ios支付签名认证
一、解析json中参数的含义
private Long id;
@ApiModelProperty(value = "创建时间")
private Date gmtCreate;
@ApiModelProperty(value = "修改时间")
private Date gmtModified;
@ApiModelProperty(value = "用户编号")
private Long userNo;
@ApiModelProperty(value = "订单号")
private Long orderNo;
@ApiModelProperty(value = "唯一标识符")
private String uniqueIdentifier;
@ApiModelProperty(value = "原始交易ID")
private Long originalTransactionId;
@ApiModelProperty(value = "交易的标识")
private Long transactionId;
@ApiModelProperty(value = "数量")
private BigDecimal quantity;
@ApiModelProperty(value = "开发商交易ID")
private String uniqueVendorIdentifier;
@ApiModelProperty(value = "App Store用来标识程序的字符串")
private Long itemId;
@ApiModelProperty(value = "识别购买时使用的App版本,为任意数字")
private String versionExternalIdentifier;
@ApiModelProperty(value = "iPhone程序的bundle标识")
private String bid;
@ApiModelProperty(value = "商品的标识 ")
private String productId;
@ApiModelProperty(value = "校验状态码")
private Integer status;
二、定义解析工具类
package com.roncoo.education.common.core.tools; import com.alibaba.fastjson.JSONObject; import javax.net.ssl.*;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.math.BigDecimal;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Locale;
/**
* @author ZhangRF
*/
public class IosVerifyUtil {
private static class TrustAnyTrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
} public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
} public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[] {};
}
} private static class TrustAnyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
} private static final String url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";
private static final String url_verify = "https://buy.itunes.apple.com/verifyReceipt"; /**
* 苹果服务器验证
*
* @param receipt
* 账单
* @url 要验证的地址
* @return null 或返回结果 沙盒 https://sandbox.itunes.apple.com/verifyReceipt
*
*/
public static String buyAppVerify(String receipt,int type) {
//环境判断 线上/开发环境用不同的请求链接
String url = "";
if(type==0){
url = url_sandbox; //沙盒测试
}else{
url = url_verify; //线上测试
} try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());
URL console = new URL(url);
HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();
conn.setSSLSocketFactory(sc.getSocketFactory());
conn.setHostnameVerifier(new TrustAnyHostnameVerifier());
conn.setRequestMethod("POST");
conn.setRequestProperty("content-type", "text/json");
conn.setRequestProperty("Proxy-Connection", "Keep-Alive");
conn.setDoInput(true);
conn.setDoOutput(true);
BufferedOutputStream hurlBufOus = new BufferedOutputStream(conn.getOutputStream()); String str = String.format(Locale.CHINA, "{\"receipt-data\":\"" + receipt + "\"}");//拼成固定的格式传给平台
hurlBufOus.write(str.getBytes());
hurlBufOus.flush(); InputStream is = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
String line = null;
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
} return sb.toString();
} catch (Exception ex) {
System.out.println("苹果服务器异常");
ex.printStackTrace();
}
return null;
} /**
* 用BASE64加密
*
* @param str
* @return
*/
public static String getBASE64(String str) {
byte[] b = str.getBytes();
String s = null;
if (b != null) {
s = new sun.misc.BASE64Encoder().encode(b);
}
return s;
} public static void main(String[] args) {
String a = "拿到的苹果签名";
String buyAppVerify = buyAppVerify(a, 0);
System.out.println(buyAppVerify);
JSONObject appleReturn = JSONObject.parseObject(buyAppVerify);
String status = appleReturn.getString("status");
a = appleReturn.getString("receipt");
JSONObject returnJson = JSONObject.parseObject(a);
String uniqueIdentifier = returnJson.getString("unique_identifier");
Long originalTransactionId = returnJson.getLong("original_transaction_id");
Long transactionId = returnJson.getLong("transaction_id");
