October 15, 2014 at 10:43Making payments for Google Play with verification on the server
I want to share the experience of connecting payments with verification on the server to the application from Google Play.
So. We have an application ready for publication ( link ). A payment project ( link ) has also been created and is associated with the application.
Further on the points.
1. You need to go to the Credential tab;
2. Create ClientID as a Web-Application and point redirect_uri to our server (for example, server.ru and Callback server.ru/callback );
3. Create a key of type ServerKey (you can also with empty data).
On the server, we make the handler of the incoming variable code at server.ru/callback .
She will come as a GET request.
Here is an example of processing in the languagePython with data storage in Radish . In this case, the code variable is the incoming data of the GET request to our server.
Next, you need to fill out the "Consent screen" page, as well as activate the "Google Play Android Developer API" API.
Now you need to authorize the service on our server.
Be sure to do this from the account from which the payment project was created.
Next, go to this account using the link , substituting ........ our ClientID.
This link will send the code variable to our callback.
After activating the account, we can work with payments.
We transfer the payment data received by the client from Google to the server and verify it on our part.
If the data received from the client matches the data from Google, then we can safely charge the user virtual currency.
Have a good sales!
So. We have an application ready for publication ( link ). A payment project ( link ) has also been created and is associated with the application.
Further on the points.
1. You need to go to the Credential tab;
2. Create ClientID as a Web-Application and point redirect_uri to our server (for example, server.ru and Callback server.ru/callback );
3. Create a key of type ServerKey (you can also with empty data).
On the server, we make the handler of the incoming variable code at server.ru/callback .
She will come as a GET request.
Here is an example of processing in the languagePython with data storage in Radish . In this case, the code variable is the incoming data of the GET request to our server.
import requests, redis
Redis = redis.Redis()
data = requests.post('https://accounts.google.com/o/oauth2/token',{'code':code,'grant_type':'authorization_code','client_id':client_id,'client_secret':client_secret,'redirect_uri':'http://server.ru/callback/'})
jdata = data.json()
if 'access_token' in jdata and 'token_type' in jdata and 'expires_in' in jdata:
Redis.setex('GooglePayAccess',jdata['access_token'],jdata['expires_in'])
Redis.setex('GooglePayType',jdata['token_type'],jdata['expires_in'])
if "refresh_token" in jdata:
Redis.set('GooglePayRefresh',jdata['refresh_token'])
Next, you need to fill out the "Consent screen" page, as well as activate the "Google Play Android Developer API" API.
Now you need to authorize the service on our server.
Be sure to do this from the account from which the payment project was created.
Next, go to this account using the link , substituting ........ our ClientID.
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=http://server.ru/callback/&client_id=……………………………………
This link will send the code variable to our callback.
After activating the account, we can work with payments.
We transfer the payment data received by the client from Google to the server and verify it on our part.
import requests, redis
Redis = redis.Redis()
access_token = Redis.get('GooglePayAccess')
token_type = Redis.get('GooglePayType')
if not access_token or not token_type:
refresh_token = Redis.get('GooglePayRefresh')
data = requests.post('https://accounts.google.com/o/oauth2/token',{'grant_type':'refresh_token','client_id':client_id,'client_secret':client_secret,'refresh_token':refresh_token})
jdata = data.json()
if 'access_token' in jdata and 'token_type' in jdata and 'expires_in' in jdata:
access_token = jdata['access_token']
token_type = jdata['token_type']
Redis.setex('GooglePayAccess',access_token,jdata['expires_in'])
Redis.set('GooglePayType',token_type,jdata['expires_in'])
url = 'https://www.googleapis.com/androidpublisher/v2/applications/%s/purchases/products/%s/tokens/%s?key=%s' % (packageName,productId,purchaseToken,api_key)
response = requests.get(url,headers={"Authorization":"%s %s" % (token_type,access_token)})
jdata2 = response.json()
If the data received from the client matches the data from Google, then we can safely charge the user virtual currency.
Have a good sales!