下面要讲的就是AppStore内购的服务器端验证,在app中支付的过程那是由IOS程序猿完成的,完成支付后前端会获取到相应的支付凭证,那么就需要根据凭证来检验是否真实支付了,进而来完成后续产品的功能的业务逻辑,而校验呢,有两种一种是前端自己去校验,一种是通过后端来校验,可想而知了大部分都会是通过后端来校验了,那么下面就亮出真宝剑:
一、(封装好的获取凭证结构类,这里用的是tp框架,这边若是其他框架修改也很方便,若有不懂可以给我留言)
/**
* 苹果内购Api查询接口
* Class AppleAipController
* @package Pay\Controller
*/class AppleAipController extends Controller{
/**
* @var string
*/
private $sandboxCurl = "https://sandbox.itunes.apple.com/verifyReceipt"; private $formalityCurl = "https://buy.itunes.apple.com/verifyReceipt"; /**
* @return array
*/
public function send($encodeStr,$sandboxStatus=0)
{
$ch = curl_init(); $data['receipt-data'] =$encodeStr; $encodeStr = json_encode($data); $url = $sandboxStatus?($this->formalityCurl):($this->sandboxCurl);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // post数据
curl_setopt($ch, CURLOPT_POST, 0); // post的变量
curl_setopt($ch, CURLOPT_POSTFIELDS, $encodeStr);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false); $output = curl_exec($ch);
curl_close($ch); $resut = (Array)json_decode($output,true); return $resut;
}
}登录后复制
二、因为公司做的产品设计到资金问题的,所以最好需要谨慎点咯,所以之前写的token,和验签就器到作用了,如果需要了解验签和token的实现可以往这里看看哦,
验签文章请点击,token文章请点击
那么下面我也赋上我的调用方法,因为是在tp上使用,若需要使用到其他框架或者原生这边可给我留言协助修改,下面我附上我调用的代码:
<?php/**
* Created by PhpStorm.
* User: wyb
* Date: 2017/8/14
* Time: 9:57
*/namespace xxxxxxxx;use Common\Tools\Attestation;use Pay\Controller\AppleAipController;use Think\Controller;/**
* product苹果API内购验证
* Class CoinApiPayController
*/class ProductPayController extends Controller{
protected $response = ['result' => true, 'code' => 10000, 'msg' => '', 'AData' => [], 'OData' => NULL]; /**
* 来源数组
* @var array
*/
private $targetArray = ['a_sysj', 'i_sysj', 'a_lpds', 'i_lpds','a_jjds','i_jjds']; private $testMember =['9232313'];//定好你们内部测试,人员,若人员比较多的化就做成后台管理的从数据库中取出
/**
* @name 检验凭证并分发后续业务的逻辑
*/
public function credentialsCheckAction()
{
IS_POST ||$this->returnError();//判断是否是POST
$parameters =I('post.');//这里最好的相应的参数进行验证,并且使用验签校验,这里我就省略了这部分,还有下面部分最好也放在你封装或者放在你相应的模型内
$AppleAipController = new AppleAipController(); $sandboxStatus = in_array($parameters['member_id'],$thi->testMember)?1:0; $checkData = $AppleAipController->send($parameters['encodeStr'],$sandboxStatus); if($checkData['status']==0){ //校验订单号
if($checkData['receipt']['transaction_id']!=$parameters['trade_id']) { $this->returnErrorData('20012', '检验错误【01】', '21003');
} $productId = 'com.ifeimo.'.$orderInfo['product_id']; //校验商品ID
if($checkData['receipt']['product_id'] != $productId){ $this->returnErrorData('20012', '检验错误【02】', '21003');
} //校验价格
$checkPrice = intval(str_replace('cxzxxxx_', '', $checkData['receipt']['product_id'])); if($checkPrice!=$orderInfo['price']){ $this->returnErrorData('20012', '检验错误【03】', '21003');
} $result = self::notifyAdd($orderInfo); $this->response['msg'] = '支付成功'; $status = $checkData['status'];
}else{ $status = $checkData['status']; $this->response['status'] = $status; $this->response['result'] = false; $this->response['msg'] = '待支付';
} $this->response['order'] = $orderInfo; $this->response['encodeStatus'] = $status; $this->ajaxReturn($this->response);//返回数据给前端
} /**
* 整合异步发放
* @param $order
* @param $time
* @return int
*/
private function notifyAdd($order)
{
//这里写你相应的分发业务
} /**
* 错误返回
* @param string $msg 错误提示信息,默认‘请求处理失败’
*/
private function returnErrorData($code = '20000', $msg = '请求处理失败',$status='21003'){
$this->response['result'] = false; $this->response['status'] = $status; $this->response['code'] = $code; $this->response['msg'] = $msg; $this->ajaxReturn($this->response);
}
}登录后复制
因为可能包含了tp的写法,若需要协助拆分的可以通过我的博客加入我的群,我这边可协助解决。
相关推荐:
PHP关于API接口实例分享
php的api数据接口书写实例
PHP支付宝开发之服务窗API
以上是php实现apple API内购凭证的验证实例代码的详细内容。更多信息请关注PHP中文网其他相关文章!
