堆栈内存溢出
  简体   繁体   English

使用我自己的服务器验证iOS应用内购买

[英]Validating iOS in-app-purchases using my own server

 原文  2013-04-16 19:26:46       ios/ security/ https/ in-app-purchase/ receipt

问题描述

I want to validate iOS in-app-purchases using my own server. 我想使用自己的服务器验证iOS应用内购买。 The iOS app will talk to my server which in turn will talk to Apple's server to determine if the IAP is valid. iOS应用程序将与我的服务器通信,而服务器又将与苹果的服务器通信,以确定IAP是否有效。 I'm fairly new to networking so I have a basic question: How can I make sure my iOS app is talking to my server securely? 我刚刚接触网络,所以有一个基本问题: 如何确保iOS应用正在安全地与服务器通信?

I imagine the app will talk over https but I don't know how this works. 我想该应用程序会通过https进行通讯,但我不知道它是如何工作的。 Any advice on setting up https communication between the two (or alternate methods of secure communication) are greatly appreciated! 非常感谢您提供有关在两者之间建立https通信(或安全通信的替代方法)的任何建议!

2 个解决方案

解决方案1
 2  2013-04-16 19:47:32

Lawson has a point. 劳森有观点。 You can't make your server perform the purchases directly at the AppStore. 您无法让服务器直接在AppStore中执行购买。 That has to be performed by your app. 这必须由您的应用执行。

It should request the available product identifiers from your server and then send an SKProductsRequest to the AppStore. 它应该从您的服务器请求可用的产品标识符,然后将SKProductsRequest发送到AppStore。 If required it processes the purchase over the app store and tells your own server about it by sending a so called receipt. 如果需要,它将通过应用商店处理购买,并通过发送所谓的收据来告知您自己的服务器。 The server can validate the receipt directly at the AppStore. 服务器可以直接在AppStore上验证收据。 But that is the only thing the server can do it self at the AppStore. 但这是服务器可以在AppStore上自行完成的唯一操作。

You can read more about it here: Overview of In-App Purchase: Server Product Model 您可以在此处了解更多信息: 应用内购买概述:服务器产品模型

As for the connection between your app and your server, I don't think you have much of a (reasonable) choice but to use SSL. 至于您的应用程序与服务器之间的连接,我认为除了SSL之外,您没有太多(合理的)选择。 Almost anything more secure would require a PKI. 几乎所有更安全的方法都需要PKI。

解决方案2
 1  2013-04-16 19:52:20

Sorry about the previous answer... I misread your question. 抱歉,您之前的回答是...我误读了您的问题。 You can have your server send a POST request to Apple's server, then parse the response. 您可以让服务器将POST请求发送到Apple的服务器,然后解析响应。

https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateRemotely.html https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateRemotely.html

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在iOS中维护应用内购买 - Maintaining in-app-purchases in iOS 维护iOS应用内购买记录 - Maintaining records of iOS in-app-purchases 在iOS In-App-Purchases收据验证中返回许多交易 - Returns many transactions on iOS In-App-Purchases receipt validation 应用内购买问题! 仿真器 - Issue with In-App-Purchases! Simulator 在没有开发者帐户的情况下测试应用内购买? - Test in-app-purchases without a developer account? 如何使用 NSUserDefaults 而不是我自己的服务器添加可消耗的应用内购买? - How do I add consumable In App Purchases using NSUserDefaults and not my own server? iOS应用程序的准备工作,以便我稍后可以添加应用内购买 - Preparations for iOS app so I can add in-app-purchases later iOS 应用内购买不适用于 TestFlight 中的非沙盒帐户 - iOS In-App-Purchases don't work for non-sandbox accounts in TestFlight 存储应用内购买的正确和安全方式 - Correct and secure manner of storing in-app-purchases 恢复已经在iPhone上购买了应用内购买? - Restore already bought in-app-purchases on iPhone?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM