I want to verify the digital signature for in app purchase. I don't know how do I accomplish this. I got so many sample and links but they are not working.
Here is the Receipt verification sample and this code to verify purchase using receipt.
Problem is, the link https://go.microsoft.com/fwlink/?LinkId=246509&cid=xxxxxxxxxxxxx returns Page not found exception and SignedXml,X509Certificate2 is not not present in windows phone 8.
Also the sample is for Windows phone 8 but when i add the sample project in my project i got error in referencing. I've asked this question before.
So plz guide me how can I verify the purchase using this digital signature?
Related
We have received a notice from Google Play that our app will be removed if we do not provide them with login credentials in our app. The problem is that our app is a second-screen game, where the primary screen is a desktop game which provides a four digit code for people to enter in our app and log on to the game. Our app has been in the Play Store for years and is quite popular.
Google Play has given us until Oct 4th to provide them with a code, otherwise our app "may be removed from the Play Store". We have set up a desktop computer running games in loop 24-7 until they have reviewed our app, and we have provided them with a link to a twitch stream where the game runs in loop.
It's now been seven days and we have not heard anything from Google Play. It's very frustrating that there is no personal contact, we only receive auto-generated bot/AI mails about policy violation.
Does anyone know what further action we can take to make sure our app is not removed? We have "contacted support", although contacting support in Google Play means just writing your app name and email address in a form and selecting a radio button of what the problem seems to be (none of them apply exactly). No response for days.
This is the original warning mail from Google Play:
Hi Developers at xxx, After a recent review, we’ve identified that we
need additional information about your app xxx in accordance with our
policies. Please resolve the issue described below by October 04, 2022
to avoid further action against your app. Reasons of violation Issue:
Need login credentials for app review In order for us to review your
app for compliance with Developer Program Policies, we will need you
to provide valid login credentials for your app. If users need
credentials to access your app, please provide all appropriate
credentials via Play Console. If you previously supplied credentials,
please ensure that they have not expired. If your app normally uses
2-Step Verification (e.g. SMS verification), biometrics (e.g. a
fingerprint or face scan) or a location-dependent password (e.g.
geo-gate), please provide valid demo credentials that we can use
instead.
in Google Play Console in app content > app access > Add new instructions
in password field write down the 4-digit code.
in Any other instructions Write a detailed step-by-step guide on how to walk through game until the 4-digit code entered, and provide them with a valid digit code (that always works) and write that this is a "Demo Digit code".
Also, provide them with a video just to the point of entering the code and logging in (the shorter the video the better)
And you will have to wait, it takes a lot of time do not worry.
I'm trying to add an add-on to my heroku project, but it needs verification by phone number. But the phone numbers of my country is not supported (Ukraine), so I'm getting an error This number is not supported. My account has already been verified using credit card. This additional verification is required to use this addon though.
What should I do with it and how to resolve this problem? Only this add-on is fit to me, so I can't get alternative one.
The problem was only solved for me through opening a support ticket on Heroku.
Someone from their team then manually verified the account for me
I've created a Google Hangout extension app, tested it works privately etc and now I'm trying to publish it. I have followed the instructions here:
https://developers.google.com/+/hangouts/publishing
I've filled in the forms correctly, created the O-Auth client ID, filled out the consent form etc. When I tick the Make this application public tickbox and try to save, a server error message pops up along the lines of:
Server Error
Whoops! Our bad.
Please try again. If the problem persists, please let us know using the "Send feedback" link below. Thanks!
Tracking Number: XXXXXXXXXXXXXXXXXXXXXXXXX
[Send feedback]
I've checked the Chrome console - the request gets a 500 error and in the JSON response I can see:
{"message":"Developer not registered with CWS."}
I have paid the $5 one-off developer fee on the Chrome Web Store and I am the Hangout project owner. I'm not sure what I'm missing here. I need to get this published in the next 24 hours...
Any useful insights? Is there any official support forum for Google+ platform developers?
UPDATE
I was using a Google Apps account before so I've paid the developer fee on a personal account to verify me on CWS, made this account owner of the Hangout project and I still get the same message response.
I believe then that it's basically just broken. Thanks Google.
I'm trying yo update a game on google play to support leaderboards and achievements. (https://play.google.com/store/apps/details?id=com.rightpedalstudios.dragonseason)
However, when I go to link the app I get the message "This client ID is globally unique and is already in use."
I've searched online for people who have had the same problem and the advice they are given is to delete the client ID in the developer console, and if the app has been deleted there then undelete it first. However, there is nothing in the console using the ID, nor is there any deleted apps. As far as I can tell there is no app using the client id.
I did find another person asking a similar question here that was never answered.
Failing to create client ID, due to duplication of signing fingerprint by another Android OAuth2 client
I also get the message "The signing fingerprint you specified is already used by another Android OAuth2 client." When I try to set up a client ID from the developer console. (I know I'm not meant to do that if I'm using google play games, I just wanted to check if it failed from there too.)
I've tried contacting google support, I was directed to the google API support, and then directed here.
