JSON Web Token 是常用的業界標準,能以 JSON 物件形式安全地傳輸資訊。使用 Google Wallet API 時,您必須將要用來建立 JWT (發音「草稿」) 格式的 Pass 物件詳細資料編碼,接著透過要求將 JWT 傳送至 Google Wallet API。
將 JWT 傳送至 Google Wallet API 之前,會先使用共用密鑰進行簽署,藉此保障他們的安全。如果您使用 Google Wallet REST API,簽署密鑰就是您的 Google Cloud 服務帳戶金鑰。如果您使用的是 Google 錢包 Android SDK,簽署密鑰就是 Android 應用程式的 SHA-1 指紋。
在 JWT 中編碼票證
建立 GiftCardObject 後,請使用 payload.GiftCardObjects 屬性將其納入未簽署的 JWT,如以下程式碼片段所示:
JSON
{
"iss": "OWNER_EMAIL_ADDRESS",
"aud": "google",
"typ": "savetowallet",
"iat": "UNIX_TIME",
"origins": [],
"payload": {
"giftcardObjects": [ NEW_OBJECT ]
}
}如要進一步瞭解 JWT 的預期格式,請參閱 JWT 參考資料。
簽署 JWT
將 JWT 傳送至 Google Wallet API 之前,會先使用共用密鑰進行簽署,藉此保障他們的安全。如果您使用 Google Wallet REST API,簽署密鑰就是您的 Google Cloud 服務帳戶金鑰。如果您使用的是 Google 錢包 Android SDK,簽署密鑰就是 Android 應用程式的 SHA-1 指紋。
網頁、電子郵件和簡訊
您必須使用您在 Google 錢包商家主控台中授權的 Google Cloud 服務帳戶相關聯的服務帳戶金鑰簽署 JWT。Google Wallet API 會驗證 JWT 簽署,藉此驗證這類聲明。
簽署 JWT 將會產生一個權杖,用於建立「新增至 Google 錢包」連結,用於核發票證給使用者:
Java
如要開始在 Java 中整合,請參閱 GitHub 上完整的程式碼範例。
/**
* Generate a signed JWT that creates a new pass class and object.
*
* <p>When the user opens the "Add to Google Wallet" URL and saves the pass to their wallet, the
* pass class and object defined in the JWT are created. This allows you to create multiple pass
* classes and objects in one API call when the user saves the pass to their wallet.
*
* @param issuerId The issuer ID being used for this request.
* @param classSuffix Developer-defined unique ID for this pass class.
* @param objectSuffix Developer-defined unique ID for the pass object.
* @return An "Add to Google Wallet" link.
*/
public String createJWTNewObjects(String issuerId, String classSuffix, String objectSuffix) {
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardclass
GiftCardClass newClass =
new GiftCardClass()
.setId(String.format("%s.%s", issuerId, classSuffix))
.setIssuerName("Issuer name")
.setReviewStatus("UNDER_REVIEW");
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardobject
GiftCardObject newObject =
new GiftCardObject()
.setId(String.format("%s.%s", issuerId, objectSuffix))
.setClassId(String.format("%s.%s", issuerId, classSuffix))
.setState("ACTIVE")
.setHeroImage(
new Image()
.setSourceUri(
new ImageUri()
.setUri(
"https://farm4.staticflickr.com/3723/11177041115_6e6a3b6f49_o.jpg"))
.setContentDescription(
new LocalizedString()
.setDefaultValue(
new TranslatedString()
.setLanguage("en-US")
.setValue("Hero image description"))))
.setTextModulesData(
List.of(
new TextModuleData()
.setHeader("Text module header")
.setBody("Text module body")
.setId("TEXT_MODULE_ID")))
.setLinksModuleData(
new LinksModuleData()
.setUris(
Arrays.asList(
new Uri()
.setUri("http://maps.google.com/")
.setDescription("Link module URI description")
.setId("LINK_MODULE_URI_ID"),
new Uri()
.setUri("tel:6505555555")
.setDescription("Link module tel description")
.setId("LINK_MODULE_TEL_ID"))))
.setImageModulesData(
List.of(
new ImageModuleData()
.setMainImage(
new Image()
.setSourceUri(
new ImageUri()
.setUri(
"http://farm4.staticflickr.com/3738/12440799783_3dc3c20606_b.jpg"))
.setContentDescription(
new LocalizedString()
.setDefaultValue(
new TranslatedString()
.setLanguage("en-US")
.setValue("Image module description"))))
.setId("IMAGE_MODULE_ID")))
