商用授权接口

@@ -124,6 +124,13 @@ class ClientCredentialsController
 
     public function test()
     {
-        return '';
+        $params = [
+            time(),
+            rand(10000, 999999),
+            'i85ShUQ6'
+        ];
+        sort($params, SORT_STRING);
+
+        return [$params, sha1(join('&', $params))];
     }
 }

@@ -62,12 +62,12 @@ class CheckSignature
         $only = Arr::only($params, ['client_id', 'timestamp', 'nonce']);
         sort($only, SORT_STRING);
         $tmpStr = sha1(join('&', $only));
-        if ($params['sign'] != $tmpStr) {
+        if ($params['signature'] != $tmpStr) {
             return Response::successWithCode(ErrorCode::INVALID_SIGNATURE, ErrorCode::$messages[ErrorCode::INVALID_SIGNATURE]);
         }
         //防重放机制
         //检查时间戳是否有效
-        if (time() < $params['timestamp'] + self::TIMESTAMP_LIMIT) {
+        if (time() > $params['timestamp'] + self::TIMESTAMP_LIMIT) {
             return Response::successWithCode(ErrorCode::INVALID_TIMESTAMP, ErrorCode::$messages[ErrorCode::INVALID_TIMESTAMP]);
         }
         //随机数是否已被使用

@@ -6,8 +6,8 @@ Route::group(['prefix' => 'client-credentials'], function () {
     Route::get('getApp', "ClientCredentialsController@getApp");
     Route::get('token', "ClientCredentialsController@getAccessToken");
 });
-Route::get('test', "ClientCredentialsController@test");
-Route::get('song/list', "SongController@list");
-Route::group(['middleware' => 'check.signature'], function () {
+//Route::get('test', "ClientCredentialsController@test");
 
+Route::group(['middleware' => 'check.signature'], function () {
+    Route::get('song/list', "SongController@list");
 });