伸手系列直接上代码
apple 支付的回验部分
1.Controller
public baseResponse iosPay(@RequestBody IosPayDto iosPayDto) {
String transactionId=iosPayDto.getTransactionId();
String payload=iosPayDto.getPayload();
// logger.info("苹果内购校验开始,交易ID:" + transactionId + " base64校验体:" + payload);
Subject subject = SecurityUtils.getSubject();
Member member = (Member) subject.getPrincipals().getPrimaryPrincipal();
//线上环境验证
String verifyResult = IosVerifyUtil.buyAppVerify(payload, 1);
if(iObjects.isNull(verifyResult)) {
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR,"苹果验证失败,返回数据为空");
} else {
logger.info("线上,苹果平台返回JSON:" + verifyResult);
JSonObject appleReturn = JSONObject.parseObject(verifyResult);
String states = appleReturn.getString("status");
//无数据则沙箱环境验证
if ("21007".equals(states)) {
verifyResult = IosVerifyUtil.buyAppVerify(payload, 0);
logger.info("沙盒环境,苹果平台返回JSON:" + verifyResult);
appleReturn = JSONObject.parseObject(verifyResult);
states = appleReturn.getString("status");
}
logger.info("苹果平台返回值:appleReturn" + appleReturn);
// 前端所提供的收据是有效的 验证成功
if (states.equals("0")) {
String receipt = appleReturn.getString("receipt");
JSonObject returnJson = JSONObject.parseObject(receipt);
String inApp = returnJson.getString("in_app");
List inApps = JSONObject.parseArray(inApp, HashMap.class);
if (!CollectionUtils.isEmpty(inApps)) {
ArrayList transactionIds = new ArrayList();
boolean flag=false;
for (HashMap app : inApps) {
String atransaction_id=app.get("transaction_id").toString();
String aproduct_id=app.get("product_id").toString();
if (StringUtils.isNotBlank(aproduct_id) && StringUtils.isNotBlank(atransaction_id)) {//判重,避免重复分发内购商品。收到客户端上报的transaction_id后,直接MD5后去数据库查,能查到说明是重复订单就不做处理
if(transactionId.equals(atransaction_id)) {
if (!vipOrdrService.isExist("ios", transactionId)) {
flag=true;
model.setTransactionId(atransaction_id);
model.setPlatform("ios");
model.setProductId(aproduct_id);
model.setCreatetime(new Date());
if(vipOrdrService.insertVipOrder(model)>0) {
//用户vip过期时间增加逻辑
switch (aproduct_id) {
case "1_month":
//增加道具或者vip的逻辑
break;
case "3_months":
//增加道具或者vip的逻辑
break;
case "12_months":
//增加道具或者vip的逻辑
default:
logger.info("苹果支付商品id不存在列表中");
break;
}
return ReturnResponseUtil.Success("验证成功!",null);
}
else
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR, "数据库保存订单失败");
} else
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR, "请勿重复消费");
}
}
}
if(!flag)
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR,"当前交易不在交易列表中");
else{
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR, "数据库保存订单失败");
}
}
else
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR,"未能获取获取到交易列表" + states);
} else {
return ReturnResponseUtil.Error(ReturnResponseUtil.BUSSINESS_ERROR,"支付失败,错误码:" + states);
}
}
}
2.苹果验证工具类
public class IosVerifyUtil {
private static class TrustAnyTrustManager implements X509TrustManager {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[] {};
}
}
private static class TrustAnyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
private static final String url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";
private static final String url_verify = "https://buy.itunes.apple.com/verifyReceipt";
public static String buyAppVerify(String receipt,int type) {
//环境判断 线上/开发环境用不同的请求链接
String url = "";
if(type==0){
url = url_sandbox; //沙盒测试
}else{
url = url_verify; //线上测试
}
//String url = EnvUtils.isonline() ?url_verify : url_sandbox;
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());
URL console = new URL(url);
HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();
conn.setSSLSocketFactory(sc.getSocketFactory());
conn.setHostnameVerifier(new TrustAnyHostnameVerifier());
conn.setRequestMethod("POST");
conn.setRequestProperty("content-type", "text/json");
conn.setRequestProperty("Proxy-Connection", "Keep-Alive");
conn.setDoInput(true);
conn.setDoOutput(true);
BufferedOutputStream hurlBufOus = new BufferedOutputStream(conn.getOutputStream());
//普通支付
String str = String.format(Locale.CHINA, "{"receipt-data":"" + receipt + ""}");//拼成固定的格式传给平台
//连续包月订阅需要加上共享密钥
// String str = String.format(Locale.CHINA,
// "{"receipt-data":"" + receipt + "","password":"" + IOS_SHARED_SECRET_PASSWORD + ""}");
hurlBufOus.write(str.getBytes());
hurlBufOus.flush();
InputStream is = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
String line = null;
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
return sb.toString();
} catch (Exception ex) {
System.out.println("苹果服务器异常");
ex.printStackTrace();
}
return null;
}
public static String getbase64(String str) {
byte[] b = str.getBytes();
String s = null;
if (b != null) {
s = new sun.misc.base64Encoder().encode(b);
}
return s;
}
}
附上github连接
