适用于iOS的IAP收据验证 [英] IAP receipt validation for iOS

问题描述

我正在使用Apples IAP和StoreKit框架购买订阅的客户端/服务器应用程序。

I am working on a client/server application which uses Apples IAP and StoreKit framework to purchase a subscription.

我们想要的是客户端（iPhone或iPad）使用StoreKit框架通过iTunes帐户向Apple购买初始订阅，然后将收据传递给我们的服务器，服务器将对其进行验证，然后更新用户帐户状态。我们也希望服务器负责管理订阅状态（检查自动续订，取消等等）。这都是使用iOS 7风格的appleReceipts，而不是目前已弃用的iOS 6风格的交易收据。

What we would like is for the client (iPhone or iPad) to make the initial subscription purchase with apple through their iTunes account using StoreKit framework and then pass of the receipt to our server, which will validate it and then update the users account status. We'd also like the server to be responsible for managing the status of the subscription (check for auto-renew, cancellation etc..) This is all using iOS 7 style appleReceipts, rather than iOS 6 style transaction receipts which are deprecated currently.

Apple的文档说POST到以下URL以验证沙箱中的收据以及收据和密码

Apple's docs say to POST to the following URL to validate a receipt in the sandbox along with the receipt and the secret code

https://sandbox.itunes.apple.com/verifyReceipt

到目前为止......一切正常。

Up to this point .. everything works as it should.

在回复中，事情让我感到困惑。 Apple的文档说，响应应该有多达4个字段。如果您正在验证iOS 7风格的应用收据，那么您应该只期望前2个。如果它是iOS 6风格的订阅交易收据，那么您应该会看到所有4个。

Where things get confusing to me is in the response. Apple's docs say that the response should have up to 4 fields. If you are validating an iOS 7 style app receipt then you should only expect the first 2. If it's an iOS 6 style subscription transaction receipt then you should expect to see all 4.

1）状态（0表示有效，否则表示一些错误代码）

1) status (0 for valid, some error code otherwise)

2）收据（已发送收据的JSON表示）

2) receipt (a JSON representation of the receipt that was sent)

3）latest_receipt（仅针对自动续订订阅的iOS 6样式交易收据返回。最近续订的base-64编码交易收据。）

3) latest_receipt (Only returned for iOS 6 style transaction receipts for auto-renewable subscriptions. The base-64 encoded transaction receipt for the most recent renewal.)

4）latest_receipt_info（与JSON格式相同）

4) latest_receipt_info (same as above in JSON format)

问题1：
我看到所有4即使我正在验证iOS 7风格的应用收据。文档说这不应该发生。

Problem 1: I am seeing all 4 even though I am validating an iOS 7 style app receipt. The docs say that shouldn't be happening.

https://developer.apple.com/library/ios/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateRemotely。 html＃// apple_ref / doc / uid / TP40010573-CH104-SW1

问题2：
我们' d希望服务器句柄通过使用客户端在初次购买后通过的原始应用收据轮询此API来维护用户订阅状态。 latest_receipt_info 字段似乎包含不断更新的交易列表，而收据字段是原始的副本没有更新的交易信息。

Problem 2: We'd like to have the server handle maintaining the user subscription status by polling this API with the original app receipt that the client passed after its initial purchase. The latest_receipt_info field does seem to contain a continually updated list of transactions, while the receipt field is a copy of the original with no updated transaction information.

我的问题：
这似乎是服务器获取更新交易信息的唯一方式通过查看 latest_receipt_info 或 latest_receipt 字段，但这些字段不应出现在响应中文档。

My Question: It seems then that the only way the server can get information about updated transaction is by looking at the latest_receipt_info or latest_receipt fields, but those fields are not supposed to be present in the response according to the documentation.

这是Apple文档中的错误吗？或者获取最新事务集的唯一方法是让客户端在 SKPayementTransactionObserver 通知时发送更新的AppReceipts？

Is this an error in the Apple documentation? Or is the only way to get the latest set of transaction is to have the client send updated AppReceipts when it gets notified by the SKPayementTransactionObserver?

1）购买autoRenewSubscription产品使用SKPaymentQueue：

1) Making a purchase of a autoRenewSubscription product using SKPaymentQueue:

 SKMutablePayment *payment = [SKMutablePayment paymentWithProduct:product];
    payment.applicationUsername = [self hashedValueForAccountName:[UserAccount sharedInstance].subscriberKey];
    [[SKPaymentQueue defaultQueue] addPayment:payment];

2）付款完成后，我通过我的SKPaymentTransactionObserver接到一个电话，并在以下网址：

2) When the payment is completed I get a call back through my SKPaymentTransactionObserver and send the file at the following URL:

NSURL *receiptURL = [[NSBundle mainBundle] appStoreReceiptURL];

到我的远程服务器。

3 ）我使用以下python代码验证收据

3) I'm using the following python code to validate the receipt

import itunesiap
import base64

file = "/path/to/receipt/sandboxReceipt"
f = open(file)
encoded = base64.b64encode(f.read())

with itunesiap.env.current().clone(use_sandbox=True):  # additional change for current environment.
    response = itunesiap.verify(encoded,"mysecretkey")

响应包含字典。
字典包含以下字段

The response contains a dictionary. The dictionary has the following fields

"latest_receipt" = base64 encoded receipt here
"latest_receipt_info" = a JSON representation of the latest receipt
"receipt" = a JSON representation fo the receipt I sent for verification

文档说前两个字段是

仅针对iOS 6样式的交易收据返回自动再生
订阅。

"Only returned for iOS 6 style transaction receipts for auto-renewable subscriptions."

1. 为什么它们出现在这里，因为我正在验证iOS 7风格
   app收据？


2. 如果这些字段不存在，我如何获得最新的交易信息
   ？

推荐答案

Apple的文档中的措辞含糊不清。 仅针对iOS 6样式的交易收据返回自动续订订阅 。这意味着对于使用 appStoreReceiptURL 的iOS 7收据，该字段始终存在，但仅适用于自动续订订阅的已弃用交易样式收据。即如果购买不是订阅，它们就不会出现在iOS 6交易收据上。

The wording in Apple's docs is ambiguous. Only returned for iOS 6 style transaction receipts for auto-renewable subscriptions. This means the field is always present for iOS 7 receipts using appStoreReceiptURL but only present for deprecated transaction style receipts that are for an auto-renewing subscription. i.e. they do not show up on iOS 6 transaction receipts if the purchase isn't a subscription.

这篇关于适用于iOS的IAP收据验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！