CheckoutVerifier

General

Category
Free
Tag
Purchases
License
Apache License, Version 2.0
Min SDK
14 (Android 4.0–4.0.2 Ice Cream Sandwich)
Registered
Feb 4, 2019
Favorites
0
Link
https://www.github.com/ItzNotABug/CheckoutVerifier
See also
beacon-keeper
Upi Payment
Donations Library
Pentecost
Trialy.io

Additional

Language
Kotlin
Version
2.0.0 (Jul 26, 2021)
Created
Jan 31, 2019
Updated
Jul 26, 2021 (Retired)
Owner
Darshan (ItzNotABug)
Contributors
Zularizal (zularizal)
Darshan (ItzNotABug)
2
Activity
Badge
Generate
Download
Source code

Promotion

CheckoutVerifier

CheckoutVerifier helps you Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Since I was using these classes in every project, the copy / pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!

How does it work?

Well, the library sends the Signed Json Response & Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.

Set Up

* Get Licensing API Key

Navigate to Developer Console & Select your App.
Go to Development Tools > Services & API.
Copy the BASE64 Licensing Key

* Creating a Verifying PHP File

Just a create a File & name it as verify.php or anything you want.
Paste the following code in it & Upload it to your server.

<?php
    $data = $_GET['jsonResponse'];
    $signature = $_GET['signature'];
    $key_64 = "YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!";

    $key =  "-----BEGIN PUBLIC KEY-----\n".
            chunk_split($key_64, 64,"\n").
            "-----END PUBLIC KEY-----";

    $key = openssl_get_publickey($key);

    $ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
    if ($ok == 1) {
        echo "verified";
    } elseif ($ok == 0) {
        echo "unverified";
    } else {
        die ("fault, error checking signature");
    }

    openssl_free_key($key);
?>

* Implementing Library (Gradle)

Note: Add mavenCentral() in repositories block.

dependencies {
    // CheckoutVerifier now internally uses Kotlin Coroutines.
    implementation 'com.lazygeniouz:checkout-verifier:$library_version'
}

* CheckoutVerifier

Just pass on the required PurchaseBundle in the Constructor & call authenticate();
The authenticate() returns a Result object.

If the connection to the server was successful & a result was returned,
CompletionResult(isVerified: Boolean) is returned,
ErrorResult(exception: Exception) otherwise.


Example:

yourScope.launch {
    val purchaseBundle = PurchaseBundle(url, jsonResponse, signature)
    when (val result = CheckoutVerifier(purchaseBundle).authenticate()) {
        is CompletionResult -> {
            val verified = result.isVerified
            // Do something
        }
      is ErrorResult -> Log.d(TAG, result.exception.message)
    }
}