api版本:google-api-php-client-0.6.7
我需要通过我的 php 脚本在我的服务器上验证用户从我的 android 应用程序购买的 android 订阅。
因此,没有用户交互,用户只会将他购买的令牌发送到我的服务器,我的服务器将验证是否是有效购买。
我发现不需要用户交互的唯一方法似乎是“服务帐户”,所以我按照文档制作了 CLIENT_ID,SERVICE_ACCOUNT_NAME,KEY_FILE 来进行测试,我使用了来自我的应用程序 $ANDROIDUsertoken 的真实购买令牌
这是我的服务器脚本(出于安全原因,我更改了一些代码部分):
<?php
include_once('../lib/google-api-php-client/src/Google_Client.php');
include_once('../lib/google-api-php-client/src/contrib/Google_AndroidpublisherService.php');
//user token, in json format
$ANDROIDUsertoken = '{"orderId":"....","packageName":"....","productId":"....","purchaseTime":....,"purchaseState":0,"purchaseToken":"...."}';
$user_token= json_decode($ANDROIDUsertoken,true);
// https://developers.google.com/console/help/#service_accounts
const CLIENT_ID = 'something-private.apps.googleusercontent.com';
const SERVICE_ACCOUNT_NAME = 'something-private@developer.gserviceaccount.com';
const KEY_FILE = 'secret-dir/privatekey.p12';
$client = new Google_Client();
$client->setApplicationName($user_token['packageName']);
$client->setClientId(CLIENT_ID);
$key = file_get_contents(KEY_FILE);
echo "start auth:<br>";
$auth = new Google_AssertionCredentials(
SERVICE_ACCOUNT_NAME,
array('https://www.googleapis.com/auth/androidpublisher'),
$key);
$client->setAssertionCredentials($auth);
//$client->getAuth()->refreshTokenWithAssertion();
//$accessToken=$client->getAccessToken();
//$client->setAccessToken($accessToken);
echo "start requests:<br>";
$AndroidPublisherService = new Google_AndroidPublisherService($client);
$res = $AndroidPublisherService->purchases->get($user_token['packageName'], $user_token['productId'], $user_token['purchaseToken']);
var_dump($res);
?>
错误:
start auth:
start requests:
Fatal error: Uncaught exception 'Google_ServiceException' with message 'Error calling GET https://www.googleapis.com/androidpublisher/v1.1/applications/..APPLICATION../subscriptions/..PRODUCT../purchases/..TOKEN..:
(401) This developer account does not own the application.' in /..PATH TO MY WEBSERVER../lib/google-api-php-client/src/io/Google_REST.php on line 66
我以前也成功地在“Web 应用程序”上使用 OAuth+androidpublisher,但这需要用户交互,这不是我的目标(我需要服务器端检查)
注意 $AndroidPublisherService->purchases->get stand for subscription
我看到了这篇文章,但略有不同,对我不起作用