<?php
namespace app\api\controller;
use app\common\controller\Api;
use think\Db;
use app\common\library\Transaction;
/**
* 充值配置与充值订单
*/
class Payios extends Api
{
protected $noNeedLogin = ['auto_renewal_vip_notify'];
protected $noNeedRight = ['*'];
//vip ios用的
public function vip_config_ios(){
$list = Db::name('payvip_config_ios')->field('id,money,days,title,info,bundle_id,is_lianxu')->where('is_show',1)->order('weight asc,id asc')->select();
$data['vipconfig'] = $list;
$data['vip_endtime'] = model('wallet')->getWallet($this->auth->id,'vip_endtime');
$data['is_vip'] = $data['vip_endtime'] > time() ? 1 : 0;
$data['avatar'] = localpath_to_netpath($this->auth->avatar);
$this->success('success',$data);
}
//vip用的,创建订单
public function vip_recharge_ios(){
$rc_id = input('rc_id',0);
$platform = 'app';
$uid = $this->auth->id;
if(!$rc_id){
$this->error('请选择会员套餐');
}
if(!$this->user_auth_limit()){
$this->error('请先完成实名认证');
}
//赋值money
$recharge_config = Db::name('payvip_config_ios')->where('id',$rc_id)->find();
$money = $recharge_config['money'];
if($money<=0)
{
$this->error('支付金额必须大于0');
}
if($money > 10000){
$this->error('支付金额太大');
}
//创建订单
$data = [];
$data['user_id'] = $uid;
$data['out_trade_no'] = createUniqueNo('V',$uid); // 数据库订单号加密
$data['order_amount'] = $money;
$data['createtime'] = time();
$data['pay_type'] = 'ios';
$data['platform'] = $platform;
$data['order_status'] = 0;
$data['table_name'] = 'vip_recharge';
$data['table_id'] = 0;
$data['args'] = json_encode(['days'=>$recharge_config['days']]);
$data['bundle_id'] = $recharge_config['bundle_id'];
$data['is_lianxu'] = $recharge_config['is_lianxu'];
$orderid = Db::name('pay_order')->insertGetId($data);
$this->success('success',$data['out_trade_no']);
}
////////////////////////////////
//金币充值
public function gold_config_ios(){
$list = Db::name('paygold_webcon_ios')->field('id,money,gold,bundle_id')->where('is_show',1)->order('weigh asc,id asc')->select();
$data['goldconfig'] = $list;
$wallet = model('wallet')->getWallet($this->auth->id);
$data['wallet'] = $wallet;
$data['money_to_gold'] = config('site.money_to_gold');
$this->success('success',$data);
}
//充值金币 创建订单
public function gold_recharge_ios(){
$rc_id = input_post('rc_id',0);
$pay_type = 'ios';
$platform = 'app';
$uid = $this->auth->id;
if(!$rc_id){
$this->error('请选择充值金额');
}
if(!$this->user_auth_limit()){
$this->error('请先完成实名认证');
}
//赋值money
$recharge_config = Db::name('paygold_webcon_ios')->where('id',$rc_id)->find();
$money = $recharge_config['money'] ?: 0;
$gold = $recharge_config['gold'] ?: 0;
//
if($money<=0)
{
$this->error('支付金额必须大于0');
}
if($money > 10000){
$this->error('支付金额太大');
}
//创建订单
$data['user_id'] = $uid;
$data['out_trade_no'] = createUniqueNo('P',$uid); // 数据库订单号加密
$data['order_amount'] = $money;
$data['createtime'] = time();
$data['pay_type'] = $pay_type;
$data['platform'] = $platform;
$data['order_status'] = 0;
$data['table_name'] = 'gold_recharge';
$data['table_id'] = 0;
$data['args'] = json_encode(['gold'=>$gold]);
$data['bundle_id'] = $recharge_config['bundle_id'];
$orderid = Db::name('pay_order')->insertGetId($data);
$this->success('success',$data['out_trade_no']);
}
////////////////////////////////////////
//订阅信息处理,续订情况下,单独分支方法
public function expires(){
//苹果订阅的验证收据
$original_transaction_id = input('original_transaction_id','','trim');
$receipt_data = input('apple_receipt', '', 'trim');
$transaction_id = input('transaction_id', '', 'trim');
$out_trade_no = input('out_trade_no', '', 'trim');
if (!$receipt_data || !$original_transaction_id || !$transaction_id) {
