我正在调用服务器来交付数字产品,我想让服务器检查付款是否完成。我正在使用安卓应用程序中的应用内计费和PayPal的移动结账。
他们得到一个RESULT_OK,然后我打电话给服务器,但我想让服务器验证付款是否完成。
我找到了一些文档,但不太清楚我应该使用什么。
对于谷歌播放应用程序,我应该能够检查这个POST:
www.googleapis.com/androidpublisher/v1.1/applications/{packageName}/inapp/{productId}/purchases/{token}
我找不到productId是什么,但我猜这是我发送的SKU,在哪里可以获得代币?
对于PayPal,我发现:
GET https://api.paypal.com/v1/payments/sale/{id}
这使它更加清晰,但我不知道如何将其转换为PHP:https://quar.me/paypal/rest/_sales_look-up-a-sale.html
但是文档中的id
看起来与我在应用程序中的有很大不同,并且不起作用。它什么也不回,我的ID看起来像这个AP-8BH8990X7137743X:
{
"name": "INVALID_RESOURCE_ID",
"message": "The requested resource ID was not found",
"information_link": "https://developer.paypal.com/webapps/developer/docs/api/#INVALID_RESOURCE_ID",
"debug_id": "fec9d138aa55d"
}
在PayPal上,我仍然不知道如何将其转换为PHP,以及在使用我的服务器时如何处理证书。根据PayPal账户或信用卡的使用情况,你应该使用不同的验证,我如何知道用户使用了哪种方法?:
curl -s --insecure
-H "X-PAYPAL-SECURITY-USERID: api_username"
-H "X-PAYPAL-SECURITY-PASSWORD: api_password"
-H "X-PAYPAL-SECURITY-SIGNATURE: api_signature"
-H "X-PAYPAL-REQUEST-DATA-FORMAT: NV"
-H "X-PAYPAL-RESPONSE-DATA-FORMAT: NV"
-H "X-PAYPAL-APPLICATION-ID: app_id"
https://svcs.sandbox.paypal.com/AdaptivePayments/PaymentDetails -d
"payKey=AP-3TY011106S4428730
&requestEnvelope.errorLanguage=en_US"
一些示例代码对我有很大帮助,我正在使用PHP。
您可以使用以下函数:
function verify_play($signed_data, $signature)
{
global $public_key_base64;
$pkey = "-----BEGIN PUBLIC KEY-----'n".
chunk_split($public_key_base64, 64,"'n").
'-----END PUBLIC KEY-----';
//using PHP to create an RSA key
$pkey = openssl_get_publickey($pkey);
//$signature should be in binary format, but it comes as BASE64.
//So, I'll convert it.
$signature = base64_decode($signature);
//using PHP's native support to verify the signature
$result = openssl_verify(
$signed_data,
$signature,
$pkey,
OPENSSL_ALGO_SHA1);
if (0 === $result)
{
return false;
}
else if (1 !== $result)
{
return false;
}
else
{
return true;
}
} ;
function verify_paypal($payKey, $appID)
{
global $payPalUser_Id, $payPalPassword, $payPalSig;
$headerArray = array(
'X-PAYPAL-SECURITY-USERID:'.$payPalUser_Id,
'X-PAYPAL-SECURITY-PASSWORD:'.$payPalPassword,
'X-PAYPAL-SECURITY-SIGNATURE:'.$payPalSig,
'X-PAYPAL-REQUEST-DATA-FORMAT:JSON',
'X-PAYPAL-RESPONSE-DATA-FORMAT:XML',
'X-PAYPAL-APPLICATION-ID:'.$appID
);
$url="https://svcs.paypal.com/AdaptivePayments/PaymentDetails?payKey={$payKey}&requestEnvelope.errorLanguage=en_US";
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headerArray);
$adaptiveResponse = curl_exec($ch);
curl_close($ch);
echo $adaptiveResponse;
//check following and return true or false:
//Is completed ("status": "COMPLETED").
//Is the expected currency ("currencyCode": "USD").
//Has a paymentInfo within paymentInfoList that:
//Has a receiver with amount and email as expected.
//Is complete ("senderTransactionStatus": "COMPLETED").
};