information-system/dingdingcallback/receive.php

<?php
require_once(__DIR__ . "/config.php");
require_once(__DIR__ . "/util/Log.php");
require_once(__DIR__ . "/util/Cache.php");
require_once(__DIR__ . "/api/ISVService.php");
require_once(__DIR__ . "/api/Activate.php");
require_once(__DIR__ . "/crypto/DingtalkCrypt.php");
require_once(__DIR__ . "/crypto/pkcs7Encoder.php");
/*
$postdata = '{"encrypt":"T/w3yVimyokxqoZa8owceuX5TobMBKu3zfRZfY452ExV7C3vH1Z24ir+BorG+ZOUQ0wuE0RuY/80cqWyhW5wLwpxeVbbREAnx9GrD6pZJ6Fw933ucw4BbNHIOg4LODMG"}';
$postList = json_decode($postdata,true);
$encrypt = $postList['encrypt'];
$aes_key = 'abcdefgABCDEFG0123456789hHiIjJKkLlMmnNOpQrs';
$decrypt = new Prpcrypt($aes_key);
$corpid = 'ding48bce8fd3957c96b';
$result = $decrypt->decrypt($encrypt, $corpid);

print_r($result);
die();
*/
$signature = $_GET["signature"];
$timeStamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$postdata = file_get_contents("php://input");
/*$signature = '36e154f3bbaf043a6110b2025dca684967d67784';
$timeStamp = '1578453834041';
$nonce = 'bpmnoUjO';
$postdata = '{"encrypt":"mh8kSwUzMKYr4VyvH+6Ay5UJdz41rgPqhjniHqdq3euo2P0XLZqu2fhQxgQBs5ZLNv7W8hjuQgmpf+ZVNElAhNv9SVT39ZdBmXY/e1481qOsZoLw9SP9HE6Q/Uma9feA"}';*/
$postList = json_decode($postdata,true);
$encrypt = $postList['encrypt'];
$crypt = new DingtalkCrypt(TOKEN, ENCODING_AES_KEY, SUITE_KEY);

$msg = "";
$errCode = $crypt->DecryptMsg($signature, $timeStamp, $nonce, $encrypt, $msg);

if ($errCode != 0)
{
    Log::e(json_encode($_GET) . "  ERR:" . $errCode);
    
    /**
     * 创建套件时检测回调地址有效性，使用CREATE_SUITE_KEY作为SuiteKey
     */
    $crypt = new DingtalkCrypt(TOKEN, ENCODING_AES_KEY, CREATE_SUITE_KEY);
    $errCode = $crypt->DecryptMsg($signature, $timeStamp, $nonce, $encrypt, $msg);
    if ($errCode == 0)
    {
        Log::i("DECRYPT CREATE SUITE MSG SUCCESS " . json_encode($_GET) . "  " . $msg);
        $eventMsg = json_decode($msg);
        $eventType = $eventMsg->EventType;
        if ("check_create_suite_url" === $eventType)
        {
            $random = $eventMsg->Random;
            $testSuiteKey = $eventMsg->TestSuiteKey;
            
            $encryptMsg = "";
            $errCode = $crypt->EncryptMsg($random, $timeStamp, $nonce, $encryptMsg);
            if ($errCode == 0) 
            {
                Log::i("CREATE SUITE URL RESPONSE: " . $encryptMsg);
                echo $encryptMsg;
            } 
            else 
            {
                Log::e("CREATE SUITE URL RESPONSE ERR: " . $errCode);
            }
        }
        else
        {
            //should never happened
        }
    }
    else 
    {
        Log::e(json_encode($_GET) . "CREATE SUITE ERR:" . $errCode);
    }
    return;
}
else
{
    /**
     * 套件创建成功后的回调推送
     */
    Log::i("DECRYPT MSG SUCCESS " . json_encode($_GET) . "  " . $msg);
	GetPost_http('http://www.mycht.cn/webht.php/apps/dingtools/index/recivecallback',$msg,'POST');
    $eventMsg = json_decode($msg);
    $eventType = $eventMsg->EventType;
    /**
     * 套件ticket
     */
    if ("suite_ticket" === $eventType)
    {
        Cache::setSuiteTicket($eventMsg->SuiteTicket);
    }
    /**
     * 临时授权码
     */
    else if ("tmp_auth_code" === $eventType)
    {
        $tmpAuthCode = $eventMsg->AuthCode;
        Activate::autoActivateSuite($tmpAuthCode);
    }
    /**
     * 授权变更事件
     */