$this->error('缺少参数');
}
filePut("\r\n\r\n".'新请求VIP订阅');
$prefix = 'iosVIP订阅登录user_id:'.$this->auth->id.',传入original_transaction_id:'.$original_transaction_id.',传入transaction_id:'.$transaction_id.'。';
filePut($prefix.'参数apple_receipt:'.$receipt_data);
//检查重复订单
$check_map = [
'original_transaction_id' => $original_transaction_id,
'transaction_id' => $transaction_id,
];
$check_order = Db::name('user_vipxufei_task')->where($check_map)->field('id')->find();
if($check_order){
filePut($prefix.'续费早已完成');
$this->success('充值已完成');
}
// 验证支付状态
$result = $this->validate_apple_pay($receipt_data);
if (!$result['status']) {// 验证不通过
filePut($prefix.'验证'.$result['message']);
$this->error($result['message']);
}
$in_app = $result['data']['receipt']['in_app'];
$only_trans = [];
foreach($in_app as $key => $trans){
//非订阅信息,原始信息,不验证product_id因为可能换了新的套餐
if($trans['transaction_id'] == $transaction_id && $original_transaction_id == $trans['original_transaction_id']/* && $trans['product_id'] == $order_info['bundle_id']*/){
$only_trans = $trans;
break;
}
}
if(empty($only_trans)){
filePut($prefix.'未找到匹配的交易');
$this->error('未找到匹配的交易');
}
Db::startTrans();
//查找订单,可能找到以前的,非当前用户的。根据原始id 和 用户id不是终生绑定
$order_map = [
'original_transaction_id' => $original_transaction_id,
];
$order_info = Db::name('user_vipxufei_task')->where($order_map)->order('expires_date_ms desc')->find();
if (!$order_info) {
Db::rollback();
filePut($prefix.'不存在的订单');
$this->error('不存在的订单');
}
//续订,但是换了产品了,重新定义order_info
//原始id换给别人用了
$order_info_bundle_id = $order_info['bundle_id'];
$order_info_user_id = $order_info['user_id'];
if($only_trans['product_id'] != $order_info['bundle_id'] || $order_info['user_id'] != $this->auth->id){
$pay_order_map = [
'user_id' => $this->auth->id,
'bundle_id' => $only_trans['product_id'],
'order_status' => 0,
'table_name' => 'vip_recharge',
];
$pay_order = Db::name('pay_order')->where($pay_order_map)->order('id desc')->lock(true)->find();
if(!$pay_order){
Db::rollback();
filePut($prefix.'未找到匹配的交易,新订单找不到');
$this->error('未找到匹配的新订单');
}
// 修改订单状态
$update_order = [
'notifytime'=>time(),
'order_status'=>1,
'original_transaction_id' => $only_trans['original_transaction_id'],
'in_app_one' => json_encode($only_trans),
];
$ros = Db::name('pay_order')->where(['id' => $pay_order['id']])->update($update_order);
if($ros === false) {
filePut($prefix.'修改订单状态失败');
Db::rollback();
$this->error('充值失败');
}
$args = json_decode($pay_order['args'],true);
//修改order_info
$order_info['order_id'] = $pay_order['id'];
$order_info['user_id'] = $pay_order['user_id'];
$order_info['bundle_id'] = $pay_order['bundle_id'];
$order_info['days'] = $args['days'];
$order_info['original_transaction_id'] = $only_trans['original_transaction_id'];//多余
}
//验证时间,不得小于最新的一条预定信息
if($order_info_user_id == $this->auth->id){
if($only_trans['purchase_date_ms'] <= $order_info['purchase_date_ms'] || $only_trans['expires_date_ms'] <= $order_info['expires_date_ms']){
Db::rollback();
filePut($prefix.'时间对不上,返回成功,finish掉');
$this->success(1);
}
}
//逻辑开始
//先充值
$user_info = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->lock(true)->find();
if($user_info['vip_endtime'] < time()){
//过期了
$vip_endtime = time() + (intval($order_info['days']) * 86400);
}else{
//追加vip
$vip_endtime = $user_info['vip_endtime'] + (intval($order_info['days']) * 86400);
}
$update_data = [
'vip_endtime'=>$vip_endtime,
];
$result = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->update($update_data);
if($result === false)
{
filePut($prefix.'逻辑续费vip时间失败');
Db::rollback();
$this->error('充值失败');
}
//逻辑结束
//添加新的一个task
