[英]Android verify IAP subscription server side with Ruby
I have been googling and searching and this is killing me. 我一直在谷歌搜索和搜索这是杀了我。 I am just trying to setup our RoR server to be able to query the google play purchases API to validate if a subscription has been renewed and I cannot seem to find an actual solution.
我只是想设置我们的RoR服务器,以便能够查询谷歌游戏购买API,以验证订阅是否已更新,我似乎无法找到实际的解决方案。 I have been through all of the google documentation.
我已经浏览了所有的谷歌文档。 It appears I need a service account as described here
看来我需要一个如此处所述的服务帐户
https://developers.google.com/accounts/docs/OAuth2ServiceAccount https://developers.google.com/accounts/docs/OAuth2ServiceAccount
But then I found this python article on how they actually want us to use the web server application flow 但后来我发现这篇关于他们实际上希望我们如何使用Web服务器应用程序流的python文章
http://milancermak.wordpress.com/2012/08/24/server-side-verification-of-google-play-subsc/ http://milancermak.wordpress.com/2012/08/24/server-side-verification-of-google-play-subsc/
I don't really care at this point, I just need to get the server to successfully talk to the Google API to validate/renew subscriptions. 我现在并不在意,我只需要让服务器成功与Google API通信以验证/续订订阅。 I have found 0 articles on how this flow works.
我找到了0条关于这个流如何工作的文章。 Has anyone gotten this working??
有没有人得到这个工作?
For anyone who stumbled on this, this was the craziest thing I have ever had to deal with but I managed to figure it out and do it right. 对于那些偶然发现这一点的人来说,这是我曾经遇到过的最疯狂的事情,但我设法弄清楚并且做得对。 I want to thank the following articles for helping me slowly but surely get to the bottom of this.
我要感谢以下文章,以帮助我慢慢地,但肯定到底这一点。 I will add the most frustriating part of this is the steps I am going to list below, I am not 100% convinced they are all necessary because the only error I ever got during this was "403 Insufficient Permissions" so all I can really do here is tell you EVERYTHING I did and hope it works for you.
我将添加最令人惊讶的部分是我将在下面列出的步骤,我不是100%确信它们都是必要的,因为我在此期间遇到的唯一错误是“403 Insufficient Permissions”所以我真的可以做到这里告诉你我所做的一切,并希望它对你有用。
This article got everything working but was using the web access approach and stating that the service account wouldn't work 本文使一切正常,但使用Web访问方法并声明服务帐户不起作用
http://milancermak.wordpress.com/2012/08/24/server-side-verification-of-google-play-subsc/ http://milancermak.wordpress.com/2012/08/24/server-side-verification-of-google-play-subsc/
This was a great implementation on the above article for Ruby 对于上面的Ruby文章,这是一个很好的实现
https://gist.github.com/cornflakesuperstar/5632813 https://gist.github.com/cornflakesuperstar/5632813
This was a great article on how to get the key so that you could store it as an environment variable for Heroku 这是一篇关于如何获取密钥的文章,以便您可以将其存储为Heroku的环境变量
http://ar.zu.my/how-to-store-private-key-files-in-heroku/ http://ar.zu.my/how-to-store-private-key-files-in-heroku/
This was a good article on how to setup the service account (note I am not the account owner of our services so I was flying blind on telling him how to do this. This article worked) 这是一篇关于如何设置服务帐户的好文章(请注意,我不是我们服务的帐户所有者,所以我不知道如何做到这一点。这篇文章有效)
https://developers.google.com/console/help/#activatingapis https://developers.google.com/console/help/#activatingapis
This was the article on how you need to authorize the auto generated email from above 这篇文章是关于如何从上面授权自动生成的电子邮件的文章
How can I authorize with OAuth 2.0 for google's predictive API in Ruby? 如何使用OAuth 2.0为Ruby中的google预测API进行授权?
