<?php
namespace app\middleapi\service;

class ApiSignService
{
    //创建sign
    public static function makeSign($data,$appSecret): string
    {
	    ksort($data);
	    $string = "";
	    foreach ($data as $k => $v) {
		    if ($k == "sign" || is_array($v)) {
			    continue;
		    }
		    $string .= $k . "=" . $v . "&";
	    }
	    $string = trim($string, "&");
	    $string = $string . "&key=" . $appSecret;
	    $string = md5(md5($string));
	    return strtolower($string);
    }

    //检验sign是否正确
    public static function verifySign($data,$appSecret): array
    {
        // 验证请求， 10秒钟失效
        if (time() - $data['timestamp'] > 10) {
            return ['code' => 0, 'msg' => '签名已失效'];
        }
        //比对签名
        $clientSign = $data['sign'];
        $serverSign = self::makeSign($data,$appSecret);
        if ($clientSign == $serverSign) {
            return ['code' => 1, 'msg' => '验证通过'];
        } else {
            return ['code' => 0, 'msg' => '签名校验失败'];
        }
    }
}