Last active
August 29, 2015 13:56
-
-
Save oreshinya/9304850 to your computer and use it in GitHub Desktop.
Revisions
-
oreshinya revised this gist
Mar 13, 2014 . 1 changed file with 15 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,7 +11,7 @@ module InAppPurchase # status when send receipt for sandbox to production verification endpoint SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS = 21007 def verify!(data, received_transaction_id) response = request_verify(data) status = response["status"].to_i if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS @@ -20,8 +20,8 @@ def verify!(data) end receipt = response["receipt"] is_valid = (receipt.present? && status == 0) raise "Verify Invalid in iOS: verify status is invalid." if !is_valid return receipt_by(receipt, received_transaction_id) end private @@ -42,6 +42,17 @@ def request_verify(data, opts=nil) response = http.request(request) return JSON.parse(response.body) end # when receipt is from appStoreReceiptURL added by iOS7, # in_app property of receipt's format has some past receipts, # so, it will get expected receipt by transaction_id from client. def receipt_by(verified_receipt, received_transaction_id) return verified_receipt if !verified_receipt.has_key?("in_app") receipts = verified_receipt["in_app"] receipt = receipts.select{|r| r["transaction_id"] == received_transaction_id}.last raise "Verify Invalid in iOS: this received_transaction_id is fake." if receipt.blank? return receipt end end module InAppBilling @@ -52,7 +63,7 @@ module InAppBilling def verify!(signed_data, signature) public_key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_LICENSE_KEY)) is_valid = public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), signed_data) raise "Verify Invalid in Android" if !is_valid return JSON.parse(signed_data) end end -
Mar 7, 2014 . 1 changed file with 4 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,8 +14,10 @@ module InAppPurchase def verify!(data) response = request_verify(data) status = response["status"].to_i if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS response = request_verify(data, is_production: false) status = response["status"].to_i end receipt = response["receipt"] is_valid = (receipt.present? && status == 0) raise "Verify Invalid" if !is_valid -
Mar 6, 2014 . 1 changed file with 4 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,12 +8,14 @@ module InAppPurchase PRODUCTION_VERIFICATION_END_POINT = "https://buy.itunes.apple.com/verifyReceipt" SANDBOX_VERIFICATION_END_POINT = "https://sandbox.itunes.apple.com/verifyReceipt" # status when send receipt for sandbox to production verification endpoint SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS = 21007 def verify!(data) response = request_verify(data) status = response["status"].to_i response = request_verify(data, is_production: false) if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS status = response["status"].to_i if status == SANDBOX_RECEIPT_TO_PRODUCTION_ENV_STATUS receipt = response["receipt"] is_valid = (receipt.present? && status == 0) raise "Verify Invalid" if !is_valid -
Mar 5, 2014 . 1 changed file with 9 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,6 +4,8 @@ module Verify module InAppPurchase extend self PRODUCTION_VERIFICATION_END_POINT = "https://buy.itunes.apple.com/verifyReceipt" SANDBOX_VERIFICATION_END_POINT = "https://sandbox.itunes.apple.com/verifyReceipt" @@ -19,11 +21,11 @@ def verify!(data) end private def request_verify(data, opts=nil) is_production = true is_production = opts[:is_production] if opts && opts.has_key?(:is_production) params = { "receipt-data" => data } uri = URI(is_production ? PRODUCTION_VERIFICATION_END_POINT : SANDBOX_VERIFICATION_END_POINT) http = Net::HTTP.new(uri.host, uri.port) @@ -37,8 +39,12 @@ def request_verify(data, opts) return JSON.parse(response.body) end end module InAppBilling extend self GOOGLE_LICENSE_KEY = "" def verify!(signed_data, signature) public_key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_LICENSE_KEY)) is_valid = public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), signed_data) -
Mar 2, 2014 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -34,7 +34,7 @@ def request_verify(data, opts) request['Content-Type'] = "application/json" request.body = params.to_json response = http.request(request) return JSON.parse(response.body) end end module InAppBilling -
Mar 2, 2014 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,6 +11,7 @@ def verify!(data) response = request_verify(data) status = response["status"].to_i response = request_verify(data, is_production: false) if status == 21007 status = response["status"].to_i receipt = response["receipt"] is_valid = (receipt.present? && status == 0) raise "Verify Invalid" if !is_valid -
Mar 2, 2014 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,8 @@ def verify!(data) status = response["status"].to_i response = request_verify(data, is_production: false) if status == 21007 receipt = response["receipt"] is_valid = (receipt.present? && status == 0) raise "Verify Invalid" if !is_valid return receipt end -
Mar 2, 2014 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -30,7 +30,7 @@ def request_verify(data, opts) request = Net::HTTP::Post.new(uri.request_uri) request['Accept'] = "application/json" request['Content-Type'] = "application/json" request.body = params.to_json response = http.request(request) JSON.parse(response.body) end -
Mar 2, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,47 @@ require 'openssl' require 'base64' require 'net/http' module Verify module InAppPurchase PRODUCTION_VERIFICATION_END_POINT = "https://buy.itunes.apple.com/verifyReceipt" SANDBOX_VERIFICATION_END_POINT = "https://sandbox.itunes.apple.com/verifyReceipt" def verify!(data) response = request_verify(data) status = response["status"].to_i response = request_verify(data, is_production: false) if status == 21007 receipt = response["receipt"] raise "Verify Invalid" if receipt.blank? return receipt end private def request_verify(data, opts) is_production = true is_production = opts[:is_production] if opts && opts[:is_production] params = { receipt-data: data } uri = URI(is_production ? PRODUCTION_VERIFICATION_END_POINT : SANDBOX_VERIFICATION_END_POINT) http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Post.new(uri.request_uri) request['Accept'] = "application/json" request['Content-Type'] = "application/json" request.body = parameters.to_json response = http.request(request) JSON.parse(response.body) end end module InAppBilling GOOGLE_LICENSE_KEY = "" def verify!(signed_data, signature) public_key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_LICENSE_KEY)) is_valid = public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), signed_data) raise "Verify Invalid" if !is_valid return JSON.parse(signed_data) end end end