接入教程

接口申请

目前已停止接入申请，仅限已注册用户及内部使用

示例

以下为登录 API 示例：

<?php
// 定义源站信息
define('SOURCE_SITE', 'example.com'); // 你的源站地址
define('OPENAPI_TOKEN', md5('12345678')); // 你的 token

// 引用 AES 加密
$aes = new AES(OPENAPI_TOKEN);
SESSION_START();

if(isset($_GET['action']) && is_string($_GET['action'])) {
    switch($_GET['action']) {
        case 'location':
            $path = pathinfo($_SERVER['REQUEST_URI'], PATHINFO_DIRNAME);
            $refe = isset($_GET['return']) ? $_GET['return'] : (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "");
            $payLoad = [
                "time" => time(),
                "return" => $refe,
                "openid" => $path
            ];
            $data = urlencode(base64_encode(json_encode([
                'source' => SOURCE_SITE,
                'payload' => $aes->encrypt(json_encode($payLoad))
            ])));
            Header("Location: https://idms.zerodream.net/?data={$data}");
            exit;
        case 'logout':
            unset($_SESSION['user']);
            SESSION_DESTROY();
            Header("Location: https://{$_SERVER['HTTP_HOST']}/");
            exit;
        default:
            Header("Location: https://{$_SERVER['HTTP_HOST']}/");
            exit;
    }
}

// 登陆成功后，OpenAPI 返回数据
if(isset($_GET['data'])) {
    $data = json_decode($aes->decrypt($_GET['data']), true);
    if(!$data) {
        echo "Data invaild";
        exit;
    } else {
        // 验证时间戳，误差允许在 1 分钟以内
        if(abs($data['time'] - time()) > 60) {
            echo "Time invaild";
            exit;
        } else {
            // 验证成功，将 OpenAPI 返回的用户名和邮箱赋值给变量
            $username = $data['username'];
            $email = $data['email'];
            // 将用户信息储存到 SESSION
            $_SESSION['user'] = $username;
            if($_GET['return'] !== "") {
                Header("Location: {$_GET['return']}");
            } else {
                Header("Location: https://{$_SERVER['HTTP_HOST']}/");
            }
            exit;
        }
    }
}

// AES-256-CFB 加密类
class AES
{
    protected $method;
    protected $secret_key;
    protected $iv;
    protected $options; 

    public function __construct($key, $method = 'AES-256-CFB', $iv = false, $options = 0)
    {
        $this->secret_key = isset($key) ? $key : die('key undefined');
        $this->method = $method;
        $this->iv = $iv ? $iv : substr(md5($key), 0, 16);
        $this->options = $options;
    }

    public function encrypt($data)
    {
        return openssl_encrypt($data, $this->method, $this->secret_key, $this->options, $this->iv);
    }

    public function decrypt($data)
    {
        return openssl_decrypt($data, $this->method, $this->secret_key, $this->options, $this->iv);
    }
}

调用方法

以下为示例请求：

https://example.com/openapi/?action=location