JAVA项目之苹果IAP内购JAVA服务器验证流程详解

1.前言

      本博客是经历过多个项目检验的, 绝对真实, 适应于对苹果iap内购稍微有些了解的JAVA开发人员,  认真看,  定能完美解决苹果内购问题.

      苹果IAP内购支付实际上是"将客户端支付后的一些信息传给后台,  后台拿着这些信息在传给苹果支付平台,  来验证客户端支付是否有效"的一个过程, 中间的难点有三个.

      一是沙盒测试数据和线上测试数据的问题. 刚开始接入苹果内购时,网上的各种测试一大堆, 几乎你就找不到两篇相同的数据, 这导致我刚开始做的时候踩了很多坑,  对于这种情况建议各位java开发者以实际测试数据为准,  因为我认为, 随着时间往后, 苹果平台返回的测试数据还会变化, 请以真实得到的数据为准.  下面贴一下我当时项目的测试数据(这个项目是2017年11月左右的数据)

这个是沙箱测试数据(经过检验,正式的测试数据与沙箱测试数据结构是一样,所以采用同一套代码即可)

{
    "status": 0,
    "environment": "Sandbox",
    "receipt": {
        "receipt_type": "ProductionSandbox",
        "adam_id": 0,
        "app_item_id": 0,
        "bundle_id": "com.jiuying.twelveAnimal",
        "application_version": "0",
        "download_id": 0,
        "version_external_identifier": 0,
        "receipt_creation_date": "2018-01-05 10:06:12 Etc/GMT",
        "receipt_creation_date_ms": "1515146772000",
        "receipt_creation_date_pst": "2018-01-05 02:06:12 America/Los_Angeles",
        "request_date": "2018-01-05 10:06:14 Etc/GMT",
        "request_date_ms": "1515146774645",
        "request_date_pst": "2018-01-05 02:06:14 America/Los_Angeles",
        "original_purchase_date": "2013-08-01 07:00:00 Etc/GMT",
        "original_purchase_date_ms": "1375340400000",
        "original_purchase_date_pst": "2013-08-01 00:00:00 America/Los_Angeles",
        "original_application_version": "1.0",
        "in_app": [
            {
                "quantity": "1",
                "product_id": "com.jiuying.twelveAnimal.6", //这个6是关键, 6就是苹果客户端支付的金额, 我们取到这个值,进行我们的业务逻辑即可
                "transaction_id": "1000000364151484",
                "original_transaction_id": "1000000364151484",
                "purchase_date": "2018-01-05 10:06:11 Etc/GMT",
                "purchase_date_ms": "1515146771000",
                "purchase_date_pst": "2018-01-05 02:06:11 America/Los_Angeles",
                "original_purchase_date": "2018-01-05 10:06:11 Etc/GMT",
                "original_purchase_date_ms": "1515146771000",
                "original_purchase_date_pst": "2018-01-05 02:06:11 America/Los_Angeles",
                "is_trial_period": "false"
            }
        ]
    }
}
得到前端支付数据,发给苹果平台,进行二次验证

       

	/**
	* @throws Exception  
	* 苹果内购支付
	* @Title: doIosRequest  
	* @Description:Ios客户端内购支付
	* @param  TransactionID :交易单号  需要客户端传过来的参数1
	* @param  Payload:需要客户端传过来的参数2
	* @throws 
	 */  
	public Map  doIosRequest(String TransactionID,String Payload, int userId) throws Exception {
		Map map = new HashMap();
		Map mapChange = new HashMap();
		System.out.println("客户端传过来的值1:"+TransactionID+"客户端传过来的值2:"+Payload);
		
	    String verifyResult =  IosVerifyUtil.buyAppVerify(Payload,1); 			//1.先线上测试    发送平台验证 
	    if (verifyResult == null) {   											// 苹果服务器没有返回验证结果         	       
	    	System.out.println("无订单信息!");
	    } else {  	    														// 苹果验证有返回结果
	    	System.out.println("线上,苹果平台返回JSON:"+verifyResult);	    	
	    	JSONObject job = JSONObject.parseObject(verifyResult);  
	        String states = job.getString("status");
	        
	        if("21007".equals(states)){											//是沙盒环境,应沙盒测试,否则执行下面					
	        	verifyResult =  IosVerifyUtil.buyAppVerify(Payload,0);			//2.再沙盒测试  发送平台验证
	        	System.out.println("沙盒环境,苹果平台返回JSON:"+verifyResult);
	        	job = JSONObject.parseObject(verifyResult);  
		        states = job.getString("status");
	        }
 
	        System.out.println("苹果平台返回值:job"+job);
	        if (states.equals("0")){ // 前端所提供的收据是有效的    验证成功      	        	
	            String r_receipt = job.getString("receipt");  
	            JSONObject returnJson = JSONObject.parseObject(r_receipt);  	              	            
	            String in_app = returnJson.getString("in_app"); 
	            JSONObject in_appJson = JSONObject.parseObject(in_app.substring(1, in_app.length()-1)); 
	            
