标签:
在接入google的SDK之前,当然先要用你的google开发者账号要去申请你接入的应用,这些步骤就直接省略了具体的步骤可以查看这篇博文:http://blog.csdn.net/hjun01/article/details/42032841 里面有比较详细的介绍,这里只是简单的介绍下步骤流程仅供参考。
1.google账号登录服务器端验证过程
1).客户端发送id_token到服务器端
2).服务器端发送post请求到Google:
https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={XYZ123}
3).请求成功,返回如下格式的:
{
// These six fields are included in all Google ID Tokens.
"iss": "https://accounts.google.com",
"sub": "110169484474386276334",
"azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
"aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
"iat": "1433978353",
"exp": "1433981953",
// These seven fields are only included when the user has granted the "profile" and
// "email" OAuth scopes to the application.
"email": "testuser@gmail.com",
"email_verified": "true",
"name" : "Test User",
"picture": "https://lh4.googleusercontent.com/-kYgzyAWpZzJ/ABCDEFGHI/AAAJKLMNOP/tIXL9Ir44LE/s99-c/photo.jpg",
"given_name": "Test",
"family_name": "User",
"locale": "en"
}
详情请查看google的开发者官网。
2.接入google支付
Google支付验证流程简介
一. 在Google Developer Console中创建一个 Web Application账户,得到client_id,client_secret
和 redirect_uri,这3个参数后边步骤常用到(此为前提)
二. 获取Authorization code(获取授权码)
发送get请求
https://accounts.google.com/o/oauth2/auth?
scope=https://www.googleapis.com/auth/androidpublisher
&response_type=code
&access_type=offline
&redirect_uri={...}&client_id={...}
将会返回如下:
https://www.example.com/oauth2callback?
code=4/CpVOd8CljO_gxTRE1M5jtwEFwf8gRD44vrmKNDi4GSS.kr-GHuseD-oZEnp6UADFXm0E0MD3FlAI
三. 利用code(上一步获得的code) 获取access_token,refresh_token
发送post请求
https://accounts.google.com/o/oauth2/token?
grant_type=authorization_code
code={the code from the previous step}
client_id={the client ID token created in the APIs Console}
client_secret={the client secret corresponding to the client ID}
redirect_uri={the URI registered with the client ID}
我们这一步的目的是获取refresh_token,只要有了这个长效token,access_token是随时可以获取的,
第一次发起请求得到的JSON字符串如下所示,以后再请求将不再出现refresh_token,要保存好。expires_in
是指access_token的时效,为3600秒。
{
"access_token": "ya29.3gC2jw5vm77YPkylq0H5sPJeJJDHX93Kq8qZHRJaMlknwJ85595eMogL300XKDOEI7zIsdeFEPY6zg",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "1/FbQD448CdDPfDEDpCy4gj_m3WDr_M0U5WupquXL_o"
}
四. 进一步可利用refresh_token获取新的access_token
发送post请求:https://accounts.google.com/o/oauth2/token?grant_type=refresh_token&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&refresh_token={REFRESH_TOKEN}
A successful response will contain another access token:
{
"access_token" : "ya29.AHES3ZQ_MbZCwac9TBWIbjW5ilJkXvLTeSl530Na2",
"token_type" : "Bearer",
"expires_in" : 3600,
}
五. 使用access_token 调用Google API 达到最终目的(如果access_token过时,回到第四步)
发送get请求:https://www.googleapis.com/androidpublisher/v2/applications/{packageName}/purchases/products/{productId}/tokens/{purchaseToken}}?access_token={access_token}
成功返回:
{
"kind": "androidpublisher#productPurchase",
"purchaseTimeMillis": long,
"purchaseState": integer, (purchased:0 cancelled:1,我们就是依靠这个判断购买信息)
"consumptionState": integer,
"developerPayload": string
}
google官方关于登录或者支付都有相应编程语言的API,用API来实现更加简单就没有这么复杂了,如果没有相应编程语言的API可以到github上搜索,一般都可以找到。
标签:
原文地址:http://www.cnblogs.com/water-melon/p/5649536.html
