如果是POST请求 $body 必须转成josn格式 json_encode
protected static function getAuthorization($url, $body, $http_method = "GET")
{
$url_parts = parse_url($url);
$canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : ""));
$timestamp = Formatter::timestamp();
$nonce = Formatter::nonce();
$message = Formatter::request(strtoupper($http_method), $canonical_url, $timestamp, $nonce, $body);
$priKey = openssl_pkey_get_private(config('wx.merchantPrivateKeyFilePath')); //获取商户私钥内容,这里读取的配置,如果是路劲,直接使用file_get_content来获取
openssl_sign($message, $raw_sign, $priKey, 'sha256WithRSAEncryption');
$sign = base64_encode($raw_sign);
return Formatter::authorization(config('wx.mchid'), $nonce, $sign, $timestamp, config('wx.merchantCertificateSerial'));
}
上面返回的 authorization 信息直接拼装到header就行,这里要注意,如果header头没有设置User-Agent,需要在curl请求中设置
curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
return [
'Authorization: '. $authorization,
'Accept:application/json',
'Content-Type:application/json;charset=utf-8',
'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0'
];