具有自己的网络服务器的一致安全的Google Play应用内购买方案 [英] Consistent secure Google Play in-app purchase scenario with own web server

问题描述

我已多次阅读 Android Developer中的所有文档指南
并熟悉精彩的Google演示文稿逃避海盗和阻止吸血鬼

最后我尝试实施涉及应用内的结算方案我自己的网络服务器按照上面的介绍。
以下是与我的服务器互动的要点：

Finally I tried to implement in-app billing scenario involving my own web server in accordance to the presentation above. Here are the main points of interaction with my server:

1. 在向Google发出REQUEST_PURCHASE请求之前，我向我的网站发出请求服务器注册新购买。如果请求成功，我从服务器获取一个nonce。


2. 当事务完成时，我收到一组通知ID，将它们传递给GET_PURCHASE_INFORMATION请求。此时我需要在我的服务器中使用步骤1中收到的nonce。 < - 我被困在这里了！


3. 当GET_PURCHASE_INFORMATION成功时，我得到一个signedJson和一个签名，我将其传递给我的服务器。它验证购买并在服务器上提交交易。

到目前为止我无法理解的是两件事：

What I can not understand so far is two things:

1. 如何在我的情况下通过传入的IN_APP_NOTIFY意图识别先前生成的nonce？据我所知，它可以对应于当前购买完成或其他购买退款。从我看到的，我们只有与REQUEST_PURCHASE请求无关的通知ID。


2. 如何安全地处理退款，以便我的服务器100％确认此事件？恕我直言，最自然的方式是定期从我的服务器请求Google服务器来检索订单的实际状态。不幸的是，在我的国家/地区，开发人员无法使用Google Checkout API。另一种方法是使用GET_PURCHASE_INFORMATION请求通过设备定期检查订单状态，传递已知的通知ID和新的nonce。如果在某段时间内检查失败，则购买将自动到期，直到第一次成功订单状态验证为止。这种情况可能吗？在CONFIRM_NOTIFICATIONS请求订单后，我是否可以使用已知的通知ID来发出GET_PURCHASE_INFORMATION请求？

1. How to identify a previously generated nonce by incoming IN_APP_NOTIFY intent in my case? As far as I understand it can correspond to either current purchase completion or another purchase refund. From what I see we have only notification id which has no relation to a REQUEST_PURCHASE request.
2. How to securely handle refunds in that way that my server is 100% acknowledged about this event? The most natural way IMHO is to periodically request Google server from my server to retreive the actual status for the order. Unfortunately, in my country developers can not use Google Checkout API. Another way is to periodically check the order state via device using GET_PURCHASE_INFORMATION request passing known notification ids and new nonces. If the check fails during some period the purchase will be automatically expired until the first successful order state verification. Is this scenario possible? Can I use known notification id to make GET_PURCHASE_INFORMATION requests after CONFIRM_NOTIFICATIONS request for the order?

编辑：关于退款（第2点）有一个相关主题 Android In-App结算安全问题？。 Google Play中没有内置最终用户功能要求开发者退还应用内购买是否正确？如果是，那么我们可能会在应用程序中实施一个按钮来发送此类退款请求到我们的服务器，包括所有必要的信息，如经过验证的用户凭据，然后在Google商家帐户和服务器的数据库中手动处理退款。

Regarding refunds (point 2) there's a related topic Android In-App billing security issues?. Is it correct that there is no built-in end user functionality in Google Play to ask developer to refund in-app purchase? If so, then we might implement a button within our application to send such refund request to our server including all necessary info like verified user credentials and then manually process a refund in both Google merchant account and server's database.

推荐答案

没有以编程方式申请退款。用户必须与您联系（通过电子邮件等），您可以在开发者控制台中退款。处理退款后，应用程序将获得带有新订单状态（已退款）的已签名 PURCHASE_STATE_CHANGED 通知（广播）。您可以将此转发到您的服务器进行验证，就像新购买一样，并相应地更改订单状态。你不应该关心nonce被绑定的请求，只需检查它确实是你生成的（Cf. Dungeons示例）。如果您在服务器上执行此操作，通常会搜索数据库以检查先前生成的nonce是否存在。

There is no programmatic way to request a refund. The user has to contact you (by email, etc.) and you can refund their purchase in the developer console. After the refund is processed, the app will get a signed PURCHASE_STATE_CHANGED notification (broadcast) with the new order status (refunded). You can forward this to your server for verification, just as with new purchases and change the order status accordingly. You shouldn't care about what request the nonce is tied to, just check that it is indeed one your generated (Cf. Dungeons sample). If you are doing this on a server, you would typically search your DB to check if the nonce you previously generated is there.

这篇关于具有自己的网络服务器的一致安全的Google Play应用内购买方案的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！