Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing receipt data #209

Closed
SQHK opened this issue Sep 14, 2018 · 69 comments
Closed

Missing receipt data #209

SQHK opened this issue Sep 14, 2018 · 69 comments

Comments

@SQHK
Copy link

SQHK commented Sep 14, 2018

Hello, I am using Unity to do the IAP. And return the android receipt. I followed this instruction. But I cannot be valid my receipt.
Issue

iap.config({
  googlePublicKeyPath: googlePublicKey, // this is the path to the directory containing iap-sanbox/iap-live files
  googlePublicKeyStrSandBox: googlePublicKey,
  googlePublicKeyStrLive: googlePublicKey
})


var receipt = {
      "Store": "GooglePlay",
      "TransactionID": "GPA.3314-7196-0868-19701",
      "Payload": '{"orderId":"GPA.3314-7196-0868-19701","packageName":"com.sidequest.notification","productId":"test_gem_tier1","purchaseTime":1536917422513,"purchaseState":0,"developerPayload":{"developerPayload":"","is_free_trial":false,"has_introductory_price_trial":false,"is_updated":false},"purchaseToken":"pngpcbojaoijjbeacljeaohg.AO-J1OzO8YsnKIWUxhCRNwwyjAs5NsOe-1I9xXvzx78OTTPywJ5ECI_vjBILtRK1cSMngv0JmlVA6cwSKMwsfcGDwa4Ybn1zCQW7n7I79YczcXKw7O_S9C0-jWYzJL2hJ6hZ3878eAuq"}'
  };
  receipt.Payload = JSON.parse(receipt.Payload);

  console.log(receipt);


    iap.setup(function (error) {
      if (error) {
        // Don't forget to catch error here
      }
      // As of v1.4.0+ .validate and .validateOnce detects service automatically from the receipt
      iap.validate(receipt, function (error, response) {
        if (error) {
          // Failed to validate
          throw error;
        }
        if (iap.isValidated(response)) {
          // Succuessful validation
          console.log('success');
        }
      });
    });

Please help. Thanks
@voltrue2
Copy link
Owner

Hello,

Your Payload must also have a signature.
So the Payload should look like this:

{
  data: <what you already have a Payload>,
  signature: 'signature string that comes from Google Play'
}

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018 

iap.config({
  googlePublicKeyPath: googlePublicKey, // this is the path to the directory containing iap-sanbox/iap-live files
  googlePublicKeyStrSandBox: googlePublicKey,
  googlePublicKeyStrLive: googlePublicKey
})


var receipt = {
    data: JSON.parse(googleReceipt),
    signature: googleSignature
  }

  console.log(receipt);


    iap.setup(function (error) {
      if (error) {
        // Don't forget to catch error here
      }
      // As of v1.4.0+ .validate and .validateOnce detects service automatically from the receipt
      iap.validate(receipt, function (error, response) {
        if (error) {
          // Failed to validate
          throw error;
        }
        if (iap.isValidated(response)) {
          // Succuessful validation
          console.log('success');
        }
      });
    });

I try it already. But return

Error: failed to validate purchase

@voltrue2
Copy link
Owner

Hello,

Your code here seems odd:

iap.config({
  googlePublicKeyPath: googlePublicKey, // this is the path to the directory containing iap-sanbox/iap-live files
  googlePublicKeyStrSandBox: googlePublicKey,
  googlePublicKeyStrLive: googlePublicKey
})

googlePublicKeyPath should be a path to the directory which contains public key files named iap-live and iap-sandbox.

googlePublicKeyStrSandBox and googlePublicKeyStrLive are the actual value of public key without using files.

You choose to do one or the other not both.

Would you have a look at this part of your code and see it the library is reading the public key correctly?

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

Sorry, I forgot remove googlePublicKeyStrSandBox and googlePublicKeyStrLive in that post.
But still not work.

@voltrue2
Copy link
Owner

OK no problem.

Could you run the same code with { verbose: true } in the config object and see what the log says about your public key?

