下面要講的就是AppStore內購的伺服器端驗證,在app中支付的過程那是由IOS程式猿完成的,完成付款後前端會取得到對應的支付憑證,那麼就需要根據憑證來檢驗是否真實支付了,進而完成後續產品的功能的業務邏輯,而校驗呢,有兩種一種是前端自己去校驗,一種是透過後端來校驗,可想而知了大部分都會是透過後端來校驗了,那麼下面就亮出真寶劍:
/** * 苹果内购Api查询接口 * Class AppleAipController * @package Pay\Controller */class AppleAipController extends Controller{ /** * @var string */ private $sandboxCurl = "https://sandbox.itunes.apple.com/verifyReceipt"; private $formalityCurl = "https://buy.itunes.apple.com/verifyReceipt"; /** * @return array */ public function send($encodeStr,$sandboxStatus=0) { $ch = curl_init(); $data['receipt-data'] =$encodeStr; $encodeStr = json_encode($data); $url = $sandboxStatus?($this->formalityCurl):($this->sandboxCurl); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // post数据 curl_setopt($ch, CURLOPT_POST, 0); // post的变量 curl_setopt($ch, CURLOPT_POSTFIELDS, $encodeStr); curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false); $output = curl_exec($ch); curl_close($ch); $resut = (Array)json_decode($output,true); return $resut; } }
驗簽文章請點擊,token文章請點擊
<?php/** * Created by PhpStorm. * User: wyb * Date: 2017/8/14 * Time: 9:57 */namespace xxxxxxxx;use Common\Tools\Attestation;use Pay\Controller\AppleAipController;use Think\Controller;/** * product苹果API内购验证 * Class CoinApiPayController */class ProductPayController extends Controller{ protected $response = ['result' => true, 'code' => 10000, 'msg' => '', 'AData' => [], 'OData' => NULL]; /** * 来源数组 * @var array */ private $targetArray = ['a_sysj', 'i_sysj', 'a_lpds', 'i_lpds','a_jjds','i_jjds']; private $testMember =['9232313'];//定好你们内部测试,人员,若人员比较多的化就做成后台管理的从数据库中取出 /** * @name 检验凭证并分发后续业务的逻辑 */ public function credentialsCheckAction() { IS_POST ||$this->returnError();//判断是否是POST $parameters =I('post.');//这里最好的相应的参数进行验证,并且使用验签校验,这里我就省略了这部分,还有下面部分最好也放在你封装或者放在你相应的模型内 $AppleAipController = new AppleAipController(); $sandboxStatus = in_array($parameters['member_id'],$thi->testMember)?1:0; $checkData = $AppleAipController->send($parameters['encodeStr'],$sandboxStatus); if($checkData['status']==0){ //校验订单号 if($checkData['receipt']['transaction_id']!=$parameters['trade_id']) { $this->returnErrorData('20012', '检验错误【01】', '21003'); } $productId = 'com.ifeimo.'.$orderInfo['product_id']; //校验商品ID if($checkData['receipt']['product_id'] != $productId){ $this->returnErrorData('20012', '检验错误【02】', '21003'); } //校验价格 $checkPrice = intval(str_replace('cxzxxxx_', '', $checkData['receipt']['product_id'])); if($checkPrice!=$orderInfo['price']){ $this->returnErrorData('20012', '检验错误【03】', '21003'); } $result = self::notifyAdd($orderInfo); $this->response['msg'] = '支付成功'; $status = $checkData['status']; }else{ $status = $checkData['status']; $this->response['status'] = $status; $this->response['result'] = false; $this->response['msg'] = '待支付'; } $this->response['order'] = $orderInfo; $this->response['encodeStatus'] = $status; $this->ajaxReturn($this->response);//返回数据给前端 } /** * 整合异步发放 * @param $order * @param $time * @return int */ private function notifyAdd($order) { //这里写你相应的分发业务 } /** * 错误返回 * @param string $msg 错误提示信息,默认‘请求处理失败’ */ private function returnErrorData($code = '20000', $msg = '请求处理失败',$status='21003'){ $this->response['result'] = false; $this->response['status'] = $status; $this->response['code'] = $code; $this->response['msg'] = $msg; $this->ajaxReturn($this->response); } }
因為可能包含了tp的寫法,若需要協助拆分的可以透過我的部落格加入我的群組,我這邊可協助解決。
相關推薦:
以上是php實作apple API內購憑證的驗證實例碼的詳細內容。更多資訊請關注PHP中文網其他相關文章!