    /*user_add_org : 通讯录用户增加
    user_modify_org : 通讯录用户更改
    user_leave_org : 通讯录用户离职
    org_admin_add ：通讯录用户被设为管理员
    org_admin_remove ：通讯录用户被取消设置管理员
    org_dept_create ： 通讯录企业部门创建
    org_dept_modify ： 通讯录企业部门修改
    org_dept_remove ： 通讯录企业部门删除
    org_remove ： 企业被解散
    */

    else if ("user_add_org" === $eventType)
    {
        Log::e(json_encode($_GET) . "  ERR:user_add_org");
        //handle auth change event
    }

    else if ("user_modify_org" === $eventType)
    {
        Log::e(json_encode($_GET) . "  ERR:user_modify_org");
        //handle auth change event
    }

    else if ("user_leave_org" === $eventType)
    {
        Log::e(json_encode($_GET) . "  ERR:user_leave_org");
        //handle auth change event
    }
    /**
     * 应用被解除授权的时候，需要删除相应企业的存储信息
     */
    else if ("suite_relieve" === $eventType)
    {
        $corpid = $eventMsg->AuthCorpId;
        ISVService::removeCorpInfo($corpid);
        //handle auth change event
    }else if ("change_auth" === $eventType)
     {
         //handle auth change event
     }

    /**
     * 回调地址更新
     */
    else if ("check_update_suite_url" === $eventType)
    {
        $random = $eventMsg->Random;
        $testSuiteKey = $eventMsg->TestSuiteKey;
        
        $encryptMsg = "";
        $errCode = $crypt->EncryptMsg($random, $timeStamp, $nonce, $encryptMsg);
        if ($errCode == 0) 
        {
            Log::i("UPDATE SUITE URL RESPONSE: " . $encryptMsg);
            echo $encryptMsg;
            return;
        } 
        else 
        {
            Log::e("UPDATE SUITE URL RESPONSE ERR: " . $errCode);
        }
    }
    else
    {
        //should never happen
    }
    
    $res = "success";
    $encryptMsg = "";
    $errCode = $crypt->EncryptMsg($res, $timeStamp, $nonce, $encryptMsg);
    if ($errCode == 0) 
    {
        echo $encryptMsg;
        Log::i("RESPONSE: " . $encryptMsg);
    } 
    else 
    {
        Log::e("RESPONSE ERR: " . $errCode);
    }
}
function GetPost_http($url, $data = '', $method = 'GET') {
	$curl = curl_init(); // 启动一个CURL会话  
	curl_setopt($curl, CURLOPT_URL, $url); // 要访问的地址  
	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); // 对认证证书来源的检查  
	curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); // 从证书中检查SSL加密算法是否存在  
	curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器  
	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); // 使用自动跳转  
	curl_setopt($curl, CURLOPT_AUTOREFERER, 1); // 自动设置Referer  
	if ($method == 'POST' && !empty($data)) {
		curl_setopt($curl, CURLOPT_POST, 1); // 发送一个常规的Post请求  
		curl_setopt($curl, CURLOPT_POSTFIELDS, $data); // Post提交的数据包
		curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
	}
	curl_setopt($curl, CURLOPT_TIMEOUT, 40); // 设置超时限制防止死循环  
	curl_setopt($curl, CURLOPT_TIMEOUT_MS, 40000); // 设置超时限制防止死循环  
	curl_setopt($curl, CURLOPT_HEADER, 0); // 显示返回的Header区域内容  
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // 获取的信息以文件流的形式返回  
	$tmpInfo = curl_exec($curl); // 执行操作  
	$errno = curl_errno($curl);
	if ($errno !== 0) {
		log_message('error', 'ctripost'.$errno.curl_error($curl));
	}
	curl_close($curl); //关闭CURL会话  
	return $tmpInfo; //返回数据
}