Search code examples
google-apiin-app-purchasein-app-billing

service account (403) Forbidden Google Play In-app Billing Purchase Status API

<?php
include_once('./src/Google_Client.php');
include_once('./src/contrib/Google_AndroidpublisherService.php');

//user token, in json format
$ANDROIDUsertoken = '{"orderId":"12999763169054705758.1323390433376399","packageName":"org.luan.hellocpp","productId":"1","purchaseTime":1394183520430,"purchaseState":0,"purchaseToken":"rurmodmieoumgowoquecqhnv.AO-J1Ow43-aM8CXNWlUcUYmA06bIaYzZPcCJCua0lLxnihOULX27Jg6NvqNUlWMpoENxtdHCIVSm6AM2mVkiC0ABSch2JEKmu1zqsVM46L762H5ppF4AIcE"}';
$user_token= json_decode($ANDROIDUsertoken,true);

// https://developers.google.com/console/help/#service_accounts
const CLIENT_ID = '1048550291137-rfqol5nm4k9tqr0a5bupedoakhd184k4.apps.googleusercontent.com';
const SERVICE_ACCOUNT_NAME = '1048550291137-rfqol5nm4k9tqr0a5bupedoakhd184k4@developer.gserviceaccount.com';
const KEY_FILE = './key.p12';

$client = new Google_Client();
$client->setApplicationName($user_token['packageName']);
$client->setClientId(CLIENT_ID);

$key = file_get_contents(KEY_FILE);

$auth = new Google_AssertionCredentials(
    SERVICE_ACCOUNT_NAME,
    array('https://www.googleapis.com/auth/androidpublisher'),
    $key);

$client->setAssertionCredentials($auth);

//$client->getAuth()->refreshTokenWithAssertion();
//$accessToken=$client->getAccessToken();
//$client->setAccessToken($accessToken);

$AndroidPublisherService = new Google_AndroidPublisherService($client);
$res = $AndroidPublisherService->inapppurchases->get($user_token['packageName'], $user_token['productId'], $user_token['purchaseToken']);

var_dump($res);
?>

error back :

PHP Fatal error:  Uncaught exception 'Google_ServiceException' with message 'Error calling GET https://www.googleapis.com/androidpublisher/v1.1/applications/org.luan.hellocpp/inapp/1/purchases/rurmodmieoumgowoquecqhnv.AO-J1Ow43-aM8CXNWlUcUYmA06bIaYzZPcCJCua0lLxnihOULX27Jg6NvqNUlWMpoENxtdHCIVSm6AM2mVkiC0ABSch2JEKmu1zqsVM46L762H5ppF4AIcE: (403) Forbidden' in /var/www/debug/google/src/io/Google_REST.php:66
Stack trace:
#0 /var/www/debug/google/src/io/Google_REST.php(36): Google_REST::decodeHttpResponse(Object(Google_HttpRequest))
#1 /var/www/debug/google/src/service/Google_ServiceResource.php(186): Google_REST::execute(Object(Google_HttpRequest))
#2 /var/www/debug/google/src/contrib/Google_AndroidpublisherService.php(39): Google_ServiceResource->__call('get', Array)
#3 /var/www/debug/google/purchase.php(32): Google_InapppurchasesServiceResource->get('org.luan.helloc...', '1', 'rurmodmieoumgow...')
#4 {main}
  thrown in /var/www/debug/google/src/io/Google_REST.php on line 66

I got Forbidden error 403 when i use service account to query purchase status api. The status of Google Play Android Developer API in Google Developers Console has been setted on. who can help me. thanks

Solution

  • I just solved this problem.

    You must add the service account email ("1048550291137-rfqol5nm4k9tqr0a5bupedoakhd184k4@developer.gserviceaccount.com") in your google play publish page(https://play.google.com/apps/publish/, not the google developer console).

    at "Settings"-"User account & rights", "Invite new user", submit with service account email, check the "View financial reports" right, then everythings works ok~