<?php
namespace app\api\controller;
use app\common\controller\Api;
use think\Db;
use app\common\library\Transaction;
/**
* 充值配置与充值订单
*/
class Payios extends Api
{
protected $noNeedLogin = [];
protected $noNeedRight = ['*'];
////////////////////////////////
//金币充值
public function jewel_config_ios(){
$list = Db::name('payjewel_config_ios')->field('id,money,jewel,bundle_id')->where('is_show',1)->order('weigh asc,id asc')->select();
$data['jewelconfig'] = $list;
$wallet = model('wallet')->getWallet($this->auth->id);
$data['wallet'] = $wallet;
$data['money_to_jewel'] = config('site.money_to_jewel');
$this->success('success',$data);
}
//充值金币 创建订单
public function jewel_recharge_ios(){
$rc_id = input('rc_id',0);
$pay_type = 'ios';
$platform = 'app';
$cityname = input('cityname','','trim');
$uid = $this->auth->id;
if(!$rc_id){
$this->error('请选择充值金额');
}
if($this->auth->is_auth != 2){
$this->error('请先完成实名认证');
}
//赋值money
$recharge_config = Db::name('payjewel_config_ios')->where('id',$rc_id)->find();
$money = $recharge_config['money'] ?: 0;
$jewel = $recharge_config['jewel'] ?: 0;
//
if($money<=0)
{
$this->error('支付金额必须大于0');
}
if($money > 10000){
$this->error('支付金额太大');
}
//创建订单
$data['user_id'] = $uid;
$data['out_trade_no'] = createUniqueNo('P',$uid); // 数据库订单号加密
$data['order_amount'] = $money;
$data['createtime'] = time();
$data['pay_type'] = $pay_type;
$data['platform'] = $platform;
$data['order_status'] = 0;
$data['table_name'] = 'jewel_recharge';
$data['table_id'] = 0;
$data['args'] = json_encode(['jewel'=>$jewel,'cityname'=>$cityname]);
$data['bundle_id'] = $recharge_config['bundle_id'];
$orderid = Db::name('pay_order')->insertGetId($data);
$this->success('success',$data['out_trade_no']);
}
////////////////////////////////////////
//金币+vip,苹果内购支付回调,app请求的接口
public function jewel_notify_iosnew(){
$original_transaction_id = input('original_transaction_id','','trim');
if(!empty($original_transaction_id)){
//订阅信息
//$this->expires();
}
//苹果内购的验证收据
$receipt_data = input('apple_receipt', '', 'trim');
$out_trade_no = input('out_trade_no', '', 'trim');
$transaction_id = input('transaction_id', '', 'trim');
if (!$receipt_data || !$out_trade_no || !$transaction_id) {
$this->error('缺少参数');
}
filePut("\r\n\r\n".'新请求');
$prefix = 'ios充值,登录user_id:'.$this->auth->id.',out_trade_no:'.$out_trade_no.',传入transaction_id:'.$transaction_id.'。';
filePut($prefix.'参数apple_receipt:'.$receipt_data);
Db::startTrans();
// 查找订单
$order_map = [
// 'user_id' => $this->auth->id,
'out_trade_no' => $out_trade_no,
];
$order_info = Db::name('pay_order')->where($order_map)->lock(true)->find();
if (!$order_info) {
Db::rollback();
filePut($prefix.'不存在的订单');
$this->error('不存在的订单');
}
if ($order_info['order_status'] == 1) {
Db::rollback();
filePut($prefix.'充值早已完成');
$this->success('充值已完成');
}
// 验证支付状态
$result = $this->validate_apple_pay($receipt_data);
if (!$result['status']) {// 验证不通过
Db::rollback();
filePut($prefix.'验证'.$result['message']);
$this->error($result['message']);
}
$in_app = $result['data']['receipt']['in_app'];
$only_trans = [];
foreach($in_app as $key => $trans){
//非订阅信息,原始信息
// $trans['transaction_id'] == $transaction_id 这个不重要,重要的是后面2个。应该也重要,保证这次处理的是初始交易
if($trans['transaction_id'] == $transaction_id && $transaction_id == $trans['original_transaction_id'] && $trans['product_id'] == $order_info['bundle_id']){
$only_trans = $trans;
break;
}
}
if(empty($only_trans)){
Db::rollback();
filePut($prefix.'未找到匹配的交易,产品id'.$order_info['bundle_id'].',原始交易id'.$transaction_id);
