【问题标题】:How to verify SSV of Google admob in php?如何在 php 中验证 Google admob 的 SSV?
【发布时间】:2021-04-16 06:50:10
【问题描述】:

我无法在移动设备上验证广告观看广告,但我可以在 admob 的仪表板中验证

错误:错误:0909006C:PEM 例程:get_name:没有起始行

$publicKey = openssl_get_publickey($result['keys'][0]['pem']);

$query_string = $_SERVER['QUERY_STRING'];
parse_str($query_string, $query_arr);
$signature = trim($query_arr['signature']);
$signature = str_replace(['-', '_'], ['+', '/'], $signature);
signature .= '===';

    
$message = substr($query_string, 0, strpos($query_string, 'signature') - 1);

$return = [
   'code' => 0,
   'message' => 'error'
];
$success = openssl_verify($message, base64_decode($signature), $publicKey, OPENSSL_ALGO_SHA256);
if ($success === -1) {
  throw new ErrorException(openssl_error_string(), 400);
} elseif ($success === 1) {
   $return['code'] = 1;
   $return['message'] = 'success';
} else {
  throw new ErrorException(openssl_error_string(), 400);
}

【问题讨论】:

    标签: php admob verify


    【解决方案1】:

    正如错误所说,它应该以-----BEGIN PUBLIC KEY----- 开头并以-----END PUBLIC KEY----- (Reference) 结尾。

    另外,在这种情况下不需要base64_decode() 签名。将您的行替换为:

    $success = openssl_verify($message, $signature, $publicKey, OPENSSL_ALGO_SHA256);
    

    SSV 的另一个示例代码:

    <?php
        if(isset($_GET["signature"])) {
    
            //Get current admob public keys
            $verifier_keys = file_get_contents('https://www.gstatic.com/admob/reward/verifier-keys.json');
            
            if(!$verifier_keys_arr = json_decode($verifier_keys, true)) {
                throw new Exception("Invalid Public Keys");
            } elseif(!is_array($verifier_keys_arr)) {
                throw new Exception("Empty Public Keys");
            }
    
            $public_key_pem = $verifier_keys_arr['keys'][0]['pem'];
    
            //Admob sdk will send the query string upon watching ad, just grab them:
            $query_string = $_SERVER['QUERY_STRING'];
    
            $signature = trim($_GET['signature']);
            // The important thing is the replacement and padding of the signature result string here
            $signature = str_replace(['-', '_'], ['+', '/'], $signature);
            $signature .= '===';
    
            // The data element string for signing
            $message = substr($query_string, 0, strpos($query_string, 'signature')-1);
    
            if(openssl_verify($message, $signature, $public_key_pem, OPENSSL_ALGO_SHA256)){
                //verified
                $output = "verified";
    
                //Get All keys from https://developers.google.com/admob/android/ssv#ssv_callback_parameters
                $reward_item = $_GET['reward_item'];
                $user_id = $_GET['user_id'];
                $custom_data = $_GET['custom_data'];
    
                //Now do your things after validating the ad response
                //for example
                if($custom_data==="GIVE_COINS") {
                    //give coins
                } elseif($custom_data==="LEVEL_UP") {
                    //level up
                }
    
            } else {
                //echo openssl_error_string();
                throw new Exception("Unable to verify the query");
            }
        } else {
            // do nothing, somebody just opened the link
            //echo `Error 404, this page not exists`
        }
    ?>
    

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2020-07-09
      • 1970-01-01
      • 2021-09-17
      • 2021-09-04
      • 2015-06-11
      • 1970-01-01
      • 2023-02-05
      相关资源
      最近更新 更多