.setBarcode(new Barcode().setType("QR_CODE").setValue("QR code value"))
.setLocations(
List.of(
new LatLongPoint()
.setLatitude(37.424015499999996)
.setLongitude(-122.09259560000001)))
.setCardNumber("Card number")
.setPin("1234")
.setBalance(new Money().setMicros(20000000L).setCurrencyCode("USD"))
.setBalanceUpdateTime(new DateTime().setDate("2020-04-12T16:20:50.52-04:00"));
// Create the JWT as a HashMap object
HashMap<String, Object> claims = new HashMap<String, Object>();
claims.put("iss", ((ServiceAccountCredentials) credentials).getClientEmail());
claims.put("aud", "google");
claims.put("origins", List.of("www.example.com"));
claims.put("typ", "savetowallet");
// Create the Google Wallet payload and add to the JWT
HashMap<String, Object> payload = new HashMap<String, Object>();
payload.put("giftCardClasses", List.of(newClass));
payload.put("giftCardObjects", List.of(newObject));
claims.put("payload", payload);
// The service account credentials are used to sign the JWT
Algorithm algorithm =
Algorithm.RSA256(
null, (RSAPrivateKey) ((ServiceAccountCredentials) credentials).getPrivateKey());
String token = JWT.create().withPayload(claims).sign(algorithm);
System.out.println("Add to Google Wallet link");
System.out.printf("https://pay.google.com/gp/v/save/%s%n", token);
return String.format("https://pay.google.com/gp/v/save/%s", token);
}
PHP
如要開始在 PHP 中整合,請參閱完整的 GitHub 程式碼範例。
/**
* Generate a signed JWT that creates a new pass class and object.
*
* When the user opens the "Add to Google Wallet" URL and saves the pass to
* their wallet, the pass class and object defined in the JWT are
* created. This allows you to create multiple pass classes and objects in
* one API call when the user saves the pass to their wallet.
*
* @param string $issuerId The issuer ID being used for this request.
* @param string $classSuffix Developer-defined unique ID for the pass class.
* @param string $objectSuffix Developer-defined unique ID for the pass object.
*
* @return string An "Add to Google Wallet" link.
*/
public function createJwtNewObjects(string $issuerId, string $classSuffix, string $objectSuffix)
{
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardclass
$newClass = new GiftCardClass([
'id' => "{$issuerId}.{$classSuffix}",
'issuerName' => 'Issuer name',
'reviewStatus' => 'UNDER_REVIEW'
]);
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardobject
$newObject = new GiftCardObject([
'id' => "{$issuerId}.{$objectSuffix}",
'classId' => "{$issuerId}.{$classSuffix}",
'state' => 'ACTIVE',
'heroImage' => new Image([
'sourceUri' => new ImageUri([
'uri' => 'https://farm4.staticflickr.com/3723/11177041115_6e6a3b6f49_o.jpg'
]),
'contentDescription' => new LocalizedString([
'defaultValue' => new TranslatedString([
'language' => 'en-US',
'value' => 'Hero image description'
])
])
]),
'textModulesData' => [
new TextModuleData([
'header' => 'Text module header',
'body' => 'Text module body',
'id' => 'TEXT_MODULE_ID'
])
],
'linksModuleData' => new LinksModuleData([
'uris' => [
new Uri([
'uri' => 'http://maps.google.com/',
'description' => 'Link module URI description',
'id' => 'LINK_MODULE_URI_ID'
]),
new Uri([
'uri' => 'tel:6505555555',
'description' => 'Link module tel description',
'id' => 'LINK_MODULE_TEL_ID'
