Geek asks and answers

Server google android subscription verification

In a nutshell: Can I work with the Google Play Android Developer API from the server without providing any applications in the play store?

Background: I am working on a project that provides applications with monthly subscriptions. The corresponding data of each subscription (purchase token, date, etc.) is stored in the backend database. Now I want to create a cronjob that iterates through each of these datasets. And for each subscription, I would like to contact the Google API to get information if the subscription is still valid or not, and update our database corresponding to the response status.

For backend logic, I use the google-api-java-client library .

To cancel or confirm subscriptions, I need to authenticate with OAuth2 before. Been there, done it.

new GoogleCredential.Builder()
    .setTransport(HTTP_TRANSPORT)
    .setJsonFactory(JSON_FACTORY)
    .setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
    .setServiceAccountScopes("https://www.googleapis.com/auth/androidpublisher") // $1
    .setServiceAccountPrivateKeyFromP12File(new File(filePath))
    .setClientSecrets(CLIENT_ID, CLIENT_SECRET) // $2
    .build();

$ 1: I don’t know if this area is valid. Since I just found this value in a few examples, but neither in this review , nor in the google play area

$ 2 I think this is necessary, although I found many examples that did not provide this information.

But, unfortunately, I do not see the difference when I provide the wrong data (for example, the wrong email address or private key).

Questions

  • How can I verify the correctness of GoogleCredential?
  • Can I just see it in the next steps, for example, by contacting the androidpublisher API?

In the next step, I try to get the purchase status of the subscription:

Androidpublisher publisher = new Androidpublisher.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential)
                               .setApplicationName(GOOGLE_PRODUCT_NAME) // $1                
                               .build();
Androidpublisher.Purchases purchases = publisher.purchases();
Androidpublisher.Purchases.Get get = purchases.get("android.test.purchased", "monthly001", "mytoken"); // $2
SubscriptionPurchase subscripcion = get.execute();

$ 1: the name of my dummy product from the API console -> API access

$2: , API androidpush , - auth flow, , get-.

API: https://developers.google.com/android-publisher/v1/purchases/get

  • ?
  • / ?

, / . , , .

, / . simliar.

, , , . , - , , .

,

+5
1

.

= 1 = URL- GENERATE AUTHORIZATION

String authorizeUrl = new GoogleAuthorizationCodeRequestUrl(googleClientId,callbackUrl,"https://www.googleapis.com/auth/androidpublisher").build()    
// See why: http://stackoverflow.com/questions/8433990/when-authenticating-with-oauth-and-youtube-always-get-error-invalid-grant-on
authorizeUrl += "&approval_prompt=force&access_type=offline"

= 2 = AUTHENTICATE

-- API androidpublisher, URL-, (1) .

= 3 = CALLBACK

google . "", .

= 4 = AUTH-TOKEN

    // Build the HTTP parameter
    Map<String,String> params = [:]
    params.put("grant_type", "authorization_code")
    params.put("code", code.encodeAsURL())
    params.put("client_id", customer.googleClientId.encodeAsURL())
    params.put("client_secret", customer.googleClientSecret.encodeAsURL())
    params.put("redirect_uri", getCallbackUrl().encodeAsURL())

    // Send the POST request
    // This action might throw an exception in case any parameter were wrong, invalid or not specified.
    String result = HttpRequestHandler.sendRequest("https://accounts.google.com/o/oauth2/token", params);
    JSONElement jsonResult = JSON.parse(result)

    // Map result
    OAuth2Result oAuth2Result = new OAuth2Result()
    oAuth2Result.accessToken = jsonResult.getAt("access_token")
    oAuth2Result.refreshToken = jsonResult.getAt("refresh_token")
    oAuth2Result.ttlSeconds = Integer.parseInt(jsonResult.getAt("expires_in").toString())
    oAuth2Result.tokenType = jsonResult.getAt("token_type")

= 5 =

    // Build the HTTP parameter
    Map<String,String> params = [:]
    params.put("grant_type", "refresh_token")
    params.put("refresh_token", this.customer.googleRefreshToken.encodeAsURL())
    params.put("client_id", customer.googleClientId.encodeAsURL())
    params.put("client_secret", customer.googleClientSecret.encodeAsURL())

    // Send the POST request
    // This action might throw an exception in case any parameter were wrong, invalid or not specified.
    String result = HttpRequestHandler.sendRequest("https://accounts.google.com/o/oauth2/token", params);
    JSONElement jsonResult = JSON.parse(result)

    // Map result
    OAuth2Result oAuth2Result = new OAuth2Result()
    oAuth2Result.accessToken = jsonResult.getAt("access_token")
    oAuth2Result.refreshToken = jsonResult.getAt("refresh_token")
    oAuth2Result.ttlSeconds = Integer.parseInt(jsonResult.getAt("expires_in").toString())
    oAuth2Result.tokenType = jsonResult.getAt("token_type")
+4

More articles:


All Articles