diff --git a/uml/game2006api_20230712.md b/uml/game2006api_20230712.md index 915e6c0d..d0ba123e 100644 --- a/uml/game2006api_20230712.md +++ b/uml/game2006api_20230712.md @@ -52,7 +52,7 @@ // txhash: string // } // 我返回给你这些数据和一个sign字段, -// sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 iG4Rpsa)6U31$H#^T85$^^3 +// sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 // PENDING = 0, // 初始状态 // TRANSFERING = 1, //只有国库模式才会有该状态 // TRANSFERED = 2, //只有国库模式才会有该状态 @@ -103,7 +103,7 @@ // channel: 'google', // records, // } - // const hashSort = 'iG4Rpsa)6U31$H#^T85$^^3' + // const hashSort = '' // const signStr = 'channel=google&' + records.map(record =>Object.keys(record).sort().map(key => `${key}=${record[key]}`).join('&')).join('&') // const sign = hmacsha256(signStr, hashSort) diff --git a/webapp/controller/ShopController.class.php b/webapp/controller/ShopController.class.php index fc51bd3d..54ff9a3d 100644 --- a/webapp/controller/ShopController.class.php +++ b/webapp/controller/ShopController.class.php @@ -318,7 +318,7 @@ class ShopController extends BaseAuthedController // txhash: string // } // 我返回给你这些数据和一个sign字段, - // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 iG4Rpsa)6U31$H#^T85$^^3 + // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 // PENDING = 0, // 初始状态 // TRANSFERING = 1, //只有国库模式才会有该状态 // TRANSFERED = 2, //只有国库模式才会有该状态 @@ -527,7 +527,7 @@ class ShopController extends BaseAuthedController // channel: 'google', // records, // } - // const hashSort = 'iG4Rpsa)6U31$H#^T85$^^3' + // const hashSort = '' // const signStr = 'channel=google&' + records.map(record =>Object.keys(record).sort().map(key => `${key}=${record[key]}`).join('&')).join('&') // const sign = hmacsha256(signStr, hashSort) @@ -550,7 +550,7 @@ class ShopController extends BaseAuthedController $hash_data = 'channel=' . $channel . '&' . $records_string; - $signature = hash_hmac('sha256', $hash_data, 'iG4Rpsa)6U31$H#^T85$^^3'); + $signature = hash_hmac('sha256', $hash_data, BUY_SERVER_PKEY); if ($signature != $sign) { $this->_rspErr(1, "signature error, signature: {$signature}, sign: {$sign}"); diff --git a/webapp/services/callback/ShopBuyGoodsDirect.php b/webapp/services/callback/ShopBuyGoodsDirect.php index f494c544..43a78e37 100644 --- a/webapp/services/callback/ShopBuyGoodsDirect.php +++ b/webapp/services/callback/ShopBuyGoodsDirect.php @@ -30,7 +30,7 @@ class ShopBuyGoodsDirect // txhash: string // } // 我返回给你这些数据和一个sign字段, - // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 iG4Rpsa)6U31$H#^T85$^^3 + // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 // PENDING = 0, // 初始状态 // TRANSFERING = 1, //只有国库模式才会有该状态 // TRANSFERED = 2, //只有国库模式才会有该状态 diff --git a/webapp/services/callback/ShopInappPurchaseDiamonds.php b/webapp/services/callback/ShopInappPurchaseDiamonds.php index 0ff78111..ef744ed1 100644 --- a/webapp/services/callback/ShopInappPurchaseDiamonds.php +++ b/webapp/services/callback/ShopInappPurchaseDiamonds.php @@ -40,7 +40,7 @@ class ShopInappPurchaseDiamonds // channel: 'google', // records, // } - // const hashSort = 'iG4Rpsa)6U31$H#^T85$^^3' + // const hashSort = '' // const signStr = 'channel=google&' + records.map(record =>Object.keys(record).sort().map(key => `${key}=${record[key]}`).join('&')).join('&') // const sign = hmacsha256(signStr, hashSort) @@ -63,7 +63,7 @@ class ShopInappPurchaseDiamonds $hash_data = 'channel=' . $channel . '&' . $records_string; - $signature = hash_hmac('sha256', $hash_data, 'iG4Rpsa)6U31$H#^T85$^^3'); + $signature = hash_hmac('sha256', $hash_data, BUY_SERVER_PKEY); if ($signature != $sign) { $this->_rspErr(1, "signature error, signature: {$signature}, sign: {$sign}");