I want to add In App purchases to my application. In App in test mode works great, but there is no check on their authenticity. While googling some info about making server-side of In App I found out that server-side won't work correctly with test purchases. Below is a code of client-side and server-side.
Will that code work fine with real purchases or there are some mistakes?
Client-side:
IabHelper mHelper;
public boolean billingworks=false;
String itemsku="Item name";
String AccLogin="Account name";
public void initBilling(){ //Is called inside onCreate
String base64EncodedPublicKey =
"Public key from Google Play";
mHelper = new IabHelper(this, base64EncodedPublicKey);
mHelper.startSetup(new
IabHelper.OnIabSetupFinishedListener() {
public void onIabSetupFinished(IabResult result)
{
if (result.isSuccess()){
List additionalSkuList = new ArrayList();
additionalSkuList.add(itemsku);
mHelper.queryInventoryAsync(true, additionalSkuList, mQueryFinishedListener);
billingworks=true;} else
Toast.makeText(getApplicationContext(),"An error occurred with billing system.",1024).show();
}
});
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (!mHelper.handleActivityResult(requestCode, resultCode, data)) {
super.onActivityResult(requestCode, resultCode, data);
} else {
}
}
public void buyItem(){
if (billingworks){
mHelper.flagEndAsync();
mHelper.launchPurchaseFlow(this, itemsku, 10001,
mPurchaseFinishedListener, "Ejfjejf");
toast("Trying to purchase...");
} else
Toast.makeText(this,"An error occurred. Try to restart",1024).show();
}
public void toast(String s){
Toast.makeText(this,s,1024).show();
}
public String urlencode(String s){
try{
return URLEncoder.encode(s,"UTF-8");
}catch(Exception e){return "none";}
}
IabHelper.OnIabPurchaseFinishedListener mPurchaseFinishedListener = new IabHelper.OnIabPurchaseFinishedListener() {
public void onIabPurchaseFinished(IabResult result, Purchase purchase) {
if (result.isFailure()) {
toast("Error purchasing: "+result);
return;}
if (!verifyDeveloperPayload(purchase)) {
toast("Error purchasing. Authenticity verification failed.");
return;
}
if (purchase.getSku().equals(itemsku)) {
mHelper.consumeAsync(purchase, mConsumeFinishedListener);
}}};
IabHelper.OnConsumeFinishedListener mConsumeFinishedListener = new IabHelper.OnConsumeFinishedListener()
{
public void onConsumeFinished(Purchase purchase, IabResult result)
{
if (mHelper == null) return;
if (result.isSuccess())
{
try{
JSONObject checker=new JSONObject(purchase.getOriginalJson());
toast("Activating account...");
String url="http://mypage/check.php?login="+AccLogin+"&responsedata="+urlencode(purchase.getOriginalJson())+"&signature="+urlencode(purchase.getSignature());
String[] verify=getPageS(url);
if (verify.length>0) toast(verify[0]);
}catch(Exception e){}
}
else
{
// handle error
}
}
};
IabHelper.QueryInventoryFinishedListener
mQueryFinishedListener = new IabHelper.QueryInventoryFinishedListener() {
public void onQueryInventoryFinished(IabResult result, Inventory inventory)
{
if (result.isFailure()) {
return;
}
Purchase p =
inventory.getPurchase(itemsku);
if (p!=null)
mHelper.consumeAsync(p, mConsumeFinishedListener);
}
};
Server-side:
$responseCode = 0;
$user = $_GET['login'];
$data = json_decode(urldecode($_GET['responsedata'],true));
$signature = urldecode($_GET['signature']);
$publicKey = "Public key from GP";
$key = "-----BEGIN PUBLIC KEY-----\n" . chunk_split($publicKey, 64, "\n") . "-----END PUBLIC KEY-----";
$key = openssl_get_publickey($key);
if (false === $key) {
exit("error openssl_get_publickey");
}
$result = openssl_verify($data, base64_decode($signature), $key);
if ($result == 1) {
//Activating account
} elseif ($result == 0) {
echo "bad";
} else {
echo "error";
}