NICE API에서도 잘 나와있고 일반적으로 엑셀에 절차를 가이드로 주는걸로 알고있습니다.
혹시 필요하시분이있을거 같아서 업로드 합니다.
$url = 'https://svc.niceapi.co.kr:22001/digital/niceid/api/v1.0/common/crypto/token';
$auth = base64_encode("해당키값1".":".time().":"."해당값2");
$header = array(
'Content-Type: application/json',
'Authorization: bearer '.$auth,
'client_id:'."해당값3",
'ProductID:'."해당값4"
);
$req_dtim = date("YmdHis");
$req_no = substr("pc".strtoupper(md5(mt_rand())), 0, 12);
$post_in = array(
"req_dtim" => $req_dtim,
"req_no" => $req_no,
"enc_mode" => "1"
);
$post = array(
"dataBody"=>$post_in
);
$post_en = json_encode($post);
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => $post_en,
CURLOPT_HTTPHEADER => $header,
));
$rtn = curl_exec($ch);
curl_close($ch);
if ($rtn === FALSE) {
error_log('Curl failed');
die('Curl failed: ' . curl_error($ch));
}
$res = json_decode($rtn, true);
// ex.
// [dataBody] => Array (
// [rsp_cd] => P000
// [result_cd] => 0000
// [site_code] => Q....Q=
// [token_version_id] => 2022.....A0B1A
// [token_val] => uhzU.....2ypRhE=
// [period] => 3600 ) )
$res_cert = $res['dataBody'];
//대칭키를 생성한다
$_key = trim($req_dtim).trim($req_no).trim($res_cert['token_val']);
$_key_hash = base64_encode(hash('sha256',$_key, true));
$key = substr($_key_hash,0, 16);
$iv = substr($_key_hash,-16);
//무결성키를 생성한다
$hmac_key = substr($_key_hash, 0, 32);
//키값을 세션에 담아준다(결과데이터 복호화를 위함)
$_SESSION['_nice_key'] = $key;
$_SESSION['_nice_iv'] = $iv;
//요청데이터들 암호화처리시작
//receivedata=리턴페이지에 전달할 변수나 내용들
$_data = array(
"requestno" => $req_no,
"returnurl" => "도메인/callback.php",
"sitecode" => $res_cert['site_code'],
"methodtype" => 'post',
"popupyn" => 'N',
"receivedata" => "전달받고싶은내용"
);
$data = json_encode($_data, JSON_UNESCAPED_SLASHES);
$enc_data = base64_encode(openssl_encrypt($data, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv));
//hmac 무결성체크값(intigrety_value) 생성하기
$hmac = hash_hmac("sha256", $enc_data, $hmac_key, true);
$intigrety_value = base64_encode($hmac);
//form 전송할 항목
$rtn = array(
"token_version_id" => $res_cert['token_version_id'],
"enc_data" => $enc_data,
"integrity_value" => $intigrety_value,
);
<form name="form_chk" id="form_chk" method="get" action="https://nice.checkplus.co.kr/CheckPlusSafeModel/checkplus.cb">
<input type="hidden" id="m" name="m" value="service" />
<input type="hidden" id="token_version_id" name="token_version_id" value="<?=$rtn['token_version_id']?>" />
<input type="hidden" id="enc_data" name="enc_data" value="<?=$rtn['enc_data']?>" />
<input type="hidden" id="integrity_value" name="integrity_value" value="<?=$rtn['integrity_value']?>" />
<a href="javascript:fnSubmit();"> CheckPlus 안심본인인증 Click</a>
</form>
<script language='javascript'>
function fnSubmit(){
document.form_chk.submit();
}
</script>
callback파일
function get_decrypt_nice_data($res_enc_data, $_nice_key, $_nice_iv){
$_enc_data = base64_decode($res_enc_data); //methodtype post로 설정해서 보냈는데도 get으로 결과값 전달됨..
//디코딩한 결과데이터 복호화처리 => charset 맞춰주기 => 배열로 디코딩
$enc_data = openssl_decrypt($_enc_data, 'AES-128-CBC', $_nice_key, OPENSSL_RAW_DATA, $_nice_iv);
$enc_data = iconv("euc-kr", "utf-8",$enc_data);
$res_data = json_decode($enc_data, true);
return $res_data;
}
$res_data = get_decrypt_nice_data($_REQUEST['enc_data'], $_SESSION['_nice_key'], $_SESSION['_nice_iv']);
res_data를 db에 넣어거나 활용하면 끝