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018
edited
Loading

This is my error log

[nodemon] restarting due to changes...
[nodemon] starting node app.js
creating memcached instance for cache host: localhost:32768
[1537240579673][VERBOSE] test mode? false
[1537240579673][VERBOSE] test mode? false
[1537240579674][VERBOSE] Validate this: { data: '{"orderId":"GPA.3377-6104-1448-90157","packageName":"com.sidequest.notification","productId":"test_gem_tier1","purchaseTime":1537236193610,"purchaseState":0,"developerPayload":{"developerPayload":"","is_free_trial":false,"has_introductory_price_trial":false,"is_updated":false},"purchaseToken":"hicmjhfpdjgmhapmmdgcmjbj.AO-J1OxsQ2TnFzdvJKxa2-zCwQCsoGpBd8iBs8VCvJTDwqglvcwD3ZA5qWk6E_OKRfU_cRVfJ3i7jaq_C0IQPHIdQNfy-SJskBVEs7mJid92cMvVrCrzrZGkrY4v_7zM3M7cSlM0at1i"}',
signature: 'hRVsTI0roYJkgC/8ga8SBRGdXXBahfea3bTNiOMyvAJrcL/qBhOWaxjeZH/XJvs2/U+JksJad/CrPx3m9nJnuH2f8E/g6dad4JZFsp9744psJXxEiEkcgnNNchnR/S4c6ZtOaBUE7v6ButlT+jQ7LBsQiERxMrkGeEp2DUtT+j198m4Gy1lEW27vBLL5KucI1/Fabe1MD19aYBKt4XNl1dGO//rr2q7X9i3uRoVAXOYbzKusmNGxtYDRfRK/S68WdgtDxjzflU9Cpnt0SN12q5E7fDZm2jNRTI2m2yWK98PKgETELp2N0yHgpyX7GUjQsYSzTX/AXGmb/pH1LBv8Cg==' }
[1537240579676][VERBOSE] Validation w/ public key
[1537240579676][VERBOSE] Try validate against live public key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioyGXYYCkZAnD8q22lq4+7ID2E1DiyI2b5O08u2NZuIng5u63WZhmMZyGqCCb08K9YNAT6PH1lyUJRMkp9TlTPi7CTd336xHJlxR6h/XhcXDXdoeoag/UR/Dd5pJ44nGvIrT5/8EXPN3AF2QrVcsMt+ymvzJFmZ38mKdkWNDObEcj1dNucNEnyKsG+HhjCXJfx1plGC0GTu1u3hBwJY62CPUNFnTUEGp54aTFMn3/BeqiYBowKelaQXlx1ZmqIGSSqoPJg9rnBhcCucDrwSQjudRrsjUOVCA1czJ2TJ3TS0PH1zSflYpWakz0tskimj5/Pysi4oyQM9KjjsMrgS4dQIDAQAB
[1537240579676][VERBOSE] Failed to validate against: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioyGXYYCkZAnD8q22lq4+7ID2E1DiyI2b5O08u2NZuIng5u63WZhmMZyGqCCb08K9YNAT6PH1lyUJRMkp9TlTPi7CTd336xHJlxR6h/XhcXDXdoeoag/UR/Dd5pJ44nGvIrT5/8EXPN3AF2QrVcsMt+ymvzJFmZ38mKdkWNDObEcj1dNucNEnyKsG+HhjCXJfx1plGC0GTu1u3hBwJY62CPUNFnTUEGp54aTFMn3/BeqiYBowKelaQXlx1ZmqIGSSqoPJg9rnBhcCucDrwSQjudRrsjUOVCA1czJ2TJ3TS0PH1zSflYpWakz0tskimj5/Pysi4oyQM9KjjsMrgS4dQIDAQAB Error: failed to validate purchase
at validatePublicKey (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:767:8)
at validateMethod (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:220:13)
at Object.module.exports.validatePurchase (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:252:5)
at Object.module.exports.validate (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/index.js:139:20)
at /Users/manlokwong/Desktop/BeastQuestServer/bq_server/controllers/iap.js:66:11
at _finish (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:129:9)
at series (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:105:16)
at _onSeries (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:124:5)
at Object.module.exports.setup (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/amazon.js:50:16)
at /Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/index.js:61:20
/Users/manlokwong/Desktop/BeastQuestServer/bq_server/controllers/iap.js:69
throw error2;
^
Error: failed to validate purchase
at validatePublicKey (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:767:8)
at validateMethod (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:220:13)
at Object.module.exports.validatePurchase (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/google.js:252:5)
at Object.module.exports.validate (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/index.js:139:20)
at /Users/manlokwong/Desktop/BeastQuestServer/bq_server/controllers/iap.js:66:11
at _finish (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:129:9)
at series (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:105:16)
at _onSeries (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/async.js:124:5)
at Object.module.exports.setup (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/amazon.js:50:16)
at /Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/index.js:61:20
[nodemon] app crashed - waiting for file changes before starting...

