oreshinya · August 29, 2015 13:56
diff --git a/verify.rb b/verify.rb
 require 'openssl'
 require 'base64'
 require 'net/http'

 module Verify
  module InAppPurchase
    extend self

    PRODUCTION_VERIFICATION_END_POINT = "https://buy.itunes.apple.com/verifyReceipt"
    SANDBOX_VERIFICATION_END_POINT    = "https://sandbox.itunes.apple.com/verifyReceipt"
    # status when send receipt for sandbox to production verification endpoint
    SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS = 21007

    def verify!(data, received_transaction_id)
      response = request_verify(data)
      status = response["status"].to_i
      if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS
        response = request_verify(data, is_production: false)
        status = response["status"].to_i
      end
      receipt = response["receipt"]
      is_valid = (receipt.present? && status == 0)
      raise "Verify Invalid in iOS: verify status is invalid." if !is_valid
      return receipt_by(receipt, received_transaction_id)
    end

    private
    def request_verify(data, opts=nil)
      is_production = true
      is_production = opts[:is_production] if opts && opts.has_key?(:is_production)
      params = {
        "receipt-data" => data
      }
      uri = URI(is_production ? PRODUCTION_VERIFICATION_END_POINT : SANDBOX_VERIFICATION_END_POINT)
      http = Net::HTTP.new(uri.host, uri.port)
      http.use_ssl = true
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      request = Net::HTTP::Post.new(uri.request_uri)
      request['Accept'] = "application/json"
      request['Content-Type'] = "application/json"
      request.body = params.to_json
      response = http.request(request)
      return JSON.parse(response.body)
    end
    
    # when receipt is from appStoreReceiptURL added by iOS7,
    # in_app property of receipt's format has some past receipts,
    # so, it will get expected receipt by transaction_id from client.
    def receipt_by(verified_receipt, received_transaction_id)
      return verified_receipt if !verified_receipt.has_key?("in_app")
      receipts = verified_receipt["in_app"]
      receipt = receipts.select{|r| r["transaction_id"] == received_transaction_id}.last
      raise "Verify Invalid in iOS: this received_transaction_id is fake." if receipt.blank?
      return receipt
    end
  end

  module InAppBilling
    extend self
    
    GOOGLE_LICENSE_KEY = ""

    def verify!(signed_data, signature)
      public_key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_LICENSE_KEY))
      is_valid = public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), signed_data)
      raise "Verify Invalid in Android" if !is_valid
      return JSON.parse(signed_data)
    end
  end
 end
	require 'openssl'
	require 'base64'
	require 'net/http'

	module Verify
	module InAppPurchase
	extend self

	PRODUCTION_VERIFICATION_END_POINT = "https://buy.itunes.apple.com/verifyReceipt"
	SANDBOX_VERIFICATION_END_POINT = "https://sandbox.itunes.apple.com/verifyReceipt"
	# status when send receipt for sandbox to production verification endpoint
	SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS = 21007

	def verify!(data, received_transaction_id)
	response = request_verify(data)
	status = response["status"].to_i
	if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS
	response = request_verify(data, is_production: false)
	status = response["status"].to_i
	end
	receipt = response["receipt"]
	is_valid = (receipt.present? && status == 0)
	raise "Verify Invalid in iOS: verify status is invalid." if !is_valid
	return receipt_by(receipt, received_transaction_id)
	end

	private
	def request_verify(data, opts=nil)
	is_production = true
	is_production = opts[:is_production] if opts && opts.has_key?(:is_production)
	params = {
	"receipt-data" => data
	}
	uri = URI(is_production ? PRODUCTION_VERIFICATION_END_POINT : SANDBOX_VERIFICATION_END_POINT)
	http = Net::HTTP.new(uri.host, uri.port)
	http.use_ssl = true
	http.verify_mode = OpenSSL::SSL::VERIFY_NONE
	request = Net::HTTP::Post.new(uri.request_uri)
	request['Accept'] = "application/json"
	request['Content-Type'] = "application/json"
	request.body = params.to_json
	response = http.request(request)
	return JSON.parse(response.body)
	end

	# when receipt is from appStoreReceiptURL added by iOS7,
	# in_app property of receipt's format has some past receipts,
	# so, it will get expected receipt by transaction_id from client.
	def receipt_by(verified_receipt, received_transaction_id)
	return verified_receipt if !verified_receipt.has_key?("in_app")
	receipts = verified_receipt["in_app"]
	receipt = receipts.select{\|r\| r["transaction_id"] == received_transaction_id}.last
	raise "Verify Invalid in iOS: this received_transaction_id is fake." if receipt.blank?
	return receipt
	end
	end

	module InAppBilling
	extend self

	GOOGLE_LICENSE_KEY = ""

	def verify!(signed_data, signature)
	public_key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_LICENSE_KEY))
	is_valid = public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), signed_data)
	raise "Verify Invalid in Android" if !is_valid
	return JSON.parse(signed_data)
	end
	end
	end
No results found