])
]
]),
'imageModulesData' => [
new ImageModuleData([
'mainImage' => new Image([
'sourceUri' => new ImageUri([
'uri' => 'http://farm4.staticflickr.com/3738/12440799783_3dc3c20606_b.jpg'
]),
'contentDescription' => new LocalizedString([
'defaultValue' => new TranslatedString([
'language' => 'en-US',
'value' => 'Image module description'
])
])
]),
'id' => 'IMAGE_MODULE_ID'
])
],
'barcode' => new Barcode([
'type' => 'QR_CODE',
'value' => 'QR code value'
]),
'locations' => [
new LatLongPoint([
'latitude' => 37.424015499999996,
'longitude' => -122.09259560000001
])
],
'cardNumber' => 'Card number',
'pin' => '1234',
'balance' => new Money([
'micros' => 20000000,
'currencyCode' => 'USD'
]),
'balanceUpdateTime' => new DateTime([
'date' => '2020-04-12T16:20:50.52-04:00'
])
]);
// The service account credentials are used to sign the JWT
$serviceAccount = json_decode(file_get_contents($this->keyFilePath), true);
// Create the JWT as an array of key/value pairs
$claims = [
'iss' => $serviceAccount['client_email'],
'aud' => 'google',
'origins' => ['www.example.com'],
'typ' => 'savetowallet',
'payload' => [
'giftCardClasses' => [
$newClass
],
'giftCardObjects' => [
$newObject
]
]
];
$token = JWT::encode(
$claims,
$serviceAccount['private_key'],
'RS256'
);
print "Add to Google Wallet link\n";
print "https://pay.google.com/gp/v/save/{$token}";
return "https://pay.google.com/gp/v/save/{$token}";
}
Python
如要開始在 Python 中整合,請參閱 GitHub 上完整的程式碼範例。
def create_jwt_new_objects(self, issuer_id: str, class_suffix: str,
object_suffix: str) -> str:
"""Generate a signed JWT that creates a new pass class and object.
When the user opens the "Add to Google Wallet" URL and saves the pass to
their wallet, the pass class and object defined in the JWT are
created. This allows you to create multiple pass classes and objects in
one API call when the user saves the pass to their wallet.
Args:
issuer_id (str): The issuer ID being used for this request.
class_suffix (str): Developer-defined unique ID for the pass class.
object_suffix (str): Developer-defined unique ID for the pass object.
Returns:
An "Add to Google Wallet" link.
"""
# See link below for more information on required properties
# https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardclass
new_class = {
'id': f'{issuer_id}.{class_suffix}',
'issuerName': 'Issuer name',
'reviewStatus': 'UNDER_REVIEW'
}
# See link below for more information on required properties
# https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardobject
new_object = {
'id': f'{issuer_id}.{object_suffix}',
'classId': f'{issuer_id}.{class_suffix}',
'state': 'ACTIVE',
'heroImage': {
'sourceUri': {
'uri':
'https://farm4.staticflickr.com/3723/11177041115_6e6a3b6f49_o.jpg'
},
'contentDescription': {
'defaultValue': {
'language': 'en-US',
'value': 'Hero image description'
}
}
},
'textModulesData': [{
'header': 'Text module header',
'body': 'Text module body',
'id': 'TEXT_MODULE_ID'
}],
'linksModuleData': {
'uris': [{
'uri': 'http://maps.google.com/',
'description': 'Link module URI description',
'id': 'LINK_MODULE_URI_ID'
}, {
'uri': 'tel:6505555555',
'description': 'Link module tel description',
'id': 'LINK_MODULE_TEL_ID'
}]
},
'imageModulesData': [{
'mainImage': {