$task_data = $order_info;
unset($task_data['id']);
unset($task_data['transaction_info']);
$task_data['createtime'] = time();
$task_data['apple_receipt'] = $receipt_data;
$task_data['in_app_one'] = json_encode($only_trans);
$task_data['transaction_id'] = $transaction_id;
$task_data['times'] = $order_info['times'] + 1;
$task_data['original_purchase_date_ms'] = $only_trans['original_purchase_date_ms'];
$task_data['purchase_date_ms'] = $only_trans['purchase_date_ms'];
$task_data['expires_date_ms'] = $only_trans['expires_date_ms'];
//换了产品了,或者订单的user_id被改过了
if($only_trans['product_id'] != $order_info_bundle_id || $order_info['user_id'] != $order_info_user_id){
$task_data['times'] = 1;//回归1
}
$task_id = Db::name('user_vipxufei_task')->insertGetId($task_data);
if(!$task_id)
{
filePut($prefix.'用户添加vipxufei_task失败');
Db::rollback();
$this->error('充值失败');
}
Db::commit();
filePut($prefix.'充值成功'.$task_id);
$this->success('充值成功'.$task_id);
//逻辑结束
}
//金币+vip,苹果内购支付回调,app请求的接口
public function gold_notify_iosnew(){
$original_transaction_id = input('original_transaction_id','','trim');
if(!empty($original_transaction_id)){
//订阅信息
$this->expires();
}
//苹果内购的验证收据
$receipt_data = input('apple_receipt', '', 'trim');
$out_trade_no = input('out_trade_no', '', 'trim');
$transaction_id = input('transaction_id', '', 'trim');
if (!$receipt_data || !$out_trade_no || !$transaction_id) {
$this->error('缺少参数');
}
filePut("\r\n\r\n".'新请求');
$prefix = 'ios充值,登录user_id:'.$this->auth->id.',out_trade_no:'.$out_trade_no.',传入transaction_id:'.$transaction_id.'。';
filePut($prefix.'参数apple_receipt:'.$receipt_data);
Db::startTrans();
// 查找订单
$order_map = [
// 'user_id' => $this->auth->id,
'out_trade_no' => $out_trade_no,
];
$order_info = Db::name('pay_order')->where($order_map)->lock(true)->find();
if (!$order_info) {
Db::rollback();
filePut($prefix.'不存在的订单');
$this->error('不存在的订单');
}
if ($order_info['order_status'] == 1) {
Db::rollback();
filePut($prefix.'充值早已完成');
$this->success('充值已完成');
}
// 验证支付状态
$result = $this->validate_apple_pay($receipt_data);
if (!$result['status']) {// 验证不通过
Db::rollback();
filePut($prefix.'验证'.$result['message']);
$this->error($result['message']);
}
$in_app = $result['data']['receipt']['in_app'];
$only_trans = [];
foreach($in_app as $key => $trans){
//非订阅信息,原始信息
// $trans['transaction_id'] == $transaction_id 这个不重要,重要的是后面2个。应该也重要,保证这次处理的是初始交易
if($trans['transaction_id'] == $transaction_id && $transaction_id == $trans['original_transaction_id'] && $trans['product_id'] == $order_info['bundle_id']){
$only_trans = $trans;
break;
}
}
if(empty($only_trans)){
Db::rollback();
filePut($prefix.'未找到匹配的交易,产品id'.$order_info['bundle_id'].',原始交易id'.$transaction_id);
$this->error('未找到匹配的交易,产品id'.$order_info['bundle_id'].',原始交易id'.$transaction_id);
}
//逻辑开始
$args = json_decode($order_info['args'],true);
//先充值
if($order_info['table_name'] == 'gold_recharge'){
$result = model('Wallet')->lockChangeAccountRemain($order_info['user_id'],'gold',$args['gold'],10, '金币充值','pay_order',$order_info['id']);
if($result['status']===false)
{
filePut($prefix.'逻辑添加金币失败');
Db::rollback();
$this->error('充值失败');
}
}
//先充值
if($order_info['table_name'] == 'vip_recharge'){
$user_info = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->lock(true)->find();
if($user_info['vip_endtime'] < time()){
//过期了
$vip_endtime = time() + (intval($args['days']) * 86400);
}else{
//追加vip
$vip_endtime = $user_info['vip_endtime'] + (intval($args['days']) * 86400);
}
$update_data = [
'vip_endtime'=>$vip_endtime,
];
$result = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->update($update_data);