BigDecimal quantity = returnJson.getBigDecimal("quantity");
String uniqueVendorIdentifier = returnJson.getString("unique_vendor_identifier");
Long itemId = returnJson.getLong("item_id");
String versionExternalIdentifier = returnJson.getString("version_external_identifier");
String bid = returnJson.getString("bid");
String productId = returnJson.getString("product_id");
System.out.println(uniqueIdentifier+"======originalTransactionId"+originalTransactionId+"==transactionId=="+transactionId+
"====uniqueVendorIdentifier"+uniqueVendorIdentifier+"=====quantity"+quantity+"========"+itemId
+"versionExternalIdentifier"+versionExternalIdentifier+"====bid"+bid+"===productId"+productId+"status"+status);
}
}
三、解析使用,数据存入数据库
package com.roncoo.education.course.service.api.auth.biz; import com.alibaba.fastjson.JSONObject;
import com.roncoo.education.common.core.base.Base;
import com.roncoo.education.common.core.base.Result;
import com.roncoo.education.common.core.tools.IosVerifyUtil;
import com.roncoo.education.course.service.dao.IosVerifyDao;
import com.roncoo.education.course.service.dao.impl.mapper.entity.IosVerify;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component; import java.math.BigDecimal; /**
* @author ZhangRF
*/
@Component
public class AuthApiIosVerifyBiz extends Base { @Autowired
private IosVerifyDao dao; /**
* 解析IOS支付结果
*
* @param receipt
* @return
*/
public Result<Integer> buyAppVerify(String receipt, Long userNo, Long orderNo) {
String verifyResult = IosVerifyUtil.buyAppVerify(receipt, 1);
if (verifyResult == null) {
return Result.error("苹果验证失败,返回数据为空");
} else {
logger.info("线上,苹果平台返回JSON:" + verifyResult);
JSONObject appleReturn = JSONObject.parseObject(verifyResult);
String status = appleReturn.getString("status");
//无数据则沙箱环境验证
if ("21007".equals(status)) {
verifyResult = IosVerifyUtil.buyAppVerify(receipt, 0);
logger.info("沙盒环境,苹果平台返回JSON:" + verifyResult);
appleReturn = JSONObject.parseObject(verifyResult);
status = appleReturn.getString("status");
}
logger.info("苹果平台返回值:appleReturn" + appleReturn);
// 前端所提供的收据是有效的 验证成功
if (status.equals("0")) {
receipt = appleReturn.getString("receipt");
JSONObject returnJson = JSONObject.parseObject(receipt);
String uniqueIdentifier = returnJson.getString("unique_identifier");
Long originalTransactionId = returnJson.getLong("original_transaction_id");
Long transactionId = returnJson.getLong("transaction_id");
BigDecimal quantity = returnJson.getBigDecimal("quantity");
String uniqueVendorIdentifier = returnJson.getString("unique_vendor_identifier");
Long itemId = returnJson.getLong("item_id");
String versionExternalIdentifier = returnJson.getString("version_external_identifier");
String bid = returnJson.getString("bid");
String productId = returnJson.getString("product_id");
IosVerify iosVerify = new IosVerify();
iosVerify.setUniqueIdentifier(uniqueIdentifier);
iosVerify.setOriginalTransactionId(originalTransactionId);
iosVerify.setTransactionId(transactionId);
iosVerify.setQuantity(quantity);
iosVerify.setUniqueVendorIdentifier(uniqueVendorIdentifier);
iosVerify.setItemId(itemId);
iosVerify.setVersionExternalIdentifier(versionExternalIdentifier);
iosVerify.setBid(bid);
iosVerify.setProductId(productId);
iosVerify.setStatus(Integer.valueOf(status));
iosVerify.setUserNo(userNo);
iosVerify.setOrderNo(orderNo);
return Result.success(dao.save(iosVerify));
} else {
return Result.error("支付失败,错误码:" + status);
}
}
} }
ios支付签名认证的更多相关文章
- 支付宝ios支付请求Java服务端签名报的一个错(ALI40247) 原创
今天做app的支付宝支付,遇到些问题,以前做支付宝支付签名都是直接在客户端App进行,今天下了最新版本ios的支付宝支付demo,运行demo时底部有红色的显眼字体,告知用户签名必须在服务端进行... ...
- iOS代码签名理解
前言 做了几年iOS app coder了,对于证书的生成.使用流程烂熟于心,然而对于这套机制的原理却一直不甚理解.近来由于工作需要仔细研究了一下,特将自己的学习经验记录于此,以供大家学习指正. 问题 ...