'sourceUri': {
'uri':
'http://farm4.staticflickr.com/3738/12440799783_3dc3c20606_b.jpg'
},
'contentDescription': {
'defaultValue': {
'language': 'en-US',
'value': 'Image module description'
}
}
},
'id': 'IMAGE_MODULE_ID'
}],
'barcode': {
'type': 'QR_CODE',
'value': 'QR code'
},
'locations': [{
'latitude': 37.424015499999996,
'longitude': -122.09259560000001
}],
'cardNumber': 'Card number',
'pin': '1234',
'balance': {
'micros': 20000000,
'currencyCode': 'USD'
},
'balanceUpdateTime': {
'date': '2020-04-12T16:20:50.52-04:00'
}
}
# Create the JWT claims
claims = {
'iss': self.credentials.service_account_email,
'aud': 'google',
'origins': ['www.example.com'],
'typ': 'savetowallet',
'payload': {
# The listed classes and objects will be created
'giftCardClasses': [new_class],
'giftCardObjects': [new_object]
},
}
# The service account credentials are used to sign the JWT
signer = crypt.RSASigner.from_service_account_file(self.key_file_path)
token = jwt.encode(signer, claims).decode('utf-8')
print('Add to Google Wallet link')
print(f'https://pay.google.com/gp/v/save/{token}')
return f'https://pay.google.com/gp/v/save/{token}'
C#
如要開始在 C# 中整合,請參閱 GitHub 上完整的程式碼範例。
/// <summary>
/// Generate a signed JWT that creates a new pass class and object.
/// <para />
/// When the user opens the "Add to Google Wallet" URL and saves the pass to
/// their wallet, the pass class and object defined in the JWT are created.
/// This allows you to create multiple pass classes and objects in one API
/// call when the user saves the pass to their wallet.
/// <para />
/// The Google Wallet C# library uses Newtonsoft.Json.JsonPropertyAttribute
/// to specify the property names when converting objects to JSON. The
/// Newtonsoft.Json.JsonConvert.SerializeObject method will automatically
/// serialize the object with the right property names.
/// </summary>
/// <param name="issuerId">The issuer ID being used for this request.</param>
/// <param name="classSuffix">Developer-defined unique ID for this pass class.</param>
/// <param name="objectSuffix">Developer-defined unique ID for the pass object.</param>
/// <returns>An "Add to Google Wallet" link.</returns>
public string CreateJWTNewObjects(string issuerId, string classSuffix, string objectSuffix)
{
// Ignore null values when serializing to/from JSON
JsonSerializerSettings excludeNulls = new JsonSerializerSettings()
{
NullValueHandling = NullValueHandling.Ignore
};
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardclass
GiftCardClass newClass = new GiftCardClass
{
Id = $"{issuerId}.{classSuffix}",
IssuerName = "Issuer name",
ReviewStatus = "UNDER_REVIEW"
};
// See below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardobject
GiftCardObject newObject = new GiftCardObject
{
Id = $"{issuerId}.{objectSuffix}",
ClassId = $"{issuerId}.{classSuffix}",
State = "ACTIVE",
HeroImage = new Image
{
SourceUri = new ImageUri
{
Uri = "https://farm4.staticflickr.com/3723/11177041115_6e6a3b6f49_o.jpg"
},
ContentDescription = new LocalizedString
{
DefaultValue = new TranslatedString
{
Language = "en-US",
Value = "Hero image description"
}
}
},
TextModulesData = new List<TextModuleData>
{
new TextModuleData
{
Header = "Text module header",
Body = "Text module body",
