catch_nbfd_admin/extend/apicheck/SignatureCheck.php

<?php

namespace apicheck;
use think\facade\Cache;
use think\facade\Db;
use think\Exception;

class SignatureCheck
{
    public static function check($params){
        foreach($params as $k => $v){
            if(!$params[$k]){
                throw new Exception('cant found params '. $k, 9001);
            }
        }


        $passTime = time() - $params['timestamp'];
        if($passTime > 900){
            throw new Exception('access expired', 9002);
        }

        if(Cache::get('nonce_'. $params['nonce'])){
            throw new Exception('nonce is existed', 9003);
        }

        $secret = Db::table('users')->where('accesskey', $params['accesskey'])->value('secretkey');
        if(!$secret){
            throw new Exception("unauthorized accesskey", 9004);    
        }
        $params['secret'] = $secret;

        if($params['sign'] !== self::calculateSignature($params)){
            throw new Exception("signature verified failed", 9005);    
        }

        Cache::set('nonce_'. $params['nonce'], $params['nonce'], 900);
    }
 
    public static function calculateSignature($params){
        $accesskey = $params['accesskey'];
        $nonce = $params['nonce'];
        $timestamp = $params['timestamp'];
        $secret = $params['secret'];
        
        $string= 'accesskey='. $accesskey .'&timestamp='. $timestamp .'&nonce='.$nonce.'&secret='.$secret;

        $sign = strtoupper(md5($string));

        return $sign;
    }
}