Closed aman811 closed 5 years ago
svignesh93
commented
5 years ago @aman811 there is no need to put your Base64 public key anywhere in the app. This was handled by Play Billing Library itself. All the Purchase flows are handled in BillingManager. However, if you need to verify the purchase, whether genuine, you can do it on the server side.
aman811
commented
5 years ago @svignesh93 I see.. Thanks for your help.. Do you know a reliable PHP backend code source for this? Because I have been reading ambiguous statements. One says the Base64 key is used when used within the app, and for the server, we need to create refresh_token / access_token which expires every 60 minutes. More on this: https://developers.google.com/android-publisher/authorization
Any help would be appreciated.
svignesh93
commented
5 years ago @aman811 I'm sorry that I have not done any implementation on the server side, for this app. I focused only on the client side implementation.
Google Billing API says to check the purchase token using the Base64 public key, to check whether the transaction was genuine or not. From the code, I couldn't find the module where this is being done whether in the app or provision to send to server.
@svignesh93 Could you point me to the file where this is being done or where I could check the token after a successful purchase?