User Tag List

View Poll Results: Android In App Purchases - Would you pay for a plugin/service for validation

Voters
1. You may not vote on this poll
  • Yes - I would like this and would pay a small fee

    1 100.00%
  • No - I wrote my own

    0 0%
  • No - I don't bother validating

    0 0%
Results 1 to 6 of 6

Thread: In-App Payment Validation - Changes in 4.15

  1. #1
    0

    In-App Payment Validation - Changes in 4.15

    I'm actually not 100% sure if it was my update to 4.15, but I did notice a structure change in the data returned by the in app purchase blueprint node. This change could have also been the OS as my phone was recently updated to Android 7

    Basically the content you wanted comes out wrapped in another json object.

    so
    old

    BASE_64_CONTENT

    new

    {
    "receiptData": "I_DONT_THINK_THIS_IS_BASE_64_WHAT_IS_THIS_EVEN?",
    "signature": "BASE_64_CONTENT"
    }
    I'd just like to know if anyone else is having these problems and what their solutions are - I wrote a simple web app to handle my in app purchase valdiation, was wondering what everyone else does (if anything at all)

    I'm also setting up a poll to guage if there is interest in me (or someone else) making a In-App purchase plugin /w a companion webservice
    Last edited by BPANDREW; 05-15-2017 at 07:20 AM.

  2. #2
    0
    also, in case nobody knows what I'm rambling about - it is VERY easy to forge in app payments on android



    notice the view count on this

    logging over the past year, I'd say 90% of my IAP activity was forgery attempts - validate your in app payments, its kind of a pain to setup but its worth it

  3. #3
    0
    Unreal Engine Developer
    Join Date
    Mar 2014
    Posts
    41
    Quote Originally Posted by BPANDREW View Post
    I'm actually not 100% sure if it was my update to 4.15, but I did notice a structure change in the data returned by the in app purchase blueprint node. This change could have also been the OS as my phone was recently updated to Android 7

    Basically the content you wanted comes out wrapped in another json object.

    so


    I'd just like to know if anyone else is having these problems and what their solutions are - I wrote a simple web app to handle my in app purchase valdiation, was wondering what everyone else does (if anything at all)

    I'm also setting up a poll to guage if there is interest in me (or someone else) making a In-App purchase plugin /w a companion webservice

    I'm sorry this must have been missed in the release notes. Purchasing has changed significantly from previous engine versions. There is a new StoreV2 interface and a separate Purchasing interface. The Blueprint code still uses the old method, but it did get some of the improvements found in the new interfaces.

    Basically the data from the Java side of the code GooglePlayStoreHelper.java comes back with the "receiptdata" and the "signature". The receipt data should be what you always had, the signature is the hash from Google expected to be compared on your secure server against the key you have and setup on the Google dashboard.

    GooglePlayStoreHelper.java
    Code:
    String receipt = Base64.encode(purchase.getOriginalJson().getBytes());
    nativePurchaseComplete(BILLING_RESPONSE_RESULT_OK, sku, purchase.getToken(), receipt, purchase.getSignature());
    The sku is the offerid
    The token is the transaction identifier for the purchase
    The receipt is the encoded receipt
    The signature is the signature for validation of the entire purchase

    This is passed into the FGoogleTransactionData structure. I pass this up in that new json payload (sorry for the change) to our backend and validate it.

  4. #4
    1
    Samaritan
    Join Date
    Sep 2014
    Posts
    132
    Quote Originally Posted by [EPIC] Josh.Markiewicz View Post
    I'm sorry this must have been missed in the release notes. Purchasing has changed significantly from previous engine versions. There is a new StoreV2 interface and a separate Purchasing interface. The Blueprint code still uses the old method, but it did get some of the improvements found in the new interfaces.

    Basically the data from the Java side of the code GooglePlayStoreHelper.java comes back with the "receiptdata" and the "signature". The receipt data should be what you always had, the signature is the hash from Google expected to be compared on your secure server against the key you have and setup on the Google dashboard.

    GooglePlayStoreHelper.java
    Code:
    String receipt = Base64.encode(purchase.getOriginalJson().getBytes());
    nativePurchaseComplete(BILLING_RESPONSE_RESULT_OK, sku, purchase.getToken(), receipt, purchase.getSignature());
    The sku is the offerid
    The token is the transaction identifier for the purchase
    The receipt is the encoded receipt
    The signature is the signature for validation of the entire purchase

    This is passed into the FGoogleTransactionData structure. I pass this up in that new json payload (sorry for the change) to our backend and validate it.
    Hi Josh, i am planning to use playfab for validation.

    Specifically this is the api:https://api.playfab.com/documentation/client/method/ValidateGooglePlayPurchase

    They have an Unreal sdk with everything exposed to blueprints.

    What would be the easiest way to get the ReceiptJson and Signature exposed to blueprints and then pass them to playfab.

    The in-app purchases and validation is the only thing i haven't tested with a dummy application so far, i thought with 4.14 everything was exposed to blueprints.

  5. #5
    0
    Samaritan
    Join Date
    Sep 2014
    Posts
    132
    Quote Originally Posted by BPANDREW View Post
    I'm actually not 100% sure if it was my update to 4.15, but I did notice a structure change in the data returned by the in app purchase blueprint node. This change could have also been the OS as my phone was recently updated to Android 7

    Basically the content you wanted comes out wrapped in another json object.

    so


    I'd just like to know if anyone else is having these problems and what their solutions are - I wrote a simple web app to handle my in app purchase valdiation, was wondering what everyone else does (if anything at all)

    I'm also setting up a poll to guage if there is interest in me (or someone else) making a In-App purchase plugin /w a companion webservice
    Did you get the following

    {
    "orderId":
    "packageName":"
    "productId":
    "purchaseTime":
    "purchaseState":0,
    "developerPayload":
    "purchaseToken":
    }

    and the signature from blueprints or did you use cpp?

  6. #6
    0
    Unreal Engine Developer
    Join Date
    Mar 2014
    Posts
    41
    The receipt data is all of the json now in one string. It should be getting passed to Blueprints as it always was. BPAndrew mentions this in the original post.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •