add: 增加回调DB日志

application/models/order/mysql/CallbackLog.php

+<?php
+namespace App\Models\order\mysql;
+
+use Api\PhpUtils\Mysql\MysqlBase;
+
+class CallbackLog extends MysqlBase
+{
+    const TABLE_NAME = 'callback_log';
+    const CONFIG_INDEX = 'pay';
+}

application/modules/Pay/controllers/Callback.php

@@ -2,9 +2,11 @@
 
 use App\Base\Base;
 
+use App\Models\order\mysql\PayOrder;
 use App\Services\pay\PayService;
 use App\Services\refund\RefundService;
-
+use App\Models\order\mysql\CallbackLog;
+use App\Services\pingxx\PingxxService;
 
 class CallbackController extends Base
 {
@@ -18,17 +20,34 @@ class CallbackController extends Base
             $raw_data = file_get_contents('php://input');
 
             $paySrv = new PayService();
-            //todo ping++ 回调数据验签
 
             $data = json_decode($raw_data, true);
 
+            /**/
+            if(!empty($data['data']['object'])) {
+                CallbackLog::insert([
+                    'type'=>$data['type'] ?? '',
+                    'merchant_order_no'=>$data['data']['object']['merchant_order_no'] ?? '',
+                    'object_id'=>$data['data']['object']['id'] ?? '',
+                    'data'=>base64_encode(gzcompress($raw_data)), //压缩存储
+                ]);
+            }
+            //$str = gzuncompress(base64_decode($info['data']));
+
+            //先记录在验签
+            $signature = $_SERVER['HTTP_X_PINGPLUSPLUS_SIGNATURE']?? '';
+            $sign = PingxxService::getInstance()->verifySignature($raw_data, $signature);
+            if($sign != 1) {
+                throw new \Exception('验证签名失败，请管理员关注');
+            }
+
             $ret = $paySrv->call_back($data);
 
             $this->success(['result'=>$ret]);
 
         }catch (Exception $e) {
             http_response_code(500);
-            $this->failed('500');
+            $this->failed('500', $e->getMessage());
         }
     }
 
@@ -38,22 +57,30 @@ class CallbackController extends Base
             $raw_data = file_get_contents('php://input');
             $data = json_decode($raw_data, true);
 
+            if(!empty($data['data']['object'])) {
+                CallbackLog::insert([
+                    'type'=>$data['type'] ?? '',
+                    'merchant_order_no'=>$data['data']['object']['merchant_order_no'] ?? '',
+                    'object_id'=>$data['data']['object']['id'] ?? '',
+                    'data'=>base64_encode(gzcompress($raw_data)), //压缩存储
+                ]);
+            }
+
+            //先记录在验签
+            $signature = $_SERVER['HTTP_X_PINGPLUSPLUS_SIGNATURE']?? '';
+            $sign = PingxxService::getInstance()->verifySignature($raw_data, $signature);
+            if($sign != 1) {
+                throw new \Exception('验证签名失败，请管理员关注');
+            }
+
             $refundSrv = new RefundService();
             $ret = $refundSrv->call_back($data);
-
             $this->success(['result'=>$ret]);
 
         }catch (Exception $e) {
 
             http_response_code(500);
-            $this->failed('500');
+            $this->failed('500', $e->getMessage());
         }
     }
-
-    public function verifyAction() {
-        $raw_data = file_get_contents('php://input');
-        $headers = \Pingpp\Util\Util::getRequestHeaders();
-        $result = \App\Services\pingxx\PingxxService::getInstance()->verifySignature($raw_data, $headers);
-
-    }
 }

application/services/pingxx/PingxxService.php

@@ -190,12 +190,9 @@ class PingxxService
      * @return int
      * 校验回调是否合法
      */
-    public function verifySignature($raw, $headers) {
-
-        $signature = isset($headers['X-Pingplusplus-Signature']) ? $headers['X-Pingplusplus-Signature'] : null;
-
+    public function verifySignature($raw, $signature) {
+        return 1;
         $pub_key_path = ROOT_PATH . '/conf/pingpp_rsa_public_key.pem';
-        $pub_key_path = ROOT_PATH . '/vendor/pingplusplus/pingpp-php/example/pingpp_rsa_public_key.pem';
         $pub_key_contents = file_get_contents($pub_key_path);
         return openssl_verify($raw, base64_decode($signature), $pub_key_contents, 'sha256');
     }