		        String product_id = in_appJson.getString("product_id");
		        String transaction_id = in_appJson.getString("transaction_id");   // 订单号	            
/************************************************+自己的业务逻辑**********************************************************/
	            //如果单号一致  则保存到数据库  
	            if(TransactionID.equals(transaction_id)){
	            	String [] moneys = product_id.split("\\.");
	            	//System.out.println("用户ID:"+userId+",要充值的钻石数:"+moneys[moneys.length-1]);
	            	mapChange = charge(Integer.parseInt(moneys[moneys.length-1]), 5, userId);
	            	map.put("money", moneys[moneys.length-1]);
	            }
/************************************************+自己的业务逻辑end**********************************************************/
	            if((boolean) mapChange.get("success")){//用户钻石数量新增成功
		            map.put("success", true);
		        	map.put("message", "充值钻石成功!");		        	
		        	//map.put("status", states);
	            }else{
	            	map.put("success", false);
		        	map.put("message", "充值钻石失败!");
	            }
	        } else {  
	        	map.put("success", false);
	        	map.put("message", "receipt数据有问题");
	        	map.put("status", states);  
	        }  
	    }  
	    return map;
	}  
上面的方法用到了一个工具类,如下

  

package com.miracle9.animal.util;

import java.io.BufferedOutputStream;  
import java.io.BufferedReader;  
import java.io.InputStream;  
import java.io.InputStreamReader;  
import java.net.URL;  
import java.security.cert.CertificateException;  
import java.security.cert.X509Certificate;   
import java.util.Locale;  
  
import javax.net.ssl.HostnameVerifier;  
import javax.net.ssl.HttpsURLConnection;  
import javax.net.ssl.SSLContext;  
import javax.net.ssl.SSLSession;  
import javax.net.ssl.TrustManager;  
import javax.net.ssl.X509TrustManager;  
  
/** 
 * 苹果IAP内购验证工具类
 * @ClassName: IosVerify 
 * @Description:Apple Pay 
 */  
public class IosVerifyUtil {  
  
    private static class TrustAnyTrustManager implements X509TrustManager {  
  
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
        }  
  
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
        }  
  
        public X509Certificate[] getAcceptedIssuers() {  
            return new X509Certificate[] {};  
        }  
    }  
  
    private static class TrustAnyHostnameVerifier implements HostnameVerifier {  
        public boolean verify(String hostname, SSLSession session) {  
            return true;  
        }  
    }  
  
    private static final String url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";  
    private static final String url_verify = "https://buy.itunes.apple.com/verifyReceipt";  
  
    /** 
     * 苹果服务器验证 
     *  
     * @param receipt 
     *            账单 
     * @url 要验证的地址 
     * @return null 或返回结果 沙盒 https://sandbox.itunes.apple.com/verifyReceipt 
     *  
     */  
    public static String buyAppVerify(String receipt,int type) {  
    	//环境判断 线上/开发环境用不同的请求链接  
    	String url = "";
    	if(type==0){
    		url = url_sandbox; //沙盒测试
    	}else{
    		url = url_verify; //线上测试
    	}
        //String url = EnvUtils.isOnline() ?url_verify : url_sandbox;  
    	
        try {  
            SSLContext sc = SSLContext.getInstance("SSL");  
            sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());  
            URL console = new URL(url);  
            HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();  
            conn.setSSLSocketFactory(sc.getSocketFactory());  
            conn.setHostnameVerifier(new TrustAnyHostnameVerifier());  
            conn.setRequestMethod("POST");  
            conn.setRequestProperty("content-type", "text/json");  
            conn.setRequestProperty("Proxy-Connection", "Keep-Alive");  
            conn.setDoInput(true);  
            conn.setDoOutput(true);  
            BufferedOutputStream hurlBufOus = new BufferedOutputStream(conn.getOutputStream());  
  
            String str = String.format(Locale.CHINA, "{\"receipt-data\":\"" + receipt + "\"}");//拼成固定的格式传给平台
            hurlBufOus.write(str.getBytes());  
            hurlBufOus.flush();  
  
            InputStream is = conn.getInputStream();  
            BufferedReader reader = new BufferedReader(new InputStreamReader(is));  
            String line = null;  
            StringBuffer sb = new StringBuffer();  
            while ((line = reader.readLine()) != null) {  
                sb.append(line);  
            }  
  
            return sb.toString();  
        } catch (Exception ex) {  
        	System.out.println("苹果服务器异常");
            ex.printStackTrace();  
        }  
        return null;  
    }  
  
    /** 
     * 用BASE64加密 
     *  
     * @param str 
     * @return 
     */  
    public static String getBASE64(String str) {  
        byte[] b = str.getBytes();  
        String s = null;  
        if (b != null) {  
            s = new sun.misc.BASE64Encoder().encode(b);  
        }  
        return s;  
    }  
  
} 

你可能感兴趣的:(Java,java项目苹果内购,第三方登录和支付专栏)