更新时间:2023-12-03 20:35:46
要验证签名,请确保以下内容:
To verify the signature you want to make sure of the following:
INAPP_PURCHASE_DATA
不会以任何方式突变.任何编码或转义更改将导致无效的验证.确保它完整到达服务器的***方法是对它进行base64编码.INAPP_DATA_SIGNATURE
也必须保持完好无损,它应该已经进行了base64编码,因此将其发送到您的服务器应该没有问题.data
和signature
参数处于原始状态,因此base64会在验证之前进行解码.signature_alg
作为最后一个参数,在这种情况下,sha1WithRSAEncryption
应该和默认值一样工作,但是如果有疑问,请尝试其他一些
INAPP_PURCHASE_DATA
is not mutated in any way. Any encoding or escaping changes will result in a invalid verification. The best way to ensure it gets to your server intact is to base64 encoded it.INAPP_DATA_SIGNATURE
also must remain intact, it should already base64 encoded so sending that to your server should not be a problem.data
and signature
arguments to be in their raw state, so base64 decode before verifying.signature_alg
as the last argument, in this case sha1WithRSAEncryption
should work as should the default, but if in doubt try a few other sha1 algorithms to see which ones work.我***的猜测是为什么它现在对您不起作用,是因为您没有在服务器上收到INAPP_PURCHASE_DATA
,而情况却与在应用程序上收到的相同.此 *** 问题也有同样的问题.
My best guess why it's not working for you right now is that you're not receiving the INAPP_PURCHASE_DATA
on your server in the same condition that it was received on the app. This *** question had the same problem.