因为公司业务需求,需接入支付宝ISV业务,成为支付宝的服务商,商户对开发者进行应用授权后,开发者可以帮助商户完成相应的业务逻辑,例如代替商户发起当面付的收单请求。
此业务只适用于支付宝当面付功能。
对应用授权,可以采用URL拼接,PC访问授权,或者将url生成二维码,商户用手机端支付宝扫码,授权。
URL拼接规则:
https://openauth.alipay.com/oauth2/appToAppAuth.htm?app_id=应用ID&redirect_uri=回调地址
除了app_id 和 redirect_uri必要参数外,还可以附加自身业务参数,在回调地址中处理,以绑定此授权码和授权商户的关系
回调处理demo:
<?php /** * 支付宝isv授权回调地址,通过code和refresh_token换取token * User: Administrator * Date: 2017/2/26 * Time: 16:17 */ date_default_timezone_set(‘PRC‘); $config = array(); require_once ‘protected/extensions/AliF2F/f2fpay/service/AlipayTradeService.php‘; require_once ‘protected/extensions/AliF2F/f2fpay/config/lkhealth_config.php‘; isset($_REQUEST[‘app_auth_code‘]) && $code = addslashes($_REQUEST[‘app_auth_code‘]); //授权code isset($_REQUEST[‘hq_id‘]) && $hq_id = (int)$_REQUEST[‘hq_id‘]; //在授权链接上带的店铺标识 $currentDate = date(‘Y-m-d H:i:s‘); (!$code || !$hq_id) && exit(‘Access Denied!‘); $aop = new AopClient (); $aop->gatewayUrl = $config[‘gatewayUrl‘]; $aop->appId = $config[‘app_id‘]; $aop->rsaPrivateKey = $config[‘merchant_private_key‘]; $aop->alipayrsaPublicKey = $config[‘alipay_public_key‘]; $aop->apiVersion = ‘1.0‘; $aop->signType = $config[‘sign_type‘]; $aop->postCharset = $config[‘charset‘]; $aop->format = ‘json‘; $request = new AlipayOpenAuthTokenAppRequest (); $params = array( ‘grant_type‘ => ‘authorization_code‘, //refresh_token ‘code‘ => $code, ‘hq_id‘ => $hq_id, ‘refresh_token‘ => ‘‘ ); $request->setBizContent(json_encode($params)); $result = $aop->execute ( $request ); /** { "alipay_open_auth_token_app_response":{ "app_auth_token":"201509BBeff9351ad1874306903e96b91d248A36", "app_refresh_token":"201509BBdcba1e3347de4e75ba3fed2c9abebE36", "auth_app_id":"2013121100055554", "code":"10000", "expires_in":"123456", "msg":"Success", "re_expires_in":"123456", "user_id":"2088102150527498" }, "sign":"ERITJKEIJKJHKKKKKKKHJEREEEEEEEEEEE" } */ $responseNode = str_replace(".", "_", $request->getApiMethodName()) . "_response"; $resultObj = $result->$responseNode; $resultCode = $resultObj->code; if(!empty($resultCode) && $resultCode == 10000){ //授权成功,保存店铺对应的app_auth_token echo "success"; } else { //授权失败 echo $result->$responseNode->msg; }
原文:https://www.cnblogs.com/lonelyxmas/p/13111435.html