[TUT] Simple InApp Billing / Payment

Tutorials with advanced 'difficulty' and more Lines of Code.

Re: [TUT] Simple InApp Billing / Payment

Postby ratso » Tue May 03, 2011 1:55 am

Thanks, great idea.

On a related note, i'm still unsure as to what parameters i need to supply to the restoreTransactionInformation() method.

Based on the docs, it's a "cryptographically secure" number-used-once. The docs also say that the message includes a "signature." is this something i should be able to decrypt somehow to insure it's a legit android market response?

Is there a standard practice for generating Nonces, and verifying signatures?

all this security stuff is pretty foreign to me...
ratso
Freshman
Freshman
 
Posts: 9
Joined: Fri Jul 23, 2010 8:18 pm

Top

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Tue May 03, 2011 10:15 am

This is the most complex part of in app billing, I skipped over it to keep this tutorial simple, if you need more information take a look at the BillingSecurity.java class, also it's explained well here: http://developer.android.com/guide/mark ... signatures (Also shows you how to generate nonces).
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Re: [TUT] Simple InApp Billing / Payment

Postby papo » Sat May 21, 2011 1:19 pm

Hello blundell,

I'm currently testing the In-App Billing, but I've a problem with the DEVELOPER_PAYLOAD. I set the payload with following lines of code:
Syntax: [ Download ] [ Hide ]
Using java Syntax Highlighting
  1. Bundle request = makeRequestBundle("REQUEST_PURCHASE");
  2. request.putString(C.DEVELOPER_PAYLOAD, "testing123");
Parsed in 0.030 seconds, using GeSHi 1.0.8.4


C.DEVELOPER_PAYLOAD is:

Syntax: [ Download ] [ Hide ]
Using java Syntax Highlighting
  1. public static final String DEVELOPER_PAYLOAD = "DEVELOPER_PAYLOAD"
Parsed in 0.031 seconds, using GeSHi 1.0.8.4


Follwoing response returned from the Market Server:

Code: Select all
{"nonce":9005407554096378381,"orders":[{"notificationId":"android.test.purchased",
       "orderId":"transactionId.android.test.purchased",
       "packageName":"com.mypackage",
       "productId":"android.test.purchased",
       "purchaseTime":1305429187752,
       "purchaseState":0}]}


In the response the DEVELOPER_PAYLOAD is completely missing. What did i wrong?

Thanks in advance!
papo
Freshman
Freshman
 
Posts: 3
Joined: Sat May 21, 2011 1:09 pm

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Sat May 21, 2011 3:15 pm

Is it because you are using Android's test purchase, have you tried it with an item you create on the android market?
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Re: [TUT] Simple InApp Billing / Payment

Postby papo » Sat May 21, 2011 4:32 pm

No not yet, have you experience with the usage of the DEVELOPER_PAYLOAD field with an item which was created on the android market?

Do you maybe know an alternative to the DEVELOPER_PAYLOAD? I'm using unmanaged (managed is not possible for me) items, and the idea was to fill in an id (=primary key from my DB) in the DEVELOPER_PAYLOAD field to identify the async response.
papo
Freshman
Freshman
 
Posts: 3
Joined: Sat May 21, 2011 1:09 pm

Re: [TUT] Simple InApp Billing / Payment

Postby papo » Wed May 25, 2011 4:34 pm

No idea?
papo
Freshman
Freshman
 
Posts: 3
Joined: Sat May 21, 2011 1:09 pm

Top

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Wed May 25, 2011 5:10 pm

Haven't used this myself yet no.

I googled round and found your 3 posts :-) no responses anywhere then?

Your using it to pass a primary key up to the server and back down? Why not just store the ID locally in a cache and if they payment succeeds retrieve it? Sorry I don't know your exact scenario.
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Re: [TUT] Simple InApp Billing / Payment

Postby behelit » Fri May 27, 2011 5:15 am

Great tut, it works well but I think almost everyone would need the ability to check if something has already been purchased.

I don't see why they wouldn't let the market store this? Sure it's added security if you store it on your own server but who has the resources to do that...