@voltrue2
Copy link
Owner

OK,
Is this public key correct?
What the library is doing is validating a signed receipt data (JSON) against this public key.
The fact that is failing means that either the receipt or the public key are incorrect.

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018
edited
Loading

I think the public key is correct. Because I have a game( I call this game is A in this post ) launched in google App Store, I used the another library to valid the receipt that call iab_verifier. It is valid the receipt. So I try to do a testing. I buy the items in A game. And I got the signature and receipt data. I used the iab_verifier is valid successfully. But I used the in-app-purchase. I cannot be successfully.

@voltrue2
Copy link
Owner

I see.
How are you sending the receipt data and signature to the server via http assume?
Are you properly encoding the receipt and signature and decoding them before validation?

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018
edited
Loading

Now, I just get the signature and receipt data in log console. I put these two datas in to server code for testing. So I don't do the client side part at this moment.

@voltrue2
Copy link
Owner

I see.
Let me have a look.

Thanks for reporting this issue by the way.

Cheers!

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

Hello, I just find the config googlePublicKeyPath is a path. Not a string. But I don't know where can find it.

@voltrue2
Copy link
Owner

Hello,
You don't have to use it since you are using

googlePublicKeyStrSandBox: googlePublicKey,
googlePublicKeyStrLive: googlePublicKey

I am looking into the possibility that your receipt may require Google API to validate it.
I am actually in the process of adding this feature to validate the receipts with Google API instead of public key.
If you are not in the hurry, I should be able to give you this version to test it in a few hours.

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

How to give me that version?

@voltrue2
Copy link
Owner

I will update this repository's develop branch with the new version and you can git clone it and replace the inside of node_modules/in-app-purchase/.
Once that is done, you will cd node_modules/in-app-purchase/ and run npm install.
That you get you going for test.

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

ok, are you update now?

@voltrue2
Copy link
Owner

No I am still finishing it up.
Maybe an hour or so.
I will let you know.

Cheers!

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

OK, Thank you very much.

@voltrue2
Copy link
Owner

Hello,

I pushed the change to the develop branch.

To test this version, you will have to change your code as follows:

iap.config({
  googleAPIKeyData: {
    clientEmail: <client email from Google API service account JSON key file>,
    privateKey: <private key string from Google API service account JSON key file>
  }
});
iap.setup(function (error) {
  if (error) {
    // error
  }
  var receipt = {
    packageName: <packageName from receipt JSON>,
    productId: <productId from receipt JSON>,
    purchaseToken: <purchaseToken from receipt JSON>,
    subscription: false
  };
  iap.validate(receipt, function (error, result) {
    // check here plz
  });
});

@voltrue2
Copy link
Owner

If this works, I will make a proper update and publish it to npm!

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

Hello, what is clientEmail and privateKey in config?

@voltrue2
Copy link
Owner

They are included in your Google API service account key JSON file as client_email and secret, I believe.

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

/Users/manlokwong/Desktop/BeastQuestServer/bq_server/controllers/iap.js:67
throw error2;
^
Error: Invalid Purchase Token: https://appstore-sdk.amazon.com/version/2.0/verify/developer/{developerSecret}/user/undefined/purchaseToken/undefined
at Request._callback (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/in-app-purchase/lib/amazon.js:160:23)
at Request.self.callback (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/request/request.js:185:22)
at Request.emit (events.js:182:13)
at Request. (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/request/request.js:1157:10)
at Request.emit (events.js:182:13)
at IncomingMessage. (/Users/manlokwong/Desktop/BeastQuestServer/bq_server/node_modules/request/request.js:1079:12)
at Object.onceWrapper (events.js:275:13)
at IncomingMessage.emit (events.js:187:15)
at endReadableNT (_stream_readable.js:1091:14)
at process._tickCallback (internal/process/next_tick.js:174:19)

It return this error.
My receipt is:
{ packageName: 'com.sidequest.notification', productId: 'test_gem_tier1', purchaseToken: 'hmabjnmoimjgnfffpdocieoj.AO-J1Ozlut4XJcbpdpGCczMZGN2dgjlqSDNRQCWPlkTdkQ_dNG9hXtOVY8ns1YkmgIFp9s9JicvQkzU5ASU-VaiFW7VftYepkBhzZ_zWJksUkayb9BOeXxXly-xmnaI6QB2MxnYBsGKH', subscription: false }

@voltrue2
Copy link
Owner

I think there is a bug in my update. I don't have my Google API account at the moment, so I am working blind. Please bear with me.
I will have a look and fix the issue asap.

