play_billing_validator 0.0.1

data/.gitignore

@@ -0,0 +1,49 @@
+# rcov generated
+coverage
+
+# rdoc generated
+rdoc
+
+# yard generated
+doc
+.yardoc
+
+# bundler
+.bundle
+
+# jeweler generated
+pkg
+
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+.DS_Store
+#
+# For TextMate
+#*.tmproj
+#tmtags
+#
+# For emacs:
+#*~
+#\#*
+#.\#*
+#
+# For vim:
+#*.swp
+
+bin
+cache
+gems
+specifications
+Gemfile.lock
+.rvmrc

data/Gemfile

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2010-2013 Amro Mousa
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.markdown

@@ -0,0 +1,46 @@
+# Google Play In-app Billing Validation
+
+This (simple) gem validates In-app Billing transactions. Pass your base64 
+encoded public key, the transaction data (json) and the base64 encoded signature 
+and it will return a boolean value telling you whether or not your transaction is valid.
+
+##Installation
+
+    $ gem install play_billing_validator
+     
+##Requirements
+
+A public key for your Android app's in app billing. Get it from the Google Play [Developer Console](https://play.google.com/apps/publish).
+
+##Usage
+
+Implement the In-app Billing v3 in your Android app:
+
+    String data = data.getStringExtra(RESPONSE_INAPP_PURCHASE_DATA);
+    String signature = data.getStringExtra(RESPONSE_INAPP_SIGNATURE);
+
+Then send the data and signature to your server and validate like this:
+ 
+    data = params[:data]
+    signature = params[:signature]
+    if (GooglePlay::Transaction.valid(public_key, data, signature))
+        # success. save the transaction, give away cookies and so on.
+    else
+        # booo. bad transaction data. reprimand the crook or give them a cookie anyway.
+    end
+
+I recommend keeping a record of valid transactions in your database to prevent malicious users
+from replaying them for free loot.
+
+## Details
+
+Need more detail on how all of this works (especially the Android implementation)? Read Google's [In-app Billing Docs](http://developer.android.com/google/play/billing/index.html).
+
+## Thanks
+
+Thanks to [Walt Schlender](http://stackoverflow.com/users/749709/walta) for his answer to 
+this [StackOverflow](http://stackoverflow.com/questions/5971031/how-do-i-verify-android-in-app-billing-with-a-server-with-ruby) question. This gem is based on that post.
+
+##Copyrights and License
+
+* Copyright (c) 2013 Amro Mousa. This gem is licensed under the MIT license. See LICENSE.txt for details.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/play_billing.rb

@@ -0,0 +1,5 @@
+module PlayBilling
+  VERSION = "0.0.1"
+end
+
+require 'play_billing/transaction'

data/lib/play_billing/transaction.rb

@@ -0,0 +1,16 @@
+require 'multi_json'
+require 'openssl'
+require 'base64'
+
+module PlayBilling
+  class Transaction
+    def self.valid(public_key, data, signature)
+      begin
+        public_key = OpenSSL::PKey::RSA.new(Base64.decode64(public_key))
+        public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), data)
+      rescue Exception => e
+        false
+      end
+    end
+  end
+end

data/play_billing_validator.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+require "play_billing"
+
+Gem::Specification.new do |s|
+  s.name        = "play_billing_validator"
+  s.authors     = ["Amro Mousa"]
+  s.email       = ["amromousa@gmail.com"]
+  s.homepage    = "http://github.com/amro/play_billing_validator"
+  s.summary     = %q{Validates Google Play In-app Billing transactions}
+  s.description = %q{Validates Google Play In-app Billing transactions}
+  s.license     = "MIT"
+  s.version     = PlayBilling::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.rubyforge_project = "play_billing_validator"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_dependency('multi_json', '>= 1.3.4')
+end

metadata

@@ -0,0 +1,70 @@
+--- !ruby/object:Gem::Specification
+name: play_billing_validator
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Amro Mousa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-03-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.3.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.3.4
+description: Validates Google Play In-app Billing transactions
+email:
+- amromousa@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.markdown
+- Rakefile
+- lib/play_billing.rb
+- lib/play_billing/transaction.rb
+- play_billing_validator.gemspec
+homepage: http://github.com/amro/play_billing_validator
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: play_billing_validator
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Validates Google Play In-app Billing transactions
+test_files: []