game center就給出了下面幾句驗證的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:
下面是它的步驟:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(用戶端調用此方法)
Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的資料發送給服務端校正)
Use the publicKeyURL on the third party server to download the public key.(使用用戶端提供的public key url下載公匙)
Verify with the appropriate signing authority that the public key is signed by Apple.(驗證是否是蘋果公司簽名的公匙?)
Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是用戶端提供)
Concatenate into a data buffer the following information, in the order listed:
The playerID parameter in UTF-8 format
The bundleID parameter in UTF-8 format
The timestamp parameter in Big-Endian UInt-64 format
The salt parameter
Generate a SHA-1 hash value for the buffer.(用上面的參數按照順序SHA1產生hash值)
Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下載的公匙和game center提供的signature驗證第7步產生的hash值)
我根據這些文檔寫了下面的代碼:
$playerID = 'G:869***86';$bundleID = 'com.****.gcc';$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');$timestamp = 1429756461745;$salt = '/Mxf3w==';$pubkeyid = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));$data = sha1($playerID.$bundleID.$timestamp.$salt);var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));openssl_free_key($pubkeyid);
上面的認證檔案是通過下面的網站轉換成pem,php不支援對.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...
總是驗證失敗,請求各位大神幫幫忙,指點一下。
回複內容:
game center就給出了下面幾句驗證的流程:
https://developer.apple.com/library/mac/documentation/GameKit/Referenc...:
下面是它的步驟:
1. Call [GKLocalPlayer generateIdentityVerificationSignatureWithCompletionHandler] in your app.(用戶端調用此方法)
Send the publicKeyURL, signature, salt, and timestamp parameters to the third party server used for authentication.(拿到game center 返回的資料發送給服務端校正)
Use the publicKeyURL on the third party server to download the public key.(使用用戶端提供的public key url下載公匙)
Verify with the appropriate signing authority that the public key is signed by Apple.(驗證是否是蘋果公司簽名的公匙?)
Retrieve the player’s playerID and bundleID.(提取玩家的ID和App的BundleId.也是用戶端提供)
Concatenate into a data buffer the following information, in the order listed:
The playerID parameter in UTF-8 format
The bundleID parameter in UTF-8 format
The timestamp parameter in Big-Endian UInt-64 format
The salt parameter
Generate a SHA-1 hash value for the buffer.(用上面的參數按照順序SHA1產生hash值)
Using the public key downloaded in step 3, verify that the hash value generated in step 7 matches the signature parameter provided by the API.(用第三步下載的公匙和game center提供的signature驗證第7步產生的hash值)
我根據這些文檔寫了下面的代碼:
$playerID = 'G:869***86';$bundleID = 'com.****.gcc';$signature =base64_decode('q/rE6vsNyb0458HzYs0TCK/Cz88JmAqob8DM1uwkl5Y9AKrFfZQo/HRtilGlCKvek40PVKUelL0qLZ8M3IBNdV+HshyZVB/SOdo1M7UG1xcqlkRCMlNYLqdpQgpw6GrK3zw4QyyG1Znk2K0AqKN7eeBwcj7KsF2tCFGQpvu+pB+4hEXUYVLRRJ5ElG05/mOzH5oKfugBestANEwPBSheN1FIOFBPVcCbp/9P7HamB3Yi3+rzE1Kv8KIKM5iOi01pIAFMmSfPYjKzrSHGOkI4/KSItAIFq9jQv67YvZP1oCQRttD/K+XvtxbikX++jB4pmq4ctaCZXeFrW6gXxIRGsA==');$timestamp = 1429756461745;$salt = '/Mxf3w==';$pubkeyid = openssl_pkey_get_public(file_get_contents('gc-sb-2.crt'));$data = sha1($playerID.$bundleID.$timestamp.$salt);var_dump(openssl_verify($data,$signature,$pubkeyid,OPENSSL_ALGO_SHA1));openssl_free_key($pubkeyid);
上面的認證檔案是通過下面的網站轉換成pem,php不支援對.cer操作。
https://www.google.com.tw/url?sa=t&rct=j&q=&esrc=s&sou...
總是驗證失敗,請求各位大神幫幫忙,指點一下。
在用POST或者GET傳送資料時,如果資料裡含有"+"(加號),但接收程式解析資料時,會把這個加號解析成空格。
解決辦法:
在php裡面,先用str_replace函數,將加號替換成"%2B",然後進行urlencode編碼,在接收方用urldecode解碼就可正常使用了。
用戶端發送的“signature”這個參數裡有“+”,需要替換成“%2B”