if($result === false)
{
filePut($prefix.'逻辑续费vip时间失败');
Db::rollback();
$this->error('充值失败');
}
//订阅vip需要多加的逻辑
if($order_info['is_lianxu'] == 1){
$task_data = [
'order_id' => $order_info['id'],
'user_id' => $order_info['user_id'],
'bundle_id' => $order_info['bundle_id'],
'days' => $args['days'],
'createtime' => time(),
'apple_receipt' => $receipt_data,
'in_app_one' => json_encode($only_trans),
'original_transaction_id' => $only_trans['original_transaction_id'],
'transaction_id' => $only_trans['transaction_id'],
'status' => 1,
'times' => 1,
//'notification_type' => 'INITIAL_BUY'.',首次订阅',
'original_purchase_date_ms' => $only_trans['original_purchase_date_ms'],
'purchase_date_ms' => $only_trans['purchase_date_ms'],
'expires_date_ms' => $only_trans['purchase_date_ms'], //第一次借用购买时间戳
];
$task_id = Db::name('user_vipxufei_task')->insertGetId($task_data);
if(!$task_id)
{
filePut($prefix.'用户添加vipxufei_task失败');
Db::rollback();
$this->error('充值失败');
}
}
}
// 修改订单状态
$update_order = [
'notifytime'=>time(),
'order_status'=>1,
'original_transaction_id' => $only_trans['original_transaction_id'],//理论上与 transaction_id 相等
'in_app_one' => json_encode($only_trans),
];
$ros = Db::name('pay_order')->where(['id' => $order_info['id']])->update($update_order);
if($ros === false) {
filePut($prefix.'修改订单状态失败');
Db::rollback();
$this->error('充值失败');
}
Db::commit();
filePut($prefix.'充值成功');
$this->success('充值成功');
//逻辑结束
}
////////////////////////////////////
/**
* ios 事件通知
* @return bool
*/
public function auto_renewal_vip_notify()
{
$this->notify_log_start('ios');
try {
$raw = file_get_contents("php://input");
//filePut("\r\n\r\n".'入口:'.$raw);
$raw = json_decode($raw,true);
$token = isset($raw['signedPayload']) ? $raw['signedPayload'] : '';
$data = $this->verifyAppleToken($token);
dump($data);
if (empty($data)) {
//timbao add
//记录苹果通知逻辑中的bug
exit;
}
$transaction_info = $this->verifyAppleToken($data['data']['signedTransactionInfo']);
dump($transaction_info);
$rs = '默认';
switch ($data['notificationType']) {
case 'DID_RENEW': // 续订
$rs = Transaction::autoRenew($transaction_info);
break;
case 'REFUND': // 退款
$rs = Transaction::refund($transaction_info);
break;
case 'DID_CHANGE_RENEWAL_STATUS': // 连续续订状态 变更
$rs = Transaction::changeRenewStatus($transaction_info, $data['subtype']);
break;
case 'EXPIRED': // 过期通知
$rs = Transaction::updateExpiredTrans($transaction_info);
break;
case 'SUBSCRIBED': // 订阅通知
$rs = Transaction::updateSubscribed($transaction_info, $data['subtype']);
break;
case 'DID_FAIL_TO_RENEW': // 续订失败
$rs = Transaction::updateRenewFailTrans($transaction_info);
break;
case 'DID_CHANGE_RENEWAL_PREF': //升级 降级
if ($data['subtype'] == 'UPGRADE') {
$rs = Transaction::autoRenew($transaction_info, true);
}
break;
}
dump($rs);
exit;
}catch (Exception $e) {
echo $e->getMessage();
exit;
}
}
////////////////////////////////私有方法///////////////////////////////////////////////////////////////
//异步日志
private function notify_log_start($paytype = 'ios'){
//记录支付回调数据
ignore_user_abort(); // run script in background
set_time_limit(30);
// 日志文件 start
$log_base_dir = '../paylog/'.$paytype.'/';
if (!is_dir($log_base_dir))
{
mkdir($log_base_dir, 0770, true);
@chmod($log_base_dir, 0770);
}
$notify_file = $log_base_dir.'notify.txt';
if(!file_exists($notify_file)) {
@touch($notify_file);
@chmod($notify_file, 0770);
}
if(filesize($notify_file)>5242880)//大于5M自动切换
{
rename($notify_file, $log_base_dir.'notify_'.date('Y_m_d_H_i_s').'.txt');
}
if(!file_exists($notify_file)) {
@touch($notify_file);
@chmod($notify_file, 0770);
}
