AppStore 內購驗證的方法

AppStore增長了驗證內購(In App Purchasement)的方法, 就是蘋果提供一個url地址, 開發測試用:

https://sandbox.itunes.apple.com/verifyReceipt

產品用:

https://buy.itunes.apple.com/verifyReceipt

當購買成功時, 會獲得蘋果返回的一個收據(receipt), 蘋果推薦的方法是將收據發給開發者的server, 由server像上述地址post http消息, 進行驗證, 蘋果將結果返回.究竟是真正的購買仍是虛假的購買.

沒有本身server的小夥伴能夠用app進行發送, 代碼以下.

#define ITMS_SANDBOX_VERIFY_RECEIPT_URL     @"https://sandbox.itunes.apple.com/verifyReceipt"

#pragma mark - VerifyFinishedTransaction
-(void)verifyFinishedTransaction:(SKPaymentTransaction *)transaction{
    if(transaction.transactionState == SKPaymentTransactionStatePurchased){
        NSString *transactionIdentifier =  transaction.transactionIdentifier;
        NSData *transactionReceipt  = transaction.transactionReceipt;
        //將transactionIdentifer和加密後的transactionReceipt數據發送給server端
        
        NSString* receipent = [NSString stringWithFormat:@"%s", transactionReceipt.bytes];
        
        NSLog(@"receipent = %@", receipent);
        
        // 在app上作驗證, 僅用於測試
        NSString *payload = [NSString stringWithFormat:@"{\"receipt-data\" : \"%@\", \"password\" : \"%@\"}",
                             receipent, transactionIdentifier];
        NSData *payloadData = [payload dataUsingEncoding:NSUTF8StringEncoding];
        NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:ITMS_SANDBOX_VERIFY_RECEIPT_URL]];
        [request setHTTPMethod:@"POST"];
        [request setHTTPBody:payloadData];
        NSError* err;
        NSURLResponse *theResponse = nil;
        NSData *data=[NSURLConnection sendSynchronousRequest:request
                                           returningResponse:&theResponse
                                                       error:&err];
        NSError *jsonParsingError = nil;
        NSDictionary *dict = [NSJSONSerialization JSONObjectWithData:data options:kNilOptions error:&jsonParsingError];
        NSLog(@"%@", dict);
        NSLog(@"done");
        }
}