zhijiayun/app/Http/Controllers/Api/Wechat/OfficialNotify.php

<?php

namespace App\Http\Controllers\Api\Wechat;

use App\Http\Controllers\Controller;
use App\Models\Api\Personnel\EmployeeOpenid as EmployeeOpenidModel;
use App\Facades\Servers\Logs\Log;
use App\Servers\Wechat\Official;


class OfficialNotify extends Controller
{

    /**
     * 公众号关注回调 - 自动绑定用户公众号OpenID
     * @author 唐远望
     * @version 1.0
     * @date 2026-03-10
     */
    public function callback(EmployeeOpenidModel $EmployeeOpenidModel)
    {
        // 获取微信推送的原始数据
        $xmlData = file_get_contents('php://input');
        $xml = simplexml_load_string($xmlData, 'SimpleXMLElement', LIBXML_NOCDATA);
        $Official = new Official();
        if ($xml) {
            // 提取关键信息
            $fromUsername = (string)$xml->FromUserName;  // 用户的公众号OpenID
            $toUsername = (string)$xml->ToUserName;      // 公众号原始ID
            $event = (string)$xml->Event;                 // 事件类型
            $eventKey = (string)$xml->EventKey;           // 事件KEY值（扫码关注时会有）
            // 记录日志，方便调试
            Log::info('wechat_subscribe_info', '微信关注事件', ['FromUserName' => $fromUsername, 'ToUserName' => $toUsername, 'event' => $event, 'eventKey' => $eventKey]);
            // 处理关注事件
            if ($event == 'subscribe') {
                // 尝试获取用户UnionID
                $official_user_info = $Official->getApp()->user->get($fromUsername);
                $unionid = isset($official_user_info['unionid']) ? $official_user_info['unionid'] : '';
                if ($unionid) {
                    // 1. 有UnionID，直接绑定公众号OpenID
                    $user_open_data = $EmployeeOpenidModel->where(['unionid' => $unionid])->first();
                    if ($user_open_data) {
                        $user_open_data->official_openid = $fromUsername;
                        $user_open_data->save();
                    }
                } else {
                    Log::info('wechat_subscribe_error', '获取UnionID失败', ['data' => $fromUsername, 'request_data' => $official_user_info]);
                }
            }
        }
        // 验证签名
        $signature = $this->checkSignature();
        if ($signature){
             return $signature;
        }else{
            return false;
        }
    }

    private function checkSignature()
    {
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];
        if (!$signature || !$timestamp || !$nonce) return false;
        $token = config('wechat.openplat.token', '');
        $tmpArr = array($token, $timestamp, $nonce);
        sort($tmpArr, SORT_STRING);
        $tmpStr = implode($tmpArr);
        $tmpStr = sha1($tmpStr);
        if ($tmpStr == $signature) {
            return $tmpStr;
        } else {
            return false;
        }
    }
}