Reputation: 127
Verifying Google in app purchases on the server by acknowledgementState and consumptionState only
I am trying to implement in app purchase verification for Android using my own php backend server.
I have been able to get the server running and verified my service account with google apis.
I am reading this link: Verify purchases before granting entitlements
According to the link, I must compare my purchaseToken to previous purchaseTokens that were stored in my own database.
However, I see the response of the server contains an AcknowledgementState and ConsumptionState fields.
I plan to use these two fields in order to verify the purchase. On the client side(android phone app) I plan to use the following logic:
boolean isAcknowledged=false;
boolean hasBeenConsumed=false;
if(acknowledgementstate == 1){
//means Google servers acknowledged the purchase.. so is not a fraud purchaseToken
isAcknowledged=true; }
if(consumptionState != 0){
//according to google api docs.. 0 = yet to be consumed purchase; 1 = consumed(it was
//granted already)
hasBeenConsumed=true;
}
Now, I see no need to implement the database that stores all my previous in-app purchaseToken values! I can just do this:
if(isAcknowled && consumptionState == 0){
//I should have a legitimate purchaseToken that has been verified by google servers and the
//the purchase has not been consumed!
//I should consume the purchase right in here! How can I use the Google Apis to consume my purchase in my backend server ????
}else{
//something is wrong: it can be a duplicated purchaseToken or some other type of fraud!
}
Please provide any clarification or any problems that you see might arise from this implementation. Here is a sample of a test purchase that was previously consumed and acknowledged by Google servers.
my server response:
{"acknowledgementState":1,"consumptionState":1,"developerPayload":"","kind":"androidpublisher#productPurchase","obfuscatedExternalAccountId":null,"obfuscatedExternalProfileId":null,"orderId":"some # cant show","productId":null,"purchaseState":0,"purchaseTimeMillis":"1718701365611","purchaseToken":null,"purchaseType":0,"quantity":null,"regionCode":"US"}
Upvotes: 0
Views: 213
Answers (0)
Related Questions
- What is the difference between px, dip, dp, and sp?
- Android "Only the original thread that created a view hierarchy can touch its views."
- Is there a way to consume google play in-app products from backend server?
- What is the difference between gravity and layout_gravity in Android?
- How to verify purchase for android app in server side (google play in app billing v3)
- What is the difference between match_parent and fill_parent?
- Android/Google Play: do I really need my OWN server to manage inapp billing subscriptions?
- How to consume Google In-App purchases Server-side
- In App Billing purchases not on Google Play / Weird Receipts