支付宝身份验证接口踩坑实录-PHP(基于ThinkPHP5)(第二版更新中)
源码:https://download.csdn.net/download/qq_34050360/12418202
快速接入地址:
https://opendocs.alipay.com/open/20181012100420932508/quickstart#%E4%B8%8B%E8%BD%BD%E6%9C%8D%E5%8A%A1%E7%AB%AF%20SDK
首先讲集成sdk,直接放sdk下载地址:
https://openhome.alipay.com/doc/sdkDownload.resource?sdkType=PHP
将下载好的sdk解压放入extend 里面,目录层级注意一下,便于后面用 require 引入三个类库。
引入规则:
require ROOT_PATH.'/extend/alipay/aop/AopClient.php';
require ROOT_PATH.'/extend/alipay/aop/request/AlipayUserCertifyOpenInitializeRequest.php';
require ROOT_PATH.'/extend/alipay/aop/request/AlipayUserCertifyOpenCertifyRequest.php';实例化的时候要加斜杠:
$aop = new \AopClient();接下来第一步就是验签了,坑也随之而来。
首先确保公钥私钥是对的(开发者私钥就是应用私钥,支付宝公钥是支付宝给的,这个自行解决,卡在这里就可以自行放弃了,生活很美好,为什么要写代码来折磨自己)
1./*'请填写开发者私钥去头去尾去回车,一行字符串'*/
2./*'请填写支付宝公钥,一行字符串'*/第二步就是支付宝本身的坑,直接上代码了。
此处数次跟官方技术沟通,被告知,沙箱环境没有用,无法辅助测试,无语更无奈(沙箱环境: https://openhome.alipay.com/platform/demoManage.htm#/alipay.user.certify.open.initialize)
第一步:alipay.user.certify.open.initialize(身份认证初始化服务):
https://opendocs.alipay.com/apis/api_2/alipay.user.certify.open.initialize
请求示例(此处注意有坑:这个帖子一直提醒我,但是被我一直忽略 https://www.uzhan5.com/post/6504)
官方代码:
$aop = new AopClient ();
$aop->gatewayUrl = 'https://openapi.alipay.com/gateway.do';
$aop->appId = 'your app_id';
$aop->rsaPrivateKey = '请填写开发者私钥去头去尾去回车,一行字符串';
$aop->alipayrsaPublicKey='请填写支付宝公钥,一行字符串';
$aop->apiVersion = '1.0';
$aop->signType = 'RSA2';
$aop->postCharset='GBK';
$aop->format='json';
//$request = new AlipayUserCertifyOpenInitializeRequest (); //TODO 官方这个地方写错了,应该用下面的代码才能实现
$request = new AlipayUserCertifyOpenQueryRequest();
$request->setBizContent("{" .
"\"outer_order_no\":\"ZGYD201809132323000001234\"," .
"\"biz_code\":\"FACE\"," .
"\"identity_param\":\"{\\\"identity_type\\\":\\\"CERT_INFO\\\",\\\"cert_type\\\":\\\"IDENTITY_CARD\\\",\\\"cert_name\\\":\\\"收委\\\",\\\"cert_no\\\":\\\"260104197909275964\\\"}\"," .
"\"merchant_config\":\"{\\\"return_url\\\":\\\"xxx\\\"}\"," .
"\"face_contrast_picture\":\"xydasf==\"" .
" }");
$result = $aop->execute ( $request);
$responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response";
$resultCode = $result->$responseNode->code;
if(!empty($resultCode)&&$resultCode == 10000){
echo "成功";
} else {
echo "失败";
}代码中的坑:
$request->setBizContent("{" .
"\"outer_order_no\":\"ZGYD201809132323000001234\"," .
"\"biz_code\":\"FACE\"," .
"\"identity_param\":\"{\\\"identity_type\\\":\\\"CERT_INFO\\\",\\\"cert_type\\\":\\\"IDENTITY_CARD\\\",\\\"cert_name\\\":\\\"收委\\\",\\\"cert_no\\\":\\\"260104197909275964\\\"}\"," .
"\"merchant_config\":\"{\\\"return_url\\\":\\\"xxx\\\"}\"," .
"\"face_contrast_picture\":\"xydasf==\"" .
