回调域名验证

域名回调验证用于验证开发者的回调域名是否填写正确以及是否完成消息解密,开发者在接收到即速云回调消息之后,完成解密工作并输出消息中的 echostr 字段,代码示例如下:

1.MD5

error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);

$client_id = ""; // 应用的 client_id
$client_secret = ""; // 应用的 client_secret

$sign = md5($client_id . $_POST['msg'] . $client_secret);
if ($sign != $_POST["sign"]) {
    echo 'verify error';
    exit;
}
$msg = json_decode(urldecode($_POST['msg']), true);
echo $msg["echostr"];

2.pkcs#7

加解密所需要的SDK见 推送消息加解密

error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);

require("crypto/JiSuCrypt.php");

$client_id = ""; // 应用的 client_id
$encryp_token = ""; // 开发者填写的 token
$encryp_aeskey = ""; // 开发者的aeskey

$crypt = new JiSuCrypt($encryp_token, $encryp_aeskey, $client_id);
$encryptMsg = $_POST["msg"]; 
$encryptMsg = json_decode($encryptMsg,true);
$decryptMsg = "";
$errCode = $crypt->DecryptMsg($encryptMsg["signature"], $encryptMsg["timestamp"], $encryptMsg["nonce"], $encryptMsg["encrypt"],$decryptMsg);
$decryptMsg = json_decode($decryptMsg, true);
echo $decryptMsg["echostr"];

results matching ""

    No results matching ""