Reception want to call interface, you need to use several parameters to generate a signature.
Timestamp: Current time
A random number: a random number generated randomly
Password: before and after the development of Taiwan, both sides know a logo, the equivalent signal
Rule Algorithm:-agreed rules of operation of the above three parameters may be utilized to generate a signature algorithm rules.
Reception generate a signature, when the need to access the interface, the time stamp, a random number, signature passed into the background by the URL. Background get timestamp, the random number, as calculated by the rules of the signature algorithm, and then pass over the signature comparison, the same, to return the data.
Algorithm Rules
In the first interactive backstage, algorithm rules are very important, front and back calculated by an algorithm must rule out the signature, as to how to develop the rules, you see how happy how come.
My rule is this algorithm
A time stamp, a random number, the first password sorted order capitalization
2 is then spliced into a string
3 sha1 encryption
4 then encrypted MD5
5 to uppercase.
Reception
Here I have no real prospects of direct use a PHP file instead of the foreground, and then simulated by CURL GET request. I am using a TP framework, URL format is pathinfo format.
Source
? <PHP
/ **
* PhpStorm the Created by.
* the User: Administrator
* a Date: 2019/3/16
* Time: 15:56
* /
namespace Client \ the Controller;
use of Think \ the Controller;
class ClientController the extends the Controller {
const the TOKEN = ' the aPI ';
// server request reception analog interfaces api
public getDataFromServer function () {
// timestamp
$ = timeStamp Time ();
// a random number
$ $ = randomStr the this -> createNonceStr ();
// generates signature
$ signature = the this $ -> Arithmetic (timeStamp $, $ randomStr);
// URL address
$ url = "http://www.apitest.com/Server/Server/respond/t/{$timeStamp}/r/{$randomStr} / S / Signature} {$ ";
$ the this Result = $ -> HttpGet (URL $);
the dump ($ Result);
}
// get request curl simulation.
function HttpGet Private (URL $) {
$ curl = curl_init ();
// needed which address request
; curl_setopt ($ curl, CURLOPT_URL, $ url)
output indicates // requested data file has been streamed to the variable
curl_setopt ($ curl, CURLOPT_RETURNTRANSFER,. 1);
$ Result = the curl_exec ($ curl);
curl_close ($ curl);
return $ Result;
}
// randomly generated string
Private function createNonceStr (length = $. 8) {
$ = chars " abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ";
$ STR =" ";
for ($ I = 0; $ I <$ length; $ I ++) {
$ STR = substr ($ chars, the mt_rand (0, strlen ($ chars) -. 1),. 1). ;
}
. return "Z" STR $;
}
/ **
* @Param $ timeStamp stamp
* @Param $ randomStr random string
* @return string return signature
* /
Private Arithmetic function (timeStamp $, $ randomStr) {
$ ARR [ 'timeStamp'] = $ timeStamp;
$ ARR [ 'randomStr'] = $ randomStr;
$ ARR [ 'token'] Self :: = the tOKEN;
// first capitalization sorted order
Sort ($ ARR, SORT_STRING);
// spliced into the string
$ = STR The implode ($ ARR);
// encrypting
$ signature SHA1 = ($ STR);
$ Signature = MD5 ($ Signature);
// uppercase
$ the strtoupper Signature = ($ Signature);
return $ Signature;
}
}
Service-Terminal
Accept the foreground data for verification
Source
<?php
/**
* Created by PhpStorm.
* User: Administrator
* Date: 2019/3/16 0016
* Time: 16:01
*/
namespace Server\Controller;
use Think\Controller;
class ServerController extends Controller{
const TOKEN = 'API';
//响应前台的请求
public function respond(){
//验证身份
$timeStamp = $_GET['t'];
$randomStr = $_GET['r'];
$signature = $_GET['s'];
$str = $this -> arithmetic($timeStamp,$randomStr);
if($str != $signature){
echo "-1";
exit;
}
//模拟数据
$arr['name'] = 'api';
$arr['age'] = 15;
$arr['address'] = 'West';
ARR $ [ 'IP'] = "192.168.0.1";
echo json_encode ($ ARR);
}
/ **
* @param timestamp $ timeStamp
* @param $ randomStr random string
* @return string return signature
* /
public function Arithmetic (timeStamp $, $ randomStr) {
$ ARR [ 'timeStamp'] = $ timeStamp;
$ ARR [ 'randomStr'] = $ randomStr;
$ ARR [ 'token'] Self :: = the tOKEN;
// letter size according to the first write sequential ordering
Sort ($ ARR, SORT_STRING);
// spliced into the string
$ = STR The implode ($ ARR);
// encrypting
$ Signature = SHA1 (STR $);
$ Signature = MD5 ($ Signature);
// uppercase
$ the strtoupper Signature = ($ Signature);
return $ Signature;
}
}
result
string(57) "{"name":"api","age":15,"address":"zz","ip":"192.168.0.1"}"