第一步申请资料

  获得 

企业微信

  CorpID ，ProviderSecret

应用

SuiteID， Secret，Token，EncodingAESKey

第二步下载  

 加解密库下载及示例 https://work.weixin.qq.com/api/doc/90001/90145/90446

第三步将下载的文件 命名为weworkapi 并放到根目录的sdk（可以随意放）

指令回调URL 代码如下

$encodingAesKey = "EncodingAESKey";
$token = "token";
$corpId = "corpid";//  企业ID
$suiteId = 'suiteid';//  应用id

$sVerifyMsgSig = $_GET['msg_signature'];
$sVerifyTimeStamp = $_GET['timestamp'];

$sVerifyNonce = $_GET['nonce'];
include_once  ROOT_PATH."sdk/weworkapi/callback/WXBizMsgCrypt.php";

if(!empty($_GET['echostr'])){
    $sVerifyEchoStr = $_GET['echostr'];
    $sEchoStr = "";
    $wxcpt = new \WXBizMsgCrypt($token, $encodingAesKey, $corpId);
    $errCode = $wxcpt->VerifyURL($sVerifyMsgSig, $sVerifyTimeStamp, $sVerifyNonce, $sVerifyEchoStr, $sEchoStr);
    if ($errCode == 0) {
        // 验证URL成功，将sEchoStr返回
        echo $sEchoStr;
        exit;
    } else {
        print("ERR: " . $errCode . "\n\n");
    }
}
file_put_contents(ROOT_PATH."public/tmp.txt", $_SERVER['REQUEST_METHOD'], FILE_APPEND);
file_put_contents(ROOT_PATH."public/tmp.txt", file_get_contents("php://input"), FILE_APPEND);
//判断企业微后台是否推送suite_ticket到该url，post形式
if($_SERVER['REQUEST_METHOD'] === 'POST' ){
    //必须通过输入流方式获取post数据,，接收到的$sReqData 为xml格式，需转换成对象或其他格式
    $sReqData = file_get_contents("php://input");
    $xml =  simplexml_load_string($sReqData,'SimpleXMLElement', LIBXML_NOCDATA); //  xml格式转成对象

    $ToUserName = $xml->ToUserName;
    if($suiteId == $ToUserName){ //证明是企业微信后台推送
        include_once ROOT_PATH."sdk/weworkapi/callback/WXBizMsgCrypt.php";
        $wxcpt = new \WXBizMsgCrypt($token, $encodingAesKey, $ToUserName);
        $sMsg     = '';  // 解析之后的明文
        $err_code = $wxcpt->DecryptMsg($sVerifyMsgSig, $sVerifyTimeStamp, $sVerifyNonce, $sReqData, $sMsg);
        $xmls = simplexml_load_string($sMsg,'SimpleXMLElement', LIBXML_NOCDATA); //  xml格式转成对象
        if($err_code == 0){
            switch ($xmls->InfoType) {
                case 'suite_ticket'://推送suite_ticket协议每十分钟微信推送一次
                    $xmls = json_decode(json_encode($xmls), 1);
                    $suite_ticket = $xmls['SuiteTicket'];
                    if (!empty($suite_ticket)) {
                        //  保存下获取到数据
                        cache("SuiteTicket", $suite_ticket);
                        echo 'success';  // 返回企业微信消息 success
                    }
                    else {
                        echo 200;//错误信息
                    }
                    break;
            }
        }
    }
}
exit;

数据回调URL

include_once  ROOT_PATH."/sdk/weworkapi/callback/WXBizMsgCrypt.php";

// 假设企业号在公众平台上设置的参数如下
$encodingAesKey = "EncodingAESKey";
$token = "token";
#这个是微信服务商信息》基本信息CorpID
$receiveid = "基本信息的corpid";
$wxcpt = new \WXBizMsgCrypt($token, $encodingAesKey, $receiveid);

// http://cq.xuduan.tech:62606/weworkapi_php/callback_json/callbackverify.php?msg_signature=5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3&timestamp=1409659589&nonce=263014780&echostr=P9nAzCzyDtyTWESHep1vC5X9xho%2FqYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp%2B4RPcs8TgAE7OaBO%2BFZXvnaqQ%3D%3D

// get the paramters
$sVerifyMsgSig = $_GET['msg_signature'];
$sVerifyTimeStamp = $_GET['timestamp'];
$sVerifyNonce = $_GET['nonce'];
$sVerifyEchoStr = $_GET['echostr'];

$sEchoStr = "";

$errCode = $wxcpt->VerifyURL($sVerifyMsgSig, $sVerifyTimeStamp, $sVerifyNonce, $sVerifyEchoStr, $sEchoStr);
if ($errCode == 0) {
    echo $sEchoStr . "\n";
} else {
    print("ERR: " . $errCode . "\n\n");
}