{"id":15471897,"url":"https://github.com/itznotabug/checkoutverifier","last_synced_at":"2025-04-22T13:46:00.661Z","repository":{"id":48442811,"uuid":"168562158","full_name":"ItzNotABug/CheckoutVerifier","owner":"ItzNotABug","description":"Verify your In-App Purchase receipts \u0026 protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.","archived":false,"fork":false,"pushed_at":"2021-07-26T08:46:49.000Z","size":747,"stargazers_count":64,"open_issues_count":0,"forks_count":8,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-29T15:35:05.203Z","etag":null,"topics":["android","android-iap","android-in-app-billing","android-in-app-purchase","android-protect-apps","android-protection","android-security"],"latest_commit_sha":null,"homepage":null,"language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ItzNotABug.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-31T17:02:21.000Z","updated_at":"2025-02-11T20:39:46.000Z","dependencies_parsed_at":"2022-09-17T14:31:14.916Z","dependency_job_id":null,"html_url":"https://github.com/ItzNotABug/CheckoutVerifier","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ItzNotABug%2FCheckoutVerifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ItzNotABug%2FCheckoutVerifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ItzNotABug%2FCheckoutVerifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ItzNotABug%2FCheckoutVerifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ItzNotABug","download_url":"https://codeload.github.com/ItzNotABug/CheckoutVerifier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250251215,"owners_count":21399783,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","android-iap","android-in-app-billing","android-in-app-purchase","android-protect-apps","android-protection","android-security"],"created_at":"2024-10-02T02:22:15.695Z","updated_at":"2025-04-22T13:46:00.607Z","avatar_url":"https://github.com/ItzNotABug.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CheckoutVerifier\n\n\u003ch1 align=center\u003e\n\u003cimg src=\"logo/horizontal.png\" width=60%\u003e\n\u003c/h1\u003e\n\n[![Codacy Badge](https://app.codacy.com/project/badge/Grade/bb126216417b45668b81e08090d2d081)](https://www.codacy.com/gh/ItzNotABug/CheckoutVerifier/dashboard?utm_source=github.com\u0026amp;utm_medium=referral\u0026amp;utm_content=ItzNotABug/CheckoutVerifier\u0026amp;utm_campaign=Badge_Grade)\n\nCheckoutVerifier helps you Verify your In-App Purchase receipts \u0026 protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.\n\u003cbr/\u003eSince I was using these classes in every project, the copy / pasting of classes was annoying so thought of releasing it as a library which might be of help to others too!\n\n\n## How does it work?\nWell, the library sends the Signed Json Response \u0026 Signature that you receive after a purchase is completed on a specified server url where it checks the signature of that response data with your BASE64 Key provided to you in your Developer Console.\n\n\n## Set Up\n#### * Get Licensing API Key\nNavigate to Developer Console \u0026 Select your App.\n\u003cbr/\u003eGo to \u003cb\u003eDevelopment Tools\u003c/b\u003e \u003e \u003cb\u003eServices \u0026 API.\u003c/b\u003e\n\u003cbr/\u003eCopy the \u003cb\u003eBASE64 Licensing Key\u003c/b\u003e\n\n#### * Creating a Verifying PHP File\nJust a create a File \u0026 name it as `verify.php` or anything you want.\n\u003cbr/\u003ePaste the following code in it \u0026 Upload it to your server.\n\n```php\n\u003c?php\n    $data = $_GET['jsonResponse'];\n    $signature = $_GET['signature'];\n    $key_64 = \"YOUR BASE64 KEY THAT YOU GOT FROM DEVELOPER CONSOLE, THERE SHOULD BE NO SPACES!\";\n\n    $key =  \"-----BEGIN PUBLIC KEY-----\\n\".\n            chunk_split($key_64, 64,\"\\n\").\n            \"-----END PUBLIC KEY-----\";\n\n    $key = openssl_get_publickey($key);\n\n    $ok = openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);\n    if ($ok == 1) {\n        echo \"verified\";\n    } elseif ($ok == 0) {\n        echo \"unverified\";\n    } else {\n        die (\"fault, error checking signature\");\n    }\n\n    openssl_free_key($key);\n?\u003e\n```\n\n#### * Implementing Library (Gradle)\nNote: Add `mavenCentral()` in `repositories` block.\n\n```gradle\ndependencies {\n    // CheckoutVerifier now internally uses Kotlin Coroutines.\n    implementation 'com.lazygeniouz:checkout-verifier:$library_version'\n}\n```\n\n#### * CheckoutVerifier\nJust pass on the required `PurchaseBundle` in the Constructor \u0026 call `authenticate();`\n\u003cbr/\u003eThe `authenticate()` returns a `Result` object.\n\u003cbr/\u003e\n\u003cbr/\u003eIf the connection to the server was successful \u0026 a result was returned, \n\u003cbr/\u003e`CompletionResult(isVerified: Boolean)` is returned, \n\u003cbr/\u003e`ErrorResult(exception: Exception)` otherwise.\n\n\u003cbr/\u003eExample:\n```kotlin\nyourScope.launch {\n    val purchaseBundle = PurchaseBundle(url, jsonResponse, signature)\n    when (val result = CheckoutVerifier(purchaseBundle).authenticate()) {\n        is CompletionResult -\u003e {\n            val verified = result.isVerified\n            // Do something\n        }\n      is ErrorResult -\u003e Log.d(TAG, result.exception.message)\n    }\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitznotabug%2Fcheckoutverifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fitznotabug%2Fcheckoutverifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fitznotabug%2Fcheckoutverifier/lists"}