Exemplo n.º 1
0
function _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled = FALSE, $state, $comments = array(), $extras = array(), $error_message = '')
{
    $writer = _pugpig_subs_start_xml_writer();
    if ($entitled) {
        $username = sha1(uniqid(mt_rand()));
        // TODO: do we need a more secure random number?
        $password = pugpig_generate_password($product_id, $username, $secret);
        $writer->startElement('credentials');
        $writer->writeElement('userid', $username);
        $writer->writeElement('password', $password);
        $writer->startElement('subscription');
        $writer->writeAttribute('state', $state);
        $writer->endElement();
        $writer->writeElement('productid', $product_id);
        foreach ($comments as $comment) {
            $writer->writeComment($comment);
        }
        foreach ($extras as $name => $value) {
            $writer->writeElement($name, $value);
        }
        $writer->endElement();
    } else {
        $writer->startElement('credentials');
        $writer->startElement('error');
        $writer->writeAttribute('status', "notentitled");
        if (!empty($error_message)) {
            $writer->writeAttribute('message', $error_message);
        }
        $writer->endElement();
        $writer->startElement('subscription');
        $writer->writeAttribute('state', $state);
        $writer->endElement();
        foreach ($comments as $comment) {
            $writer->writeComment($comment);
        }
        foreach ($extras as $name => $value) {
            $writer->writeElement($name, $value);
        }
        $writer->endElement();
        $writer->endElement();
    }
    $writer->endDocument();
    _pugpig_subs_end_xml_writer($writer);
}
Exemplo n.º 2
0
function pugpig_send_itunes_edition_credentials($appStorePassword, $subscriptionPrefix, $allowedSubscriptionArray, $binaryReceipt, $secret, $comments = array(), $proxy_server = '', $proxy_port = '')
{
    global $iTunesErrorCodes;
    $itunesUrl = '';
    $jsonResult = NULL;
    $jsonReceipt = NULL;
    $status = -1;
    $exception = '';
    if ($binaryReceipt) {
        $base64Receipt = base64_encode($binaryReceipt);
        $jsonReceipt = json_encode(array('receipt-data' => $base64Receipt, 'password' => $appStorePassword));
        // Always verify your receipt first with the production URL; proceed to
        // verify with the sandbox URL if you receive a 21007 status code.
        // Following this approach ensures that you do not have to switch between
        // URLs while your application is being tested or reviewed in the sandbox
        // or is live in the App Store.
        $itunesUrl = 'https://buy.itunes.apple.com/verifyReceipt';
        $jsonResult = pugpig_validate_receipt_with_itunes($itunesUrl, $jsonReceipt, $proxy_server, $proxy_port);
        if ($jsonResult) {
            $status = $jsonResult->status;
            $comments[] = "BUY: Got status {$status}.";
            if (array_key_exists($status, $iTunesErrorCodes)) {
                $comments[] = "BUY: " . $iTunesErrorCodes[$status];
            }
            if (isset($jsonResult->exception)) {
                $exception = $jsonResult->exception;
            }
        } else {
            $comments[] = "PUGPIG: Failed to connect to production iTunes. Maybe check your outbound rules.";
        }
        if ($status == 21007) {
            $comments[] = "PUGPIG: Trying the Sandbox validator.";
            $status = -1;
            $exception = '';
            $itunesUrl = 'https://sandbox.itunes.apple.com/verifyReceipt';
            $jsonResult = pugpig_validate_receipt_with_itunes($itunesUrl, $jsonReceipt, $proxy_server, $proxy_port);
            if ($jsonResult) {
                $status = $jsonResult->status;
                $comments[] = "SANDBOX: Got status {$status}.";
                if (array_key_exists($status, $iTunesErrorCodes)) {
                    $comments[] = "SANDBOX: " . $iTunesErrorCodes[$status];
                }
                if (isset($jsonResult->exception)) {
                    $exception = $jsonResult->exception;
                }
            } else {
                $comments[] = "PUGPIG: Failed to connect to sandbox iTunes. Maybe it is down.";
            }
        }
    } else {
        $comments[] = "PUGPIG: No receipt data sent.";
    }
    $writer = new XMLWriter();
    $writer->openMemory();
    $writer->setIndent(true);
    $writer->setIndentString('  ');
    $writer->startDocument('1.0', 'UTF-8');
    if ($status == 0) {
        $receiptData = $jsonResult->receipt;
        $productId = $receiptData->product_id;
