优化测试verifyToken接口脚本
This commit is contained in:
@@ -443,13 +443,16 @@ class Playx extends Api
|
||||
$client = new \GuzzleHttp\Client($clientOptions);
|
||||
|
||||
if ($isAbsoluteVerifyUrl) {
|
||||
$merchantCode = strval(config('playx.angpow_import.merchant_code', ''));
|
||||
$authKey = strval(config('playx.angpow_import.auth_key', ''));
|
||||
if ($authKey === '') {
|
||||
if ($merchantCode === '' || $authKey === '') {
|
||||
return $this->error(__('PlayX API not configured'));
|
||||
}
|
||||
|
||||
// PlayX 文档:Body 仅 request_id + token。X-Request-Signature 与 angpow-imports 同源算法(HMAC-SHA1→Base64、密钥解析同 angpow),明文与 Body 字段一致。
|
||||
$signatureInput = 'request_id=' . $requestId . '&token=' . $token;
|
||||
// 回调网关要求 Body 含 merchant_code;签名字符串与参与签名的字段顺序与 angpow 风格一致(HMAC-SHA1→Base64、密钥解析同 angpow)。
|
||||
$signatureInput = 'merchant_code=' . $merchantCode
|
||||
. '&request_id=' . $requestId
|
||||
. '&token=' . $token;
|
||||
$signature = $this->buildPlayxTokenVerifySignature($signatureInput, $authKey);
|
||||
if ($signature === null) {
|
||||
return $this->error(__('Invalid signature'), null, 0, ['statusCode' => 500]);
|
||||
@@ -460,8 +463,9 @@ class Playx extends Api
|
||||
'X-Request-Signature' => $signature,
|
||||
];
|
||||
$payload = [
|
||||
'request_id' => $requestId,
|
||||
'token' => $token,
|
||||
'merchant_code' => $merchantCode,
|
||||
'request_id' => $requestId,
|
||||
'token' => $token,
|
||||
];
|
||||
$res = $client->post($targetVerifyUrl, [
|
||||
'headers' => $headers,
|
||||
|
||||
Reference in New Issue
Block a user