Coinbase.php 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
  1. <?php
  2. namespace App\Payments;
  3. class Coinbase {
  4. public function __construct($config) {
  5. $this->config = $config;
  6. }
  7. public function form()
  8. {
  9. return [
  10. 'coinbase_url' => [
  11. 'label' => '接口地址',
  12. 'description' => '',
  13. 'type' => 'input',
  14. ],
  15. 'coinbase_api_key' => [
  16. 'label' => 'API KEY',
  17. 'description' => '',
  18. 'type' => 'input',
  19. ],
  20. 'coinbase_webhook_key' => [
  21. 'label' => 'WEBHOOK KEY',
  22. 'description' => '',
  23. 'type' => 'input',
  24. ],
  25. ];
  26. }
  27. public function pay($order) {
  28. $params = [
  29. 'name' => '订阅套餐',
  30. 'description' => '订单号 ' . $order['trade_no'],
  31. 'pricing_type' => 'fixed_price',
  32. 'local_price' => [
  33. 'amount' => sprintf('%.2f', $order['total_amount'] / 100),
  34. 'currency' => 'CNY'
  35. ],
  36. 'metadata' => [
  37. "outTradeNo" => $order['trade_no'],
  38. ],
  39. ];
  40. $params_string = http_build_query($params);
  41. $ret_raw = self::_curlPost($this->config['coinbase_url'], $params_string);
  42. $ret = @json_decode($ret_raw, true);
  43. if(empty($ret['data']['hosted_url'])) {
  44. abort(500, "error!");
  45. }
  46. return [
  47. 'type' => 1,
  48. 'data' => $ret['data']['hosted_url'],
  49. ];
  50. }
  51. public function notify($params) {
  52. $payload = trim(file_get_contents('php://input'));
  53. $json_param = json_decode($payload, true);
  54. $headerName = 'X-Cc-Webhook-Signature';
  55. $headers = getallheaders();
  56. $signatureHeader = isset($headers[$headerName]) ? $headers[$headerName] : '';
  57. $computedSignature = \hash_hmac('sha256', $payload, $this->config['coinbase_webhook_key']);
  58. if (!self::hashEqual($signatureHeader, $computedSignature)) {
  59. abort(400, 'HMAC signature does not match');
  60. }
  61. $out_trade_no = $json_param['event']['data']['metadata']['outTradeNo'];
  62. $pay_trade_no=$json_param['event']['id'];
  63. return [
  64. 'trade_no' => $out_trade_no,
  65. 'callback_no' => $pay_trade_no
  66. ];
  67. http_response_code(200);
  68. die('success');
  69. }
  70. private function _curlPost($url,$params=false){
  71. $ch = curl_init();
  72. curl_setopt($ch, CURLOPT_URL, $url);
  73. curl_setopt($ch, CURLOPT_HEADER, 0);
  74. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  75. curl_setopt($ch, CURLOPT_TIMEOUT, 300);
  76. curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
  77. curl_setopt(
  78. $ch, CURLOPT_HTTPHEADER, array('X-CC-Api-Key:' .$this->config['coinbase_api_key'], 'X-CC-Version: 2018-03-22')
  79. );
  80. $result = curl_exec($ch);
  81. curl_close($ch);
  82. return $result;
  83. }
  84. /**
  85. * @param string $str1
  86. * @param string $str2
  87. * @return bool
  88. */
  89. public function hashEqual($str1, $str2)
  90. {
  91. if (function_exists('hash_equals')) {
  92. return \hash_equals($str1, $str2);
  93. }
  94. if (strlen($str1) != strlen($str2)) {
  95. return false;
  96. } else {
  97. $res = $str1 ^ $str2;
  98. $ret = 0;
  99. for ($i = strlen($res) - 1; $i >= 0; $i--) {
  100. $ret |= ord($res[$i]);
  101. }
  102. return !$ret;
  103. }
  104. }
  105. }