使用Firebase功能验证购买 [英] Verify a Purchase using Firebase Functions

问题描述

我想使用Firebase Functions和在我的应用中验证购买Purchases.products:获取 但是我不知道如何使用链接中的授权范围或如何在Firebase Functions中构建请求. 这是我到目前为止的内容:

I want to verify purchases in my app using Firebase Functions and Purchases.products: get But I don't know how to use the authorization Scope from the link or how to build the request in Firebase Functions. This is what I have so far:

const functions = require('firebase-functions');
const admin = require('firebase-admin');
const google = require("googleapis");
const publisher = google.androidpublisher('v2');
admin.initializeApp(functions.config().firebase);

exports.validatePurchases = functions.database
    .ref('/purchases/{uId}/{orderId}')
    .onWrite((event) => {
        const purchase = event.data.val();
        const token = purchase.token;
        const packageName = purchase.package_name;
        const sku = purchase.sku;
        const signature = purchase.signature;
        const uri = "https://www.googleapis.com/androidpublisher/v2/applications/" + packageName + "/purchases/products/" + sku + "/tokens/" + token;

        return TODO;
    });

我几乎设置了所有内容，但是我的JavaScript知识非常有限，并且不知道如何在Firebase Functions中构建请求并获得结果

I have setup mostly everything but my JavaScript knowledge is very limited and don't know how to build the Request and get the Result in Firebase Functions

推荐答案

我对JavaScript的了解不多，我对这个函数的理解部分是根据我所读的内容进行的猜测，我将感谢您进行更正，我知道还有余地改进，但可以进行验证.

I have not much knowledge with JavaScript, I got to this function partly guessing from all that I have read, I will appreciate corrections, I know there is room for improvement but it does the validation.

这是我用来验证购买的功能:

This is the function I'm using to validate my purchases:

const functions = require('firebase-functions');
const admin = require('firebase-admin');
const {google} = require("googleapis");
const publisher = google.androidpublisher('v2');
const authClient = new google.auth.JWT({
    email: 'Service Account Email',
    key: '-----BEGIN PRIVATE KEY-----\n**********************************************************************************==\n-----END PRIVATE KEY-----\n',
    scopes: ['https://www.googleapis.com/auth/androidpublisher']
});
admin.initializeApp();

exports.validatePurchases = functions.database
    .ref('/purchases/{uId}/{orderId}')
    .onCreate((event, context) => {
        const purchase = event.val();
        if (purchase.is_processed === true) {
            console.log('Purchase already processed!, exiting');
            return null;
        }
        const orderId = context.params.orderId;
        const dbRoot = event.ref.root;
        const package_name = purchase.package_name;
        const sku = purchase.sku;
        const my_token = purchase.token;

        authClient.authorize((err, result) => {
            if (err) {
                console.log(err);
            }
            publisher.purchases.products.get({
                auth: authClient,
                packageName: package_name,
                productId: sku,
                token: my_token
            }, (err, response) => {
                if (err) {
                    console.log(err);
                }
                // Result Status must be equals to 200 so that the purchase is valid
                if (response.status === 200) {
                    return event.ref.child('is_validated').set(true);
                } else {
                    return event.ref.child('is_validated').set(false);
                }
            });
        });
        return null;
    });

更新: 我刚刚发现，在使用促销代码时，此操作将失败，因为促销代码orderId为空.

UPDATE: I just found out that when using Promo Codes this will fail as orderId is empty for Promo Codes.

使用承诺

return authClient.authorize()
        // authClient.authorize() returns a credentials Object
        .then(credentials => {
            return publisher.purchases.products.get({
                auth: authClient,
                packageName: packageName,
                productId: sku,
                token: token
            });
        })
        // publisher.purchases.products.get() Returns a axiosResponse object with Purchase data within and the status that should be enough for the validation
        .then(axiosResponse => {
                if (axiosResponse.status === 200 && axiosResponse.data.purchaseState === 0) {
                // Your purchase is valid, do your thing
                } else {
                    return event.ref.set(null);
                }
            })
            .catch(reason => {
                console.log(`Rejection Code: ${reason.code}`);
                console.log(`Rejection Message: ${reason.message}`);
                return event.ref.set(null);
            });

据我了解，axiosResponse.status === 200应该足以验证购买，但是请注意，axiosResponse.data保留了购买 Schema$ProductPurchase，您可以在其中检查购买"中的其他值.如果您使用的是许可测试"或促销代码"，我会发现这很有趣.在此示例中，我使用axiosResponse.data.purchaseState来检查购买是否仍然有效(可能是不必要的...)

It is my understanding that axiosResponse.status === 200 should be enough for verifying a purchase, note however that axiosResponse.data holds the data from the purchase Schema$ProductPurchase where you can check other values from the Purchase. Which I find interesting if you are using "Licensing Testing" or "Promo Codes". In this sample I'm using axiosResponse.data.purchaseState to check that the purchase is still valid(maybe unnecesary...)

这篇关于使用Firebase功能验证购买的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！