<?php

namespace app\components;


use app\models\Signing;
use app\models\UserOauth;

class TongLianPay
{
    private $privateKey = 'MIIEpAIBAAKCAQEAnxhCKTNtYHHSd7mBvTVy2p5M4RtnZzQNYtQMhYcVtgrYKq4lNtw68q3j1y2ZjXprcNtJ9XnsqXkyynXcVGPPLcj/p21kXuakGVUH92OVyaq7f8PjSvKu/n1hytVnLG98S5RW1uECTj4kfyxd9TPSh6PUymhFdMiZqQCGGmuKXQNz5qJW3wqnHedLOQS2ZgAfy0lY4r7fwNNkY67TnOBpLJ8TKrSdYfUonRp1RGVPq1Z6cZFRcaNFZRofrDVqY08nl0cKGOI47vh/Jj+RoEgMKH82+h7IiXWgUp3VciSMovIkiODDAN5fdO1tJSzVzNc83Pnm6E5BxmAFpWsnlCrvJQIDAQABAoIBACARabSYUyGvj7bmQ4p57Y63fdOaDHu2+EPFbkiz8+JfyTbBJ2spdRBZkKVc4ais1l9HNF8wlk2KynwYybKQ87/M1gtPd33Ri543j4WEIzslGOol9/ixdiiB6WZTIZrJVgp9+gsSC77ts7mWndHBAlyo30l1PxrNHHv+SQmmR5t7twPVn6oYkYuRTTvgaujdOjhNzgFSrFfPJC+wko6VEGtvGkIRCGmtleC0mqC8knUT8TpMQ6eksyBCcLuOTRr2sL0p5hc2Tioo9l4QW8HHOJa8w5rQpVZHdsZx6UHUz79YPI9BS/lp9JsKvbX+SKv/cv7AHg7+l1fQqJF9BjzNFHkCgYEA3DnWutEZiidVcbbryblQfbXpVjsuXJTPalTv3dJw4wh3Q13r9DQ9MtkS9pEnTuzgj545rCDSjpeVf8BSui9VnlJfYHfaIiULC4DLdNK/XnNeg4PCbUNENFWcXETgW0s1xMBmUS2ad4M9QssANTpFr5HKIpmCFx5Qu0Ol1D+64VMCgYEAuPBC9O7kSoB0w+WY49AR51qi0vWwQxhCORoCjNldcW89ced2o3ehkPL+yYRSNjLiKfVh1xVaVKXMipDIb5tZARMWf1Jr8WqjJDXQoe+LgDSxzmhdNM7NIhPcJ5ha1fxh3/emc1K0YgObdCxIyrKUrBBoOOkfEIZ+rNNhQZ7eBqcCgYB3BduEBFblT/TiDJbK45kZGCQQMtQPvW2MbnNlU8MnMQAkLLLFvSYGQUP6duDjyypi9IT+/o5N+qcV8H/FmKeRdbuOi7gdFCAwC1/qt6wuA/Rk5+VA4EYQcuSbCa6oKLHasJGb9iWxygBmBQkLu37GMOkqYgTpMb04OIt7dyYteQKBgQC2ln+E01cRN0IRJt2MDiGfCR04qtkbZRf8yHE8Hl7jX7CKhLvdKH+bXE2xJ7MDT7l7M4klkS9d41POeqNpjTaSmQXdLsLj1yS622bgemCAc4YZA3ECciqVOoZhkUodetAnD5qGwWDWZDlWuWIkvauLNaewiHjjF+Z5OzkKUI9kgQKBgQDT/ccCYjTGRAQoewyrSzyYfxjnt/EPE83poeug6v923MmPkihNOajpnIpnXe+aybNNbIcqeu4YVCYBSGTDqL4Dc28AmLUOrnjFfA9DydP4G3HT3Y5RtChDZ44XOp+IJywJ2dufOLbjlLXD7KGIkzpIATpxC7bDhRoZRPmBDnX5uw==';

    private $publicKey = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCm9OV6zH5DYH/ZnAVYHscEELdCNfNTHGuBv1nYYEY9FrOzE0/4kLl9f7Y9dkWHlc2ocDwbrFSm0Vqz0q2rJPxXUYBCQl5yW3jzuKSXif7q1yOwkFVtJXvuhf5WRy+1X5FOFoMvS7538No0RpnLzmNi3ktmiqmhpcY/1pmt20FHQQIDAQAB';

    private $cusid = '56339308999C8UH';
    private $appid = '00298533';

    public function pay($orderNom, $frontUrl, $userId)
    {
        $userOauth = UserOauth::find()->where(['user_id' => $userId])->one();
        $signing = Signing::find()->where(['order_no' => $orderNom])->one();

