i have app published alpha channel, in-app (un)managed item costs $1.
when purchase normally, i.e, use credit/debit card google returns correct developer payload string, if choose "redeem" promo code , enter said code, google returns empty developer payload string, , authentication fails in 'oniabpurchasefinished()'.
i should mention occurs if choose redeem code app's purchase flow, , works flawlessly if open play store first, redeem code, , come , open app.
is bug on google's part?
edit: play store thing expected, since can't know payload , purchase done without having check it.
this issue opened on google's android-play-billing samples repo. looks ignored long time , closed this comment. in short, have following suggestions.
we reviewed our guidelines , internal apis, , since developerpayload not supported across features on in-app billing api (including promocodes), removing recommendation use security check.
as can see in our documentation, on page implementing in-app billing (https://developer.android.com/google/play/billing/billing_integrate.html) we've added recommendation:
caution: don't use developerpayload field security validation purposes. field isn't available when completing tasks related in-app billing. more information security best practices, see in-app billing security , design guide.
our recommendation validate on own backend, using play developer api.
Comments
Post a Comment