package com.demo.controller.web.app;

import java.io.BufferedOutputStream;

import java.io.BufferedReader;

import java.io.InputStream;

import java.io.InputStreamReader;

import java.net.URL;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.text.ParseException;

import java.text.SimpleDateFormat;

import java.util.Date;

import java.util.HashMap;

import java.util.List;

import java.util.Locale;

import java.util.Map;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

import javax.servlet.http.HttpServletRequest;

import org.apache.log4j.Logger;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.ResponseBody;

import sun.misc.BASE64Decoder;

import com.demo.common.Result;

import com.demo.common.util.StringUtils;

import com.demo.constant.Constant;

import com.demo.constant.Enums;

import com.demo.service.AppEspOrderService;

import com.demo.service.AppEspProductService;

import com.demo.service.AppUserInfoService;

import com.demo.service.AppVersionService;

import com.demo.service.UserService;

import com.demo.service.eshop.EspOrderLogService;

import com.demo.vo.AppEspOrder;

import com.demo.vo.AppEspProduct;

import com.demo.vo.AppUserInfo;

import com.demo.vo.AppVersion;

import com.demo.vo.EspOrderLog;

import com.demo.vo.User;

import net.sf.json.JSONObject;

@Controller

@RequestMapping("/app/*")

public class AstroCalendarIOSVerifyController {

	private Logger log = Logger.getLogger(AstroCalendarIOSVerifyController.class);

	@Autowired

	private UserService userService;

	@Autowired

	private AppEspOrderService appEspOrderService;

	@Autowired

	private AppVersionService appVersionService;

	@Autowired

	private AppEspProductService appEspProductService;

	@Autowired

	private AppUserInfoService appUserInfoService;

	@Autowired

	private EspOrderLogService espOrderLogService;

	private static class TrustAnyTrustManager implements X509TrustManager {

		public void checkClientTrusted(X509Certificate[] chain, String authType)

				throws CertificateException {

		}

		public void checkServerTrusted(X509Certificate[] chain, String authType)

				throws CertificateException {

		}

		public X509Certificate[] getAcceptedIssuers() {

			return new X509Certificate[] {};

		}

	}

	private static class TrustAnyHostnameVerifier implements HostnameVerifier {

		public boolean verify(String hostname, SSLSession session) {

			return true;

		}

	}

	private static final String url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";

	private static final String url_verify = "https://buy.itunes.apple.com/verifyReceipt";

	/**

	 *

	 * @param receipt	账单

	 * @url 要验证的地址

	 * @return null 或返回结果 沙盒 https://sandbox.itunes.apple.com/verifyReceipt

	 *

	 */

	public String buyAppVerify(String receipt,String url,Map<String, String> map) {

		try {

			SSLContext sc = SSLContext.getInstance("SSL");

			sc.init(null, new TrustManager[] { new TrustAnyTrustManager() },new java.security.SecureRandom());

			URL console = new URL(url);

			HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();

			conn.setSSLSocketFactory(sc.getSocketFactory());

			conn.setHostnameVerifier(new TrustAnyHostnameVerifier());

			conn.setRequestMethod("POST");

			conn.setRequestProperty("content-type", "text/json");

			conn.setRequestProperty("Proxy-Connection", "Keep-Alive");

			conn.setDoInput(true);

			conn.setDoOutput(true);

			conn.setConnectTimeout(30*1000);//设置连接超时30秒

			BufferedOutputStream hurlBufOus = new BufferedOutputStream(conn.getOutputStream());

			String str = String.format(Locale.CHINA, "{\"receipt-data\":\""+ receipt + "\"}");

			System.out.println("str:" + str);

			hurlBufOus.write(str.getBytes());

			hurlBufOus.flush();

			InputStream is = conn.getInputStream();

			BufferedReader reader = new BufferedReader(new InputStreamReader(is));

			String line = null;

			StringBuffer sb = new StringBuffer();

			while ((line = reader.readLine()) != null) {

				sb.append(line);

			}

			System.out.println(sb.toString());

			return sb.toString();

