CheckoutVerifier

Additional

Language
Kotlin
Version
1.6 (Dec 6, 2019)
Created
Feb 1, 2019
Updated
Dec 27, 2020
Owner
DarShan (ItzNotABug)
Contributors
Zularizal (zularizal)
DarShan (ItzNotABug)
2
Activity
Badge
Generate
Download
Source code

Advertising

CheckoutVerifier

CheckoutVerifier helps you Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher. Since I was using these classes in every project, the copy / pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!

How does it work?

Well, the library sends the Signed Json Response & Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.

Set Up

* Get Licensing API Key

Navigate to Developer Console & Select your App. Go to Copy the BASE64 Licensing KeyDevelopment Tools > Services & API.


* Creating a Verifying PHP File

Just a create a File & name it as verify.php or anything you want. Paste the following code in it & Upload it to your server.

<?php
// get jsonResponse
$data = $_GET['jsonResponse'];

// get signature
$signature = $_GET['signature'];

// get key
$key_64 = "YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!";


$key =  "-----BEGIN PUBLIC KEY-----\n".
        chunk_split($key_64, 64,"\n").
        '-----END PUBLIC KEY-----';

//using PHP to create an RSA key
$key = openssl_get_publickey($key);


// state whether signature is okay or not
$ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
if ($ok == 1) {
    echo "verified";
} elseif ($ok == 0) {
    echo "unverified";
} else {
    die ("fault, error checking signature");
}

// free the key from memory
openssl_free_key($key);

?>

* Implementing Library (Gradle)

library_version:

dependencies {
    // CheckoutVerifier now internally uses Kotlin Coroutines.
    implementation 'com.lazygeniouz:checkout-verifier:$library_version'
}

* CheckoutVerifier

Just pass on the required PurchaseBundle in the Constructor & call authenticate(); The If the connection to the server was successful & a result was returned, ErrorResult(exception: Exception) otherwise.CompletionResult(isVerified: Boolean) is returned,


authenticate() returns a Result object.


Example:

yourScope.launch {
    val purchaseBundle = PurchaseBundle(url, jsonResponse, signature)
    when (val result = CheckoutVerifier(purchaseBundle).authenticate()) {
        is CompletionResult -> {
            val verified = result.isVerified
            // Do something
        }
      is ErrorResult -> Log.d(TAG, result.exception.message)
    }
}