        $data = [
            'cusid' => $this->cusid,
            'appid' => $this->appid,
            'version' => '11',
            'trxamt' =>  $signing->moy * 100,
            'reqsn' => $signing->order_no,
            'paytype' => 'W06',
            'randomstr' => date('dHis') . rand(1000000, 9999999),
            'signtype' => 'RSA',
            'front_url' => $frontUrl,
            'notify_url' => 'http://app.cxgj.dev.1nww.com/api/signing/signing-pay-notify',
            'acct' => $userOauth->openid,
            'sub_appid' => 'wxbcdac64cf147ee22',
        ];

        $data['sign'] = urlencode($this->sign($data));

        $request = $this->ToUrlParams($data);

        $res = $this->request('https://vsp.allinpay.com/apiweb/unitorder/pay', $request);

        $result = json_decode($res, true);

        if ($result['retcode'] !== 'SUCCESS') {
            return $this->apiReturnError('支付错误', $result);
        }
        return $this->apiReturnSuccess('success', $result);
    }

    public function notify($data)
    {
        if (!$this->ValidSign($data)) {
            return false;
        }

        $signing = Signing::find()->where(['order_no' => $data['outtrxid'], 'status' => 0])->one();

        if (!$signing) {
            return true;
        }

        $signing->status = 1;

        $signing->trxid = $data['trxid'];

        $signing->pay_time = time();

        return $signing->save();
    }

    public function refund($signingId)
    {
        $signing = Signing::findOne($signingId);

        if ($signing && $signing->status == 1) {

            $data = [
                'cusid' => $this->cusid,
                'appid' => $this->appid,
                'trxamt' => $signing->moy * 100,
                'reqsn' => date('YmdH') . rand(10000, 99999),
                'oldtrxid' => $signing->trxid,
                'randomstr' => date('YmdH') . rand(10000, 99999),
                'signtype' => 'RSA',
            ];

            $data['sign'] = urlencode($this->sign($data));

            $request = $this->ToUrlParams($data);

            $res = $this->request('https://vsp.allinpay.com/apiweb/tranx/refund', $request);

            $result = json_decode($res, true);

            if ($result['trxstatus'] == '0000') {

                $signing->status = 2;

                $signing->save();

                return $this->apiReturnSuccess('操作成功');
            }
            return $this->apiReturnError($result['errmsg']);
        }
        return $this->apiReturnError('订单异常');
    }


    //RSA签名
    public function sign(array $array)
    {
        ksort($array);
        $bufSignSrc = $this->ToUrlParams($array);
        $private_key = $this->privateKey;
        $private_key = chunk_split($private_key, 64, "\n");
        $key = "-----BEGIN RSA PRIVATE KEY-----\n" . wordwrap($private_key) . "-----END RSA PRIVATE KEY-----";
        //   echo $key;
        if (openssl_sign($bufSignSrc, $signature, $key)) {
            //		echo 'sign success';
        } else {
            echo 'sign fail';
        }
        $sign = base64_encode($signature);//加密后的内容通常含有特殊字符，需要编码转换下，在网络间通过url传输时要注意base64编码是否是url安全的

        return $sign;

    }


    public function ToUrlParams(array $array)
    {
        $buff = "";
        foreach ($array as $k => $v) {
            if ($v != "" && !is_array($v)) {
                $buff .= $k . "=" . $v . "&";
            }
        }
        $buff = trim($buff, "&");
        return $buff;
    }

    /**
     * 校验签名
     * @param array 参数
     * @param unknown_type appkey
     */
    public function ValidSign(array $array)
    {
        $sign = $array['sign'];
        unset($array['sign']);
        ksort($array);
        $bufSignSrc = $this->ToUrlParams($array);
        $public_key = $this->publicKey;
        $public_key = chunk_split($public_key, 64, "\n");
        $key = "-----BEGIN PUBLIC KEY-----\n$public_key-----END PUBLIC KEY-----\n";
        $result = openssl_verify($bufSignSrc, base64_decode($sign), $key);
        return $result;
    }


    //发送请求操作仅供参考,不为最佳实践
    public function request($url, $params)
    {
        $ch = curl_init();
        $this_header = array("content-type: application/x-www-form-urlencoded;charset=UTF-8");
        curl_setopt($ch, CURLOPT_HTTPHEADER, $this_header);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)');
        curl_setopt($ch, CURLOPT_TIMEOUT, 30);

        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);//如果不加验证,就设false,商户自行处理
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

        $output = curl_exec($ch);
        curl_close($ch);
        return $output;
    }

    public function apiReturnSuccess($msg = "ok", $data = [], $code = 0)
    {
        return [
            'code' => $code,
            'msg' => $msg,
            'data' => $data
        ];
    }

    public function apiReturnError($msg = "failed", $data = [], $code = 1)
    {
        return [
            'code' => $code,
            'msg' => $msg,
            'data' => $data
        ];
    }
}