IOS遊戲上架玩家iap儲值 base64碼發到蘋果驗證收據傳回值裡面沒有 in_app 段的奇怪問題._

IOS遊戲上架玩家iap儲值 base64碼發到蘋果驗證收據傳回值裡面沒有 in_app 段的奇怪問題.__IOS

最後更新：2018-07-24 來源：互聯網

上載者：User

創建阿里雲帳戶，並獲得超過 40 款產品的免費試用版；而企業帳戶則可以享有總值 $1200 的免費試用版。立即註冊！

這幾天我們的IOS遊戲上架了.然後收到了很多的使用者儲值.但是itunesconnet上面卻只有2個人確實是交了錢.肯定有人騙了我們.

先介紹下我們的驗證流程:

手機發起儲值->購買成功->擷取到base64的收據->發送給遊戲伺服器進行驗證->如果成功則算玩家儲值成功下發儲值結果

乍一看好像沒有問題.也確實應該沒問題.但是偏偏就有了問題.給你們看個神奇的base64收據.鬼知道怎麼倒持出來的.駭客大神們饒命.

有幾個賬戶.根據伺服器的日誌會看到這些人發送的請求.base64就不方便拿出來貼了.就貼出來結果

"D:\Program Files (x86)\JetBrains\WebStorm 140.2753\bin\runnerw.exe" "C:\Program Files\iojs\node.exe" main.jsstatusCode:  200headers:  { 'x-apple-jingle-correlation-key': 'L4AZATKFKDNN7WI2P3UEX3P3YY',  pod: '2',  'x-apple-translated-wo-url': '/WebObjects/MZFinance.woa/wa/verifyReceipt',  'x-apple-orig-url': 'http://buy.itunes.apple.com/WebObjects/MZFinance.woa/wa/verifyReceipt',  'x-apple-application-site': 'ST11',  'edge-control': 'no-store, cache-maxage=0',  date: 'Wed, 11 Mar 2015 06:03:14 GMT',  'set-cookie':    [ 'itspod=2; version="1"; expires=Sat, 11-Apr-2015 06:03:14 GMT; path=/; domain=.apple.com',     'mzf_in=022393; version="1"; path=/WebObjects; domain=.apple.com; secure; HttpOnly',     'mzf_dr=0; version="1"; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/WebObjects; domain=.apple.com',     'ns-mzf-inst=36-60-80-109-96-8269-22393-2-st11; version=1; Max-Age=1800; path=/; domain=.apple.com; httponly',     'NSC_nagjobodf-bopo-qppm*0=ffffffff12a53a2d45525d5f4f58455e445a4a423660;path=/;secure;httponly' ],  'apple-timing-app': '9 ms',  'cache-control': 'private, no-cache, no-store, no-transform, must-revalidate, max-age=0',  expires: 'Wed, 11 Mar 2015 06:03:14 GMT',  'x-apple-lokamai-no-cache': 'true',  'x-apple-application-instance': '22393',  'x-frame-options': 'SAMEORIGIN',  itspod: '2',  'x-webobjects-loadaverage': '23',  connection: 'keep-alive',  'content-length': '631' }{"status":0, "environment":"Production", "receipt":{"receipt_type":"Production", "adam_id":958813739, "app_item_id":958813739, "bundle_id":"com.tsgame.godlike", "application_version":"2.2", "download_id":80011053156383, "version_external_identifier":811584718, "request_date":"2015-03-11 06:03:14 Etc/GMT", "request_date_ms":"1426053794658", "request_date_pst":"2015-03-10 23:03:14 America/Los_Angeles", "original_purchase_date":"2015-03-07 18:22:23 Etc/GMT", "original_purchase_date_ms":"1425752543000", "original_purchase_date_pst":"2015-03-07 10:22:23 America/Los_Angeles", "original_application_version":"2.2", "in_app":[]}}Process finished with exit code 0

這是這些不知道是不是故意的人發的base64.提交給itc之後返回的驗證資訊.

是的 status返回的是 0;

但是如果知道IOS6之後的新格式的人肯定會發現. In_App欄位怎麼沒有.......

我也很奇怪.為啥沒有呢.估計是什麼先進技術吧...網路上面幾乎所有的內購驗證文章都說返回0就ok了..但是我們這個情況.返回個0肯定是不能說明問題了.

