1

I am using the google-api-ruby-clientgoogle-api-ruby-client for my backend server to validate the android inapppurchase code (see below):

    require 'google/api_client'
    require 'google/api_client/client_secrets'
    require 'google/api_client/auth/installed_app'


    API_VERSION = 'v1.1'

    service_account_email = 'xxx@developer.gserviceaccount.com' # Email of service account
    key_file = 'xxx.p12' # File containing your private key
    key_secret = 'notasecret' # Password to unlock private key
    scope_url = 'https://www.googleapis.com/auth/androidpublisher'

    client = Google::APIClient.new(
      :application_name => 'Ruby Inapppurchases validate',
      :application_version => '1.0.0')


    key = Google::APIClient::KeyUtils.load_from_pkcs12(key_file, key_secret)


    client.authorization = Signet::OAuth2::Client.new(
      :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
      :audience => 'https://accounts.google.com/o/oauth2/token',
      :scope => scope_url,
      :issuer => service_account_email,
      :signing_key => key)

      client.authorization.fetch_access_token!

    publisher = client.discovered_api('androidpublisher', 'v1.1')

    p client.execute(
              api_method: publisher.inapppurchases.get,
              parameters: {
                  packageName:  'com.examble',
                  productId: 'android.test.purchased',
                  token:  "inapp:com.examble:android.test.purchased"          
                  }).data

I follow the instruction for the api, but my error is as followed:

    #<Google::APIClient::Schema::Androidpublisher::V1_1::InappPurchase:0x3fd021a64240
    DATA:{"error"=>{"errors"=>[{"domain"=>"androidpublisher", "reason"=>"permissionDenied",
    "message"=>"The current user has insufficient permissions to perform the requested operation."}],
    "code"=>401, "message"=>"The current user has insufficient permissions to 
    perform the requested operation."}}>

This troubles me long time. Can anyone help me?

Will
  • 11,276
  • 9
  • 68
  • 76
user868984
  • 11
  • 1
  • 2
  • I'm not familiar with ruby but it looks just like my issue: http://stackoverflow.com/questions/24323207/use-service-account-to-verify-google-inapppurchase – glutorange Jun 20 '14 at 09:18
  • I've always thought that you need to supply an additional user email in the Client.new call using the ":person" parameter, and that this is the user that is used to check permissions on the subsequent call. – JRQ Jun 23 '14 at 12:49
  • @jrq I have use the :person parameter, it did not work too.can you give me some example!! – user868984 Jul 02 '14 at 12:33
  • This example is not for Androidpublisher, but for Google Apps for Business: client.authorization = Signet::OAuth2::Client.new( :token_credential_uri => 'https://accounts.google.com/o/oauth2/token', :audience => 'https://accounts.google.com/o/oauth2/token', :scope => 'https://www.googleapis.com/auth/admin.directory.group', :issuer => SERVICE_ACCOUNT_EMAIL, :signing_key => Google::APIClient::KeyUtils.load_from_pkcs12(SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'notasecret'), :person => user_email ) But it looks similar to your call – JRQ Jul 02 '14 at 14:34
  • @jrq thanks very much! I have solved my problem,because of the error email!! – user868984 Jul 03 '14 at 01:53
  • 1
    Great. So the problem was the missing :person parameter, with a correct user_email? – JRQ Jul 03 '14 at 14:03
  • @jrq yeah!! official document did not have an example!!That's the biggest problem!! – user868984 Jul 04 '14 at 06:17
  • You just saved me from a headache after 2 days of desperate debugging. Adding the "person" parameter solved the permission issue – ZX12R Nov 17 '16 at 16:51
  • @user868984 What value did you put for user_email in this, anyone have ruby gist to verify purchase_token ? – Parul Kanani Jul 17 '19 at 13:40
  • @JRQ What value did you put for user_email in this, anyone have ruby gist to verify purchase_token , I tried with service_account_email – Nency Jul 18 '19 at 09:18

0 Answers0