Client.php
3.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
/*
* This file is part of the overtrue/wechat.
*
* (c) overtrue <i@overtrue.me>
*
* This source file is subject to the MIT license that is bundled
* with this source code in the file LICENSE.
*/
namespace EasyWeChat\MicroMerchant\Certficates;
use EasyWeChat\Kernel\Exceptions\InvalidArgumentException;
use EasyWeChat\MicroMerchant\Kernel\BaseClient;
use EasyWeChat\MicroMerchant\Kernel\Exceptions\InvalidExtensionException;
/**
* Class Client.
*
* @author liuml <liumenglei0211@163.com>
* @DateTime 2019-05-30 14:19
*/
class Client extends BaseClient
{
/**
* get certficates.
*
* @param bool $returnRaw
*
* @return array|\EasyWeChat\Kernel\Support\Collection|object|\Psr\Http\Message\ResponseInterface|string
*
* @throws \EasyWeChat\Kernel\Exceptions\InvalidArgumentException
* @throws \EasyWeChat\Kernel\Exceptions\InvalidConfigException
* @throws \EasyWeChat\MicroMerchant\Kernel\Exceptions\InvalidExtensionException
* @throws \GuzzleHttp\Exception\GuzzleException
*/
public function get(bool $returnRaw = false)
{
$params = [
'sign_type' => 'HMAC-SHA256',
'nonce_str' => uniqid('micro'),
];
if (true === $returnRaw) {
return $this->requestRaw('risk/getcertficates', $params);
}
/** @var array $response */
$response = $this->requestArray('risk/getcertficates', $params);
if ('SUCCESS' !== $response['return_code']) {
throw new InvalidArgumentException(sprintf('Failed to get certificate. return_code_msg: "%s" .', $response['return_code'].'('.$response['return_msg'].')'));
}
if ('SUCCESS' !== $response['result_code']) {
throw new InvalidArgumentException(sprintf('Failed to get certificate. result_err_code_des: "%s" .', $response['result_code'].'('.$response['err_code'].'['.$response['err_code_des'].'])'));
}
$certificates = \GuzzleHttp\json_decode($response['certificates'], true)['data'][0];
$ciphertext = $this->decrypt($certificates['encrypt_certificate']);
unset($certificates['encrypt_certificate']);
$certificates['certificates'] = $ciphertext;
return $certificates;
}
/**
* decrypt ciphertext.
*
* @param array $encryptCertificate
*
* @return string
*
* @throws \EasyWeChat\MicroMerchant\Kernel\Exceptions\InvalidExtensionException
*/
public function decrypt(array $encryptCertificate)
{
if (false === extension_loaded('sodium')) {
throw new InvalidExtensionException('sodium extension is not installed,Reference link https://php.net/manual/zh/book.sodium.php');
}
if (false === sodium_crypto_aead_aes256gcm_is_available()) {
throw new InvalidExtensionException('aes256gcm is not currently supported');
}
// sodium_crypto_aead_aes256gcm_decrypt function needs to open libsodium extension.
// https://www.php.net/manual/zh/function.sodium-crypto-aead-aes256gcm-decrypt.php
return sodium_crypto_aead_aes256gcm_decrypt(
base64_decode($encryptCertificate['ciphertext'], true),
$encryptCertificate['associated_data'],
$encryptCertificate['nonce'],
$this->app['config']->apiv3_key
);
}
}