Id = "TEXT_MODULE_ID"
}
},
LinksModuleData = new LinksModuleData
{
Uris = new List<Google.Apis.Walletobjects.v1.Data.Uri>
{
new Google.Apis.Walletobjects.v1.Data.Uri
{
UriValue = "http://maps.google.com/",
Description = "Link module URI description",
Id = "LINK_MODULE_URI_ID"
},
new Google.Apis.Walletobjects.v1.Data.Uri
{
UriValue = "tel:6505555555",
Description = "Link module tel description",
Id = "LINK_MODULE_TEL_ID"
}
}
},
ImageModulesData = new List<ImageModuleData>
{
new ImageModuleData
{
MainImage = new Image
{
SourceUri = new ImageUri
{
Uri = "http://farm4.staticflickr.com/3738/12440799783_3dc3c20606_b.jpg"
},
ContentDescription = new LocalizedString
{
DefaultValue = new TranslatedString
{
Language = "en-US",
Value = "Image module description"
}
}
},
Id = "IMAGE_MODULE_ID"
}
},
Barcode = new Barcode
{
Type = "QR_CODE",
Value = "QR code"
},
Locations = new List<LatLongPoint>
{
new LatLongPoint
{
Latitude = 37.424015499999996,
Longitude = -122.09259560000001
}
},
CardNumber = "Card number",
Pin = "1234",
Balance = new Money
{
Micros = 20000000,
CurrencyCode = "USD"
},
BalanceUpdateTime = new Google.Apis.Walletobjects.v1.Data.DateTime
{
Date = "2020-04-12T16:20:50.52-04:00"
}
};
// Create JSON representations of the class and object
JObject serializedClass = JObject.Parse(
JsonConvert.SerializeObject(newClass, excludeNulls));
JObject serializedObject = JObject.Parse(
JsonConvert.SerializeObject(newObject, excludeNulls));
// Create the JWT as a JSON object
JObject jwtPayload = JObject.Parse(JsonConvert.SerializeObject(new
{
iss = credentials.Id,
aud = "google",
origins = new List<string>
{
"www.example.com"
},
typ = "savetowallet",
payload = JObject.Parse(JsonConvert.SerializeObject(new
{
// The listed classes and objects will be created
// when the user saves the pass to their wallet
giftCardClasses = new List<JObject>
{
serializedClass
},
giftCardObjects = new List<JObject>
{
serializedObject
}
}))
}));
// Deserialize into a JwtPayload
JwtPayload claims = JwtPayload.Deserialize(jwtPayload.ToString());
// The service account credentials are used to sign the JWT
RsaSecurityKey key = new RsaSecurityKey(credentials.Key);
SigningCredentials signingCredentials = new SigningCredentials(
key, SecurityAlgorithms.RsaSha256);
JwtSecurityToken jwt = new JwtSecurityToken(
new JwtHeader(signingCredentials), claims);
string token = new JwtSecurityTokenHandler().WriteToken(jwt);
Console.WriteLine("Add to Google Wallet link");
Console.WriteLine($"https://pay.google.com/gp/v/save/{token}");
return $"https://pay.google.com/gp/v/save/{token}";
}
Node.js
如要開始在節點中整合,請參閱完整的 GitHub 程式碼範例。
/**
* Generate a signed JWT that creates a new pass class and object.
*
* When the user opens the "Add to Google Wallet" URL and saves the pass to
* their wallet, the pass class and object defined in the JWT are
* created. This allows you to create multiple pass classes and objects in
* one API call when the user saves the pass to their wallet.
*
* @param {string} issuerId The issuer ID being used for this request.
* @param {string} classSuffix Developer-defined unique ID for the pass class.
* @param {string} objectSuffix Developer-defined unique ID for the pass object.
*
* @returns {string} An "Add to Google Wallet" link.