$this->error('未找到匹配的交易,产品id'.$order_info['bundle_id'].',原始交易id'.$transaction_id);
}
//逻辑开始
$args = json_decode($order_info['args'],true);
$extend = [
'cityname' => $args['cityname']
];
//先充值
if($order_info['table_name'] == 'jewel_recharge'){
$result = model('Wallet')->lockChangeAccountRemain($order_info['user_id'],$args['jewel'],'+',0,'金币充值',33,'jewel',$extend);
if($result['status']===false)
{
filePut($prefix.'逻辑添加金币失败');
Db::rollback();
$this->error('充值失败');
}
}
//先充值
if($order_info['table_name'] == 'vip_recharge'){
//没有,如果需要去tken找
}
// 修改订单状态
$update_order = [
'notifytime'=>time(),
'order_status'=>1,
'original_transaction_id' => $only_trans['original_transaction_id'],//理论上与 transaction_id 相等
'in_app_one' => json_encode($only_trans),
];
$ros = Db::name('pay_order')->where(['id' => $order_info['id']])->update($update_order);
if($ros === false) {
filePut($prefix.'修改订单状态失败');
Db::rollback();
$this->error('充值失败');
}
Db::commit();
filePut($prefix.'充值成功');
$this->success('充值成功');
//逻辑结束
}
////////////////////////////////私有方法///////////////////////////////////////////////////////////////
public function test(){
$a = input('apple_receipt');
$b = $this->validate_apple_pay($a);
echo json_encode($b);
}
/**
* 验证AppStore内付
* @param string $receipt_data 付款后凭证
* @return array 验证是否成功
* https://juejin.cn/post/7049626884765646884 报错代码
*/
function validate_apple_pay($receipt_data = '') {
// 验证参数
if (strlen($receipt_data) < 20) {
$result = array(
'status' => false,
'message' => '非法参数'
);
return $result;
}
// 请求验证
$html = $this->curl($receipt_data);
$data = json_decode($html, true);
$data['sandbox'] = '0';
// p($data);die;
if ($data['status'] == '21002') {
$result = array(
'status' => false,
'message' => 'status:21002'
);
return $result;
}
// 如果是沙盒数据 则验证沙盒模式 21008;正式数据 21007
if ($data['status'] == '21007') {
// 请求验证
$html = $this->curl($receipt_data, 1);
$data = json_decode($html, true);
$data['sandbox'] = '1';
}
if (isset($_GET['debug'])) {
exit(json_encode($data));
}
if ($data['receipt']['bundle_id'] != 'com.huxiu.tken') {
$result = array(
'status' => false,
'message' => '非法请求',
'data' => $data
);
return $result;
}
// 判断是否购买成功
if (intval($data['status']) === 0) {
$result = array(
'status' => true,
'message' => '购买成功',
'data' => $data
);
} else {
$result = array(
'status' => false,
'message' => '购买失败 status:' . $data['status']
);
}
// dump($result);
return $result;
}
/**
* 0 票据校验成功
* 21000 App Store不能读取你提供的JSON对象25
* 21002 receipt-data域的数据有问题
* 21003 receipt无法通过验证
* 21004 提供的shared secret不匹配你账号中的shared secret
* 21005 receipt服务器当前不可用
* 21006 receipt合法,但是订阅已过期。服务器接收到这个状态码时,receipt数据仍然会解码并一起发送
* 21007 receipt是Sandbox receipt,但却发送至生产系统的验证服务
* 21008 receipt是生产receipt,但却发送至Sandbox环境的验证服务
*/
//苹果也是建议这个校验逻辑由服务端完成。服务器需要先去请求正式环境。如果receipt是正式环境的,那么这个时候苹果会返回(21007)告诉我们这个是沙盒的receipt,那么服务器再去请求sandbox环境。
function curl($receipt_data,$sandbox = 0) {
//小票信息
$POSTFIELDS = [
'receipt-data' => $receipt_data,
'password' => '09ef214173a944808ac648b15fa02167'
];
$POSTFIELDS = json_encode($POSTFIELDS, 320);
//正式购买地址 沙盒购买地址
$url_buy = "https://buy.itunes.apple.com/verifyReceipt";
$url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";
//默认后台控制
if (config('site.ios_pay_sandbox') > 0 ) {
$url = $url_buy;
} else {
$url = $url_sandbox;
}
//强制沙盒
if($sandbox == 1){
$url = $url_sandbox;
}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //这两行一定要加,不加会报SSL 错误
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);
$errno = curl_errno($ch);
curl_close($ch);
if ($errno != 0) {
return $errno;
} else {
return $response;
}
}
}