Skip to content
Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Kotlin
Branch: master
Clone or download
Latest commit 1e3c796 Nov 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea Update ReadMe Feb 1, 2019
gradle/wrapper updates. Sep 26, 2019
icon Add Logo and Icon Files Apr 25, 2019
library-coroutines Coroutine supported module. Nov 20, 2019
library Coroutine supported module. Nov 20, 2019
logo Add Logo and Icon Files Apr 25, 2019
.gitignore Initial commit Jan 31, 2019
LICENSE Create LICENSE Feb 5, 2019
README.md Update README.md Apr 25, 2019
bintray.gradle misc updates. Nov 20, 2019
build.gradle updates. Sep 26, 2019
gradle.properties Initial commit Jan 31, 2019
gradlew Initial commit Jan 31, 2019
gradlew.bat Initial commit Jan 31, 2019
install-coroutine.gradle misc updates. Nov 20, 2019
install.gradle Update Library, Gradle & Kotlin versions Mar 10, 2019
settings.gradle misc updates. Nov 20, 2019

README.md

CheckoutVerifier

CheckoutVerifier helps you Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Since I was using these classes in every project, the Copy/Pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!

How does it work?

Well, the library sends the Signed Json Response & Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.

Set Up

* Get Licensing API Key

Navigate to Developer Console & Select your App.
Go to Development Tools > Services & API.
Copy the BASE64 Licensing Key

* Creating a Verifying PHP File

Just a create a File & name it as verify.php or anything you want.
Paste the following code in it & Upload it to your server.

<?php
// get jsonResponse
$data = $_GET['jsonResponse'];

// get signature
$signature = $_GET['signature'];

// get key
$key_64 = "YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!";


$key =  "-----BEGIN PUBLIC KEY-----\n".
        chunk_split($key_64, 64,"\n").
        '-----END PUBLIC KEY-----';

//using PHP to create an RSA key
$key = openssl_get_publickey($key);


// state whether signature is okay or not
$ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
if ($ok == 1) {
    echo "verified";
} elseif ($ok == 0) {
    echo "unverified";
} else {
    die ("fault, error checking signature");
}

// free the key from memory
openssl_free_key($key);

?>

* Implementing Library (Gradle)

library_version: Download

dependencies {
    implementation 'com.lazygeniouz:checkout-verifier:library_version'
}

* CheckOutVerifier

Just pass on the required fields in the Constructor & call start();
Example:
Java

new CheckoutVerifier(url, jsonResponse, signature, new VerifyingListener() {
            @Override
            public void onVerificationStarted() {
                //Show a ProgressDialog or something
            }

            @Override
            public void onVerificationCompleted(boolean isVerified) {
                //From library version (1.4),
                //this Boolean will be `NULLABLE` & will be `NULL` if an exception was caught,
                //while connecting the specified server url or something else went wrong,
                //for better error handling

                if(isVerified != null) {
                    ...
                    //Check if the Purchase is Valid...
                    //Consume if not!
                }
            }

            @Override
            public void onExceptionCaught(@NotNull Exception exception) {
                //Called when there was an error connecting to Server.
            }
        }).start();


Kotlin

CheckoutVerifier(url, jsonResponse, signature, object : VerifyingListener {
            override fun onVerificationStarted() {}

            override fun onVerificationCompleted(isVerified: Boolean?) {}

            override fun onExceptionCaught(exception: Exception) {}
        }).start()
You can’t perform that action at this time.