Fovea.Billing

The In-App-Purchase Backend Solution for Cordova Developers

Connect with the Google Publisher API

Why and How to connect Fovea.Billing with the Google Play Developer API.

Why?

In short:

  • Get access to some extra information about transactions and subscriptions from your app;
    • has it been cancelled, what is the expiry date.
  • Enhanced security.

Read more

Here’s an excerpt from Google’s recommended Security Best Practices document.

It’s highly recommended to validate purchase details on a server that you trust. By implementing your signature verification logic on a server, you make it difficult for attackers to reverse-engineer your APK file. This preserves the integrity of the signatures that your logic checks.

Not only Fovea’s service validates the signatures, it also takes a number of extra steps to ensure an attacker isn’t trying to unlock a product or subscription with a valid but unrelated receipt or one that has already been used in the past.

For additional security, we let you link your Fovea.Billing account with a Google account that has financial permissions on Google Play. Doing so will allow our service to request purchases and subscriptions statuses using Google Play Developer API.

This step is particularly useful because attackers cannot create mock responses to your Play Store purchase requests.

It also lets the server identify transactions that have been canceled and give your app access to information that can be useful to display (cancelation date and reason, payment state, expiry date, etc).

The list of additional fields and their meaning is documented in the official documentation: see here for subscriptions and there for other types of purchases.

How to enable the Play Developer API?

In order for our servers to communicate with Google on your behalf you need to provide a set of service credentials.

First, your Play Developer account needs to be linked to a Google Developer Project. From there will create a service account and grant Financial permission to it. Finally, we’ll setup the service account credentials in Fovea.Billing.

It takes more than a few steps (be ready for somewhere around 10-15 minutes), but it’s worth it!

  • then API access
  • From the Getting started section, hit Link to connect a Google Developer Project.
    • or Create a New Project if none are listed…
  • From the same API access screen, select Create Service Account
  • You are shown a link to the Google API Console, follow it.
  • from there, + Create Service Account

    • Fill in the form (set name and description to whatever suits you)
  • Select the Role: Project > Owner
    • then click Continue
  • Create a Key > format JSON

This will download a JSON file on your computer. Keep it safe.
Finalize by clicking Done, you can now close the Developer Console and come back to the Play Console.
  • Click the Grant Access button next to the newly created Service Account.
  • Set the Role to Finance, add the Manage orders permission. This should look like this:

  • Save

Back to your Fovea.Billing account, Copy-Paste the content of the JSON document into the Android Service Account field, and Save.

Important!

It can take up to 24 hours for your Play Service Credentials to work properly with the Android Developer API.

A trick reported to force a refresh of Google’s access rights is to create a new In-App Product (which you can remove later).

Troubleshooting

Error:

The project id used to call the Google Play Developer API has not been linked in the Google Play Developer Console

Sometimes Google doesn’t apply changes you made to your account’s permissions…

Possible solution:

  • Create an In-App Product in your app, that you can delete right after.