检查从服务器端谷歌Android订阅服务器端、Android
简而言之: 我可以与谷歌合作,从服务器端播放的Android开发者API不提供在播放存储中的任何应用程序?
背景: 我工作的一个项目,该项目提供了每月订阅的应用程序。每个订阅的coresponding数据(购买令牌,日期等)都存储在后端数据库。 现在,我想创建一个,通过这些datasets.And为每个订阅的迭代,我想联系谷歌API来获取信息,如果预订是否仍然有效与否的cronjob,并更新相应的得到回复状态我们的数据库
有关后端逻辑我使用谷歌API的Java的客户端库。
要取消或者验证订阅我需要对自己有OAuth2之前进行认证。 在那里,做到这一点。
新GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(https://www.googleapis.com/auth/androidpublisher)// $ 1
.setServiceAccountPrivateKeyFromP12File(新File(文件路径))
.setClientSecrets(CLIENT_ID,CLIENT_SECRET)// $ 2
。建立();
$ 1:我不知道,如果给定的帐户范围是有效的。因为我刚能找到在极少数的例子此值,但是无论是在本概述也不在谷歌操场
$ 2 - 我想这是必要的,即使我发现了很多的例子而没有提供这些信息。
但不幸的是,我看不到任何差异,当我提供了无效的数据(如错误的电子邮件或私有密钥)。
问题
如何验证GoogleCredential是正确的? 在我只想看到它在接下来的步骤,如接触即androidpublisher API?在下一步我试图得到一个认购的购买状态:
Androidpublisher出版商=新Androidpublisher.Builder(HTTP_TRANSPORT,JSON_FACTORY,证书)
.setApplicationName(GOOGLE_PRODUCT_NAME)// $ 1
。建立();
Androidpublisher.Purchases购买= publisher.purchases();
Androidpublisher.Purchases.Get获取= purchases.get(android.test.purchased,monthly001,即为MyToken); // $ 2
SubscriptionPurchase subscripcion = get.execute();
$ 1:从 API控制台我的虚拟产品名称 - > API
$ 2:除了一个事实,即androidpush API的确不允许通过服务接触而帐户,但只能通过Web服务器应用程序身份验证流程,我没有任何线索在GET-方法的参数插入。
这里的API: https://developers.google.com/android-publisher/v1/purchases/get
问题
什么是包的名字,什么是subscriptionId在这种情况下? 在哪里获得/设置这些值?看完this 我知道有一种方法来对付假冒/静态响应文件。但我无法读取任何地方,如果这也可以用于订阅,或者只是为了在移动设备上只。
在应用程序,帐单我反正不知道为什么/如果有一个沙箱或s.th.开发的任何简单的方法这类似于
我仍然有我只是缺少一个重要组成部分,以了解事情应该工作的感觉。 也许有人,你可以给我一个提示如何行事在这个地方,也可以说我在哪里,我错了。
亲切的问候,
克里斯托弗
解决方案我现在可以找出我的大多数previous理解的问题。
= 1 =生成授权网址
字符串authorizeUrl =新GoogleAuthorization$c$cRequestUrl(googleClientId,callbackUrl,"https://www.googleapis.com/auth/androidpublisher").build()
//明白为什么。 http://stackoverflow.com/questions/8433990/when-authenticating-with-oauth-and-youtube-always-get-error-invalid-grant-on
authorizeUrl + =&放大器; approval_prompt =力和放大器; ACCESS_TYPE =离线
= 2 = AUTHENTICATE
由于服务器的Webflow不工作的androidpublisher API客户现在必须在调用的URL生成(1)手动。
= 3 =回拨
在谷歌的回调应该处理下一个步骤。回调包含参数code,我们不得不使用。
= 4 =请求AUTH-TOKEN
//生成HTTP参数
地图<字符串,字符串> PARAMS = [:]
params.put(grant_type,authorization_ code)
params.put(code,code.en codeAsURL())
params.put(CLIENT_ID,customer.googleClientId.en codeAsURL())
params.put(client_secret,customer.googleClientSecret.en codeAsURL())
params.put(redirect_uri,getCallbackUrl()。EN codeAsURL())
//发送POST请求
//这个动作可能的情况下抛出异常的任何参数是错误的,无效或未指定。
字符串结果= Htt的prequestHandler.sendRequest(https://accounts.google.com/o/oauth2/token,则params);
JSONElement jsonResult = JSON.parse(结果)
//地图结果
OAuth2Result oAuth2Result =新OAuth2Result()
oAuth2Result.accessToken = jsonResult.getAt(access_token)
oAuth2Result.refreshToken = jsonResult.getAt(refresh_token)
oAuth2Result.ttlSeconds =的Integer.parseInt(jsonResult.getAt(expires_in)。的toString())
oAuth2Result.tokenType = jsonResult.getAt(token_type)
= 5 =请求REFRESH TOKEN
//生成HTTP参数
地图<字符串,字符串> PARAMS = [:]
params.put(grant_type,refresh_token)
params.put(refresh_token,this.customer.googleRefreshToken.en codeAsURL())
params.put(CLIENT_ID,customer.googleClientId.en codeAsURL())
params.put(client_secret,customer.googleClientSecret.en codeAsURL())
//发送POST请求
//这个动作可能的情况下抛出异常的任何参数是错误的,无效或未指定。
字符串结果= Htt的prequestHandler.sendRequest(https://accounts.google.com/o/oauth2/token,则params);
JSONElement jsonResult = JSON.parse(结果)
//地图结果
OAuth2Result oAuth2Result =新OAuth2Result()
oAuth2Result.accessToken = jsonResult.getAt(access_token)
oAuth2Result.refreshToken = jsonResult.getAt(refresh_token)
oAuth2Result.ttlSeconds =的Integer.parseInt(jsonResult.getAt(expires_in)。的toString())
oAuth2Result.tokenType = jsonResult.getAt(token_type)
in a nutshell: Can I work with the Google Play Android Developer API from server-side without providing any app in the play store?