- 支付宝App支付签名和验签
代码: using CMS.Utility.ReturnResult; using OAuthWebAPI.Package; using Common; using System; using Sys ...
- iOS App签名的原理
前言 相信很多同学对于iOS的真机调试,App的打包发布等过程中的各种证书.Provisioning Profile. CertificateSigningRequest.p12的概念是模糊的,导致在 ...
- php签名认证
一.概述 开年第一篇,该篇主要讲述了接口开发中,如何安全认证.如何用php签名认证. 二.说说历史 签名认证是什么?为什么要做签名认证?签名认证哪里会用到?no.no.no.....是不是,是不是,一 ...
- 【腾讯Bugly干货分享】iOS App 签名的原理
本文来自 WeRead 团队博客: http://wereadteam.github.io/ iOS 签名机制挺复杂,各种证书,Provisioning Profile,entitlements,Ce ...
- iOS 应用签名
一.密码学简介 1.1 base64 Base64 是一种通过查表的编码方法,不能用于加密,即使使用自定义的编码表也不行. Base64 适用于小段内容的编码,比如数字证书签名.Cookie 的内容等 ...
- iOS进行Basic认证与NTLM认证
一.iOS进行Basic认证 只需要在NSMutableURLRequest的Header中添加认证所需的Username和password. NSMutableURLRequest *webReq ...
- REST签名认证
139 开放平台与应用之间以REST协议进行通讯,为了保证通信的安全性,开放平台加入签名认证机制.应用一旦创建,系统生成唯一并且不公开的secretkey,只有应用的拥有者和开放平台知道.因此,当应用 ...
随机推荐
- 关于Docker的实践
docker 安装 wget -qO- https://get.docker.com/ | sh 镜像 images search pull commit build tag 查看本地镜像:docke ...
- POJ3225
题目链接:https://vjudge.net/problem/POJ-3225 解题思路:这道题要是不看题解以本渣新现在的实力确实是做不出来. 以区间为基础建立线段树. 当X=‘U', 将区间T内的 ...
- 开箱即用,Knative 给您极致的容器 Serverless 体验
作者 | 冬岛 阿里巴巴技术专家 导读:托管 Knative 开箱即用,您不需要为这些常驻实例付出任何成本.结合 SLB 云产品提供 Gateway 的能力以及基于突发性能型实例的保留规格功能,极大 ...
- excel2007灵活计算2个日期之间的工作日
C1单元格公式:=NETWORKDAYS(A1,B1,$F$2:$F$10)+COUNTIFS($I$2:$I$3,">="&A1,$I$2:$I$3,"& ...
- Java——线程安全的集合
线程安全的集合 java.util.concurrent包:ConcurrentHashMap,ConcurrentSkipListMap,ConcurrentSkipListSet,Concu ...
- ATX-UI自动化环境搭建
基础环境准备(以下都是在Mac机上搭建的) 1.android sdk安装&配置 很完美的一个资源下载网:tools.android-studio.org,下载所需的包(我下的zip包直接解压 ...
- 理解session及微信小程序使用session
session介绍 由于Http是无状态的协议,所以服务端需要记录用户的状态时,就需要某种机制来识别具体的用户,实现这个机制的方式就是session. 典型的场景比如购物车,当你点击下单按钮时,由于H ...
- Eclipse中java文件选中变量名,相同变量都变色显示 .
第一步设置高亮显示的颜色: Window-->preferences-->General-->Editors-->Text Editors-->Annotations-- ...
- 【Ubuntu】安装Ubuntu18.04.2LTS
环境:win10专业版.联想30D9主板 ubuntu:18.04.2LTS:Ubuntu镜像传送门:https://ubuntu.com/download/desktop 有两块硬盘,win10安装 ...
- sql注入讲解
1.输入1' 发现数据库报错,原因是我们的输入直接被代入到数据库查询语句里面. 2.有没有办法可以不让他报错呢?可以尝试一下构造正确的数据库语法,使之不报错.比如输入 1 and 1=1 试试 sel ...