		} catch (Exception ex) {

			log.error("系统异常"+ex);

			map.put("orderStatus", "D");

//			ex.printStackTrace();

		}

		return null;

	}

	@RequestMapping("/app/validateOrder" + Constant.JSON)

	@ResponseBody

	public Map<String, String> validateOrder(HttpServletRequest request) {

		long start = System.currentTimeMillis();

		Map<String, String> map = new HashMap<String, String>();

		User user = checkUserLogin(request);

		AppUserInfo appUser = null;

		if(user!=null){

			appUser = new AppUserInfo();

			appUser.setUserId(user.getUserId());

			appUser = appUserInfoService.findByPk(appUser);

		}

		//判断app用户表里是否存在此用户

		if(appUser == null){

			map.put("loginStatus", "-1");

		}else{

			map.put("loginStatus", "0");

			try {

				String receipt = request.getParameter("receipt");

				String orderMonths = request.getParameter("orderMonths");

				String versionCode = request.getParameter("versionCode");

				String appId = request.getParameter("appId");

				String price = request.getParameter("price");

				if(StringUtils.isBlank(appId) || StringUtils.isBlank(versionCode)){

					map.put("orderStatus", "D");

					return map;

				}

				Integer vCode = Integer.parseInt(versionCode);

				Integer appID = Integer.parseInt(appId);

				AppEspOrder aeo = new AppEspOrder();

				aeo.setReceipt(receipt);

				List<AppEspOrder> list = appEspOrderService.freeFindAll(aeo);

				if(list.size()==0){

					//添加新订单

					AppUserInfo aui = new AppUserInfo();

					aui.setUserId(user.getUserId());

					aui = appUserInfoService.findByPk(aui);

					SimpleDateFormat osf = new SimpleDateFormat("yyMMddHH");

					String orderId = Enums.OrderPrefix.NA + osf.format(new Date())+ StringUtils.getRandomSixNUM();

					if(aui != null){

						AppVersion version = new AppVersion();

						version.setVersionCode(vCode);

						int count = appVersionService.countFreeFind(version);

						AppEspProduct aep = new AppEspProduct();

						aep.setAppId(appID);

						aep = appEspProductService.findByPK(aep);

						//检查appID,versionId是否合法

						if(aep == null || count<0){

							map.put("orderStatus", "C");

							return map;

						}

						aeo.setAppId(aep.getAppId());

						aeo.setAppName(aep.getAppName());

						aeo.setVersionCode(vCode);

						aeo.setUserId(aui.getUserId());

						aeo.setNickName(aui.getNickName());

						aeo.setEmail(aui.getEmail());

						aeo.setOrderId(orderId);

						aeo.setOrderMonths(orderMonths);

						aeo.setSubtotal(new Long(price));

						aeo.setIsFree("N");

						aeo.setOrderStatus("A");//新订单

						aeo.setCreateBy("system");

						aeo.setCreateDt(new Date());

						aeo.setPaidDate(new Date());

						appEspOrderService.insert(aeo);

						//订单日志

						EspOrderLog log = new EspOrderLog();

						log.setRemark("生成新订单,已支付,等待验证...");

						log.setChangeTime(new Date());

						log.setChangeUser("system");

						log.setIsMem("N");

						log.setType("A");

						log.setOrderId(orderId);

						espOrderLogService.addOrderLog(log);

					}

					//向苹果服务器发起验证

					Result result = validateAppleServler(map, receipt, url_verify, aeo, orderId);

					if(result.isSuccess()==true){

						validateAppleServler(map, receipt, url_sandbox, aeo, orderId);

					}

				}else{//如果该收据已经存在,判断收据的订单状态,再判断是用户及月份是否相同,防止盗用receipt

					AppEspOrder order = list.get(0);

					if("A".equals(order.getOrderStatus()) || "D".equals(order.getOrderStatus())){//新订单已经添加尚未验证或验证超时连接错误,需重新请求验证

						Result result = validateAppleServler(map, order.getReceipt(), url_verify, order, order.getOrderId());

						if(result.isSuccess()==true){

							validateAppleServler(map, order.getReceipt(), url_sandbox, order, order.getOrderId());

