下载phpdemo算是跑起来了,现在就要考虑租户系统如自身验证token的问题了。
1、先介绍下我的代码目录
2、文件执行的时序图和流程图
2、代码demo
test.php
function curl_request($url,$post='',$cookie='', $returnCookie=0){
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_AUTOREFERER, 1);
curl_setopt($curl, CURLOPT_REFERER, "http://XXX");
if($post) {
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($post));
}
if($cookie) {
curl_setopt($curl, CURLOPT_COOKIE, $cookie);
}
curl_setopt($curl, CURLOPT_HEADER, $returnCookie);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($curl);
if (curl_errno($curl)) {
return curl_error($curl);
}
curl_close($curl);
if($returnCookie){
list($header, $body) = explode("\r\n\r\n", $data, 2);
preg_match_all("/Set\-Cookie:([^;]*);/", $header, $matches);
$info['cookie'] = substr($matches[1][0], 1);
$info['content'] = $body;
return $info;
}else{
return $data;
}
}
if(empty($_GET['token'])){
die('您非法访问');
}
$param=array(
'token'=>$_GET['token']
);
$result=curl_request("http:/xxxxxx/ckparams.php",$param);
if (!empty($result)){
$vodRsp = json_decode($result,false);
$status=$vodRsp->status;
$code=$vodRsp->code;
if($code!=='1001'){
echo "非法访问".$code;
}
}else{
echo '请求参数错误';
die;
}
$urlToken=$status;
?>
html>
hwplayerloaded(function () {
var player = new HWPlayer("test",{ width: 480, height: 300, controls: true },function(){
alert(1111);
});
player.src(
{
src:'https://613.cdn-vod.huaweicloud.com/asset/65252102f1de7c4011c969dc803f2e58/play_video/<?php echo $urlToken;?>/index.m3u8',
type: "application/x-mpegURL"
}
);
player.play();
});
getkey.php
function convertUrlQuery($query)
{
$queryParts = explode('&', $query);
$params = array();
foreach ($queryParts as $param) {
$item = explode('=', $param);
$params[$item[0]] = $item[1];
}
return $params;
}
function getToken(){
$url ='https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
$url = parse_url($url);
$param_arr =convertUrlQuery($url['query']);
return $param_arr['token'];
}
function curl_request($url,$post='',$cookie='', $returnCookie=0){
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_AUTOREFERER, 1);
curl_setopt($curl, CURLOPT_REFERER, "http://XXX");
if($post) {
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($post));
}
if($cookie) {
curl_setopt($curl, CURLOPT_COOKIE, $cookie);
}
curl_setopt($curl, CURLOPT_HEADER, $returnCookie);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($curl);
if (curl_errno($curl)) {
return curl_error($curl);
}
curl_close($curl);
if($returnCookie){
list($header, $body) = explode("\r\n\r\n", $data, 2);
preg_match_all("/Set\-Cookie:([^;]*);/", $header, $matches);
$info['cookie'] = substr($matches[1][0], 1);
$info['content'] = $body;
return $info;
}else{
return $data;
}
}
$keyTokenCheck=getToken();
//file_put_contents("token.txt",$keyTokenCheck);
if(empty($keyTokenCheck)){
die;
}
$param=array(
'token'=>$keyTokenCheck
);
$result=curl_request("http://xxxxxx/ckplaytoken.php",$param);
if(!empty($result)){
$rs=json_decode($result,false);
$code=$rs->code;
$status=$rs->status;
if($code!=='1001'){
die;
}else{
$key=file_get_contents("key.map");
if($key){
echo $key;
}else{
/**
* 查询媒资密钥
*/
require './cloudvod/vod/service/AssetService.php';
require './cloudvod/vod/model/QueryAssetCiphersReq.php';
$req = new QueryAssetCiphersReq();
$req ->setAssetId('34345345345');
$rsp = "";
try {
$rsp = AssetService::QueryAssetCiphers($req);
$rspp=json_decode($rsp->getBody());
$finalKey=base64_decode($rspp->dk);
file_put_contents("key.map",$finalKey);
echo $finalKey;
} catch (Exception $e) {
echo $e;
}
}
}
}
ckparams.php
function checkAccessToken(){
//查询传过来的token是否在表中存在,且为0,表明已经合法
//userid、accessPageToken、playUrlToken,status,playStatus 0,1主要核对表中的token的status状态0不对,1正确,
return true;
}
if(checkAccessToken()){
$result=array(
'code'=>'1001',
//这了自己改
'status'=>md5('234567')
);
}else{
$result=array(
'code'=>'1002',
'status'=>"访问非法.."
);
}
//将md5的id加固定456字符串存入playUrlToken中
//更改这个token对应的status,最后改变status位1,表明此次完毕
echo json_encode($result);
?>
ckplaytoken.php
//将传过来的32位token,在表中查找,存在且为0,表示合法
$result=array(
'code'=>'1001'
);
//返回之前将playStatus改为1
echo json_encode($result);
?>
3、坑和期间可能出现的问题、待续
![[SDOI2016]储能表](http://www.lydsy.com/JudgeOnline/upload/201604/2%282%29.png)