对于iOS 6.1或更早版本,购买或恢复后收到的应用内购买交易ID在每次都是唯一的,即使在还原后,原始交易ID也不会更改.
但是,对于iOS7,事务ID和原始事务ID始终相同!我甚至尝试刷新收据,从设备中删除应用程序并重新放回来.两个字段总是相同的.
有谁知道交易ID在哪种情况下会改变?我的服务器逻辑依赖于收据本身的唯一交易ID,目前在iOS7的情况下不起作用.
以下是Apple服务器解密的应用收据.同样的结果,如果我在本地解密.
{
environment = SandBox;
receipt = {
"adam_id" = 0;
"application_version" = "1.0";
"bundle_id" = "com.###";
"download_id" = 0;
"in_app" = (
{
"is_trial_period" = false;
"original_purchase_date" = "2014-02-18 14:23:40 Etc/GMT";
"original_purchase_date_ms" = 1392733420000;
"original_purchase_date_pst" = "2014-02-18 06:23:40 America/Los_Angeles";
"original_transaction_id" = 1000000101860870;
"product_id" = "com.###";
"purchase_date" = "2014-02-24 09:12:21 Etc/GMT";
"purchase_date_ms" = 1393233141000;
"purchase_date_pst" = "2014-02-24 01:12:21 America/Los_Angeles";
quantity = 1;
"transaction_id" = 1000000101860870;
}
);
"original_application_version" = "1.0";
"original_purchase_date" = "2013-08-01 07:00:00 Etc/GMT";
"original_purchase_date_ms" = 1375340400000;
"original_purchase_date_pst" = "2013-08-01 00:00:00 America/Los_Angeles";
"receipt_type" = ProductionSandBox;
"request_date" = "2014-02-24 09:12:56 Etc/GMT";
"request_date_ms" = 1393233176903;
"request_date_pst" = "2014-02-24 01:12:56 America/Los_Angeles";
};
status = 0;
}
解决方法
交易日期正确更新
我们可以利用交易日期正确更新的观察结果(即使在SanBox环境中,肯定在生产中):
"in_app":[{"quantity":"1","product_id":"###","transaction_id":"1000000122762089","original_transaction_id":"1000000122762089","purchase_date":"2014-09-07 16:15:13 Etc/GMT","purchase_date_ms": "1410106513000","purchase_date_pst":"2014-09-07 09:15:13 America/Los_Angeles","original_purchase_date":"2014-09-07 05:35:16 Etc/GMT","original_purchase_date_ms":"1410068116000","original_purchase_date_pst":"2014-09-06 22:35:16 America/Los_Angeles","is_trial_period":"false"}]
您可以看到purchase_date_ms和original_purchase_date_ms有所不同.
因此:强制转录ID和日期的组合的唯一性
不仅在您的服务器数据库中存储交易ID,而且存储购买日期(而不是原始购买日期).这两个值的组合在您的数据库中不会存在于合法还原事务中,但如果收据是重播,则会与现有记录相冲突.
请注意,我们正在查看验证服务器的响应,这意味着客户端将无法更改日期,因为它们无法更改交易ID而不会破坏收据的有效性.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