Background: I'm working on a project which provides apps with monthly subscriptions. The coresponding data of each subscription (purchase token, date etc) gets stored in the backend database. Now I want to create a cronjob that iterates through each of these datasets.And for each subscription I'd like to contact the Google API to retrieve the information if the subscription is still valid or not, and update our database corresponding to the responsed status.
For the backend logic I use the google-api-java-client library.
To either cancel or verify subscriptions I need to authenticate myself with OAuth2 before. Been there, done that.
new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes("https://www.googleapis.com/auth/androidpublisher") // $1
.setServiceAccountPrivateKeyFromP12File(new File(filePath))
.setClientSecrets(CLIENT_ID, CLIENT_SECRET) // $2
.build();
$1: I don't know if the given account scope is valid. Because I just could find this value in a very few examples, but neither in this overview nor in the google playground
$2 I guess this is necessary, even though I found a lot of example which did not provide this information.
But, unfortunately, I can't see any differences when I provide invalid data (like wrong email or private key).
Questions
How can i verify that the GoogleCredential is correct? May I just see it in the next steps, like contacting ie the androidpublisher API?In the next step I try to get purchase status of a subscription:
Androidpublisher publisher = new Androidpublisher.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential)
.setApplicationName(GOOGLE_PRODUCT_NAME) // $1
.build();
Androidpublisher.Purchases purchases = publisher.purchases();
Androidpublisher.Purchases.Get get = purchases.get("android.test.purchased", "monthly001", "mytoken"); // $2
SubscriptionPurchase subscripcion = get.execute();
$1: My dummy product name from the API console -> API Access
$2: Beside the fact, that the androidpush API does not allow contacting it via service accounts, but only via web server applications auth flow, I don't have any clue what to insert in the parameter of the get- method.
Here's the API: https://developers.google.com/android-publisher/v1/purchases/get
Questions
What is the package name and what is the subscriptionId in this context? Where do I get/set these values?After reading this document I know there is a way to to deal with fake/static responses. But I can't read anywhere if this is also possible for subscriptions, or just for in-app-billings on mobile devices only.
I'm wondering anyway why/if there is any easy way of developing with a sandbox or s.th. simliar.
I still have the feeling that I'm just missing a big part to understand how the things should work. Maybe someone of you can give me a hint how to proceed at this place or may say me where i'm wrong.
Kind regards,
Christopher
解决方案I could now figure out most of my previous understanding problems.
=1= GENERATE AUTHORIZATION URL
String authorizeUrl = new GoogleAuthorizationCodeRequestUrl(googleClientId,callbackUrl,"https://www.googleapis.com/auth/androidpublisher").build()
// See why: http://stackoverflow.com/questions/8433990/when-authenticating-with-oauth-and-youtube-always-get-error-invalid-grant-on
authorizeUrl += "&approval_prompt=force&access_type=offline"
=2= AUTHENTICATE
Since the server-webflow is not working for the androidpublisher API the customer must now call the URL generated in (1) manually.
=3= CALLBACK
The google callback should process the next steps. The callback contains the parameter "code" which we have to use.
=4= REQUEST AUTH-TOKEN
// Build the HTTP parameter
Map<String,String> params = [:]
params.put("grant_type", "authorization_code")
params.put("code", code.encodeAsURL())
params.put("client_id", customer.googleClientId.encodeAsURL())
params.put("client_secret", customer.googleClientSecret.encodeAsURL())
params.put("redirect_uri", getCallbackUrl().encodeAsURL())
// Send the POST request
// This action might throw an exception in case any parameter were wrong, invalid or not specified.
String result = HttpRequestHandler.sendRequest("https://accounts.google.com/o/oauth2/token", params);
JSONElement jsonResult = JSON.parse(result)
// Map result
OAuth2Result oAuth2Result = new OAuth2Result()
oAuth2Result.accessToken = jsonResult.getAt("access_token")
oAuth2Result.refreshToken = jsonResult.getAt("refresh_token")
oAuth2Result.ttlSeconds = Integer.parseInt(jsonResult.getAt("expires_in").toString())
oAuth2Result.tokenType = jsonResult.getAt("token_type")
=5= REQUEST REFRESH TOKEN
// Build the HTTP parameter
Map<String,String> params = [:]
params.put("grant_type", "refresh_token")
params.put("refresh_token", this.customer.googleRefreshToken.encodeAsURL())
params.put("client_id", customer.googleClientId.encodeAsURL())
params.put("client_secret", customer.googleClientSecret.encodeAsURL())
// Send the POST request
// This action might throw an exception in case any parameter were wrong, invalid or not specified.
String result = HttpRequestHandler.sendRequest("https://accounts.google.com/o/oauth2/token", params);
JSONElement jsonResult = JSON.parse(result)
// Map result
OAuth2Result oAuth2Result = new OAuth2Result()
oAuth2Result.accessToken = jsonResult.getAt("access_token")
oAuth2Result.refreshToken = jsonResult.getAt("refresh_token")
oAuth2Result.ttlSeconds = Integer.parseInt(jsonResult.getAt("expires_in").toString())
oAuth2Result.tokenType = jsonResult.getAt("token_type")
