Menu
I have an Android app that receives premium content and I want to validate server-side that the app was purchased via the Android Market. I can used the Licensing Service to check access on the app, is there a way to connect to the Licensing Service from a server? If not, can I use Google Checkout API data to validate the purchase?
368
Android Market Licensing Service responses are signed using a private key, and the signature is sent along with the signed data. Using the public key from the Developer Console you can verify that the signature is valid for the signed data. Only a signature generated with the private key will be valid for the given data. Likewise, if the data has been altered, the signature will no longer be correct.
In your Android app you can send the signature and the signed data to your content server which can verify the signature and allow access to the content if the signature is valid.
If you are using PHP, you can use the function openssl_verify to verify the signature.
If you are using Java, you can see how the Android library verifies a signature in LicenseValidator.verify.
168
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
