From 3b57f314eadb0816998d7b050af915dc2fff74dc Mon Sep 17 00:00:00 2001
From: hitsword <mail@huayizhiyun.com>
Date: Mon, 20 May 2019 14:53:01 +0800
Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E7=AE=97=E6=B3=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: hitsword <mail@huayizhiyun.com>
---
 includes/huayi-score-sdk.php | 66 ++++++++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)

diff --git a/includes/huayi-score-sdk.php b/includes/huayi-score-sdk.php
index 5a8101f..35806b7 100644
--- a/includes/huayi-score-sdk.php
+++ b/includes/huayi-score-sdk.php
@@ -6,8 +6,13 @@ if (!defined('ABSPATH')) {
 
 class HuayiScoreSdk
 {
+    //接口地址
     protected $apiurl = null;
+    //接口Token
     protected $token = null;
+    // 错误信息
+    protected $error;
+
     public function __construct($option)
     {
         $this->apiurl = isset($option['apiurl']) ? $option['apiurl'] : '';
@@ -38,4 +43,65 @@ class HuayiScoreSdk
     {
         return $huayi_uid.$amount.$note;
     }
+
+    /**
+     * 生成签名
+     * @param $token
+     * @param $data
+     * @return string
+     */
+    protected function getSignature($token, $data)
+    {
+        ksort($data);// 对数组的值按key排序
+        $params = http_build_query($data);// 生成url的形式
+        return md5($params . $token);// 生成signature
+    }
+
+    /**
+     * 签名验证
+     * @param $token
+     * @param $data array('uid'=>123,'timestamp'=>time(),'signature'='signature')
+     * @return bool
+     */
+    protected function verifySignature($token, $data)
+    {
+        if (empty($data['signature'])) {// 验证参数中是否有签名
+            $this->error = '数据签名不存在';
+            return false;
+        }
+        if (empty($data['timestamp'])) {
+            $this->error = '发送的数据参数不合法';
+            return false;
+        }
+        if (time() - $data['timestamp'] > 600) {// 验证10分钟失效
+            $this->error = '验证失效， 请重新发送请求';
+            return false;
+        }
+
+        $tmpSignature = $data['signature'];//接收过来的签名
+
+        unset($data['signature']);
+        ksort($data);//对数组的值按key排序
+        $params = http_build_query($data);//生成url的形式
+
+        $signature = md5($params . $token);//计算签名
+        if ($signature == $tmpSignature) {//验证签名
+            $this->error = '验证通过';
+            return true;
+        } else {
+            $this->error = '签名无效';
+            return false;
+        }
+    }
+
+    /**
+     * 获取错误信息
+     * @return mixed
+     */
+    protected function getError()
+    {
+        return $this->error;
+    }
+
+
 }
\ No newline at end of file