In-app purchases made via promo codes return empty developer payload string

放肆的年华 提交于 2019-12-03 01:27:03

问题


I have an app published to the alpha channel, with an in-app (un)managed item that costs $1.

When I purchase normally, i.e, use a credit/debit card Google returns the correct developer payload string, but if I choose to "redeem" a promo code and enter said code, Google returns an empty developer payload string, and thus authentication fails in 'onIabPurchaseFinished()'.

I should mention that this only occurs if I choose to redeem a code from the app's purchase flow, and everything works flawlessly if I open Play Store first, redeem the code, and then come back and open the app.

Is this a bug on Google's part?

EDIT: The Play Store thing is expected, since it can't know your payload and the purchase is done without having to check for it.


回答1:


This issue was opened on the google's android-play-billing samples repo. Looks like it was ignored for a long time and was eventually closed with this comment. In short, they have following suggestions.


We reviewed our guidelines and internal APIs, and since the developerPayload is not supported across all features on In-App Billing API (including promocodes), we are removing the recommendation to use it as a security check.

As you can see in our documentation, on the page Implementing In-app Billing (https://developer.android.com/google/play/billing/billing_integrate.html) we've added a recommendation:

Caution: Don't use the developerPayload field for security validation purposes. This field isn't always available when completing tasks related to In-app Billing. For more information about security best practices, see the In-app Billing Security and Design guide.

Our recommendation is to validate on your own backend, using the Play Developer API.




来源:https://stackoverflow.com/questions/34979420/in-app-purchases-made-via-promo-codes-return-empty-developer-payload-string

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!