The official Google Implementation for the API is here API的官方Google实施就在这里
https://developers.google.com/android-publisher/api-ref/purchases/subscriptions/get https://developers.google.com/android-publisher/api-ref/purchases/subscriptions/get
After countless late nights since I posted this article I was able to get this working WITH A SERVICE ACCOUNT with the following steps 自从我发布这篇文章以来无数深夜之后,我能够通过以下步骤使用服务帐户
After tons of trial and error, miraculously got a "200" out of the API. 经过大量的试验和错误,奇迹般地从API获得了“200”。 Here is my code
这是我的代码
ISSUER = '45366745684568-afdasfasdfasdfasdfasdf@developer.gserviceaccount.com' # From service account
APP_NAME = '<appname>' # This value didn't seem to matter. I think it is for logging
APP_VERSION = '1.0' # This value didn't seem to matter. I think it is for logging
class SomeClass < ActiveRecord::Base
def self.google_api_client
@@google_client ||= Google::APIClient.new(
application_name: APP_NAME,
application_version: APP_VERSION
).tap do |client|
# Load the key downloaded from the Google Developer Console
if ENV['GOOGLE_API_KEY'].nil?
puts "Be sure that you have ENV['GOOGLE_API_KEY'] defined in your environment."
return
end
key = OpenSSL::PKey::RSA.new ENV['GOOGLE_API_KEY'], 'notasecret'
# Initialize the connection
client.authorization = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:audience => 'https://accounts.google.com/o/oauth2/token',
:scope => 'https://www.googleapis.com/auth/androidpublisher',
:issuer => ISSUER,
:signing_key => key)
client.authorization.fetch_access_token!
end
end
def self.test_server(package_name, subscription_id, token)
# Get the client
client = self.google_api_client
# Discover the subscriptions API
publisher = client.discovered_api('androidpublisher', 'v2')
# Make the API call
result = client.execute(
:api_method => publisher.purchases.subscriptions.get,
:parameters => {'packageName' => package_name, 'subscriptionId' => subscription_id, 'token' => token}
)
end
end
Once I did all of the steps above I was still struggling (same 403 error). 一旦我完成了上述所有步骤,我仍然在努力(同样的403错误)。 I realized the thing that was burning me was the 'scope' was not properly set to ' https://www.googleapis.com/auth/androidpublisher '.
我意识到燃烧我的是'范围'未正确设置为' https://www.googleapis.com/auth/androidpublisher '。 I hope this really helps someone.
我希望这真的能帮助别人。 This was tearing me apart and now it works perfect.
这让我分崩离析,现在它完美无缺。
Thanks all of the mentioned articles for your help. 感谢所有上述文章的帮助。
Here's a rails gist that verifies whether a Google Play subscription is currently active using the latest google-api-client gem: https://gist.github.com/jkotchoff/e60fdf048ec443272045 以下是使用最新的google-api-client gem验证Google Play订阅当前是否有效的rails gist: https : //gist.github.com/jkotchoff/e60fdf048ec443272045
That gist also includes documentation about how to create an OAuth token for which can be used offline. 该要点还包括有关如何创建可脱机使用的OAuth令牌的文档。
ie. 即。
- visit http://console.developers.google.com
访问http://console.developers.google.com
- API Manager
API管理器
- Credentials
证书
- Create Credentials (OAuth client ID)
创建凭据(OAuth客户端ID)
- Application type: Web Application
应用类型:Web应用程序
- Authorised redirect URIs: https://developers.google.com/oauthplayground
授权重定向URI: https : //developers.google.com/oauthplayground
- the resultant client ID / client secret is for your access token
生成的客户端ID /客户端密钥用于访问令牌
- visit: https://developers.google.com/oauthplayground/
访问: https : //developers.google.com/oauthplayground/
- Click the settings icon to show the OAuth 2.0 configuration
单击设置图标以显示OAuth 2.0配置
- Tick 'Use your own OAuth credentials'
勾选'使用您自己的OAuth凭据'
- Enter the OAuth Client ID and OAuth Client secret that you have just created
输入您刚刚创建的OAuth客户端ID和OAuth客户端密钥
- Check the entry for 'Calendar API v3' in the scopes field and click 'Authorize APIs'
检查范围字段中的“Calendar API v3”条目,然后单击“授权API”
- Click 'Allow'
点击“允许”
- Click 'Exchange authorization code for tokens'
点击“兑换令牌的授权码”
- now you have a Refresh token and Access token for your client id / secret
现在,您的客户端ID /机密有一个刷新令牌和访问令牌
Note, this gist has recently been upgraded to use version 0.9.x of the google-api-client gem. 请注意,这个要点最近已升级为使用google-api-client gem的0.9.x版本。 For an implementation that uses the deprecated v0.8.x of that gem, refer: https://gist.github.com/jkotchoff/e60fdf048ec443272045/e3e2c867633900d9d6f53de2de13aa0a0a16bb03
对于使用该gem的弃用v0.8.x的实现,请参阅: https ://gist.github.com/jkotchoff/e60fdf048ec443272045/e3e2c867633900d9d6f53de2de13aa0a0a16bb03
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.