" }");修改后的代码:
$newsigndata=array();
$newsigndata['outer_order_no']=md5(time());
$newsigndata['biz_code']="FACE";
$newsigndata['identity_param']['identity_type']="CERT_INFO";
$newsigndata['identity_param']['cert_type']="IDENTITY_CARD";
$newsigndata['identity_param']['cert_name']="吴伟祥";
$newsigndata['identity_param']['cert_no']="340827199305234311";
$newsigndata['merchant_config']['return_url']="http://kmxlm-api.maoln.com/api/Reflect/reflectList";
$newsigndata['face_contrast_picture']="xydasf==";
$tosign=json_encode($newsigndata);
$request->setBizContent($tosign);{"alipay_user_certify_open_initialize_response":{"code":"40004","msg":"Business Failed","sub_code":"unknown-sub-code","sub_msg":"未知的错误码UNKNOWN_ERROR"},"sign":"GNjUpr/i4iCd0mPE5LgdIuNXBY0D6QJfAx241kGrWz3kvtzCeu7+izZs51iN1aGSgrdg2pQcQbsk7taGG7WxUquHryiV4RIZhZ3CQXNdpZeOWibVd8DAINviKLYlVyxZrHnV2rpxCFPHdRtlSiFffkqlqiEMwTgPT7a8pC65ESo="}上面是之前第一步一直没绕过的报错,终究是解决了。
到此验签通过(通过之前一直报错40004未知错误,就是验签失败,也是上面的官方代码所致,在此顺便贴一下前面没走通之前的一个报错),进入第二个环节:
第二步:alipay.user.certify.open.certify(身份认证开始认证)
https://opendocs.alipay.com/apis/api_2/alipay.user.certify.open.certify
不要相信沙箱环境,没意义。直接进入开干,坑也来了。
跟第一步里面坑一样,json传需要重新拼接
$aop = new AopClient ();
$aop->gatewayUrl = 'https://openapi.alipay.com/gateway.do';
$aop->appId = 'your app_id';
$aop->rsaPrivateKey = '请填写开发者私钥去头去尾去回车,一行字符串';
$aop->alipayrsaPublicKey='请填写支付宝公钥,一行字符串';
$aop->apiVersion = '1.0';
$aop->signType = 'RSA2';
$aop->postCharset='GBK';
$aop->format='json';
$request = new AlipayUserCertifyOpenCertifyRequest ();
$request->setBizContent("{" .
"\"certify_id\":\"OC201809253000000393900404029253\"" .
" }");
$result = $aop->pageExecute ( $request);
$responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response";
$resultCode = $result->$responseNode->code;
if(!empty($resultCode)&&$resultCode == 10000){
echo "成功";
} else {
echo "失败";
}跳坑操作:
$data=array();
$data['certify_id']=$certify_id;
$tosign=json_encode($data);
$request->setBizContent($tosign);虽然距离成功不远,但是支付宝会让你感到绝望,你执行后的结果是这样的,如下所示:
惊不惊喜意不意外
支付宝让你永远不要放弃,其实在这个页面之前你还会看到一个字符串被打印出来,1200多个字符。抱着怀疑的态度去打印接收参数:
结果如下所示:
转码后的结果:
看清了没,亮瞎了双眼,不按正常套路出牌,可能官方给的示例正常返回值都是java的操作,php直接就是这个了,后面我们在别的地方解析出了人家扫码的那个码的链接如下:
https://openapi.alipay.com/gateway.do?alipay_sdk=alipay-sdk-java-4.5.0.ALL&app_id=2018040102484116&biz_content=%7B%22certify_id%22%3A%223f3523824cc8ed0c9c569d0e5973fa19%22%7D&charset=GBK&format=json&method=alipay.user.certify.open.certify&sign=BYqQIh7r3IdT6%2B5cz7Dc39xc7DG%2BOPLUi0gO5ejYpSx1YX11j0zZcAdUiF0py6qP7loJj8yK3UqdBo0ZvxxdsWJrIYdXPz6pYqUd8iHa74aTwTqY2jmRd3sflKY48c%2FlHhbDpEDZuDIz1dygf%2FiaqfF8j%2BtSTw48uBSRbbh0tjPOkGQhmSpgCBa3ZSCywEhle%2ByuWbEA9linuEAyST3bLEeL%2BaxkPQNdZYk%2Bfvbd5cWK%2Byp3GHW8zfDCbeaMcFynTXnESPo27uSRBGGmhwe7sPzmuLBxjDQzVYeqbrkihf%2FD36fQxanIHEtJlR%2FLsyRyymwBa37CiYTQsN9cyQ1i0g%3D%3D&sign_type=RSA2×tamp=2020-05-13+22%3A58%3A39&version=1.0
以为自己可以了,其实是越走越远。
我把上面的表单的参数一个一个填写到链接里面,再生成二维码,试了20次,所有的结局都是悲壮的。
在下班之前最后脑洞一开,突然想到把这个html直接放到页面里面,将页面链接生成一个二维码,再用支付宝扫码,最后通了。11:55分,下班回家。
梦里依然是这些代码,感觉棒棒的。
最后附上控制器跟页面以及报错日志的文件在附件。
点击链接加入群聊【ThinkPHP56小功能】:https://jq.qq.com/?_wv=1027&k=Z0c641WP