Add ability to add Rails secret credentials hash

jnbt / candy_check

Check and verify in-app receipts

MIT License

125 stars 71 forks source link

Add ability to add Rails secret credentials hash #66

Closed christopheragnus closed 1 year ago

christopheragnus commented 3 years ago

Hey,

I'm using this library for Rails. Is there a way we can replace the File.open() under CandyCheck::PlayStore.authorization with StringIO() or the ability to pass in an hash of encrypted Rails credentials (to avoid storing credentials publicly in Rails)?

credentials = { 
  type: "",
  private_key: Rails.application.credentials["SECRET_KEY"]
  ...
}

json_key_io: StringIO.new(credentials)

fabn commented 3 years ago

You can solve it by using this to build an authorization object:

Google::Auth::ServiceAccountCredentials.make_creds(
      json_key_io: StringIO.new(Rails.application.credentials.android!.fetch(:service_account_credentials)),
      scope: "https://www.googleapis.com/auth/androidpublisher",
    )

jnbt commented 1 year ago

I agree on @fabn suggestion. The README also states to look for details in https://github.com/googleapis/google-auth-library-ruby