PHP code implements interface security verification of Baidu Wenxinyiyan API

PHP code implements the interface security verification of Baidu Wenxin Yiyan API

When using Baidu Wenxin Yiyan API for development, in order to ensure the security and safety of the interface To reduce malicious requests, we can add security verification of the interface in the code. This article will introduce how to use PHP code to implement interface security verification of Baidu Wenxin Yiyan API.

First of all, we need to understand the interface request parameters of Baidu Wenxinyiyan API. The interface request address is: http://api.lwl12.com/hitokoto/v1. The request parameters of the interface include:

• c: The identification code of the interface caller
• a: Called interface name
• s: Interface signature

The caller identification code (c) of the interface can be obtained by applying on the official website of Baidu Wenxin Yiyan API. The name of the calling interface (a) can be hitokoto, which means to obtain a random text.

The signature(s) of the interface is used to verify the legitimacy of the interface request. Signature generation requires the use of the caller identification code and interface name, as well as a pre-agreed private key. The signature generation rules are as follows:

1. Splice the caller identification code and the interface name with English commas, for example, "caller identification code, interface name"
2. The characters after the splicing Add the private key to the end of the string
3. Perform MD5 hash calculation on the spliced ​​string to obtain the signed value

The following is the PHP code to implement the interface of Baidu Wenxin Yiyan API Example of security verification:

<?php
// 定义调用方识别码、接口名称和私钥
$c = "调用方识别码";
$a = "hitokoto";
$secretKey = "私钥";

// 生成签名
$sign = md5($c . "," . $a . $secretKey);

// 构建请求参数
$params = [
    "c" => $c,
    "a" => $a,
    "s" => $sign
];

// 发起请求
$apiUrl = "http://api.lwl12.com/hitokoto/v1?" . http_build_query($params);
$response = file_get_contents($apiUrl);

// 处理接口返回结果
$data = json_decode($response, true);
if ($data && isset($data["data"]["hitokoto"])) {
    echo "随机的文心一言：{$data["data"]["hitokoto"]}";
} else {
    echo "获取文心一言失败";
}
?>

In the above example code, we first define the caller ID, interface name and private key. These parameters are then used to generate a signature for the interface. Next, we build the request parameters, adding the caller identifier, interface name, and signature to the request parameters. Finally, use the file_get_contents function to initiate an interface request and process the results returned by the interface.

Through the implementation of the above code, we can realize the security verification of Baidu Wenxin Yiyan API interface. In actual development, you can put this code into your own project and make corresponding adjustments and expansions according to actual needs.

Summary:
This article introduces how to use PHP code to implement interface security verification of Baidu Wenxin Yiyan API. By verifying the caller identification code, interface name and signature of the interface, the security of the API interface can be effectively increased to avoid malicious requests and illegal access. In actual development, similar security verification can be performed on other API interfaces based on this sample code. Hope this article is helpful to everyone!

The above is the detailed content of PHP code implements interface security verification of Baidu Wenxinyiyan API. For more information, please follow other related articles on the PHP Chinese website!