duanju_track_hapi/app/middleware/ExternalSignCheck.php

<?php
namespace App\Middleware;

use Webman\MiddlewareInterface;
use Webman\Http\Response;
use Webman\Http\Request;

class ExternalSignCheck implements MiddlewareInterface
{
    
    public function process(Request $request, callable $next): Response
    {
        // Access to files beginning with. Is prohibited
        if (strpos($request->path(), '/.') !== false) {
            return response('<h1>403 forbidden</h1>', 403);
        }
        /** @var Response $response */
        $response = $next($request);
        // Add cross domain HTTP header
        /*$response->withHeaders([
            'Access-Control-Allow-Origin'      => '*',
            'Access-Control-Allow-Credentials' => 'true',
        ]);*/
        return $response;
    }
    
    /**
     * 外部通用 判断签名是否正确.
     */
    public function handle($request, Closure $next)
    {
        $timestamp = !empty($request->get('timestamp'))?$request->get('timestamp'):'';
        $sign = !empty($request->get('sign'))?$request->get('sign'):'';
        $response = $next($request);

        return $response;
    }
    
    public function sign($params, $key)
    {
        $data = $params;
        //签名步骤一：按字典序排序参数
        ksort($data);
        $buff = "";
        foreach ($data as $k => $v) {
            if ($v != null && $k !== "sign" && $v !== "" && !is_array($v)) {
                $buff .= $k . "=" . $v . "&";
            }
        }
        $buff = trim($buff, "&");
        //签名步骤二：在string后加入KEY
        $string = $buff . "&key=" . $key;
//        \Log::info('Seconds_string:'.$string.'Seconds_key:'.$key);
        //签名步骤三：MD5加密
        $string = md5($string);
        //签名步骤四：所有字符转为大写
        $result = strtoupper($string);
        
        return $result;
    }
}