使用服务帐户来验证谷歌InAppPurchase [英] Use service account to verify Google InAppPurchase
问题描述
我试过这么多的事情在最后的日子,但现在我的想法:(
我要验证是否已在我的Android应用程序,一个inAppPurchase。
1)我在谷歌API控制台中创建一个新的服务帐户。
1A)服务帐户被列为温特的权限,并可以查看的权限
2)我使用 https://github.com的最新版本/谷歌/谷歌API的PHP客户端
3)从我的PHP脚本code片断:
$客户端=新Google_Client();
$客户 - > setApplicationName('myAppName');
$client->setClientId('123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh.apps.googleusercontent.com');
$键=的file_get_contents('/ SHR /数据/ STOR / b516cexx3123asdf3988345d8133e7f86bfas2553-privatekey.p12');
$ service_account_name ='123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh@developer.gserviceaccount.com';
$客户 - > setScopes(阵列('https://www.googleapis.com/auth/androidpublisher'));
$ CRED =新Google_Auth_AssertionCredentials($ service_account_name,阵列('https://www.googleapis.com/auth/androidpublisher'),$键);
$客户 - > setAssertionCredentials($ CRED);
尝试 {
$服务=新Google_Service_AndroidPublisher($客户端);
$ googleApiResult = $服务 - > inapppurchases->获得($ externalAppId,$ externalProductId,$ purchaseToken);
}赶上(异常$ E){
的var_dump($ E->的getMessage());
}
4)从谷歌回应:
GET <一href="https://www.googleapis.com/androidpublisher/v1.1/applications/de.test.myapp/inapp/de.test.inapp.google.balance5eur/purchases/[PURCHASETOKEN]" rel="nofollow">https://www.googleapis.com/androidpublisher/v1.1/applications/de.test.myapp/inapp/de.test.inapp.google.balance5eur/purchases/[PURCHASETOKEN]: (401)目前的用户有足够的权限来执行 请求的操作。
[PURCHASETOKEN]我是从谷歌获得了购买令牌
5)设置$信贷项目>子='foo@bar.de'到我的邮箱地址,带来了
错误刷新OAuth2令牌,留言:{错误: unauthorized_client,error_description:未授权客户端或 范围的要求。}
好吧,我找到了解决办法!
您必须与您的应用程序连接您的API。你必须去你的谷歌播放发布页面( https://play.google.com/apps/publish ),并邀请在设置 - >用户帐户并服务帐户的电子邮件用户;权利为>邀请新用户,并给它的查看财务报告。
特权这意味着,而你通常会看到许多用户从您的域名在谷歌播放控制台上市(电子邮件:user1@mydomain.com,角色:金融;电子邮件:user2@mydomain.com,角色:管理员) ,你现在会添加其他用户,并给他一个金融的作用(电子邮件:XXX@developer.gserviceaccount.com,作用:财经)。
谢谢你对我的作品,祝你好运!
I've tried so many things in the last days but now I'm out of ideas :(
I want to verify an inAppPurchase that has been made in my android app.
1) I created a new service account in the google API console.
1a) The service account is listed unter permissions and has "can view" permission
2) I'm using the most current version of https://github.com/google/google-api-php-client
3) code snippet from my PHP script:
$client = new Google_Client();
$client->setApplicationName('myAppName' );
$client->setClientId('123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh.apps.googleusercontent.com');
$key = file_get_contents('/shr/data/stor/b516cexx3123asdf3988345d8133e7f86bfas2553-privatekey.p12');
$service_account_name = '123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh@developer.gserviceaccount.com';
$client->setScopes(array('https://www.googleapis.com/auth/androidpublisher') );
$cred = new Google_Auth_AssertionCredentials( $service_account_name, array('https://www.googleapis.com/auth/androidpublisher'), $key );
$client->setAssertionCredentials($cred);
try {
$service = new Google_Service_AndroidPublisher( $client );
$googleApiResult = $service->inapppurchases->get($externalAppId, $externalProductId, $purchaseToken);
} catch (Exception $e) {
var_dump( $e->getMessage() );
}
4) Response from Google:
GET https://www.googleapis.com/androidpublisher/v1.1/applications/de.test.myapp/inapp/de.test.inapp.google.balance5eur/purchases/[PURCHASETOKEN]: (401) The current user has insufficient permissions to perform the requested operation.
[PURCHASETOKEN] is the purchase token I received from google
5) Setting $cred->sub = 'foo@bar.de' to my mail address brings up
Error refreshing the OAuth2 token, message: '{ "error" : "unauthorized_client", "error_description" : "Unauthorized client or scope in request." }'
Ok I found the solution!
You must to connect your API with your app. You must go to your Google Play publish page (https://play.google.com/apps/publish) and invite a user with the service account email in Settings->User account & rights->Invite new user and give it the privileges of "View financial reports".
This means that, whereas you normally might see a number of users from your domain listed in the Google Play Console (Email: user1@mydomain.com, Role: Finance; Email: user2@mydomain.com, Role: Administrator), you will now add another user and give him a Finance role (Email: XXX@developer.gserviceaccount.com, Role: Finance).
Thanks works for me, good luck!
这篇关于使用服务帐户来验证谷歌InAppPurchase的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
