How to verify google play in-app purchase Subscription on Server Side php?

5 years ago Views 35896 Visit Post Reply

I have implemented In-App Purchase in Android application after subscribing from App (in-App purchase) monthly transaction will be done and the user got a Credit against the payment. Now I want to validate on In-app Purchase receipt on my Server to provide them credit successfully.

I have found documentation if I am not wrong through android Purchases.subscriptions: get Document

this is the process there defined is below please provide me right suggestion how to Validate In-app Purchase Subscription receipt

Request

HTTP request

GET https://www.googleapis.com/androidpublisher/v2/applications/packageName/purchases/subscriptions/subscriptionId/tokens/token

Parameters

Parameter name	Value	Description
Path parameters
`packageName`	`string`	The package name of the application for which this subscription was purchased (for example, 'com.some.thing').
`subscriptionId`	`string`	The purchased subscription ID (for example, 'monthly001').
`token`	`string`	The token provided to the user's device when the subscription was purchased.

Authorization

This request requires authorization with the following scope (read more about authentication and authorization).

Scope
https://www.googleapis.com/auth/androidpublisher

Request body

Do not supply a request body with this method.

-------------------------------------------------------------------------

URL: https://www.googleapis.com/androidpublisher/v2/applications/com.google.fundook/purchases/subscriptions/fundook_monthly_01/tokens/TOKEN_COMMING_FROM_WHEN_SUBSCRIBE

I have followed steps still gives me the error :

{

    "error": {
        "errors": [
            {
                "domain": "global",
                "reason": "required",
                "message": "Login Required",
                "locationType": "header",
                "location": "Authorization"
            }
        ],
        "code": 401,
        "message": "Login Required"
    }
}

Posted byHemant Sharma

Thread Reply

Nick Johnson

- 5 years ago

Before you can use the API, you will need to set up an APIs Console project, create a client ID and its Secret Key.

To Access APIs you should have below mantioned Variable Values:

Client ID - (ClientID will be in your Google Developer Console- Credentials Go this URL and click on Create Credentials Button-> OAuth Client ID-> Web Application then set Your domain and Redirect URL Click Create button )
Client Secret - (ClientID will be in your Google Developer Console- Credentials by following above steps)
Redirect Uri - (When you Create Client ID there were you enter a redirect URL Copy that one)
Refresh Token - (To Create Refresh Token follow steps)
App Id - (This is Your Android App Package Name)
Product ID - (This is your Subscription ID which is you entered in In-App Purchase)
Purchase Token - (Purchase token will receive to you when you Purchase or Subscribe you will get Purchase Token)

Copy below index.php


<?php

$ch = curl_init();

$clientId = '8461_SOMETHING_LIKE_THIS_pb.apps.googleusercontent.com';

$clientSecret='ar_SOMETHING_LIKE_THIS_K';

$redirectUri='http://_SOMETHING_LIKE_THIS_/index.php';

$refreshToken='1/Lzc5Xm_SOMETHING_LIKE_THIS_wBhrrY7qfywIr-3e';

$appid='com.SOMETHING_LIKE_THIS.google';

$productID='google.monthly.sub001';

$purchaseToken='cgojkfejbmfjhjiciphjkijd.AS-J__SOMETHING_LIKE_THIS__eLaFlpW_ita2B-5__SOMETHING_LIKE_THIS__3XmJIQ';

$TOKEN_URL = "https://accounts.google.com/o/oauth2/token";

$VALIDATE_URL = "https://www.googleapis.com/androidpublisher/v2/applications/".

   $appid."/purchases/subscriptions/".

   $productID."/tokens/".$purchaseToken;

$input_fields = 'refresh_token='.$refreshToken.

   '&client_secret='.$clientSecret.

   '&client_id='.$clientId.

   '&redirect_uri='.$redirectUri.

   '&grant_type=refresh_token';

//Request to google oauth for authentication

curl_setopt($ch, CURLOPT_URL, $TOKEN_URL);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_POSTFIELDS, $input_fields);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$result = curl_exec($ch);

$result = json_decode($result, true);

if (!$result || !$result["access_token"]) {

//error  

return;

}

//request to play store with the access token from the authentication request

$ch = curl_init();

curl_setopt($ch,CURLOPT_URL,$VALIDATE_URL."?access_token=".$result["access_token"]);

curl_setopt($ch,CURLOPT_RETURNTRANSFER, true);

$result1 = curl_exec($ch);

$result1 = json_decode($result1, true);

//print_r($result1);

if (!$result1 || $result1["error"] != null) {

   //error

   return;

}

print_r($result1);

?>

CREATE REFRESH TOKEN

If you already created refresh token it will be not visible to you AGAIN. you have to create new one for new Refresh Token.

To Create Refresh token you need Access token first for that you have to hit below Url with your CLIENT_ID and REDIRECT_URL

https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=...&client_id=...

Copy code variable from Url ACCESS_TOKEN (code)

Now you have your access_token (code)

Hit token URL with Post method

https://accounts.google.com/o/oauth2/token

and pass varibles in body

"grant_type":"authorization_code" //Keep it same
"code":"4/AAAHZKZbq_ACCESS_TOKEN_PASTE_HERE_D1x_1B3rJ0#" //change it with your Details
"client_id":"YOUR CLIENTID HERE" //change it with your Details
"client_secret":"YOUR SECRET KEY HERE" //change it with your Details
"redirect_uri":"YOUR REDIRECT URL" //change it with your Details

you should get response {
"access_token": "ya29.G**************COy-QF1w7-Ei****jDw_c1_g****jrQ8s4******3GACNXf1le",
"expires_in": 3600,
"refresh_token": "1/HJA____THIS IS REFRESH TOKEN______ GJh8U",
"token_type": "Bearer"
}

Mark As Correct

Question Detail