Two other developers that have worked on this project could have somehow created a client ID. Although I have contacted them and neither of them recall creating one.
Is there anyway to find out where this client ID is being used?
You have to delete the client id in the Google API console (now confusingly renamed the Google Developers Console !). Then you can link the app to the game straight away. I have just done this, and it worked fine for me. I wanted to link an existing app to a different game, so I deleted both the debug and prod(release) definitions and was able to immediately link the app to the new game.
Note that for many of us, doing work on Google Play Game Services in the Google API console is a last resort - many of us have encountered Google related bugs in the past by doing this !
This image may help:
For in-app purchases for iOS we can use an online API for validation, meaning that we can validate the purchase on our own server.
Is there any way (API) for such validation of in app purchases for OS X?
I've found only this snippet about in-app validation for Mac and it seems that Apple doesn't provide any API for online validation.
Or maybe there is some plan from Apple to support online validation for OS X?
My app EasyBooks provides an online component that users pay yearly for. It wouldn't make sense to provide this as a non-consumable type as it only really works as a consumable (however it's really a non-repeating subscription in iOS). I would like to offer this in-app and I think I have a solution finally...
I used one of my Apple DTS tickets to query a statement made in the StoreKitGuide document. It says ...
"OS X supports both the server validation method described in this
chapter and the local validation method..."
I got a reply from Apple saying ...
"The steps for verifying your In-App Purchase products for Mac
applications are the same used for iOS applications. The difference is that you will be assigning your base 64 encoded app receipt (rather than the content of the transactionReceipt property) to the receipt-data field. Retrieve the full Mac App Store receipt for your application, then encode it using base64 encoding. Create a JSON object with a single key named receipt-data and assign your encoded receipt to it. Proceed as outlined in the Verifying a Receipt with the App Store section of the In-App Purchase Programming Guide.
Note: In App Purchases receipt are included in the associated Mac app's receipt. You must check the receipt associated with your app to verify the validity of the In-App Purchase receipts that it contains. Doing so also allows you to enable the appropriate functionality in your app."
So after some failed attempts, I did manage to get this working with the caveat that the receipt data returned by Apple's servers does not contain the 'hash of the GUID' and therefore does not tie the receipt data to any particular hardware.
This can be tested on your Mac quite easily using these steps:
Find the Mac app receipt file (it's in your app's bundle once you've run the app and entered your (test) Apple ID and password.
At the command line, base64 -i receipt will base64 encode the receipt with no line breaks (that's important)
Again at the command line, curl -d '{ "receipt-data": "<your b64 string here>" }' https://sandbox.itunes.apple.com/verifyReceipt
This returns JSON data in the format
{"status":0,
"environment":"Sandbox",
"receipt":{"adam_id":"0",
"bundle_id":"uk.co.geode.easybooks",
"application_version":"2.2.7",
"download_id":"0",
"in_app":[ {"quantity":"1",
"product_id":"uk.co.geode.easybooks.syncing",
"transaction_id":"1000000034508678",
"purchase_date":"2012-09-05 12:00:17 Etc/GMT",
"original_transaction_id":"1000000034508678",
"original_purchase_date":"2012-01-24 10:16:17 Etc/GMT"} ]}}
I have not confirmed it yet, but apparently (according to the Apple engineer) any consumable types of in-app purchase will be added to the receipt when first purchased, but removed after any further purchases or restore operations. I wonder whether it might be a good idea to make the code running in the app make a copy of the receipt file after each purchase just in case our own servers are down at the time the app tries to validate the receipt. Users may otherwise try to restore purchases, not realising this will remove any consumable product receipts.
I hope that helps.
(ORIGINAL COMMENTS FOLLOW)
I have the same issue. I have an iOS app in the store that has a mix of consumable and non-consumable products that can be purchased in-app. The consumable product is a service, which is fulfilled by my webserver. In the StoreKit delegate method paymentQueue:updatedTransactions:, I use the transactionReceipt property, which is an NSData object. I encode this to base64 and send it to the server. Out on the server I pass the receipt to Apple's servers for validation.
But for Mac OS, there is no transactionReceipt property on the SKPaymentTransaction, so we cannot validate receipts in the same way.
We can do the non-consumable products, which may help you. When an in-app purchase is made on Mac OS, the receipt is updated in the app bundle. It is then possible to parse the receipt file looking for each in-app receipt, which are all stored in the receipt file in the main bundle. For more about that see http://developer.apple.com/library/mac/#releasenotes/General/ValidateAppStoreReceipt/_index.html
This works fine for me when I use the non-consumable product, but I have one consumable and this is not updated into the app's receipt file. Without the transactionReceipt property, I don't see any way for my server to validate that the receipt is genuine. If anyone else has any other experience please let us know!
Anyone with an Apple developer account can also read about this on the Apple developer forum:
https://devforums.apple.com/message/548411#548411
SwiftyStoreKit is popular:
https://github.com/bizz84/SwiftyStoreKit
InAppReceipt for local receipt validation:
https://github.com/tikhop/TPInAppReceipt