Facebook 支付对话不起作用答案

【问题标题】：Facebook Payment dialogue not workingFacebook 支付对话不起作用
【发布时间】：2012-03-23 19:11:06
【问题描述】：

这是错误代码： “您正在使用的应用程序没有响应。请稍后再试。”

回调设置为 php 文件（通过 https）。我不知道为什么它不起作用。

这是 JS（绑定到 var dr）：

dr.buyCoins = function(){
    var obj = {
      method: 'pay',
      order_info: order_info,
      action: 'buy_item',
      dev_purchase_params: {'oscif': true}
    };

    FB.ui(obj, dr.coinCheck);
}

dr.coinCheck = function(d){
  if (d['order_id']) {
    return true;
  } else {
    return false;
  }
}

这是 PHP：

<?php

$app_secret = '...';

// Validate request is from Facebook and parse contents for use.
$request = parse_signed_request($_POST['signed_request'], $app_secret);

// Get request type.
// Two types:
//   1. payments_get_items.
//   2. payments_status_update.
$request_type = $_POST['method'];

// Setup response.
$response = '';

if ($request_type == 'payments_get_items') {
  // Get order info from Pay Dialog's order_info.
  // Assumes order_info is a JSON encoded string.
  $order_info = json_decode($request['credits']['order_info'], true);

  // Get item id.
  $item_id = $order_info['item_id'];

  // Simulutates item lookup based on Pay Dialog's order_info.
  if ($item_id == '1a') {
    $item = array(
      'title' => '100 some game cash',
      'description' => 'Spend cash in some game.',
      // Price must be denominated in credits.
      'price' => 1,
      'image_url' => 'http://some_image_url/coin.jpg',
    );

    // Construct response.
    $response = array(
                  'content' => array(
                                 0 => $item,
                               ),
                  'method' => $request_type,
                );
    // Response must be JSON encoded.
    $response = json_encode($response);
  }

} else if ($request_type == "payments_status_update") {
  // Get order details.
  $order_details = json_decode($request['credits']['order_details'], true);

  // Determine if this is an earned currency order.
  $item_data = json_decode($order_details['items'][0]['data'], true);
  $earned_currency_order = (isset($item_data['modified'])) ?
                             $item_data['modified'] : null;

  // Get order status.
  $current_order_status = $order_details['status'];

  if ($current_order_status == 'placed') {
    // Fulfill order based on $order_details unless...

    if ($earned_currency_order) {
      // Fulfill order based on the information below...
      // URL to the application's currency webpage.
      $product = $earned_currency_order['product'];
      // Title of the application currency webpage.
      $product_title = $earned_currency_order['product_title'];
      // Amount of application currency to deposit.
      $product_amount = $earned_currency_order['product_amount'];
      // If the order is settled, the developer will receive this
      // amount of credits as payment.
      $credits_amount = $earned_currency_order['credits_amount'];
    }

    $next_order_status = 'settled';

    // Construct response.
    $response = array(
                  'content' => array(
                                 'status' => $next_order_status,
                                 'order_id' => $order_details['order_id'],
                               ),
                  'method' => $request_type,
                );
    // Response must be JSON encoded.
    $response = json_encode($response);

  } else if ($current_order_status == 'disputed') {
    // 1. Track disputed item orders.
    // 2. Investigate user's dispute and resolve by settling or refunding the order.
    // 3. Update the order status asychronously using Graph API.

  } else if ($current_order_status == 'refunded') {
    // Track refunded item orders initiated by Facebook. No need to respond.

  } else {
    // Track other order statuses.

  }
}

// Send response.
echo $response;

// These methods are documented here:
// https://developers.facebook.com/docs/authentication/signed_request/
function parse_signed_request($signed_request, $secret) {
  list($encoded_sig, $payload) = explode('.', $signed_request, 2);

  // decode the data
  $sig = base64_url_decode($encoded_sig);
  $data = json_decode(base64_url_decode($payload), true);

  if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
    error_log('Unknown algorithm. Expected HMAC-SHA256');
    return null;
  }

  // check sig
  $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log('Bad Signed JSON signature!');
    return null;
  }

  return $data;
}

function base64_url_decode($input) {
  return base64_decode(strtr($input, '-_', '+/'));
}

?>

【问题讨论】：

你的回调肯定被 Facebook 击中了吗？检查您的服务器日志并确保您收到请求并正确响应它 - 请注意，如果您的回调是 HTTPS，您的证书需要完全有效，包括所有中间证书
它实际上看起来并没有被击中。不过，我已经获得了完全认证的 ssl 证书 - drawabble.com
可能是一个红鲱鱼，但 sslchecker 说你可能缺少中间链 - sslshopper.com/ssl-checker.html#hostname=https://drawabble.com
Igy，你说得对，我确实错过了！现在已经修好了。你想为此创建一个“答案”并且我会设置它吗？（或者我可以做到）

标签： facebook facebook-javascript-sdk facebook-php-sdk

【解决方案1】：

检查您的服务器日志并确保您收到请求并正确响应 - 请注意，如果您的回调是 HTTPS，则您的证书需要完全有效，包括所有中间证书

在您的情况下，sslchecker 说您可能缺少中间链 - https://www.sslshopper.com/ssl-checker.html#hostname=https://drawabble.com

【讨论】：