search

anerg2046 / sns_auth

通用第三方登录SDK,支持微信,微信扫码,QQ,微博登录,支付宝登录,Facebook,Line,Twitter,Google
MIT License
605 stars 184 forks source link

支付宝授权,出现验签错误 Code:40002 #39

Closed sinmingx closed 4 years ago

sinmingx commented 4 years ago

PHP版本:7.3.20 服务端环境:Ubuntu 18 依赖库版本:anerg2046/sns_auth v2.0.10

问题: 在我的项目中运行了支付宝授权相关的模块,出现了以下错误信息: "errorMsg" => "获取支付宝 ACCESS_TOKEN 出错:{"error_response":{"code":"40002","msg":"Invalid Arguments","sub_code":"isv.invalid-signature","sub_msg":"验签出错,请确认charset参数放在了URL查询字符串中且各参数值使用charset参数指示的字符集编码"},"sign":"XXXXX"}

一直提示我验签错误,提示编码字符不正确,也咨询过支付宝相关技术人员排查,提示没问题,也尝试clone源码下来,将所有参数重新进行了utf8编码,依然提示字符编码不对,但是该代码从2020年1月-2020年7月31日都正常运行,之后就提示该错误了,各位有没有遇到过类似情况。

相关排查资料也查看过:https://opensupport.alipay.com/support/helpcenter/192/201602479171

gihtub_error

示例代码如下:

public static function userInfo($code)
    {
        $userInfo = [];

        $_GET['auth_code'] = $code;
        $config            = [
            'app_id'      => env('ALIPAY_AUTH_APP_ID', null),
            'scope'       => 'auth_user',
            'pem_private' => base_path('cert/alipay/pem/private.pem'),
            'pem_public'  => base_path('cert/alipay/pem/public.pem'),
        ];
        try {
            $snsOAuth = SnsOAuth::alipay($config);

            $userInfo = $snsOAuth->userinfoRaw();
        } catch (\Exception $ex) {
            $userInfo['errorMsg'] = $ex->getMessage();
        }

        return $userInfo;
    }
anerg2046 commented 4 years ago

你先试着把Gateways/Alipay.php的call方法里把$_params打印一下,然后用alipay的工具校验一下。这两天我会试试看能否复现你的问题。

sinmingx commented 4 years ago

感谢,目前在getAccessToken这一步就报错了,出错了,相关构建信息如下(在此之前运行的7个月都是正常的)

/**
     * 获取AccessToken
     *
     * @return string
     */
    protected function getAccessToken()
    {
        if ($this->checkState === true) {
            if (!isset($_GET['state']) || $_GET['state'] != $this->config['state']) {
                throw new \Exception('传递的STATE参数不匹配!');
            }
        }
        $params = $this->accessTokenParams();
        info(\json_encode($params));
        return $this->POST($this->AccessTokenURL, $params);
    }

    /**
     * 获取token信息
     *
     * @return void
     */
    protected function getToken()
    {
        if (empty($this->token)) {
            $token = $this->getAccessToken();
            dd($token);
            /** @scrutinizer ignore-call */
            $this->token = $this->parseToken($token);
        }
    }

还没执行到Alipay->call方法,getAccessToken参数如下:

{"app_id":"xxxxxxxxx","method":"alipay.system.oauth.token","charset":"UTF-8","sign_type":"RSA2","timestamp":"2020-08-12 15:05:04","version":"1.0","grant_type":"authorization_code","code":"60071780b9ad4ed5b88a712914d8YX14","sign":"bCi\/dRUDoPDrcsoJOX5yXW51EzkpXYSw1rKxlXdfuvVKQmj3gCn8DmfTayk6f6JddSkHxLcLjkHPUbJ8f29I6maSWjHoJVntOTc54aZHNArPPUkTXRvTDy4QPnjf0NNy8pfVYnJ8pElJbcYXFDujYuK9XYOQ6xg9cqHw54zkMCq2D0CiltJpcvK8IgXgvDMI66xP1acfqhOrp8\/LDzoYxSGIJUhqzOyqL6yW8GJDKaYO32aTMnbC8+1WTWN\/+1sQWU9Vu4vv3HEfOLk0mNbtMXJrXXMY1Q\/GX+btkN9pN7ZKOXqAzOD58y8CZWHArAvJw5C\/iSZzq6C+W30N3hgbeASD"}

响应信息如下:

image

sinmingx commented 4 years ago

该问题已替换官方package解决,谢谢。