"D:\Program Files (x86)\JetBrains\WebStorm 140.2753\bin\runnerw.exe" "C:\Program Files\iojs\node.exe" main.jsstatusCode:  200headers:  { 'x-apple-jingle-correlation-key': 'F6CPKDZP4ZVKJKKMOFLMRLY354',  pod: '54',  'x-apple-translated-wo-url': '/WebObjects/MZFinance.woa/wa/verifyReceipt',  'x-apple-orig-url': 'http://buy.itunes.apple.com/WebObjects/MZFinance.woa/wa/verifyReceipt',  'x-apple-application-site': 'ST13',  'edge-control': 'no-store, cache-maxage=0',  date: 'Wed, 11 Mar 2015 06:10:34 GMT',  'set-cookie':    [ 'itspod=54; version="1"; expires=Sat, 11-Apr-2015 06:10:34 GMT; path=/; domain=.apple.com',     'mzf_in=542401; version="1"; path=/WebObjects; domain=.apple.com; secure; HttpOnly',     'mzf_dr=0; version="1"; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/WebObjects; domain=.apple.com',     'ns-mzf-inst=183-23-80-220-13-8162-542401-54-st13; version=1; Max-Age=1800; path=/; domain=.apple.com; httponly',     'NSC_nagjobodf-bopo-qppm*0=ffffffff12a5a90645525d5f4f58455e445a4a423660;path=/;secure;httponly' ],  'apple-timing-app': '9 ms',  'cache-control': 'private, no-cache, no-store, no-transform, must-revalidate, max-age=0',  expires: 'Wed, 11 Mar 2015 06:10:34 GMT',  'x-apple-lokamai-no-cache': 'true',  'x-apple-application-instance': '542401',  'x-frame-options': 'SAMEORIGIN',  itspod: '54',  'x-webobjects-loadaverage': '16',  connection: 'keep-alive',  'content-length': '1099' }{"status":0, "environment":"Production", "receipt":{"receipt_type":"Production", "adam_id":958813739, "app_item_id":958813739, "bundle_id":"com.tsgame.godlike", "application_version":"2.2", "download_id":74004963679107, "version_external_identifier":811584718, "request_date":"2015-03-11 06:10:34 Etc/GMT", "request_date_ms":"1426054234103", "request_date_pst":"2015-03-10 23:10:34 America/Los_Angeles", "original_purchase_date":"2015-03-08 07:26:30 Etc/GMT", "original_purchase_date_ms":"1425799590000", "original_purchase_date_pst":"2015-03-07 23:26:30 America/Los_Angeles", "original_application_version":"2.2", "in_app":[{"quantity":"1", "product_id":"Gifts1", "transaction_id":"340000061439445", "original_transaction_id":"340000061439445", "purchase_date":"2015-03-08 07:38:35 Etc/GMT", "purchase_date_ms":"1425800315000", "purchase_date_pst":"2015-03-07 23:38:35 America/Los_Angeles", "original_purchase_date":"2015-03-08 07:38:35 Etc/GMT", "original_purchase_date_ms":"1425800315000", "original_purchase_date_pst":"2015-03-07 23:38:35 America/Los_Angeles", "is_trial_period":"false"}]}}Process finished with exit code 0

"in_app" 這個才是關鍵所在. 我不知道為什麼沒有內購的賬單會出現.這個真的很奇怪.

一般在不懂不明白的時候才會相信鬼神. 一般在不知道伺服器怎麼出現bug的時候才會去怪別人黑了我們. 如果是真有人黑.希望看到本篇的人呵呵了之.

如果知道是我們用戶端那塊寫的不對了.出現這個萬能state=0的結果的base64的收據.還望指點迷津.沙箱環境下測試過程中.根本就沒有出現過這種沒有in_app的收據.

看到本篇的大神們.有明白的.給個解釋.~

本文章原先以中文撰寫並發佈於 aliyun.com，亦設英文版本，僅作資訊用途。本網站不對文章的準確性，完整性或可靠性或其任何翻譯作出任何明示或暗示的陳述或保證。如對該文章有任何疑慮或投訴，請傳送電郵至 info-contact@alibabacloud.com 並提供相關疑慮或投訴的詳細說明。職員會於 5 個工作天內與您聯絡，一經驗證之後，即會刪除該侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More