        $comments[] = "PUGPIG: Receipt Product ID: {$productId}";
        $purchaseDate = $receiptData->original_purchase_date;
        $restoreDate = $receiptData->purchase_date;
        $expiresDate = '';
        if (property_exists($receiptData, 'expires_date')) {
            $expiresDate = $receiptData->expires_date;
        }
        if ($expiresDate) {
            $expiresDate = gmdate('Y-m-d H:i:s \\E\\t\\c/\\G\\M\\T', $expiresDate / 1000);
        }
        // If this is an allowed subscription product, use the ID in the query string
        // We either match the prefix, or
        $is_subscription_product = FALSE;
        if (!empty($subscriptionPrefix) && strpos($productId, $subscriptionPrefix) === 0) {
            $is_subscription_product = TRUE;
            $comments[] = "PUGPIG: Subscription found - {$productId} matches  {$subscriptionPrefix}";
        }
        if (in_array($productId, $allowedSubscriptionArray)) {
            $is_subscription_product = TRUE;
            $comments[] = "PUGPIG: Subscription found - {$productId} in supplied array";
        }
        if ($is_subscription_product) {
            $productId = $_GET['productid'];
        } else {
            $comments[] = "PUGPIG: Using product ID from receipt data";
        }
        $username = sha1(mt_rand());
        // TODO: do we need a more secure random number?
        $password = pugpig_generate_password($productId, $username, $secret);
        $writer->startElement('credentials');
        $writer->writeElement('userid', $username);
        $writer->writeElement('password', $password);
        $writer->writeElement('productid', $productId);
        $writer->writeElement('purchasedate', $purchaseDate);
        $writer->writeElement('restoredate', $restoreDate);
        $writer->writeElement('expiresdate', $expiresDate);
        $writer->writeElement('validationurl', $itunesUrl);
        $writer->endElement();
    } else {
        $writer->startElement('error');
        $writer->writeAttribute('status', $status);
        $writer->writeAttribute('exception', $exception);
        $writer->writeAttribute('validationurl', $itunesUrl);
        $writer->writeElement('subs_prefix', $subscriptionPrefix);
        $writer->writeElement('subs_list', implode(",", $allowedSubscriptionArray));
        $writer->endElement();
    }
    foreach ($comments as $comment) {
        $writer->writeComment(" " . $comment . " ");
    }
    $writer->endDocument();
    header('Content-type: text/xml');
    echo $writer->outputMemory();
    exit;
}
function _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled = false, $state, $comments = array(), $extras = array(), $error_message = '', $token = '', $extra_headers = array())
{
    $comments[] = "Generated: " . date(DATE_RFC822);
    $comments[] = "Requested Product ID: " . $product_id;
    $writer = _pugpig_subs_start_xml_writer();
    if ($entitled) {
        $username = empty($token) ? sha1(uniqid(mt_rand())) : $token;
        $password = pugpig_generate_password($product_id, $username, $secret);
        $writer->startElement('credentials');
        $writer->writeElement('userid', $username);
        $writer->writeElement('password', $password);
        // Do a fairly unpleasant callback to get addtional extra headers
        if (function_exists('pugpig_get_extra_credential_headers')) {
            $external_extras = pugpig_get_extra_credential_headers($product_id, $username, $comments);
            if (isset($external_extras) && !empty($external_extras)) {
                $extra_headers = array_merge($extra_headers, $external_extras);
            }
        }
        foreach ($extra_headers as $key => $value) {
            $writer->startElement('header');
            $writer->writeAttribute('name', $key);
            $writer->text($value);
            $writer->endElement();
        }
        _pugpig_subs_write_comments($writer, $comments);
        foreach ($extras as $name => $value) {
            $writer->writeElement($name, $value);
        }
        $writer->endElement();
    } else {
        $writer->startElement('credentials');
        $writer->startElement('error');
        $writer->writeAttribute('status', "notentitled");
        if (!empty($error_message)) {
            $writer->writeAttribute('message', $error_message);
        }
        $writer->endElement();
        _pugpig_subs_write_comments($writer, $comments);
        foreach ($extras as $name => $value) {
            $writer->writeElement($name, $value);
        }
        $writer->endElement();
        $writer->endElement();
    }
    $writer->endDocument();
    _pugpig_subs_end_xml_writer($writer);
}