stackoom
  简体   繁体   中英

Server side verification of Google Play in-app billing version 3 purchase (part 2)

 原文  2013-04-18 20:03:12       android/ in-app-purchase/ in-app-billing

Question

So I thought I understood how in-app billing and server-side verification works thanks to an answer to a previous question of mine but now that I think of it I'm still lost...

This is what I have and what I want to do:

I have an app where the users can purchase several "items". Each item is stored on a server and and item should be made available for downloaded within the app upon purchase. The items are managed items that can be purchased only once (ie non-consumable). I have no problem defining items in the Google Play Developer console and I can perform a successful purchase.

What I don't understand is how I can get my server to not only validate the purchase (using the purchaseToken and signature) but also know that it is item X and not item Y that is purchased? Is there some Google API where the server can talk to Google and ask what item id a certain purchaseToken belongs to? Is there some other way to do this?

2 answers

solution1
 43 ACCPTED  2013-04-19 15:22:06

I hate to answer my own question, but hey, nobody else did! Me and my colleagues took another look at the problem again this morning. The solution to my problem finally occurred to me after taking another look at how the client side verification works in the TrivialDrive example. Man, did I feel like putting on my "stupid-hat", when I understood what was wrong.

I thought that it was the purchaseToken and the signature that was used to verify the purchase, but that way there was no means of verifying if it was item A or item B that was purchased.

If you want to do server-side verification (or any kind of verification for that matter) before making content available to the buyer it's actually the original JSON data (if you use the IabHelper classes, you get the original JSON from the Purchase class) that you're supposed to use together with the signature and the public key. And since it's the original JSON data you're passing along to your server it also contains all the information about the purchase (such as SKU id etc).

It's also important to set the developer payload to something that uniquely identifies your user (not the device!). In our case each user has an account on the server and I use the unique user id as developer payload.

/Mr.Stupid signing off!

solution2
 12  2013-11-19 11:24:44

自2013年6月起,您可以使用购买状态APIGoogle API客户库在服务器端直接通过Google Play验证购买。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Server-side verification of Google Play In-app billing version 3 purchase How to verify purchase for android app in server side (google play in app billing v3) In-App purchase for widget Android Billing Version 3 Does Google Play In-App Billing Version 3 support refunds? What is the proper python method of server-side verification for non-managed Google Play In-App products? With Google Play Billing, is it okay to wait with granting entitlement to an in-app purchase until after the purchase has been acknowledged? Google Play In-app Billing API version is less than 3 Google in-app billing cancel test purchase Android In app purchase: This version of the application is not configured for billing through Google Play How to make Multiple items purchase using Google Play in-app billing
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM