jiaoyi-api/app/extra/dyMini/Pay.php

<?php

namespace app\extra\dyMini;

use app\extra\dyLife\BasicLife;
use yzh52521\EasyHttp\Http;

class Pay extends BasicLife
{

    public function createOrder(array $data = [])
    {
        $url = "https://developer.toutiao.com/api/apps/ecpay/v1/create_order";
        $param = [
            "out_order_no"  => $data['order_sn'].rand(1000,9999),
            "total_amount"  => (int) $data['total'],
            "subject"       => $data['name'],
            "body"          => $data['name'],
            "valid_time"    => 1800,
            "notify_url"    => $data['notify_url'],
            "cp_extra"      => $data['order_sn']
        ];
        $param['sign'] = $this->requestSign($param);
        $param['app_id'] = $this->config['appid'];
        $resp = Http::asJson()->post($url,$param)->array();
        if ($resp['err_no'] == 0) {
            return $resp['data'];
        }
        return [];
    }


    public function createRefund(array $data = [])
    {
        $url = "https://developer.toutiao.com/api/apps/ecpay/v1/create_refund";
        $param = [
            "out_order_no"  => $data['out_refund_no'],
            "out_refund_no" => $data['out_refund_no'],
//            "out_refund_no" => $data['order_sn'].rand(1000,9999),
            "refund_amount" => (int) $data['total'],
            "reason"        => $data['reason'],
            "notify_url"    => $data['notify_url'],
            "cp_extra"      => $data['order_sn']
        ];
        $param['sign'] = $this->requestSign($param);
        $param['app_id'] = $this->config['appid'];
        $resp = Http::asJson()->post($url,$param)->array();
        if ($resp['err_no'] == 0) return true;
        return false;
    }

    /**
     * 生成签名
     */
    private function requestSign($params): string
    {
        $rList = [];
        foreach($params as $k =>$v) {
            if ($k == "other_settle_params" || $k == "app_id" || $k == "sign" || $k == "thirdparty_id")
                continue;

            $value = trim(strval($v));
            if (is_array($v)) {
                $value = arrayToStr($v);
            }

            $len = strlen($value);
            if ($len > 1 && substr($value, 0,1)=="\"" && substr($value, $len-1)=="\"")
                $value = substr($value,1, $len-1);
            $value = trim($value);
            if ($value == "" || $value == "null")
                continue;
            $rList[] = $value;
        }
        $rList[] = $this->config['salt'];
        sort($rList, SORT_STRING);
        return md5(implode('&', $rList));
    }

    /**
     * @param $privateKeyStr
     * @param $data
     * @param $appId
     * @param $nonceStr
     * @param $timestamp
     * @param $keyVersion
     * @return string|null
     * @throws \Exception
     */
    public function getByteAuthorization(string $privateKeyStr, string $data, string $appId, string $nonceStr,string $timestamp, string $keyVersion) {
        $byteAuthorization = '';
        // 读取私钥
        $privateKey = openssl_pkey_get_private($privateKeyStr);
        if (!$privateKey) {
            throw new \Exception("Invalid private key");
        }
        // 生成签名
        $signature = $this->getSignature("POST", "/requestOrder", $timestamp, $nonceStr, $data, $privateKeyStr);
        if ($signature === false) {
            return null;
        }
        // 构造 byteAuthorization
        $byteAuthorization = sprintf("SHA256-RSA2048 appid=%s,nonce_str=%s,timestamp=%s,key_version=%s,signature=%s", $appId, $nonceStr, $timestamp, $keyVersion, $signature);
        return $byteAuthorization;
    }

    public function getSignature(string $method, string $url, string $timestamp, string $nonce, $data, $privateKey) {
//        printf("method:%s\n url:%s\n timestamp:%s\n nonce:%s\n data:%s", $method, $url, $timestamp, $nonce, $data);
        $targetStr = $method. "\n" . $url. "\n" . $timestamp. "\n" . $nonce. "\n" . $data. "\n";
        openssl_sign($targetStr, $sign, $privateKey, OPENSSL_ALGO_SHA256);
        return base64_encode($sign);
    }

}