google play支付如何用php验证订单完成的合法性

在接google play的充值渠道,用户购买和支付都在客户端完成操作,用户支付完成后,客户端会下发支付信息给充值平台(php开发的),充值平台需要验证这些信息的合法性。请教有开发过的同学,如何使用php验证支付信息。

订单相关信息
"nonce" : 1836535032137741465,
"orders" :
[{ "notificationId" : "android.test.purchased",
"orderId" : "transactionId.android.test.purchased",
"packageName" : "com.example.dungeons",
"productId" : "android.test.purchased",
"developerPayload" : "bGoa+V7g/yqDXvKRqq+JTFn4uQZbPiQJo4pf9RzJ",
"purchaseTime" : 1290114783411,
"purchaseState" : 0,
"purchaseToken" : "rojeslcdyyiapnqcynkjyyjh" }]
}

这是文档 http://developer.android.com/guide/google/play/billing/billing_overview.html

java php


share
杀必死之神 12 years, 10 months ago

Answers

得到高人的指点。可以这么验证。

    
  $signture_data = '{"nonce":2923936465474897294,"orders":[{"notificationId":"android.test.purchased","orderId":"transactionId.android.test.purchased","packageName":"com.kunlun.fysg.test","productId":"android.test.purchased","purchaseTime":1346916115611,"purchaseState":0}]}';
  

  

  $signture = '';
  

  

  //google app 提供的public key
  

  $public_key = "";
  

  

  $public_key = chunk_split($public_key, 64, "\n") .  "-----END PUBLIC KEY-----";
  

  

  $public_key_handle = openssl_get_publickey($public_key);
  

  $result = openssl_verify($signture_data, base64_decode($signture), $public_key_handle, OPENSSL_ALGO_SHA1);
  

  if ($result == 1)
  

  {
  

  echo "good";
  

  }
  

  elseif ($ok == 0)
  

  {
  

  echo "bad";
  

  }
  

  else
  

  {
  

  echo "ugly, error checking signature";
  

  }


share
vasilli answered 12 years, 10 months ago

Your Answer

Ask Question
Related questions

php-java-bridge 错误,坐等好心人帮助。

android如何实现云推送功能

mysql 表 索引一些问题哈

关于绝对路径和相对路径的问题?

websocket如何部署?

服务器应该把用户上传的视频怎么保存?