Wizcorp/node-iap

Having a trouble with google verification

Closed this issue · 9 comments

Hey, I am trying to verify a payment that has done in Unity, but I keep getting Error 400 - Invalid Value. I am quite sure I've followed your instructions on how to use it but it seems like I've missed something. Here's my code snippet:
image

And this is the result of this request:
image

Could you please help me see what's wrong here? Thanks in advance.

Okay, I've managed to work it around by modifying the requestUrl a little bit.

@umitapari How did you overcome the issue. I am facing same issue like yours

@biswatmanayak I ended up writing my own verification library by using Google Developer API. You can find the documentation here.

@umitapari do you remember what the issue was and what modifications you made to the requestUrl?It would be great if we could fix it on this lib too.

If you are getting this error and your receipt/purchaseToken is short like this:

korpimulxmslxissnschtkdb

and not like this

minodojglppganfbiedlabed.AO-J1OyNtpooSraUdtKlZ_9gYs0o20ZF_0ryTNACmvaaaG5EwPX0hPruUdGbE3XejoXYCYzJA2xjjAxrDLFhmu9WC4fvTDNL-RDXCWjlHKpzLOigxCr1QhScXR8uXtX8R94iV6MmMHqD

Then you might have users making fake purchases that fail with Invalid Value error when you try to validate them.

https://stackoverflow.com/questions/31402531/google-iap-returns-short-purchase-token-for-verification

@superandrew213 I'm aware of the fake purchase thing and I don't think that was causing the issue I was having. I wasn't even on the production phase so there were no users, I was trying to test your lib by imitating one of the purchases that were done on my previous game (you can see the imitated receipt JSON on the screenshot attached to this issue, maybe then you can see the problem and tell why it wasn't behaving itself).

In my script, I have a requestUrl that looks like this for verifying product purchases:
https://www.googleapis.com/androidpublisher/v3/applications/"+global_parameters.package_names.google+"/purchases/products/"+data.product_id+"/tokens/"+data.purchase_token+"?access_token=" + credentials.access_token

credentials object keeps information about the OAuth credentials, and I make sure the token is not expired before trying to verify the payment. If it's expired, it requests google for a new token then stores it on the credentials.

I'm not quite sure why you guys ask for a lot of details of the purchase when you could just ask the package name, product id and purchase token to verify the product and client_id, client_secret, refresh_token to make sure the token is not expired. It does the trick for me just by having this information and it works like a well oiled machine.

You only need to provide the packageName, productId, purchaseToken & Google API Service Account JSON key. The other options are for Apple, Amazon and Roku.

This package also validates subscriptions. I think that Google uses different endpoints for products & subscriptions.

Looking at your receipt above I can see your issue. You just need to pass the purchase token as the receipt value. You can also leave out secret. This is only required for Apple.

I am almost quite sure I saw something called payload on your readme file, that was compulsory to provide it, when I was trying to make this library work (almost 2 and a half months ago). I don't know if I confused it with another library (I was trying to get any library to work, and there were lots of them!) or you've updated your readme file but it makes sense reading it now.

You might be confusing it with this https://github.com/voltrue2/in-app-purchase.