CheckoutVerifier

Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.

APACHE-2.0 License

Stars
61
Committers
2
View Code on GitHub View on X
Ecosystems: Android

CheckoutVerifier

CheckoutVerifier helps you Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher. Since I was using these classes in every project, the copy / pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!

How does it work?

Well, the library sends the Signed Json Response & Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.

Set Up

* Get Licensing API Key

Navigate to Developer Console & Select your App. Go to Development Tools > Services & API. Copy the BASE64 Licensing Key

* Creating a Verifying PHP File

Just a create a File & name it as verify.php or anything you want. Paste the following code in it & Upload it to your server.

<?php
    $data = $_GET['jsonResponse'];
    $signature = $_GET['signature'];
    $key_64 = "YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!";

    $key =  "-----BEGIN PUBLIC KEY-----\n".
            chunk_split($key_64, 64,"\n").
            "-----END PUBLIC KEY-----";

    $key = openssl_get_publickey($key);

    $ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
    if ($ok == 1) {
        echo "verified";
    } elseif ($ok == 0) {
        echo "unverified";
    } else {
        die ("fault, error checking signature");
    }

    openssl_free_key($key);
?>

* Implementing Library (Gradle)

Note: Add mavenCentral() in repositories block.

dependencies {
    // CheckoutVerifier now internally uses Kotlin Coroutines.
    implementation 'com.lazygeniouz:checkout-verifier:$library_version'
}

* CheckoutVerifier

Just pass on the required PurchaseBundle in the Constructor & call authenticate(); The authenticate() returns a Result object. If the connection to the server was successful & a result was returned, CompletionResult(isVerified: Boolean) is returned, ErrorResult(exception: Exception) otherwise.

Example:

yourScope.launch {
    val purchaseBundle = PurchaseBundle(url, jsonResponse, signature)
    when (val result = CheckoutVerifier(purchaseBundle).authenticate()) {
        is CompletionResult -> {
            val verified = result.isVerified
            // Do something
        }
      is ErrorResult -> Log.d(TAG, result.exception.message)
    }
}
Package Rankings
Top 35.56% on Repo1.maven.org
Badges
Extracted from project README
Codacy Badge
Related Projects
in-app-purchase

A Node.js module for in-App-Purchase for iOS, Android, Amazon and Windows.

20 May 2014 1,048
android-checkout

Library for Android In-App Billing (Version 3+)

28 Jul 2014 1,016
gamedge

An Android application for browsing video games and checking the latest gaming news from around t...

20 Aug 2020 639
google-play-billing-validator

Npm module for Node.js to validate In-app purchases and Subscriptions on your backend

11 Jun 2018 90
cordova-plugin-inapppurchases

2023-2024 cordova plugin to add in-app purchases and subscriptions into an iOS or Android app

06 Jan 2023 9
CheckVersionLib

版本检测升级(更新)库。an auto check version library(app update) on Android

23 Sep 2016 2,664
bookstore

📚 Book Store Android App intended for study purpose at Cilsy Sekolah Mobile

10 Jun 2020 8
uber-apk-signer

A cli tool that helps signing and zip aligning single or multiple Android application packages (A...

10 Oct 2016 1,975
LibChecker

An app to view libraries used in apps in your device.

19 Mar 2020 3,785
MovieHunt

Movie Android App written in Kotlin, MVVM, RxJava, Jetpack Compose (implementing), Android Archit...

26 Mar 2015 739
tuvali

Kotlin Library to support sending vc/vp using local channels like ble.

01 Dec 2022 12