*/
createJwtNewObjects(issuerId, classSuffix, objectSuffix) {
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardclass
let newClass = {
'id': `${issuerId}.${classSuffix}`,
'issuerName': 'Issuer name',
'reviewStatus': 'UNDER_REVIEW'
};
// See link below for more information on required properties
// https://developers.google.com/wallet/retail/gift-cards/rest/v1/giftcardobject
let newObject = {
'id': `${issuerId}.${objectSuffix}`,
'classId': `${issuerId}.${classSuffix}`,
'state': 'ACTIVE',
'heroImage': {
'sourceUri': {
'uri': 'https://farm4.staticflickr.com/3723/11177041115_6e6a3b6f49_o.jpg'
},
'contentDescription': {
'defaultValue': {
'language': 'en-US',
'value': 'Hero image description'
}
}
},
'textModulesData': [
{
'header': 'Text module header',
'body': 'Text module body',
'id': 'TEXT_MODULE_ID'
}
],
'linksModuleData': {
'uris': [
{
'uri': 'http://maps.google.com/',
'description': 'Link module URI description',
'id': 'LINK_MODULE_URI_ID'
},
{
'uri': 'tel:6505555555',
'description': 'Link module tel description',
'id': 'LINK_MODULE_TEL_ID'
}
]
},
'imageModulesData': [
{
'mainImage': {
'sourceUri': {
'uri': 'http://farm4.staticflickr.com/3738/12440799783_3dc3c20606_b.jpg'
},
'contentDescription': {
'defaultValue': {
'language': 'en-US',
'value': 'Image module description'
}
}
},
'id': 'IMAGE_MODULE_ID'
}
],
'barcode': {
'type': 'QR_CODE',
'value': 'QR code'
},
'locations': [
{
'latitude': 37.424015499999996,
'longitude': -122.09259560000001
}
],
'cardNumber': 'Card number',
'pin': '1234',
'balance': {
'micros': 20000000,
'currencyCode': 'USD'
},
'balanceUpdateTime': {
'date': '2020-04-12T16:20:50.52-04:00'
}
};
// Create the JWT claims
let claims = {
iss: this.credentials.client_email,
aud: 'google',
origins: ['www.example.com'],
typ: 'savetowallet',
payload: {
// The listed classes and objects will be created
giftCardClasses: [newClass],
giftCardObjects: [newObject]
},
};
// The service account credentials are used to sign the JWT
let token = jwt.sign(claims, this.credentials.private_key, { algorithm: 'RS256' });
console.log('Add to Google Wallet link');
console.log(`https://pay.google.com/gp/v/save/${token}`);
return `https://pay.google.com/gp/v/save/${token}`;
}
查看
如要在 Go 中開始整合作業,請參閱 GitHub 上的完整程式碼範例 GitHub 上的程式碼範例。
// Generate a signed JWT that creates a new pass class and object.
//
// When the user opens the "Add to Google Wallet" URL and saves the pass to
// their wallet, the pass class and object defined in the JWT are
// created. This allows you to create multiple pass classes and objects in
// one API call when the user saves the pass to their wallet.
func (d *demoGiftcard) createJwtNewObjects(issuerId, classSuffix, objectSuffix string) {
giftcardObject := new(walletobjects.GiftCardObject)
giftcardObject.Id = fmt.Sprintf("%s.%s", issuerId, objectSuffix)
giftcardObject.ClassId = fmt.Sprintf("%s.%s", issuerId, classSuffix)
giftcardObject.State = "ACTIVE"
giftcardObject.CardNumber = "Card number"
giftcardJson, _ := json.Marshal(giftcardObject)
var payload map[string]any
json.Unmarshal([]byte(fmt.Sprintf(`
{
"giftcardObjects": [%s]
}
`, giftcardJson)), &payload)
claims := jwt.MapClaims{
"iss": d.credentials.Email,
"aud": "google",
"origins": []string{"www.example.com"},
"typ": "savetowallet",
"payload": payload,
}
// The service account credentials are used to sign the JWT
key, _ := jwt.ParseRSAPrivateKeyFromPEM(d.credentials.PrivateKey)
token, _ := jwt.NewWithClaims(jwt.SigningMethodRS256, claims).SignedString(key)
fmt.Println("Add to Google Wallet link")
fmt.Println("https://pay.google.com/gp/v/save/" + token)
}
Android 應用程式
呼叫 savePasses 方法發出票證給使用者時,Google Wallet Android SDK 會自動使用您在 Google 錢包商家主控台中提供的應用程式簽署金鑰 SHA-1 指紋簽署 JWT。或者,您也可以使用 Android SDK 的 savePassesJwt 方法,使用先前簽署的 JWT 發出票證。
詳情請參閱使用 Android SDK 核發票證。