iOS Integration Process
Import Code
Step 1:
Start the IDE such as Xcode, copy the files in the zip file into the folder and import them into the project.
AlipaySDK.bundle
AlipaySDK.framework
Add the dependencies in Build Phases / Link Binary With Libraries:
The following scenarios would need special attention:
- If it is Xcode 7.0 and above,it needs to include libc++.tbd、libz.tbd;
- If it is Xcode version below 7.0,it needs to include libc++.dylib, libz.dylib.
Step 2:
Add import to where AlipaySDK is required
#import <AlipaySDK/AlipaySDK.h>
Step 3:
If the app is based on 9.0 compilation, due to the limitation of App Transport Security(ATS) on http in iOS9.0, we need to add exception for alipay.com, alipayobjects.com. in info.list.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>alipay.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>alipayobjects.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>
Note:
If sellers have the following configurations:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>alipay.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>alipayobjects.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>
Then the above NSAppTransportSecurity may not be configured.
Step 4:
Set up the payment request.
Order *order = [[Order alloc] init];
order.partner = partner;
order.seller = seller;
order.tradeNO = [self generateTradeNO]; //order ID (made at seller's own discretion)
order.productName = product.subject; //commodity title
order.productDescription = product.body; //commodity description
order.amount = [NSString stringWithFormat:@"%.2f",product.price]; //commodity
price
order.notifyURL = @"http://www.test.com"; //callback URL
order.service = @"mobile.securitypay.pay";
order.paymentType = @"1";
order.inputCharset = @"utf-8";
order.itBPay = @"30m";
//apply registed scheme, and define URL types in AlixPayDemo-Info.plist.
NSString *appScheme = @"alisdkdemo";
//combine commodity information into string
NSString *orderSpec = [order description];
NSLog(@"orderSpec = %@",orderSpec);
//obtain private key and make signature on seller's information, external seller can keep private key and signature as appropriate, only need to obey RSA signature norm, and in terms of signature string, make base64 encode and UrlEncode
id<DataSigner> signer = CreateRSADataSigner(privateKey);
NSString *signedString = [signer signString:orderSpec];
//convert format of successful signature string to order string, please strictly obey this format
NSString *orderString = nil;
if (signedString != nil) {
orderString = [NSString stringWithFormat:@"%@&sign=\"%@\"&sign_type=\"%@\"",
orderSpec, signedString, @"RSA"];
[[AlipaySDK defaultService] payOrder:orderString fromScheme:appScheme callback:^(NSDictionary *resultDic) {
//[callback processes payment result]
NSLog(@"reslut = %@",resultDic);
}];
[tableView deselectRowAtIndexPath:indexPath animated:YES];
}
See example files in Demo for details
- AliSDKDemo\APViewController.h
- AliSDKDemo\APViewController.m
- AliSDKDemo\Order.h
- AliSDKDemo\Order.m
Step 5:
Configure handling URL returned by Alipay Client. As the sample in AliSDKDemo\APAppDelegate.m add code:
#import <AlipaySDK/AlipaySDK.h>
Add the following codes in @implementation AppDelegate:
- (BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication annotation:(id)annotation
{
// if SDK is not available, will open alipay APP to pay, then need to pass the payment result back //to development kit
if ([url.host isEqualToString:@"safepay"]) {
[[AlipaySDK defaultService] processOrderWithPaymentResult:url standbyCallback:^(NSDictionary *resultDic) {
//The merchant’s APP may be killed by the system while processing payment in alipay APP, //then the callback will fail. Please handle the return result of standbyCallback.
NSLog(@"result = %@",resultDic);
}];
}
if ([url.host isEqualToString:@"platformapi"]){//Alipay wallet express login authorization returns authCode
[[AlipaySDK defaultService] processAuthResult:url standbyCallback:^(NSDictionary *resultDic) {
//The merchant’s APP may be killed by the system while processing payment in alipay //APP, then the callback will fail. Please handle the return result of standbyCallback.
NSLog(@"result = %@",resultDic);
}];
}
return YES;
}
Remarks for Running Demo Code
1、Digital signature code. The following code is stored on the client side for demo purpose. For security reason, those files should be stored on the server side and let the client side call for the service.
- AliSDKDemo\Util and all files thereunder
- AliSDKDemo\openssl and all files thereunder
- libcrypto.a
- libssl.a
2、If we encounter runtime error with the following prompt:
Cannot find API declaration for 'NSObject', superclass of 'Base64'
Then import the header file for the files reporting error.
