Tae*_*aeL 5 php android in-app
我正在尝试在我的远程php服务器上的app billing v3中验证android.
但是,我的代码似乎有些不对劲.
我认为这个openssl_verify函数是个问题.
结果总是失败!
我找不到用openssl_verify验证的第一个参数.实际上,我混淆了第一个参数放置的合理格式:(
你能帮我解决一下吗?
$result = openssl_verify($data["purchaseToken"], base64_decode($signature), $key); // original // failed
低于完整的测试代码.
<?php
$responseCode = 0;
$encoded='{
"orderId":"12999763169054705758.1111111111111",
"packageName":"com.xxx.yyy",
"productId":"test__100_c",
"purchaseTime":1368455064000,
"purchaseState":0,
"purchaseToken":"tcmggamllmgqiabymvcgtfsj.AO-J1OwoOzoFd-G-....."
}';
$data = json_decode($encoded,true);
$signature = "tKdvc42ujbYfLl+3sGdl7RAUPlNv.....";
$publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kMri6mE5+.....";
$key = "-----BEGIN PUBLIC KEY-----\n" . chunk_split($publicKey, 64, "\n") . "-----END PUBLIC KEY-----";
$key = openssl_get_publickey($key);
if (false === $key) {
exit("error openssl_get_publickey");
}
var_dump($key);
$result = openssl_verify($data["purchaseToken"], base64_decode($signature), $key); // original // failed
//$result = openssl_verify($data, base64_decode($signature), $key); // failed
//$result = openssl_verify($encoded, base64_decode($signature), $key); // failed
//$result = openssl_verify(base64_decode($data["purchaseToken"]), base64_decode($signature), $key); // failed
//$result = openssl_verify(base64_decode($signature),$data["purchaseToken"], $key,OPENSSL_ALGO_SHA512 ); // failed
if ($result == 1) {
echo "good";
} elseif ($result == 0) {
echo "bad";
} else {
echo "error";
}
echo($result);
谢谢 :)
你传递错误的$data值openssl_verify().此值应该是您从Google Play获得的完整JSON字符串,而不是其中的购买令牌.重要的是JSON字符串不受影响,因为即使您要向其添加空格或换行符,签名也将不再有效.
您在上面的代码中需要做的就是更改此行:
$result = openssl_verify($data["purchaseToken"], base64_decode($signature), $key);
至
$result = openssl_verify($data, base64_decode($signature), $key);
假设您正在使用正确的公钥并且JSON购买字符串有效,那么您应该会获得成功.我很确定你的JSON字符串不是来自Google的原始字符串,因为来自Google的字符串不包含换行符.它将是一长串的JSON文本.确保你传递的是什么openssl_verify().
| 归档时间: |
|
| 查看次数: |
4940 次 |
| 最近记录: |