Cheers

@voltrue2
Copy link
Owner

@SQHK Could you git pull origin develop?

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

yes. I got a latest code

@voltrue2
Copy link
Owner

@SQHK is it still giving you the same error?

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

yes

@voltrue2
Copy link
Owner

@SQHK OK let me have another look real quick.

@voltrue2
Copy link
Owner

@SQHK I pushed a change, would you please try git pull?

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

yes. But I don't know why cannot be valid.
The previous project is used the cocos2d-x and used the native code to implement the IAP.
And this project is used the Unity and used Unity IAP

@voltrue2
Copy link
Owner

voltrue2 commented Sep 18, 2018 via email

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

yes.
Do you help me to take a look in below code?

var iap = require('in-app-purchase');
iap.config({
  googleAPIKeyData: {
    clientEmail: 'testiap@testiap-216809.iam.gserviceaccount.com',
    privateKey: '-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuP0JzGwZYfEjs\nB0hlCjeHRdCnhysjQEgD94kEuOCq2pQWnL50+Ugph1ZluG/HWQ5i4dPoVxc3ljZw\nyZWgZksZ98kDUEPeFEwkJ+raHWwCN4aPXdfO1h/mr/4USxWXPWmAso03Sb8xk1Fj\nueS/aMvkPXpfsBNkoPTbmpoPW+DCWiov2Y+9rAG1kNmMj61rT3UZcsIk6aVddH8N\nyLHLgDsiO+KKOuvSid2acLJrxj4NugRI5WOizRXZvc/3oPM8ylLVDWwbh+i95FJP\nSBABwNjyjmPUWjD8pFvEk0tuGJ5OEQoxRxwNiSisyJzHP4GrMCNEHYzaq95QIW4a\noyxBQvElAgMBAAECggEAGODw3qjw5MDoE4UtrbmB+Kc79bN7sgaLUb+t2VYBQ/u9\n8aWTHvX5uu43JIJrOUoKnw0x2aZXqwjgQIXTvolkdzJ1CatT6Vk6Dt6BLn/NbFqb\ntIwYVFCn0OL3ctPOox+yWN0FgyudKBmp4QSJd9fhZrbtakykVDWUCGfgT8mVQ4Jq\nTWXMm9JpgBB+yNoOFhVKSusjIthbRLYj7POFsi4f+ostDQxOe2uto68qgZTka/hg\ng02bf4QeWb18LlQrsXT+cGnrghczZc7MKvJHP54UIR09jFD0fvSX+rt9YxBZLpIk\ncGa/Hmqi33oNYSXD9Yl4Vkx5C0lk0Ne3/lakf3RO8QKBgQDcsbZ43U0PqKkLEvhf\nQFVgyYdeltbNgweIzZLhk15M8fi0US04zBECqa5NNvC5J5+0DdNvotirRXUxcDCE\nF7ViPojbl7jgv/mj4ZKHTYo3zP90PF4wfpu8/u11cmSMES66uqzPhOGwXHN5Fb/P\nWKjp21ad3PjIfsED+GwwosqpdQKBgQDKH1uT3Dt66WozfJIWohzZOBJYiW4BXGo/\n6vZwtlCO/zmYfZ4jM9P6UUrMp9hRAqun3KAbNv1tgOzasgbWM2DZRHQAR9/Q4oTK\n0ek1dHrQTrPDRzxca1FqgGsEzIYtcrIzROooY4kS2hIg+PnGIqOgM4yvUh2kxefX\n7a7MAzyC8QKBgBizTy/x3Nke0GSr596JTcT6aUs96KaxvpsiHwlePBSylFpiJ4SO\n2myI3zhHKOQgOjClx39cI5HvwTEaVGPEX4myZBDnx0poUiF0crjwBcM/D2xMAWK+\nGOIrShp2BijjF27Qy9yiC7x4bHgl5gTn8GfUI7qha7rM7P9rw3giEDqtAoGBAL1s\nE9wHeqrfE4t7BEI33YdpODBHY5Pc8ypB3oGVKvxIjsate0WMbe3av5n69ww8z3h6\nmIXIzEsSl2cBjsyxy+LydzBIK6ZMk5ysir1xEyQjje7F1PjcDqob/a+6qUjwg7bu\nr+/4EF9dhb3m99ZLYkNh7EfmUie43WWMt9M0eUJRAoGAfzYsNvRGSbqQ34e0rW/Q\n+3N6ggdrZkjPg1Va6knfEhVsB2trkS04Y4LZcPmMb9twzmpjqnLQO+ngwvrdRets\nvVXRugExkgRkQ6GX3Eu3od196LIjhjN/gyPcSn4doMGHxMYSQet51vS0h2jleUXK\n/Xk2tRruXhhaVI68eI2c+0s=\n-----END PRIVATE KEY-----\n'
  }
});