// 日志文件 end
//开始写入
$_REQUEST = isset($_REQUEST) ? $_REQUEST : array();
if($_REQUEST && $paytype == 'alipay') {
file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收request]".json_encode($_REQUEST), FILE_APPEND);
} else {
$xml = file_get_contents("php://input");
file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收php://input流原始数据] \n".$xml, FILE_APPEND);
/*$xmlObj = simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA);
file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收php://input流] ".json_encode($xmlObj), FILE_APPEND);*/
}
ini_set('display_errors','On');
return $notify_file;
}
public function test(){
$a = input('apple_receipt');
$b = $this->validate_apple_pay($a);
echo json_encode($b);
}
/**
* 验证AppStore内付
* @param string $receipt_data 付款后凭证
* @return array 验证是否成功
* https://juejin.cn/post/7049626884765646884 报错代码
*/
function validate_apple_pay($receipt_data = '') {
// 验证参数
if (strlen($receipt_data) < 20) {
$result = array(
'status' => false,
'message' => '非法参数'
);
return $result;
}
// 请求验证
$html = $this->curl($receipt_data);
$data = json_decode($html, true);
$data['sandbox'] = '0';
// p($data);die;
if ($data['status'] == '21002') {
$result = array(
'status' => false,
'message' => 'status:21002'
);
return $result;
}
// 如果是沙盒数据 则验证沙盒模式 21008;正式数据 21007
if ($data['status'] == '21007') {
// 请求验证
$html = $this->curl($receipt_data, 1);
$data = json_decode($html, true);
$data['sandbox'] = '1';
}
if (isset($_GET['debug'])) {
exit(json_encode($data));
}
if ($data['receipt']['bundle_id'] != 'com.huxiu.tken') {
$result = array(
'status' => false,
'message' => '非法请求',
'data' => $data
);
return $result;
}
// 判断是否购买成功
if (intval($data['status']) === 0) {
$result = array(
'status' => true,
'message' => '购买成功',
'data' => $data
);
} else {
$result = array(
'status' => false,
'message' => '购买失败 status:' . $data['status']
);
}
// dump($result);
return $result;
}
/**
* 0 票据校验成功
* 21000 App Store不能读取你提供的JSON对象25
* 21002 receipt-data域的数据有问题
* 21003 receipt无法通过验证
* 21004 提供的shared secret不匹配你账号中的shared secret
* 21005 receipt服务器当前不可用
* 21006 receipt合法,但是订阅已过期。服务器接收到这个状态码时,receipt数据仍然会解码并一起发送
* 21007 receipt是Sandbox receipt,但却发送至生产系统的验证服务
* 21008 receipt是生产receipt,但却发送至Sandbox环境的验证服务
*/
//苹果也是建议这个校验逻辑由服务端完成。服务器需要先去请求正式环境。如果receipt是正式环境的,那么这个时候苹果会返回(21007)告诉我们这个是沙盒的receipt,那么服务器再去请求sandbox环境。
function curl($receipt_data,$sandbox = 0) {
//小票信息
$POSTFIELDS = [
'receipt-data' => $receipt_data,
'password' => '09ef214173a944808ac648b15fa02167'
];
$POSTFIELDS = json_encode($POSTFIELDS, 320);
//正式购买地址 沙盒购买地址
$url_buy = "https://buy.itunes.apple.com/verifyReceipt";
$url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";
//默认后台控制
if (config('site.ios_pay_sandbox') > 0 ) {
$url = $url_buy;
} else {
$url = $url_sandbox;
}
//强制沙盒
if($sandbox == 1){
$url = $url_sandbox;
}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //这两行一定要加,不加会报SSL 错误
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);
$errno = curl_errno($ch);
curl_close($ch);
if ($errno != 0) {
return $errno;
} else {
return $response;
}
}
/**
* 苹果token解密
*
* @param $token
* @return array|bool|mixed|string
*/
private function verifyAppleToken($token)
{
$arr = explode('.',$token);
if(count($arr) != 3){
return [];
}
$header = $arr[0];
$header = base64_decode($header);
$header = json_decode($header,true);
if(empty($header)){
return [];
}
if($header['alg'] != 'ES256'){
return [];
}
$data = $arr[1];
$data = base64_decode($data);
$data = json_decode($data,true);
if(empty($data)){
return [];
}
$sign = $arr[2];
if(empty($sign)){
return [];
}
return $data;
}
}