How to check on my server that the application was successfully purchased through the Android Market?

Question

How to check on my server that the application was successfully purchased through the Android Market?

I have an Android application that receives premium content, and I want to check the server side that the application was purchased through the Android Market. I can use the Licensing Service to check access to the application, is there a way to connect to the licensing service from the server? If not, can I use the Google Checkout API data to confirm the purchase?

+4

android android-lvl

jaxzin Mar 08 '11 at 10:05

source share

1 answer

David Snabel-Caunt · Accepted Answer · 2011-03-09T00:31:47+0000

The responses of the licensing services on the Android Market are signed using the private key, and the signature is sent along with the signed data. Using the public key from the Developer Console, you can verify that the signature is valid for the signed data. Only data generated using the private key will be valid for the data. Similarly, if the data has been changed, the signature will no longer be correct.

In the Android application, you can send a signature and signed data to your content server, which can verify the signature and allow access to the content if the signature is valid.

If you are using PHP, you can use the openssl_verify function to verify the signature.

If you use Java, you can see how the Android library verifies the signature in LicenseValidator.verify.

How to check on my server that the application was successfully purchased through the Android Market?

More articles: