1.电脑网站支付宝登录,拼接授权链接,在浏览器上访问授权链接即可
登录 - 支付宝欢迎登录支付宝,支付宝-全球领先的独立第三方支付平台,致力于为广大用户提供安全快速的电子支付/网上支付/安全支付/手机支付体验以及转账收款/水电煤缴费/信用卡还款等生活服务应用;为广大为从事电子商务的网站提供支付产品/支付服务的在线订购和技术支持等服务,帮助商家快速接入支付工具,高效、安全、快捷地开展电子商务。
https://openauth.alipay.com/oauth2/publicAppAuthorize.htm?app_id=商户的APPID&scope=auth_user&redirect_uri=ENCODED_URL&state=init
2.使用 auth_code 换取 access_token 及用户 userId
composer安装 alipaysdk/easysdk依赖包
php
<?php
/**
* Created by PhpStorm.
* User: Administrator
* Date: 2020/8/4
* Time: 16:47
*/
namespace app\api\controller;
use Alipay\EasySDK\Kernel\Factory;
use Alipay\EasySDK\Kernel\Config;
use app\common\controller\Api;
class Alipay extends Api
{
protected $noNeedLogin = '*';
protected $noNeedRight = '*';
protected $app_id;
protected $private_key;
protected $ali_public_key; //
public function _initialize()
{
parent::_initialize();
if (!\think\Config::get('fastadmin.usercenter')) {
$this->error(__('User center already closed'));
}
$this->app_id = '20***************08';
$this->private_key = '你的私钥';
$this->ali_public_key = '你的公钥';
}
/**
* auth_token获取用户信息
* @return array
* @throws \Exception
*/
public function getUserInfo()
{
$auth_token = $this->request->post('auth_token');
Factory::setOptions($this->getOptions());
//设置系统参数(OpenAPI中非biz_content里的参数)
$textParams = array(
"code" => "{$auth_token}",
"grant_type" => "authorization_code"
);
//设置业务参数(OpenAPI中biz_content里的参数)
$bizParams = array();
$resJson = Factory::util()->generic()->execute("alipay.system.oauth.token", $textParams, $bizParams)->httpBody;
$resJsonToArray = json_decode($resJson, true);
if (isset($resJsonToArray['alipay_system_oauth_token_response'])) {
$this->success('授权成功',$resJsonToArray['alipay_system_oauth_token_response']);
} else {
$this->error('授权失败',$resJsonToArray);
}
}
/**
* 【新版】配置
* @return Config
*/
private function getOptions()
{
$options = new Config();
$options->protocol = 'https';
$options->gatewayHost = 'openapi.alipay.com';
$options->signType = 'RSA2';
$options->appId = $this->app_id;
// 为避免私钥随源码泄露,推荐从文件中读取私钥字符串而不是写入源码中
$options->merchantPrivateKey = $this->private_key;
//$options->alipayCertPath = '<-- 请填写您的支付宝公钥证书文件路径,例如:/foo/alipayCertPublicKey_RSA2.crt -->';
//$options->alipayRootCertPath = '<-- 请填写您的支付宝根证书文件路径,例如:/foo/alipayRootCert.crt" -->';
//$options->merchantCertPath = '<-- 请填写您的应用公钥证书文件路径,例如:/foo/appCertPublicKey_2019051064521003.crt -->';
//注:如果采用非证书模式,则无需赋值上面的三个证书路径,改为赋值如下的支付宝公钥字符串即可
// $options->alipayPublicKey = '<-- 请填写您的支付宝公钥,例如:MIIBIjANBg... -->';
$options->alipayPublicKey = $this->ali_public_key;
//可设置异步通知接收服务地址(可选)
// $options->notifyUrl = "";
//可设置AES密钥,调用AES加解密相关接口时需要(可选)
// $options->encryptKey = "";
return $options;
}
/**
* 返回给前端获取code
* 【新旧都可用】
* InfoStr APP登录需要的的infostr
* @return String
*/
public function infoStr()
{
$infoStr = http_build_query([
'apiname' => 'com.alipay.account.auth',
'method' => 'alipay.open.auth.sdk.code.get',
'app_id' => $this->app_id,
'app_name' => 'mc',
'biz_type' => 'openservice',
'pid' => $this->pid,
'product_id' => 'APP_FAST_LOGIN',
'scope' => 'kuaijie',
'target_id' => time(), //商户标识该次用户授权请求的ID,该值在商户端应保持唯一
'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权;LOGIN代表登录
'sign_type' => 'RSA2',
]);
$infoStr .= '&sign=' . $this->enRSA2($infoStr);
return $infoStr;
}
/**
* 【生成签名sign】
* enRSA2 RSA加密
* @param String $data
* @return String
*/
private function enRSA2($data)
{
$str = chunk_split(trim($this->private_key), 64, "\n");
$key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
// print_r($key);die;
// $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入
$signature = '';
//$signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL;
$signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256) ? base64_encode($signature) : NULL;
return $signature;
}
/**
* myHttpBuildQuery 返回一个 http Get 传参数组
* 之所以不用 自带函数 http_build_query 时间带 ':' 会被转换
*
* @param Array
* @return String
*/
private function myHttpBuildQuery($dataArr)
{
ksort($dataArr);
$signStr = '';
foreach ($dataArr as $key => $val) {
if (empty($signStr)) {
$signStr = $key . '=' . $val;
} else {
$signStr .= '&' . $key . '=' . $val;
}
}
return $signStr;
}
}前端将auth_code 提交到getUserInfo方法获取唯一表示userid