Apple Pay接入iOS端最主要的工作就是申请授权和SDK的集成,只要 授权的开发者才能接入sdk,apple通过授权team id的方式对开发者授权 最近在做这个东西,发现网上相关资料少的很,整理出来供准备接入的开发者参考,有疑问的可以直接联系我,我们共同讨论! 首先,把招商银行APP 添加Apple Pay的场景多玩几遍,明白我们要做什么!
1. 申请授权
- 开发者发送Team ID到apple-pay-provisioning@apple.com申请entitlements,没有这个entitlement无法调起Apple Pay API
- 在开发者中心将entitlement添加到provisionProfile中,并生成新的provisionProfile
- 下载包含entitlement的provisionProfile并导入到项目中
2. 加载的整个流程图
我了个大擦,oschina的markdown不支持时序图语法,请找个支持时序图语法的markdown编辑器打开下面内容,查看整个流程图!
webank app->PassKit:是否支持Apple Pay
PassKit-->webank app:返回bool结果
webank app->PassKit:绑定卡片列表
PassKit-->webank app:PKPasses
webank app->PassKit:获取加密证书
PassKit->Apple server:获取APP加密证书+nOnce
PassKit->PassKit:将nOnce送给SE签名\n(NOnce+AccountIDHash)
PassKit-->webank app:加密证书+sData+nOnce
webank app->webank server:证书+nonce+nonceSignonce
webank server->webank server:生成一个临时的密钥对
webank server->webank server:生成encryptedPassData\n(用apple提供的公钥)
webank server-->webank app:encryptedPassData+临时公钥
webank app->PassKit:添加卡片
PassKit-> Apple server:卡片添加权限检查(EncData)
Apple server->Apple server:verifyAndConsumenOnce
Apple server->PNOs:联网查询
PNOs-->Apple server:返回查询结果
Apple server-->PassKit:权限状态+TnC
PassKit->Apple server:enableCard(cardId+OTP)
Apple server->PNOs:联网连接配置
PNOs-->Apple server:response
Apple server-->PassKit:返回卡片相关信息
PassKit->PassKit:addDisabledPass(绑定流程结束)
Apple server->PassKit:notify(激活完成通知)
PassKit->PassKit:refreshPass
3. Apple Pay的加载时候的方法调用&& Passkit的集成
结合国内现有的案例(比如招行APP)来讲一下绑定和激活Apple Pay整个流程以及实现过程的一些技术点,具体集成代码参考苹果官方提供的PassKit.framework以及相关的开发者文档
###3.1 权限检查
使用PKAddPaymentPassViewController提供的类方法检查APP是否有添加银行卡到Apple Pay的权限
NS_CLASS_AVAILABLE_IOS(9_0) @interface PKAddPaymentPassViewController : UIViewController + (BOOL)canAddPaymentPass;
使用
PKPassLibrary
提供的方法检测当前设备是否能够添加输入的银行到Apple PayNS_CLASS_AVAILABLE_IOS(6_0) @interface PKPassLibrary : NSObject // Returns YES if either the current device or an attached device both supports adding payment passes and does not already contain // a payment pass with the supplied primary account identifier. // indicates whether the app can add a card to Apple Pay on the devices for the provided FPAN ID - (BOOL)canAddPaymentPassWithPrimaryAccountIdentifier:(NSString *)primaryAccountIdentifier NS_AVAILABLE_IOS(9_0);
PKPassLibrary
也提供了类方法查询绑定卡片信息,但都需要你的APP有相应的权限,简单来说,就是在招行APP中你无法获取Apple Pay绑定的建行卡信息- (NSArray<PKPass *> *)passes; - (nullable PKPass *)passWithPassTypeIdentifier:(NSString *)identifier serialNumber:(NSString *)serialNumber; - (NSArray<PKPass *> *)passesOfType:(PKPassType)passType NS_AVAILABLE_IOS(8_0); - (BOOL)containsPass:(PKPass *)pass;
###3.2 添加银行卡到wallet按钮的展示
Apple规定,接入Apple Pay的APP必须遵循他的视觉规范,入口按钮必须用官方提供的PKAddPassButton
,生成之后张这个样子
#import <UIKit/UIKit.h>
NS_ASSUME_NONNULL_BEGIN
typedef NS_ENUM(NSInteger, PKAddPassButtonStyle) {
PKAddPassButtonStyleBlack = 0,
PKAddPassButtonStyleBlackOutline,
} NS_ENUM_AVAILABLE_IOS(9_0);
NS_CLASS_AVAILABLE_IOS(9_0) @interface PKAddPassButton : UIButton
+ (instancetype)addPassButtonWithStyle:(PKAddPassButtonStyle)addPassButtonStyle;
- (instancetype)initWithAddPassButtonStyle:(PKAddPassButtonStyle)style NS_DESIGNATED_INITIALIZER;
@property (nonatomic, assign) PKAddPassButtonStyle addPassButtonStyle UI_APPEARANCE_SELECTOR;
@end
NS_ASSUME_NONNULL_END
#endif
从用户体验的角度出发,苹果希望APP在确保用户卡片能添加到Apple Pay之后才展示该button给用户,即预检测发生在button展示之前,这一块可能会影响到上架审核
###3.3 Configuration && delegate 相关类以及方法如下
PKAddPaymentPassViewController初始化方法
- (nullable instancetype)initWithRequestConfiguration:(PKAddPaymentPassRequestConfiguration *)configuration delegate:(nullable id<PKAddPaymentPassViewControllerDelegate>)delegate NS_DESIGNATED_INITIALIZER;
该方法返回一个添加Apple Pay的view controller 对象,这个对象用来提供configuration 和 delegate.
