Use service account to verify Google InAppPurchase

php android api google-api-php-client publisher
glutorange picture glutorange · Jun 20, 2014 · Viewed 13.5k times · Source

I've tried so many things in the last days but now I'm out of ideas :(

I want to verify an inAppPurchase that has been made in my android app.

1) I created a new service account in the google API console.

1a) The service account is listed unter permissions and has "can view" permission

2) I'm using the most current version of https://github.com/google/google-api-php-client

3) code snippet from my PHP script:

$client = new Google_Client(); 
$client->setApplicationName('myAppName' );
$client->setClientId('123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh.apps.googleusercontent.com');
$key = file_get_contents('/shr/data/stor/b516cexx3123asdf3988345d8133e7f86bfas2553-privatekey.p12');
$service_account_name = '123456789123-vxoasdt8qwe6awerc9ysdfmjysdfysf64werweria8fh@developer.gserviceaccount.com';

$client->setScopes(array('https://www.googleapis.com/auth/androidpublisher') );
$cred = new Google_Auth_AssertionCredentials( $service_account_name, array('https://www.googleapis.com/auth/androidpublisher'), $key );
$client->setAssertionCredentials($cred);

try {  
    $service = new Google_Service_AndroidPublisher( $client ); 
    $googleApiResult = $service->inapppurchases->get($externalAppId, $externalProductId, $purchaseToken);
} catch (Exception $e) {  
    var_dump( $e->getMessage() ); 
}

4) Response from Google:

GET https://www.googleapis.com/androidpublisher/v1.1/applications/de.test.myapp/inapp/de.test.inapp.google.balance5eur/purchases/[PURCHASETOKEN]: (401) The current user has insufficient permissions to perform the requested operation.

[PURCHASETOKEN] is the purchase token I received from google

5) Setting $cred->sub = '[email protected]' to my mail address brings up

Error refreshing the OAuth2 token, message: '{ "error" : "unauthorized_client", "error_description" : "Unauthorized client or scope in request." }'

Answer

frieser picture frieser · Jun 23, 2014

Ok I found the solution!

You must to connect your API with your app. You must go to your Google Play publish page (https://play.google.com/apps/publish) and invite a user with the service account email in Settings->User account & rights->Invite new user and give it the privileges of "View financial reports".

This means that, whereas you normally might see a number of users from your domain listed in the Google Play Console (Email: [email protected], Role: Finance; Email: [email protected], Role: Administrator), you will now add another user and give him a Finance role (Email: [email protected], Role: Finance).

Thanks works for me, good luck!

Related questions

How can I send a Firebase Cloud Messaging notification without use the Firebase Console?

I'm starting with the new Google service for the notifications, Firebase Cloud Messaging. Thanks to this code https://github.com/firebase/quickstart-android/tree/master/messaging I was able to send notifications from my Firebase User Console to my Android device. …

Read More
How to Send push notifications using One Signal + PHP + Server API?

I am using one signal to send push notification for android app. My question is How Can I setup send push notifications using server rest api?

Read More
Best way to secure Private REST API without user authentication for mobile app

I am making some Restful APIs for my mobile application. The communication between APP and webserver has to be made in REST. These apis should be private , and only my app should able to call them for successful results. The …

Read More