谷歌支付验证2
2015-02-03 16:53
176 查看
https://developers.google.com/android-publisher/authorization
full OAuth2 documentation for more details.
OAuth 2.0 Web Server flow. Before you can use the API, you will need to set up an APIs Console project, create a client ID and generate a refresh token.
Select Create project.
Go to Services in the left-hand navigation panel.
Turn the Google Play Android Developer API on.
Accept the Terms of Service.
Go to API Access in the left-hand navigation panel.
Select Create an OAuth 2.0 client ID.
On the first page, you will need to fill in the product name, but a logo is not required. Note that your end users will not see the product name.
On the second page, select web application and set the redirect URI and Javascript origins. Both of these settings can be changed later.
Select Create client ID.
Note: the
Select Allow access when prompted.
The browser will be redirected to your redirect URI with a
Exchange this code for an access and refresh token pair by sending a POST request to
A successful response will contain your tokens in JSON format:
Alternatively, the access token can be set in the
A successful response will contain another access token:
The refresh token thus allows a web server continual access to the API without requiring an active login to a Google account.
Authorization
This section contains instructions specific to the Google Play Developer API. See thefull OAuth2 documentation for more details.
Initial configuration
Access to the Google Play Android Developer API is authenticated using theOAuth 2.0 Web Server flow. Before you can use the API, you will need to set up an APIs Console project, create a client ID and generate a refresh token.
Creating an APIs Console project
Go to the APIs Console and log in with your Google Play Developer Console account.Select Create project.
Go to Services in the left-hand navigation panel.
Turn the Google Play Android Developer API on.
Accept the Terms of Service.
Go to API Access in the left-hand navigation panel.
Select Create an OAuth 2.0 client ID.
On the first page, you will need to fill in the product name, but a logo is not required. Note that your end users will not see the product name.
On the second page, select web application and set the redirect URI and Javascript origins. Both of these settings can be changed later.
Select Create client ID.
Generating a refresh token
While logged in with your Google Play Developer Console account, go to the following URI:https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=...&client_id=...
Note: the
redirect_uriparameter must match the value registered with the client ID exactly, including the trailing backslash, if present.
Select Allow access when prompted.
The browser will be redirected to your redirect URI with a
codeparameter, which will look similar to
4/eWdxD7b-YSQ5CNNb-c2iI83KQx19.wp6198ti5Zc7dJ3UXOl0T3aRLxQmbwI.
Exchange this code for an access and refresh token pair by sending a POST request to
https://accounts.google.com/o/oauth2/tokenwith the following fields set:
grant_type=authorization_code code=<the code from the previous step> client_id=<the client ID token created in the APIs Console> client_secret=<the client secret corresponding to the client ID> redirect_uri=<the URI registered with the client ID>
A successful response will contain your tokens in JSON format:
{ "access_token" : "ya29.ZStBkRnGyZ2mUYOLgls7QVBxOg82XhBCFo8UIT5gM", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "1/zaaHNytlC3SEBX7F2cfrHcqJEa3KoAHYeXES6nmho" }
Accessing the API
Once you have generated the client credentials and refresh token, your servers can access the API without an active login or human intervention.Using the access token
Servers can make calls to the API by appending the access token as a query parameter:https://www.googleapis.com/androidpublisher/v1/...?access_token=...
Alternatively, the access token can be set in the
Authorizationheader of the request.
Using the refresh token
Each access token is only valid for a short time. Once the current access token expires, the server will need to use the refresh token to get a new one. To do this, send a POST request tohttps://accounts.google.com/o/oauth2/tokenwith the following fields set:
grant_type=refresh_token client_id=<the client ID token created in the APIs Console> client_secret=<the client secret corresponding to the client ID> refresh_token=<the refresh token from the previous step>
A successful response will contain another access token:
{ "access_token" : "ya29.AHES3ZQ_MbZCwac9TBWIbjW5ilJkXvLTeSl530Na2", "token_type" : "Bearer", "expires_in" : 3600, }
The refresh token thus allows a web server continual access to the API without requiring an active login to a Google account.
相关文章推荐
- java服务端验证谷歌支付Google Pay
- 谷歌支付验证1
- 微信支付 支付验证签名失败
- 支付宝支付时不验证签名的危害
- 微信H5支付 提示"网络环境未能通过安全验证,请稍后再试"
- 微信支付报错“支付签名验证失败”
- 申请谷歌账号时手机号码无法验证
- google play支付如何用php验证订单完成的合法性
- java 服务端验证苹果支付applepay账单
- google支付被刷问题及服务端订单验证解决方案
- Unity3d IOS支付验证
- Apple IAP苹果应用内支付验证receipt
- 手游安卓支付崩溃问题之一(谷歌支付):找不到IInAppBillingService类
- JAVA版支付宝支付异步传输验证issi…
- [绍棠] ios 应用内支付(In-App Purchase,沙盒测试,后台验证)
- ios 应用内支付(In-App Purchase,沙盒测试,后台验证)
- [由于远程方关闭传输流,身份验证失败]一次处理支付接口bug记录
- 欧州运营商因YouTube挤占带宽要求谷歌支付费用
- Google支付 PHP端验证订单号的有效性