InfoStr authorization login process for Alipay app login authorization

Official website:

Server sdk: https://docs.open.alipay.com/54/103419/

How to use the client to log in: https://docs.open .alipay.com/218/105329/

App authorization login process:

服务端先拿到 App 端 调用 支付宝 SDK 所需要的 infoStr
App 端 通过 infoStr 获得用户 授权 code
服务端通过 授权 code 拿到请求 token
服务端通过 token 获得用户信息

##App-side Alipay login steps:

1. Backend transfer infoStr

Officially writes this: https://docs.open.alipay.com/218/105325/

See the example here :

apiname=com.alipay.account.auth&app_id=xxxxx&app_name=mc&auth_type=AUTHACCOUNT&biz_type=openservice&method=alipay.open.auth.sdk.code.get&pid=xxxxx&product_id=APP_FAST_LOGIN&scope=kuaijie&sign_type=RSA2&target_id=20141225xxxx&sign=fMcp4GtiM6rxSIeFnJCVePJKV43eXrUP86CQgiLhDHH2u%2FdN75eEvmywc2ulkm7qKRetkU9fbVZtJIqFdMJcJ9Yp%2BJI%2FF%2FpESafFR6rB2fRjiQQLGXvxmDGVMjPSxHxVtIqpZy5FDoKUSjQ2%2FILDKpu3%2F%2BtAtm2jRw1rUoMhgt0%3D

I was very confident at first. I checked if the sdk has alipay.open.auth.sdk.code.get method, but I didn’t see this word after global search.

Then try I tried to use this connection to request whether I would get the authcode, but it still failed.

My mood exploded, and then I saw a blog and realized that I was wrong from the beginning. It turns out that the return only requires background splicing, no request is required.

Maybe the idea at the beginning was incorrect, so I struggled all afternoon.

Quote from other developers:

Get infoStr

/**
 * InfoStr APP登录需要的的infostr
 * 
 * @return String
 */
public function infoStr()
{
    $infoStr = http_build_query([
        'apiname' => 'com.alipay.account.auth',
        'method' => 'alipay.open.auth.sdk.code.get',
        'app_id' => $this->app_id,
        'app_name' => 'mc',
        'biz_type' => 'openservice',
        'pid' => $this->pid,
        'product_id' => 'APP_FAST_LOGIN',
        'scope' => 'kuaijie',
        'target_id' => mt_rand(999, 99999), //商户标识该次用户授权请求的ID，该值在商户端应保持唯一
        'auth_type' => 'AUTHACCOUNT', // AUTHACCOUNT代表授权；LOGIN代表登录
        'sign_type' => 'RSA2',
    ]);
    $infoStr .= '&sign='.$this->enRSA2($infoStr);
    return $infoStr;
}
/**
 * enRSA2 RSA加密
 * 
 * @param String $data
 * @return String
 */
private function enRSA2($data)
{
    $str = chunk_split(trim($this->private_key), 64, "\n");
    $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
    // $key = file_get_contents(storage_path('rsa_private_key.pem')); 为文件时这样引入
    $signature = '';
    $signature = openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)?base64_encode($signature):NULL;
    return $signature;
}

The code comes from https:// learnku.com/articles/30076#replies

The above is the detailed content of InfoStr authorization login process for Alipay app login authorization. For more information, please follow other related articles on the PHP Chinese website!