#import <Foundation/Foundation.h>
3、If we need to use the Alipay SDK library, please import the header file.
#import <AlipaySDK/AlipaySDK.h>
4、In the project, click on “Build Settings”. In the search box, search with key word “search”, and add to “Header Search Paths” with header file path: $(SRCROOT)/project。If it is added, we could skip this step.
5、In the project, click “Build Phases”. In “Link Binary with Libraries”, add “AlipaySDK.framework” and “SystemConfiguration.framework” libraries. If they are added, we could skip this step.
6、In the project, click ”Info” option. In “URL Types”, click “+”, then input “alisdkdemo” inside “URL Schemes”. “alisdkdemo” is from NSString *appScheme = @“alisdkdemo” in “APViewController.m” file.
Note:
The name alisdkdemo is for demo purpose. For the production app, the scheme should be meaningful and unique such that Alipay could return to the App correctly.
Configuration
Open "APViewController.m" file, and edit the following three parameters:
NSString *partner = @"";
NSString *seller = @"";
NSString *privateKey = @"";
iOS information configuration, ( for security reason, all these parameters should be stored at the server side.)
Parameters | Implication |
partner | Partner ID assigned by Alipay for each partner. It is a string of 16 digits starting with “2088”. |
seller | Alipay account login as a mobile number or email. |
private_key | The private key for the merchant. RSA in pkcs8 format. Please refer to RSA Key Generation with OpenSSL . |
Note:
These parameter configurations are intended to serve for signature function at client, and used as examples only. When sellers integrate Alipay products, they should send these information via the clients of their own projects.
Example on Logic of Code
Step 1:
Call the function description in order.m to construct the order information into pre-sign string, for example:
"partner=\"2088101568353491\"&seller_id=\"2088101568353491\"&out_trade_no=\"YR2VGG3G1I31XDZ\"&subject=\"1\"&body=\"test\"&total_fee=\"0.02\"¬ify_url=\"http://www.test.com\"&service=\"mobile.securitypay.pay\"&payment_type=\"1\"&_input_charset=\"utf-8\"&it_b_pay=\"30m\""
Step 2:
Generate the signature with signString function in CreateRSADataSignert, for example:
"GsSZgPloF1vn52XAItRAldwQAbzIgkDyByCxMfTZG%2FMapRoyrNIJo4U1LUGjHp6gdBZ7U8jA1kljLPqkeGv8MZigd3kH25V0UK3Jc3C94Ngxm5S%2Fz5QsNr6wnqNY9sx%2Bw6DqNdEQnnks7PKvvU0zgsynip50lAhJmflmfHvp%2Bgk%3D"
Step3:
Add “sign” and “sign_type” name-value pair into the pre-sign string, we will get:
"partner=\"2088101568353491\"&seller_id=\"2088101568353491\"&out_trade_no=\"YR2VGG3G1I31XDZ\"&subject=\"1\"&body=\"test\"&total_fee=\"0.02\"¬ify_url=\"http://www.test.com\"&service=\"mobile.securitypay.pay\"&payment_type=\"1\"&_input_charset=\"utf-8\"&it_b_pay=\"30m\"&sign=\"GsSZgPloF1vn52XAItRAldwQAbzIgkDyByCxMfTZG%2FMapRoyrNIJo4U1LUGjHp6gdBZ7U8jA1kljLPqkeGv8MZigd3kH25V0UK3Jc3C94Ngxm5S%2Fz5QsNr6wnqNY9sx%2Bw6DqNdEQnnks7PKvvU0zgsynip50lAhJmflmfHvp%2Bgk%3D\"&sign_type=\"RSA\""
Step 4:
Call the payment function in (AlipaySDK *) defaultService to activate the Alipay payment page. The appScheme is the scheme registered in info.plist by the app.
(void)payOrder:(NSString *)orderStr
fromScheme:(NSString *)schemeStr
callback:(CompletionBlock)completionBlock
The appScheme is the scheme registered by app in info.plist.
Alipay payment page:
The follow-on actions will be performed by the buyer on the Alipay Cashier pages. If the mobile device has Alipay client installed, the client will be activated first to complete the payment. Once the payment is completed, the merchant’s app would be activated.