						}

					}else if("B".equals(order.getOrderStatus())){

						if(receipt.equals(order.getReceipt())&&user.getUserId().equals(order.getUserId())&&orderMonths.equals(order.getOrderMonths())){

							map.put("orderStatus", "B");

						}else{

							map.put("orderStatus", "C");//验证失败

						}

					}else{

						map.put("orderStatus", "C");//验证失败

					}

					}

			} catch (Exception e) {

				map.put("orderStatus", "D");

				log.error("系统异常"+e);

				e.printStackTrace();

			}

			}

		long end = System.currentTimeMillis();

		System.out.println("验证收据信息耗时:"+(end-start)+"毫秒");

		return map;

	}

	//向苹果服务器发送验证请求

	private Result validateAppleServler(Map<String, String> map, String receipt, String url, AppEspOrder aeo, String orderId) {

		Result result = new Result().setSuccess(false);

		String verifyResult = buyAppVerify(receipt,url,map);

		if (verifyResult != null) {

			JSONObject job = JSONObject.fromObject(verifyResult);

			String status = job.getString("status");

			if ("0".equals(status)){// 验证成功

				aeo.setOrderStatus("B");

				String r_receipt=job.getString("receipt");

				System.out.println(r_receipt);

				System.out.println("-------------------------------");

                JSONObject returnJson = JSONObject.fromObject(r_receipt);

                String product_id = returnJson.getString("product_id");  //产品ID

                String quantity = returnJson.getString("quantity"); //数量

                String transactionId = returnJson.getString("transaction_id");//交易id

				System.out.println("产品id:"+product_id+"\t"+"数量"+quantity+"\t"+"交易id"+transactionId);

				aeo.setProductId(product_id);

				int total = 0;

				if(!StringUtils.isBlank(quantity))

					total = Integer.parseInt(quantity);

				aeo.setQuantity(total);

				aeo.setTransactionId(transactionId);

				appEspOrderService.update(aeo);

				EspOrderLog log2 = new EspOrderLog();

				log2.setRemark("向苹果服务器发送验证成功...");

				log2.setChangeTime(new Date());

				log2.setChangeUser("system");

				log2.setIsMem("N");

				log2.setType("B");

				log2.setOrderId(orderId);

				espOrderLogService.addOrderLog(log2);

				map.put("orderStatus", "B");

			}else if("21007".equals(status)){//重新验证,更改路径为正式环境的路径

				EspOrderLog log1 = new EspOrderLog();

				log1.setRemark("向苹果正式服务器发送验证失败,得到状态值为21007.");

				log1.setChangeTime(new Date());

				log1.setChangeUser("system");

				log1.setIsMem("N");

				log1.setType("A");

				log1.setOrderId(orderId);

				espOrderLogService.addOrderLog(log1);

				result.setSuccess(true);

			}else{//验证失败

				aeo.setOrderStatus("C");

				appEspOrderService.update(aeo);

				EspOrderLog log1 = new EspOrderLog();

				log1.setRemark("向苹果服务器发送验证失败...");

				log1.setChangeTime(new Date());

				log1.setChangeUser("system");

				log1.setIsMem("N");

				log1.setType("A");

				log1.setOrderId(orderId);

				espOrderLogService.addOrderLog(log1);

				map.put("orderStatus", "C");

			}

		}

		return result;

	}

	private User checkUserLogin(HttpServletRequest request) {

		String username = request.getParameter("username");

		String password = request.getParameter("password");

		if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {

			return null;

		}

		User user = new User();

		try {

			user.setEmail(username);

			user.setPassword(password);

			user = userService.userLogin(user);

		} catch (Exception e) {

			log.error("登录失败,用户名或密码错误!" + e);

		}

		return user;

	}

}

  

In-App Purchases验证的更多相关文章

  1. 安卓APP测试验证点总结

    最近较懒,加之闺女出生后记忆没完全恢复,总是忘东忘西,关于安卓APP测试的验证点还是总结一下,方便设计测试用例时查阅,也给各位博友参考! 1.除APP的正常功能点外,还有以下验证点: 安装/卸载(考虑 ...

