优化Token验证接口
This commit is contained in:
@@ -449,10 +449,10 @@ class Playx extends Api
|
||||
return $this->error(__('PlayX API not configured'));
|
||||
}
|
||||
|
||||
// 与 angpow-imports 一致:HMAC-SHA1 → Base64;密钥 hex/base64 兼容;仅 X-Request-Signature 头
|
||||
$reportDate = strval(time());
|
||||
// 与 angpow-imports 同源:HMAC-SHA1 → Base64;仅 X-Request-Signature;Body 对齐对端必填 request_date + PlayX 文档 request_id/token
|
||||
$requestDate = strval(time());
|
||||
$signatureInput = 'merchant_code=' . $merchantCode
|
||||
. '&report_date=' . $reportDate
|
||||
. '&request_date=' . $requestDate
|
||||
. '&request_id=' . $requestId
|
||||
. '&token=' . $token;
|
||||
$signature = $this->buildPlayxTokenVerifySignature($signatureInput, $authKey);
|
||||
@@ -461,14 +461,13 @@ class Playx extends Api
|
||||
}
|
||||
|
||||
$headers = [
|
||||
'Content-Type' => 'application/json',
|
||||
'X-Request-Signature' => $signature,
|
||||
'Content-Type' => 'application/json',
|
||||
'X-Request-Signature' => $signature,
|
||||
];
|
||||
$payload = [
|
||||
'merchant_code' => $merchantCode,
|
||||
'report_date' => $reportDate,
|
||||
'request_id' => $requestId,
|
||||
'token' => $token,
|
||||
'request_id' => $requestId,
|
||||
'request_date' => $requestDate,
|
||||
'token' => $token,
|
||||
];
|
||||
$res = $client->post($targetVerifyUrl, [
|
||||
'headers' => $headers,
|
||||
@@ -527,7 +526,7 @@ class Playx extends Api
|
||||
}
|
||||
}
|
||||
if ($remoteMsg === '' || str_contains(strtolower($remoteMsg), '<html')) {
|
||||
$remoteMsg = 'PlayX verify-token failed: HTTP ' . strval($code) . ' at ' . $targetVerifyUrl;
|
||||
$remoteMsg = __('PlayX verify upstream failed', [strval($code), $targetVerifyUrl]);
|
||||
}
|
||||
$msg = $remoteMsg !== '' ? $remoteMsg : __('Token expiration');
|
||||
|
||||
|
||||
Reference in New Issue
Block a user