The following is the server-side verification of AppStore in-app purchases. The payment process in the app is completed by the IOS programmer. After the payment is completed, the front-end will obtain the corresponding payment. Voucher, then it is necessary to verify whether the payment was actually made based on the voucher, and then complete the business logic of subsequent product functions. As for verification, there are two types: one is to verify by the front end itself, and the other is to verify through the back end. It can be imagined that most of them will be verified through the backend, so the real sword is shown below:
1. (Encapsulated credential acquisition structure class, the tp framework is used here , it is also very convenient to modify other frameworks here. If you don’t understand, you can leave me a message)
/**
* 苹果内购Api查询接口
* Class AppleAipController
* @package Pay\Controller
*/class AppleAipController extends Controller{
/**
* @var string
*/
private $sandboxCurl = "https://sandbox.itunes.apple.com/verifyReceipt"; private $formalityCurl = "https://buy.itunes.apple.com/verifyReceipt"; /**
* @return array
*/
public function send($encodeStr,$sandboxStatus=0)
{
$ch = curl_init(); $data['receipt-data'] =$encodeStr; $encodeStr = json_encode($data); $url = $sandboxStatus?($this->formalityCurl):($this->sandboxCurl);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // post数据
curl_setopt($ch, CURLOPT_POST, 0); // post的变量
curl_setopt($ch, CURLOPT_POSTFIELDS, $encodeStr);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false); $output = curl_exec($ch);
curl_close($ch); $resut = (Array)json_decode($output,true); return $resut;
}
}Copy after login
2. Because the product design of the company involves financial issues, it is best to be cautious, so before The written token and signature verification are now in effect. If you need to know about the implementation of signature verification and token, you can take a look here.
Please click on the signature verification article, and please click on the token article
Then I will also assign my calling method below, because it is used on tp. If you need to use other frameworks or native ones, you can leave me a message to help modify it. I will attach my calling code below:
<?php/**
* Created by PhpStorm.
* User: wyb
* Date: 2017/8/14
* Time: 9:57
*/namespace xxxxxxxx;use Common\Tools\Attestation;use Pay\Controller\AppleAipController;use Think\Controller;/**
* product苹果API内购验证
* Class CoinApiPayController
*/class ProductPayController extends Controller{
protected $response = ['result' => true, 'code' => 10000, 'msg' => '', 'AData' => [], 'OData' => NULL]; /**
* 来源数组
* @var array
*/
private $targetArray = ['a_sysj', 'i_sysj', 'a_lpds', 'i_lpds','a_jjds','i_jjds']; private $testMember =['9232313'];//定好你们内部测试,人员,若人员比较多的化就做成后台管理的从数据库中取出
/**
* @name 检验凭证并分发后续业务的逻辑
*/
public function credentialsCheckAction()
{
IS_POST ||$this->returnError();//判断是否是POST
$parameters =I('post.');//这里最好的相应的参数进行验证,并且使用验签校验,这里我就省略了这部分,还有下面部分最好也放在你封装或者放在你相应的模型内
$AppleAipController = new AppleAipController(); $sandboxStatus = in_array($parameters['member_id'],$thi->testMember)?1:0; $checkData = $AppleAipController->send($parameters['encodeStr'],$sandboxStatus); if($checkData['status']==0){ //校验订单号
if($checkData['receipt']['transaction_id']!=$parameters['trade_id']) { $this->returnErrorData('20012', '检验错误【01】', '21003');
} $productId = 'com.ifeimo.'.$orderInfo['product_id']; //校验商品ID
if($checkData['receipt']['product_id'] != $productId){ $this->returnErrorData('20012', '检验错误【02】', '21003');
} //校验价格
$checkPrice = intval(str_replace('cxzxxxx_', '', $checkData['receipt']['product_id'])); if($checkPrice!=$orderInfo['price']){ $this->returnErrorData('20012', '检验错误【03】', '21003');
} $result = self::notifyAdd($orderInfo); $this->response['msg'] = '支付成功'; $status = $checkData['status'];
}else{ $status = $checkData['status']; $this->response['status'] = $status; $this->response['result'] = false; $this->response['msg'] = '待支付';
} $this->response['order'] = $orderInfo; $this->response['encodeStatus'] = $status; $this->ajaxReturn($this->response);//返回数据给前端
} /**
* 整合异步发放
* @param $order
* @param $time
* @return int
*/
private function notifyAdd($order)
{
//这里写你相应的分发业务
} /**
* 错误返回
* @param string $msg 错误提示信息,默认‘请求处理失败’
*/
private function returnErrorData($code = '20000', $msg = '请求处理失败',$status='21003'){
$this->response['result'] = false; $this->response['status'] = $status; $this->response['code'] = $code; $this->response['msg'] = $msg; $this->ajaxReturn($this->response);
}
}Copy after login
Because it may include the writing method of tp, if you need assistance in splitting, you can join my group through my blog, and I can help solve the problem.
Related recommendations:
PHP’s sharing of API interface examples
php’s api data interface writing examples
PHP Alipay Development Service Window API
The above is the detailed content of PHP implements the verification example code of apple API in-app purchase voucher. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