  2. In App Purchases(IAP 应用程序內购买): 完全攻略

    原文: http://troybrant.net/blog/2010/01/in-app-purchases-a-full-walkthrough/ 参考: http://www.cocoachina ...

  3. in App Purchases一个注意事项

    在completeTransaction中通过transaction.originalTransaction.payment.productIdentifier得到的productIdentifier ...

  4. [IPA]IOS In App Purchase(内购)验证

    参考我之前的笔记 苹果内购笔记,在客户端向苹果购买成功之后,我们需要进行二次验证. 二次验证 IOS在沙箱环境下购买成功之后,向苹果进行二次验证,确认用户是否购买成功. 当应用向Apple服务器请求购 ...

  5. 苹果开发——App内购以及验证store的收据(二)

    原地址:http://zengwu3915.blog.163.com/blog/static/2783489720137605156966?suggestedreading 三. 客户端使用Store ...

  6. ris'In App Purchase总结

    原地址:http://www.cocoachina.com/bbs/read.php?tid=38555&page=1 In App Purchase属于iPhone SDK3.0的新特性,用 ...

  7. In App Purchase翻译

    一.In App Purchase概览 Store Kit代表App和App Store之间进行通信.程序将从App Store接收那些你想要提供的产品的信息,并将它们显示出来供用户购买.当用户需要购 ...

  8. App Store内购

    一.In App Purchase概览 Store Kit代表App和App Store之间进行通信.程序将从App Store接收那些你想要提供的产品的信息,并将它们显示出来供用户购买.当用户需要购 ...

  9. AppStore苹果应用支付开发(In App Purchase)翻译

    http://yarin.blog.51cto.com/1130898/549141 一.In App Purchase概览 Store Kit代表App和App Store之间进行通信.程序将从Ap ...

随机推荐

  1. 史上最全的javascript知识点总结,浅显易懂。

    来源于:http://blog.csdn.net/qiushi_1990/article/details/40260471 一,认识javascript1-1为什么学习JavaScript一).你知道 ...

  2. IntelliJ13+tomcat+jrebel实现热部署(亲测可用)

       网上有很多介绍intellij idea整合jrebel插件实现热部署的文章,但是有的比较复杂,有的不能成功,最后经过各种尝试,实现了整合,亲测可用!步骤说明如下:   一.先下载jrebel安 ...

  3. CSS3中的counter和content属性,一些简单的内容显示就不需要JS去实现了

    HTML的代码 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www ...

  4. 可视化HTML编辑器

    [荐] 可视化HTML编辑器 CKEditor CKEditor是新一代的FCKeditor,是一个重新开发的版本.CKEditor是全球最优秀的网页在线文字编辑器之一,因其惊人的性能与可扩展性而广泛 ...

  5. 淘宝业务常用english

    ADX        ad exchange 广告交易平台 coupon     赠品 CPC         cost per click CPS         cost per sales CT ...

  6. Java 对象的串行化(Serialization)

    1.什么是串行化 对象的寿命通常随着生成该对象的程序的终止而终止.有时候,可能需要将对象的状态保存下来,在需要时再将对象恢复.我们把对象的这种能记录自己的状态以便将来再生的能力.叫作对象的持续性(pe ...

  7. Java中数据类型转换问题

    boolean类型不可以转换为替他的数据类型. Java中byte(8位).short(16位).char三种类型的优先级是相同的,相同优先级之间是不能进行自动转换的(如果相互转换的话,必须强制类型转 ...

  8. TP中二维数组的遍历输出

    例子分析 <volist name="list" id="vo"> <volist name="vo['sub']" id ...

  9. yum命令一些易遗忘的参数

    这些yum命令是我经常忘记的,所以记录下 yum check-update 检查可更新的RPM包 yum update 更新所有的RPM包 yum update kernel kernel-sourc ...

  10. asp.net修改web.config文件

    private void UpdateConfigFile() { var cfg = System.Web.Configuration.WebConfigurationManager.OpenWeb ...