let tr = {"orderId":"GPA.3312-4687-1696-11725","packageName":"com.sidequest.notification","productId":"test_gem_tier1","purchaseTime":1537263291006,"purchaseState":0,"purchaseToken":"anffecohieidgephpiigkgka.AO-J1OyENSiLLvZjJ-azlPpKzAe5LZRUjz-8HF_eH8a1bYjSah-i6EWyfjNIZu-E-qGkZePxZU6zCMRj9ZvVPqmJ1NfScN2NOgZVwO9CttSzPmIVI_mhwaU0A1Fj76h51wfCC8sKYR81"};
  let ts = 'g65+pxRYD7NuvvfzY9TEVS50Zu8pLVTEoJXmZvtDuerYvD3dvT0EWfhhXAT2xeFCZR4Z6gqZXaDtqO6eCDzbWdhDYU/+76/Kgjppc9p3NR/f2yvBmwow1n6ZwaNo1uE0pGQ732CITIYsosJXOpo/IU84FM3D1f4/cF3h0QRNmuXBnYu5NwZ1mnHkaA2Vh5oZNaV0YKbKcS5ZRis4F62Tmuj2zERX3TTetnnABmKvQ0PMHL/0Zk3aPXHvFVPuzmIGbQnJR+UDLRAdFsEaxSW1MTDOAvXRQJEErqkCCd7juwLHquwsczX0d1muQ2NFVXJYJ4in082hvItDamPh+4e38Q==';
  let json = tr;
  var receipt = {
    packageName: json.packageName,
    productId: json.productId,
    purchaseToken: json.purchaseToken,
    subscription: false
  }
  iap.setup(function (error) {
    if (error) {
      // error
    }
    iap.validate(receipt, function (error, result) {
      // check here plz
      if(error)
        throw error;
    });
  });

@voltrue2
Copy link
Owner

voltrue2 commented Sep 18, 2018 via email

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

Not work. It always return Status: 403

@voltrue2
Copy link
Owner

voltrue2 commented Sep 18, 2018 via email

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

I check the Google API console many times. But I don't know where can set the permission.

@voltrue2
Copy link
Owner

voltrue2 commented Sep 18, 2018 via email

@SQHK
Copy link
Author

SQHK commented Sep 18, 2018

No problem. I am off work now. So I will reply you in tomorrow.

@voltrue2
Copy link
Owner

@SQHK
I tried testing locally with your credentials.
As I expected, the error tells us that this account does not have the sufficient permissions to validate receipts.
You need to look at your account settings and give this account proper permissions.

Here is the log of what I get from Google:

[1537317985963][VERBOSE] <Apple> test mode? false
[1537317985965][VERBOSE] <Google> test mode? false
[1537317985967][VERBOSE] GOOGLE API Validate this { packageName: 'com.sidequest.notification',
  productId: 'test_gem_tier1',
  purchaseToken: 'hmabjnmoimjgnfffpdocieoj.AO-J1Ozlut4XJcbpdpGCczMZGN2dgjlqSDNRQCWPlkTdkQ_dNG9hXtOVY8ns1YkmgIFp9s9JicvQkzU5ASU-VaiFW7VftYepkBhzZ_zWJksUkayb9BOeXxXly-xmnaI6QB2MxnYBsGKH',
  subscription: false }
[1537317985971][VERBOSE] GOOGLE API Get token with testiap@testiap-216809.iam.gserviceaccount.com
 -----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuP0JzGwZYfEjs
B0hlCjeHRdCnhysjQEgD94kEuOCq2pQWnL50+Ugph1ZluG/HWQ5i4dPoVxc3ljZw
yZWgZksZ98kDUEPeFEwkJ+raHWwCN4aPXdfO1h/mr/4USxWXPWmAso03Sb8xk1Fj
ueS/aMvkPXpfsBNkoPTbmpoPW+DCWiov2Y+9rAG1kNmMj61rT3UZcsIk6aVddH8N
yLHLgDsiO+KKOuvSid2acLJrxj4NugRI5WOizRXZvc/3oPM8ylLVDWwbh+i95FJP
SBABwNjyjmPUWjD8pFvEk0tuGJ5OEQoxRxwNiSisyJzHP4GrMCNEHYzaq95QIW4a
oyxBQvElAgMBAAECggEAGODw3qjw5MDoE4UtrbmB+Kc79bN7sgaLUb+t2VYBQ/u9
8aWTHvX5uu43JIJrOUoKnw0x2aZXqwjgQIXTvolkdzJ1CatT6Vk6Dt6BLn/NbFqb
tIwYVFCn0OL3ctPOox+yWN0FgyudKBmp4QSJd9fhZrbtakykVDWUCGfgT8mVQ4Jq
TWXMm9JpgBB+yNoOFhVKSusjIthbRLYj7POFsi4f+ostDQxOe2uto68qgZTka/hg
g02bf4QeWb18LlQrsXT+cGnrghczZc7MKvJHP54UIR09jFD0fvSX+rt9YxBZLpIk
cGa/Hmqi33oNYSXD9Yl4Vkx5C0lk0Ne3/lakf3RO8QKBgQDcsbZ43U0PqKkLEvhf
QFVgyYdeltbNgweIzZLhk15M8fi0US04zBECqa5NNvC5J5+0DdNvotirRXUxcDCE
F7ViPojbl7jgv/mj4ZKHTYo3zP90PF4wfpu8/u11cmSMES66uqzPhOGwXHN5Fb/P
WKjp21ad3PjIfsED+GwwosqpdQKBgQDKH1uT3Dt66WozfJIWohzZOBJYiW4BXGo/
6vZwtlCO/zmYfZ4jM9P6UUrMp9hRAqun3KAbNv1tgOzasgbWM2DZRHQAR9/Q4oTK
0ek1dHrQTrPDRzxca1FqgGsEzIYtcrIzROooY4kS2hIg+PnGIqOgM4yvUh2kxefX
7a7MAzyC8QKBgBizTy/x3Nke0GSr596JTcT6aUs96KaxvpsiHwlePBSylFpiJ4SO
2myI3zhHKOQgOjClx39cI5HvwTEaVGPEX4myZBDnx0poUiF0crjwBcM/D2xMAWK+
GOIrShp2BijjF27Qy9yiC7x4bHgl5gTn8GfUI7qha7rM7P9rw3giEDqtAoGBAL1s
E9wHeqrfE4t7BEI33YdpODBHY5Pc8ypB3oGVKvxIjsate0WMbe3av5n69ww8z3h6
mIXIzEsSl2cBjsyxy+LydzBIK6ZMk5ysir1xEyQjje7F1PjcDqob/a+6qUjwg7bu
r+/4EF9dhb3m99ZLYkNh7EfmUie43WWMt9M0eUJRAoGAfzYsNvRGSbqQ34e0rW/Q
+3N6ggdrZkjPg1Va6knfEhVsB2trkS04Y4LZcPmMb9twzmpjqnLQO+ngwvrdRets
vVXRugExkgRkQ6GX3Eu3od196LIjhjN/gyPcSn4doMGHxMYSQet51vS0h2jleUXK
/Xk2tRruXhhaVI68eI2c+0s=
-----END PRIVATE KEY-----
[1537317986107][VERBOSE] GOOGLE API Validation URL: https://www.googleapis.com/androidpublisher/v2/applications/com.sidequest.notification/purchases/products/test_gem_tier1/tokens/hmabjnmoimjgnfffpdocieoj.AO-J1Ozlut4XJcbpdpGCczMZGN2dgjlqSDNRQCWPlkTdkQ_dNG9hXtOVY8ns1YkmgIFp9s9JicvQkzU5ASU-VaiFW7VftYepkBhzZ_zWJksUkayb9BOeXxXly-xmnaI6QB2MxnYBsGKH?access_token=ya29.c.ElodBnjvqM7T1tKrtD21nmgOOsoZR3HxKICvray5hWpRXsUczyeIefssgGaZYoNJhgwZe9GmoZRH3KkS-db6cKy8FxJJr_Xhr3chIbvnuOu8D4wbQ08IyKCCL-U
[1537317986434][VERBOSE] GOOGLE API Validation failed: 401 { error:
   { errors: [ [Object] ],
     code: 401,
     message: 'The current user has insufficient permissions to perform the requested operation.' } }
error > Error: Status:401 - {
  "error": {
    "errors": [
      {
        "domain": "androidpublisher",
        "reason": "permissionDenied",
        "message": "The current user has insufficient permissions to perform the requested operation."
      }
    ],
    "code": 401,
    "message": "The current user has insufficient permissions to perform the requested operation."
  }
}
    at Request._callback (/Users/no-takahashi/iap/lib/googleAPI.js:102:27)
    at Request.self.callback (/Users/no-takahashi/iap/node_modules/request/request.js:185:22)
    at emitTwo (events.js:126:13)
    at Request.emit (events.js:214:7)
    at Request.<anonymous> (/Users/no-takahashi/iap/node_modules/request/request.js:1157:10)
    at emitOne (events.js:116:13)
    at Request.emit (events.js:211:7)
    at IncomingMessage.<anonymous> (/Users/no-takahashi/iap/node_modules/request/request.js:1079:12)
    at Object.onceWrapper (events.js:313:30)
    at emitNone (events.js:111:20) response > { status: 1,
  message:
   { error:
      { errors: [Array],
        code: 401,
        message: 'The current user has insufficient permissions to perform the requested operation.' } } }

