Making payments for Google Play with checking on the server
I want to share the experience of connecting payments with verification on the server to the application from Google Play.
So. We have an application ready for publication ( link ). Also created a payment project ( link ) and is associated with the application.
Next, the points.
1. You need to go to the Credential tab;
2. Create a ClientID as a Web-Application and point the redirect_uri to our server (for example, server.ru and Callback server.ru/callback );
3. Create a key of the ServerKey type (with empty data as well).
')
On the server, we make the handler for the input variable code at the server.ru/callback address.
She will come as a GET request.
Here is an example of processing in Python with data storage in radishes . In this case, the variable code is the incoming data of the GET request to our server.
Next, you need to fill out the "Consent screen" page, as well as activate the Google Play Android Developer API.
Now you need to authorize the service on our server.
It is necessary to do this from the account from which the payment project was created.
Next, go under this account by reference , substituting in place of ... .... our clientid.
This link will send the code variable to our callback.
After account activation we can work with payments.
We transfer to the server data about the payment received by the client from Google, and check them with our part.
If the data received from the client coincides with the data from Google, then we can safely charge the virtual currency to the user.
Successful sales!
So. We have an application ready for publication ( link ). Also created a payment project ( link ) and is associated with the application.
Next, the points.
1. You need to go to the Credential tab;
2. Create a ClientID as a Web-Application and point the redirect_uri to our server (for example, server.ru and Callback server.ru/callback );
3. Create a key of the ServerKey type (with empty data as well).
')
On the server, we make the handler for the input variable code at the server.ru/callback address.
She will come as a GET request.
Here is an example of processing in Python with data storage in radishes . In this case, the variable code is the incoming data of the GET request to our server.
import requests, redis Redis = redis.Redis() data = requests.post('https://accounts.google.com/o/oauth2/token',{'code':code,'grant_type':'authorization_code','client_id':client_id,'client_secret':client_secret,'redirect_uri':'http://server.ru/callback/'}) jdata = data.json() if 'access_token' in jdata and 'token_type' in jdata and 'expires_in' in jdata: Redis.setex('GooglePayAccess',jdata['access_token'],jdata['expires_in']) Redis.setex('GooglePayType',jdata['token_type'],jdata['expires_in']) if "refresh_token" in jdata: Redis.set('GooglePayRefresh',jdata['refresh_token']) Next, you need to fill out the "Consent screen" page, as well as activate the Google Play Android Developer API.
Now you need to authorize the service on our server.
It is necessary to do this from the account from which the payment project was created.
Next, go under this account by reference , substituting in place of ... .... our clientid.
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=http://server.ru/callback/&client_id=…………………………………… This link will send the code variable to our callback.
After account activation we can work with payments.
We transfer to the server data about the payment received by the client from Google, and check them with our part.
import requests, redis Redis = redis.Redis() access_token = Redis.get('GooglePayAccess') token_type = Redis.get('GooglePayType') if not access_token or not token_type: refresh_token = Redis.get('GooglePayRefresh') data = requests.post('https://accounts.google.com/o/oauth2/token',{'grant_type':'refresh_token','client_id':client_id,'client_secret':client_secret,'refresh_token':refresh_token}) jdata = data.json() if 'access_token' in jdata and 'token_type' in jdata and 'expires_in' in jdata: access_token = jdata['access_token'] token_type = jdata['token_type'] Redis.setex('GooglePayAccess',access_token,jdata['expires_in']) Redis.set('GooglePayType',token_type,jdata['expires_in']) url = 'https://www.googleapis.com/androidpublisher/v2/applications/%s/purchases/products/%s/tokens/%s?key=%s' % (packageName,productId,purchaseToken,api_key) response = requests.get(url,headers={"Authorization":"%s %s" % (token_type,access_token)}) jdata2 = response.json() If the data received from the client coincides with the data from Google, then we can safely charge the virtual currency to the user.
Successful sales!
Source: https://habr.com/ru/post/240447/
All Articles