Search code examples
androidgoogle-playgoogle-play-servicesin-app-billing

How to realize a google play billing subscription in an open source app?

I'm researching for developing an open source app that will get a sync feature in future.

This will be realized with Firebase Firestore. This feature should only be available to users subscribing to an abonnement via Google Play Billing.

Now, if I upload my google-services.json to my open source repo, anyone can compile the app and remove the check, whether there's an active subscription or not.

But if I don't upload my google-services.json, CircleCI can't build my project, since the file is missing.

Does anyone have experience in this matter, or some tips?

Thanks!

Solution

  • you should have a server for this. firebase or custom, doesn't matter, but the purchase, subscription, and renewal business rules should not be in your app providing the services based on the subscription status.

    If all of the logic is in your app, without server, then you're bound to have issues with this. There's no way around that. You should also assume that somebody will break your subscription logic (to provide free access) and the apk will be listed forever on something like apkmirror for anyone to get it.

    Here's a suggested proper flow.

    Server:

    • users need to have a login
    • have a list of products a user can subscribe to, with SKUs that exist in the google play store, under your app's products

    App:

    • app calls your server to get a list of products available for this user. you really care about getting the SKUs for this.
    • make request to google's billing client to get pricing for the list of SKUs
    • when customer purchases something using google's billing sdk, you'll get a purchase receipt object
    • send your purchase receipt to your server

    Server:

    • the server will validate the purchase receipt with Google, where the server itself makes an API call to google to verify the authenticity of the receipt
    • if the receipt succeeds, the server returns a success code

    App:

    • if the response from sending the receipt succeeds, then you make a new request to the billing SDK, this time to fulfill the purchase (close the transaction)
    • when fulfillment succeeds, call your server to notify that fulfillment is completed. send the lenght of the subscription (monthly, yearly...)

    Server:

    • grant access to the subscription content the user just purchased
    • when the renewal time is up (which came from the fulfillment call), your server wakes up and calls google to renew the subscription
    • if renewal succeeds, user continues to have access to the subscription content

    Yes, this is A LOT more work, but it is also dramatically more resilient and future proof than having a true/false flag in your app.

    With that being said, if your subscriptions are $1 a year, and you expect to have no more than 10 users...then do the quick and easy way.