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

Hello, do you know where can set the permission in Google API?

@voltrue2
Copy link
Owner

@SQHK
You must give your account user the privilege of "View financial reports". This should enable the account to perform the purchase validation.

Cheers

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

Is it in Google Play Developer Console?

@voltrue2
Copy link
Owner

@SQHK
It is the Google Play Publish Page: https://play.google.com/apps/publish

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

I set that account can "View Financial Reports". Is the setting has the processing time?

@voltrue2
Copy link
Owner

That I am not sure.

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

I changed the permission. But the server still return the status code 401

@voltrue2
Copy link
Owner

@SQHK
What is the role of the account? It has to be "Finance".

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

I changed it to Finance

@voltrue2
Copy link
Owner

@SQHK
Hmmm it still gives me 401 error. I wonder what else you are missing.
I am curious, how did you manage to make this work last time?

@voltrue2
Copy link
Owner

voltrue2 commented Sep 19, 2018
edited
Loading

@SQHK
Your problem might be solved by this: https://support.google.com/googleplay/android-developer/answer/6230247?hl=en&visit_id=636729188020068309-4129873868&rd=1

If you haven't done what it says above, it will lead to 401 error just like you see.

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

@SQHK
Hmmm it still gives me 401 error. I wonder what else you are missing.
I am curious, how did you manage to make this work last time?

Do you mean the pervious project?

@voltrue2
Copy link
Owner

@SQHK
Since you where using this account for your previous project, you need to connect your current project to this account. The link I gave you should explain all of that.

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

Sorry, for late reply.
The previous project and this project is in same account.

@SQHK
Copy link
Author

SQHK commented Sep 19, 2018

Hello,
I just reverse my code.
Now I used

iap.config({
  googlePublicKeyStrSandBox: googlePublicKey,
  googlePublicKeyStrLive: googlePublicKey
});

var receipt = {
    data: receiptData,
    signature: signature
}

iap.setup(function (error) {
    if (error) {
      // error
    }
    iap.validate(receipt, function (error, result) {
      // check here plz
      if(error)
        throw error;
      if(result) {
        console.log(result);
      }
    });
  });

It is no any error return. And it has a response

@voltrue2
Copy link
Owner

@SQHK Great!

I am closing this is issue if there no more problem on your end.

Cheers

@snyk-bot snyk-bot mentioned this issue Oct 29, 2020
Open
@voltrue2 voltrue2 mentioned this issue Mar 16, 2021
Open
@voltrue2 voltrue2 mentioned this issue Nov 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@voltrue2 @SQHK