PKAddPaymentPassRequestConfiguration 这个类由一个实例方法和若干属性组成
实例化一个configuration对象,encryptionScheme为接入方数据传输过程中使用的加密方案
/* Schemes defined in PKConstants.h. * Supported Schemes: * PKEncryptionSchemeECC_V2: * ephemeralPublicKey * PKEncryptionSchemeRSA_V2: * wrappedKey */ - (nullable instancetype)initWithEncryptionScheme:(PKEncryptionScheme)encryptionScheme NS_DESIGNATED_INITIALIZER;
若干可选参数,很多参数从命名上就知道是干嘛用的,到具体用的时候再对照开发文档看即可
@property (nonatomic, copy, readonly) PKEncryptionScheme encryptionScheme; @property (nonatomic, copy, nullable) NSString *cardholderName; @property (nonatomic, copy, nullable) NSString *primaryAccountSuffix;
@property (nonatomic, copy) NSArray<PKLabeledValue *> *cardDetails NS_AVAILABLE_IOS(10_1);
@property (nonatomic, copy, nullable) NSString *localizedDescription; @property (nonatomic, copy, nullable) NSString *primaryAccountIdentifier; @property (nonatomic, copy, nullable) PKPaymentNetwork paymentNetwork; @property (nonatomic, assign) BOOL requiresFelicaSecureElement NS_AVAILABLE_IOS(10_1);
PKAddPaymentPassViewControllerDelegate
@protocol PKAddPaymentPassViewControllerDelegate<NSObject> /* Certificates is an array of NSData, each a DER encoded X.509 certificate, with the leaf first and root last. * The continuation handler must be called within 20 seconds, or the flow will terminate with * PKAddPaymentPassErrorInvalidRequest. */ - (void)addPaymentPassViewController:(PKAddPaymentPassViewController *)controller generateRequestWithCertificateChain:(NSArray<NSData *> *)certificates nonce:(NSData *)nonce nonceSignature:(NSData *)nonceSignature completionHandler:(void(^)(PKAddPaymentPassRequest *request))handler;
为Apple Pay调用方提供certificate chains、nOnce、nOnceSignature 以及一个回调block,供代理去处理一个添加Apple Pay的请求,但苹果规定这个回调必须在20秒内完成,否则流程将会终止。 request相关东西在下文将介绍。
###3.4 Provision request && delegate
PKAddPaymentPassRequest,请求里面包含了APP服务端传过来的一些银行卡信息以及加密信息
NS_CLASS_AVAILABLE_IOS(9_0) @interface PKAddPaymentPassRequest : NSObject - (instancetype)init NS_DESIGNATED_INITIALIZER; @property (nonatomic, copy, nullable) NSData *encryptedPassData; @property (nonatomic, copy, nullable) NSData *activationData; /* Scheme dependent properties: */ @property (nonatomic, copy, nullable) NSData *ephemeralPublicKey; @property (nonatomic, copy, nullable) NSData *wrappedKey; @end
请求结束之后的回调
/* Error parameter will use codes from the PKAddPaymentPassError enumeration, using the PKPassKitErrorDomain domain. */ - (void)addPaymentPassViewController:(PKAddPaymentPassViewController *)controller didFinishAddingPaymentPass:(nullable PKPaymentPass *)pass error:(nullable NSError *)error; @end