如何从 3rd 方 node.js 服务器验证 Game Center 用户

How to authenticate Game Center User from 3rd party node.js server(如何从 3rd 方 node.js 服务器验证 Game Center 用户)
本文介绍了如何从 3rd 方 node.js 服务器验证 Game Center 用户的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我一直在尝试获取新的 iOS Game Center GKPlayer 方法,generateIdentityVerificationSignatureWithCompletionHandler,这样我们就可以安全地依赖 Game Center 凭据进行身份验证.我们使用 Node.js 作为后端服务器,我一直在尝试验证签名但无济于事.

I've been trying to get the new iOS Game Center GKPlayer method, generateIdentityVerificationSignatureWithCompletionHandler, working so we can securely rely on the Game Center credentials for authentication. We're using Node.js as the backend server, and I've been trying to verify the signature but to no avail.

这是我拥有的服务器端的代码 - 如果有任何人可以指出缺少的内容,那将不胜感激.这个问题已经在这里得到了一些回答:如何验证我的第三方服务器"上的 GKLocalPlayer?,但尚未专门处理 Node.js.请注意,下面的代码并不能确保具有签名机构的证书的有效性(目前).

Here is the code on the server side that I have - if there's anyone who can chime in on what's missing, that'd be appreciated. The question has been answered somewhat here: How to authenticate the GKLocalPlayer on my 'third party server'?, but Node.js hasn't specifically been tackled. Note that the code below doesn't ensures the validity of the certificate with a signing authority (yet).

    //Client sends the payload below
    //json.playerId - UTF-8 string
    //json.bundleId - UTF-8 string
    //json.timestamp - Hex string
    //json.salt - base64 encoded
    //json.publicKeyURL - UTF-8 string
    //json.signature - base64 encoded
    var json = JSON.parse(req.body);
    console.log(JSON.stringify(json));
    //get the certificate
    getCertificate(json.publicKeyURL, function(cert){
        //read file from fs for now, since getCertificate returns cert in DER format
        fs = require('fs');
        fs.readFile('/gc-sb.pem', 'utf8', function (err,data) {
            if (err) {
                console.log(err);
            } else {
                console.log(data);
            var verifier = crypto.createVerify("sha1WithRSAEncryption");
            verifier.write(json.playerId, "utf8");
            verifier.write(json.bundleId, "utf8");
            verifier.write(json.hexTimestamp, "hex");
            verifier.write(json.salt, "base64");
            var isValid = verifier.verify(data, json.signature, "base64");

            console.log("isvalid: " + isValid);
            }
        });
    });

我发现在 node.js 中使用加密模块的一件事是它似乎需要 PEM 格式的证书,我相信从 Apple 检索到的格式是 DER.在我弄清楚如何将 DER 文件转换为 PEM 之前,我暂时使用

One thing I've found using the crypto module in node.js is that it seems to want the certificate in PEM format, and I believe the format retrieved from Apple is DER. Until I figure out how to convert the DER file to PEM, I've temporarily converted it using

openssl x509 -in gc-sb.cer -inform der -outform pem -out gc-sb.pem

对我来说最重要的是能够首先验证签名.稍后将转换证书并根据签名机构对其进行验证:)

The main thing for me is being able to validate the signature first. Conversion of the certificate and verifying it against a signing authority will come later :)

编辑:我已经弄明白了——我正在对 playerId、bundleId、timestamp 和 salt 进行哈希处理,然后使用哈希值作为信息进行验证.我只需要将这些信息放入验证器即可在没有 SHA-1 哈希的情况下进行验证(因为验证器会处理它).我已经修改了上面的代码以让它工作".希望这对遇到此问题的人有所帮助.

EDIT: I've figured it out - I was hashing the playerId, bundleId, timestamp and salt, and then using the hashed value as information to verify. I needed to just put those pieces of information into the verifier to verify without the SHA-1 hash (since the verifier will be taking care of it). I've modified the code above to "make it work". Hope this helps anyone that comes across this.

推荐答案

以下是使用 nodejs 验证游戏中心身份的方法.它还将 der 证书格式即时转换为 pem.

Here is how you can validate gamecenter identity using nodejs. It convert also the der certificate format to pem on the fly.

var crypto = require('crypto');
var request = require('request');
var ref = require('ref');

var token = require('./test.json');

request({url: token.publicKeyURL, encoding: null}, function (error, response, body) {
    if (!error && response.statusCode == 200) {

        var verifier = crypto.createVerify("sha1");
        verifier.update(token.playerId, "utf8");
        verifier.update(token.bundleId, "utf8");

        var buf = ref.alloc('uint64');
        ref.writeUInt64BE(buf, 0, token.timestamp.toString());

        verifier.update(buf);
        verifier.update(token.salt, 'base64');

        var pmd = '-----BEGIN CERTIFICATE-----';

        var base64 = body.toString('base64');
        var size = base64.length;

        for (var i = 0; i < size; i = i + 64) {
            var end = i + 64 < size ? i + 64 : size;
            pmd = pmd + '
' + base64.substring(i, end);
        }

        pmd = pmd + '
-----END CERTIFICATE-----';

        var valid = verifier.verify(pmd, token.signature, "base64");

        console.log(valid);

    }
});

这篇关于如何从 3rd 方 node.js 服务器验证 Game Center 用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Why local notification is not firing for UNCalendarNotificationTrigger(为什么没有为UNCalendarNotificationTrigger触发本地通知)
iOS VoiceOver functionality changes with Bundle Identifier(IOS画外音功能随捆绑包标识符而变化)
tabbar middle tab out of tabbar corner(选项卡栏中间的选项卡角外)
Pushing UIViewController above UITabBar(将UIView控制器推送到UITabBar上方)
How can I sync two flatList scroll position in react native(如何在本机Reaction中同步两个平面列表滚动位置)
Get an event when UIBarButtonItem menu is displayed(显示UIBarButtonItem菜单时获取事件)