Step 5:
Once the payment is completed successfully, The Alipay cashier page will present the payment status, and prompt the user to “return” to the merchant. The following function could then be called:
- ( BOOL)application:(UIApplication )application openURL:(NSURL )url sourceApplication:(NSString *)sourceApplication
in APAppDelegate.m to get the returned data.
[[AlipaySDK defaultService]
processOrderWithPaymentResult:url
standbyCallback:^(NSDictionary *resultDic) {
NSLog(@"result = %@",resultDic);//return payment result
//Because in the process of redirecting to Alipay client, the merchant’s app could be killed by the system such that the callback for the pay function could fail. The merchant should handle the callback return in standbyCallback with the same logic.
}];
Get the returned data:
1、Click Cancel to return:
"alisdkdemo://safepay/?%7B%22memo%22:%7B%22result%22:%22%22,%22memo%22:%22%E7%94%A8%E6%88%B7%E4%B8%AD%E9%80%94%E5%8F%96%E6%B6%88%22,%22ResultStatus%22:%226001%22%7D,%22requestType%22:%22safepay%22%7D"
2、Conduct URLDecode for it:
"alisdkdemo://safepay/?{"memo":{"result":"","memo":"用户中途取消","ResultStatus":"6001"},"requestType":"safepay"}"
3、Click Confirm to return:
"alisdkdemo://safepay/?%7B%22memo%22:%7B%22result%22:%22partner=%5C%222088101568353491%5C%22&seller_id=%5C%222088101568353491%5C%22&out_trade_no=%5C%22QU6ZOD85K4HVQFN%5C%22&subject=%5C%221%5C%22&body=%5C%22%E6%88%91%E6%98%AF%E6%B5%8B%E8%AF%95%E6%95%B0%E6%8D%AE%5C%22&total_fee=%5C%220.02%5C%22¬ify_url=%5C%22http:%5C/%5C/www.test.com%5C%22&service=%5C%22mobile.securitypay.pay%5C%22&payment_type=%5C%221%5C%22&_input_charset=%5C%22utf-8%5C%22&it_b_pay=%5C%2230m%5C%22&success=%5C%22true%5C%22&sign_type=%5C%22RSA%5C%22&sign=%5C%22pg16DPA%5C/cIRg1iUFCl8lYZG54de+kfw+vCj32hGWye97isZ1A4bW6RNaDXHhZXVaI5Vk2YDxhNUl85EHRd+EL7%5C/+ogQTnsaEHl+D13PuZExIXRKGBnkYqaNV6kH6hDygnf5IOtoojHWLQyem7oRBVzB0vlF%5C/+YGFpzFHZyTVpM8=%5C%22%22,%22memo%22:%22%22,%22ResultStatus%22:%229000%22%7D,%22requestType%22:%22safepay%22%7D"
4、Conduct URLDecode for it:
"alisdkdemo://safepay/?{"memo":{"result":"partner=\"2088101568353491\"&seller_id=\"2088101568353491\"&out_trade_no=\"QU6ZOD85K4HVQFN\"&subject=\"1\"&body=\"test\"&total_fee=\"0.02\"¬ify_url=\"http:\/\/www.test.com\"&service=\"mobile.securitypay.pay\"&payment_type=\"1\"&_input_charset=\"utf-8\"&it_b_pay=\"30m\"&success=\"true\"&sign_type=\"RSA\"&sign=\"pg16DPA\/cIRg1iUFCl8lYZG54de+kfw+vCj32hGWye97isZ1A4bW6RNaDXHhZXVaI5Vk2YDxhNUl85EHRd+EL7\/+ogQTnsaEHl+D13PuZExIXRKGBnkYqaNV6kH6hDygnf5IOtoojHWLQyem7oRBVzB0vlF\/+YGFpzFHZyTVpM8=\"","memo":"","ResultStatus":"9000"},"requestType":"safepay"}"
5、Finally process the data.
Note:
- In the process of redirecting to Alipay client, the merchant’s app could be killed by the system such that the callback for the pay function could fail. The merchant should handle the callback return in standbyCallback with the same logic.
- When processing the result data, it is recommended that the signature should be verified with the server side before any business logic.
- The merchant should perform the business logic based on the data returned by asynchronous notification, which is considered reliable.
- SDK payment has two different scenarios. If there is Alipay wallet in the mobile device, the control flow will jump to Alipay Wallet to pay. If there is no Alipay wallet, the payment will be done through H5 payment inside SDK. Please test accordingly for both scenarios.