The only other option is to store it on the device in an encrypted format which is somehow linked to the device id to stop others using the same file.
behelit
Freshman
Freshman
 
Posts: 2
Joined: Mon Mar 07, 2011 6:10 am

Re: [TUT] Simple InApp Billing / Payment

Postby ksafez » Fri Jun 03, 2011 9:00 pm

I'm getting NullPointerException on the 2nd of these two lines (line 251 of BillingHelper.java):

Code: Select all
ArrayList<VerifiedPurchase> purchases = BillingSecurity.verifyPurchase(signedData, signature);
latestPurchase = purchases.get(0);


Any idea why this is happening? I entered my publisher ID, and am using "android.test.purchased" as the item ID.

I should also note that the app is not yet published on the Market. Is this required?
ksafez
Once Poster
Once Poster
 
Posts: 1
Joined: Fri Jun 03, 2011 8:56 pm

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Sat Jun 04, 2011 12:07 am

You dont enter your publisher key, you enter your "Public Key" this is found on the Android Market Publisher Site.

What does your LogCat say, any errors?

No you don't have to publish it, just have it uploaded and saved.
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Re: [TUT] Simple InApp Billing / Payment

Postby reubenb87 » Thu Jun 16, 2011 12:43 pm

After much frustration getting in app billing to work, almost tearing my hair out, found out that you must:

1. Use a @gmail.com email address for testing
2. Publish the app, I can not get it to work without it being published (may just be a problem for some people though)

Thanks for your code.
reubenb87
Freshman
Freshman
 
Posts: 2
Joined: Thu Jun 16, 2011 10:39 am

Re: [TUT] Simple InApp Billing / Payment

Postby Xazen » Mon Jun 27, 2011 10:43 am

I have got a few questions:

I tried to do the changes in the purchaseStateChanged Activity. After I bought an in-app product and reinstall the whole app this method will be called automatically in order to set the in-app product to PURCHASED. Will there be any security problems if I do the changes in this method ?

Is it possible to retrieve transaction information without an own database? I am pretty confused by the on "getPurchaseInformation", "restoreTransactionInformation", nonces etc.

Can someone give me a short outline of it, please?
Xazen
Freshman
Freshman
 
Posts: 2
Joined: Mon Jun 27, 2011 10:32 am

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Mon Jun 27, 2011 1:05 pm

I wouldn't worry about the security for your first few projects, if you've just got a small app the hackers aren't going to come running. Once you have got the concepts down you can then start to implement more security.

It is only possible to retrieve transactions for 'manages purchases'. These are the one off purchases.

Maybe this helps:
http://developer.android.com/guide/mark ... chase-type

The "manage by user account" purchase type is useful if you are selling items such as game levels or application features. These items are not transient and usually need to be restored whenever a user reinstalls your application, wipes the data on their device, or installs your application on a new device.

Items that are unmanaged do not have their transaction information stored on Android Market, which means you cannot query Android Market to retrieve transaction information for items whose purchase type is listed as unmanaged. You are responsible for managing the transaction information of unmanaged items. Also, unmanaged items can be purchased multiple times as far as Android Market is concerned, so it's also up to you to control how many times an unmanaged item can be purchased.
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Re: [TUT] Simple InApp Billing / Payment

Postby Xazen » Mon Jun 27, 2011 3:30 pm

It's not such a big project, but I already found someone who cracked the full version. So I believe I should implement more security already.

My InApp puchases are "manage bye user account" purchases. But I still don't get how restoreTransaction works. I this Code in the onCreate():

Code: Select all
BillingHelper.restoreTransactionInformation(BillingSecurity.generateRandomNonce());



But I got an Error "BillingHelper is not fully instatiated". It takes to long to start the service. Is there something like OnBillingHelperInstantiatedListener? Where does restoredTransactionInformation save the information?
Xazen
Freshman
Freshman
 
Posts: 2
Joined: Mon Jun 27, 2011 10:32 am

Re: [TUT] Simple InApp Billing / Payment

Postby blundell » Mon Jun 27, 2011 4:07 pm

Yes you need to call your restoreTransaction AFTER the service has been bound. There is a callback once this is done.
User avatar
blundell
Master Developer
Master Developer
 
Posts: 1610
Joined: Tue Nov 18, 2008 12:58 pm
Location: UK

Top
PreviousNext

Return to Advanced Tutorials

Who is online

Users browsing this forum: No registered users and 2 guests