<?php use Ramsey\Uuid\Uuid; class ItunesSignatureGenerator { private $appBundleID = 'www.u17.com'; private $keyIdentifier = 'ZZZZZZZ'; private $itunesPrivateKeyPath = '/path/to/the/file.p8; /** * @see https://developer.apple.com/documentation/storekit/in-app_purchase/generating_a_signature_for_subscription_offers * * @param $productIdentifier * @param $offerIdentifier * * @return Signature */ public function generateSubscriptionOfferSignature($productIdentifier, $offerIdentifier) { $nonce = strtolower(Uuid::uuid1()->toString()); $timestamp = time() * 1000; $applicationUsername = 'username'; $message = implode( "\u{2063}", [ $this->appBundleID, $this->keyIdentifier, $productIdentifier, $offerIdentifier, $applicationUsername, $nonce, $timestamp ] ); $message = $this->sign($message); return new Signature( base64_encode($message), $nonce, $timestamp, $this->keyIdentifier ); } private function sign($data) { $signature = ''; openssl_sign( $data, $signature, openssl_get_privatekey('file://' . $this->itunesPrivateKeyPath), OPENSSL_ALGO_SHA256 ); return $signature; } }
一些注意事项 openssl是能够直接进行ECDSA签名的php
一、$nonce 必须为小写,而且每次购买时的nonce不能重复不然会报签名错误没法购买 code -12json
二、$time 是毫秒time*1000app
三、\u2063 的字符格式须要注意 php里面能够用户"\u{2063}" 来表示,可是有的一些环境不支持这样的写法 因此还能够使用另一种 json_decode('"\u2036"') 来转一下格式ui