const crypto = require('crypto');
// 把字符串分割为一连串更小的部分
function chunk_split(paramString, paramLength, paramEnd = '\n') {
let p = [];
let s = paramString;
while (s.length > paramLength) {
let s1 = s.substr(0, paramLength);
let s2 = s.substr(paramLength);
s = s2;
p.push(s1);
}
if (s.length > 0) {
p.push(s);
}
p.push('');
return p.join(paramEnd);
}
// google 公钥
let googlePublicKey = '在 google console 中的开发工具-》服务和API中可以找到';
/**
* 验证google支付签名是否正确
* @param {*} params 支付成功收到的参数
* @param {*} inappDataSignature google 传入的签名 字段名和顺序与用例保持一致 {
"orderId": "GPA.3341-6034-7995-16517",
"packageName": "com.exchange.demo",
"productId": "1006",
"purchaseTime": 1551281602450,
"purchaseState": 0,
"developerPayload": "Coins Package Pack 1",
"purchaseToken": "jjfbbecohm",
}
*/
function GooglePlayCheck(params, inappDataSignature) {
let verify = crypto.createVerify('RSA-SHA1');//请注意,这里要用RSA-SHA1
let PHP_EOL = '\n';//实际上就是换行符
let inappPurchaseData = JSON.stringify(params);
//这里要将公钥转换成64个字符一行的文本块。
let publicKey = "-----BEGIN PUBLIC KEY-----" + PHP_EOL + chunk_split(googlePublicKey, 64, PHP_EOL) + "-----END PUBLIC KEY-----";
verify.update(inappPurchaseData);//
let isSuccess = verify.verify(publicKey, Buffer.from(inappDataSignature, 'base64')); //验证数据
console.log("result:", isSuccess);
}
测试用例
/**
* 测试用例
*/
GooglePlayCheck({
"orderId": "GPA.3341-6034-7995-16517",
"packageName": "com.exchange.demo",
"productId": "1006",
"purchaseTime": 1551281602450,
"purchaseState": 0,
"developerPayload": "Coins Package Pack 1",
"purchaseToken": "jjfbbecohm",
}, "Ig1zAZJPZ8dH4id\/0zDDY62OlbACgWrb+ApRNXu08W35A+XLTp5N5krGugSUBG5LN1CRdLECGY+F8kczh10KLubCmgSPbBhB1kxJ\/bpMSfeklvCa0L3qJ00h0J8km7xJw6nTlwWtlHZzCQWu0TjeniVT0+hipTV67jkCjpHV+e8iGMxxKy0X+8qVEwQ5XNA==");
网友评论