IOS 内付 asp.net mvc 服务器端验证
上代码:
public class AppStorePayApp { public int VerifyReceipt(string receipt, out string product_id, out string transaction_id) { product_id = ""; transaction_id = ""; try { string sandbox_url = "https://sandbox.itunes.apple.com/verifyReceipt"; string product_url = "https://buy.itunes.apple.com/verifyReceipt";
string ReturnVal = Post(product_url, receipt); JObject retJOBJ = ReturnVal.ToJObject(); if (retJOBJ["status"] == null) { return 0; } if (Convert.ToInt32(retJOBJ["status"]) == 21007)//测试环境 { ReturnVal = Post(sandbox_url, receipt); retJOBJ = ReturnVal.ToJObject(); if (retJOBJ["status"] == null || Convert.ToInt32(retJOBJ["status"]) != 0) { return 0; } } if (Convert.ToInt32(retJOBJ["status"]) == 0) { product_id = retJOBJ["receipt"]["in_app"][0]["product_id"].ToString(); transaction_id = retJOBJ["receipt"]["in_app"][0]["transaction_id"].ToString();return 1; } return 0; } catch (Exception ex) { } return 0; } public string Post(string verify_url, string receipt) { WebRequest request = WebRequest.CreateHttp(verify_url); request.Method = "POST"; request.ContentType = "application/json"; if (!string.IsNullOrEmpty(receipt)) { using (var streamWriter = new StreamWriter(request.GetRequestStream())) { streamWriter.Write(receipt); streamWriter.Flush(); streamWriter.Close(); } } System.Net.WebResponse response = request.GetResponse(); StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.GetEncoding("utf-8")); string ReturnVal = reader.ReadToEnd(); reader.Close(); response.Close(); return ReturnVal; } }
验证思路:先进行正式环境的验证,得到status=21007说明receipt得到的沙盒测试环境的值,需要使用测试地址进行验证。
参数receipt,ios客户端传递过来的参数:
ios相关
1、 从Transaction 的TransactionReceipt属性中得到接收的数据,并以base64编码;
2、创建JSON对象,字典格式,单键值对,键名为“receiptdata”,值为上一次编码的数据,效果:
{"receipt-data":"base64编码之后的数据"}
3、将这个json对象以字符串形式发送到服务器
结果判断status=0代表验证成功可以进行业务处理,主要该验证可以重复进行,所需要服务器端根据字段:transaction_id进行唯一性处理,避免业务处理出现错误。
product_id字段可以作为价格的判断,需要与客户端开发所提交的加个保持一致。
