263. $xml = array(
  264. 'Nonce' => $_GPC['nonce'],
  265. 'TimeStamp' => $_GPC['timestamp'],
  266. 'Encrypt' => aes_encode(array2xml($response), $this->encodingaeskey, $this->appid),
  267. );
  268. $signature = array($xml['Encrypt'], $this->token, $_GPC['timestamp'], $_GPC['nonce']);
  269. sort($signature, SORT_STRING);
  270. $signature = implode($signature);
  271. $xml['MsgSignature'] = sha1($signature);
  272. exit(array2xml($xml));
  273. }
  274. protected function request($url, $post = array()) {
  275. $response = ihttp_request($url, json_encode($post));
  276. $response = json_decode($response['content'], true);
  277. if (empty($response) || !empty($response['errcode'])) {
  278. return error($response['errcode'], $this->errorCode($response['errcode'], $response['errmsg']));
  279. }
  280. return $response;
  281. }
  282. protected function getAuthRefreshToken() {
  283. $auth_refresh_token = cache_load(cache_system_key('account_auth_refreshtoken', array('acid' => $this->account['acid'])));
  284. if (empty($auth_refresh_token)) {
  285. $auth_refresh_token = $this->account['auth_refresh_token'];
  286. cache_write(cache_system_key('account_auth_refreshtoken', array('acid' => $this->account['acid'])), $auth_refresh_token);
  287. }
  288. return $auth_refresh_token;
  289. }
  290. protected function setAuthRefreshToken($token) {
  291. $tablename = 'account_wechats';
  292. pdo_update($tablename, array('auth_refresh_token' => $token), array('acid' => $this->account['acid']));
  293. cache_write(cache_system_key('account_auth_refreshtoken', array('acid' => $this->account['acid'])), $token);
  294. }
  295. public function result($errno, $message = '', $data = '') {
  296. exit(json_encode(array(
  297. 'errno' => $errno,
  298. 'message' => $message,
  299. 'data' => $data,
  300. )));
  301. }
  302. }