verona 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a4e61f2037f343a773bb7dc01c3ea24ac04ebb79
+  data.tar.gz: d7fdbae52c02fb72c9cd733308fbdcbbdaa273a9
+SHA512:
+  metadata.gz: d8e2cda02adc454441cd4c4bbd08987040bd0f98b1ce2a2063ee6262d873b036c04e55ed21b373954c6462feb814ec3fcfbb765f2b82fd4d6e6968ea72c1e0ad
+  data.tar.gz: 25b256850eab9e4976c55765293433a1fb5bc365e1018ab1266f524727bed133e9c80b1a941cb5e94842f37e3ef253287903fc9ffbe52f121f44820082dfc5e0

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,16 @@
+PATH
+  remote: .
+  specs:
+    verona (0.0.1)
+      json
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    json (1.8.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  verona!

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2013 Mattt Thompson (http://mattt.me/)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,35 @@
+Verona is a simple gem for verifying Google Play In-App Purchase tokens, and retrieving the information associated with the purchase.
+
+There are two reasons why you should verify in-app purchase receipts on the server: First, it allows you to keep your own records of past purchases, which is useful for up-to-the-minute metrics and historical analysis. Second, server-side verification over SSL is the most reliable way to determine the authenticity of purchasing records.
+
+Verona is based on @mattt's ![Venice](https://github.com/nomad/venice) gem for iOS In-App Purchase verification.
+
+## Installation
+
+    $ gem install verona
+
+## Usage
+
+```ruby
+require 'verona'
+
+if receipt = Verona::Receipt.verify({
+            :package_name => "com.mycompany.app",
+            :product_id => "com.mycompany.app.iap",
+            :token => "token"
+        })
+  p receipt.to_h
+end
+```
+
+## Contact
+
+Simon Maddox
+
+- http://github.com/simonmaddox
+- http://twitter.com/simonmaddox
+simon@simonmaddox.com
+
+## License
+
+Verona is available under the MIT license. See the LICENSE file for more info.

data/Rakefile

@@ -0,0 +1,9 @@
+require 'bundler/setup'
+
+gemspec = eval(File.read("verona.gemspec"))
+
+task :build => "#{gemspec.full_name}.gem"
+
+file "#{gemspec.full_name}.gem" => gemspec.files + ["verona.gemspec"] do
+  system "gem build verona.gemspec"
+end

data/lib/verona.rb

@@ -0,0 +1,3 @@
+require_relative 'verona/client'
+require_relative 'verona/receipt'
+require_relative 'verona/version'

data/lib/verona/client.rb

@@ -0,0 +1,35 @@
+require 'json'
+require 'net/https'
+require 'uri'
+
+module Verona
+  class Client
+    def verify!(attributes = {}, options)
+      json = json_response_from_verifying_token(attributes)
+      error = json['error'] if json['error']
+      if !error and json
+        Receipt.new(json.merge(attributes)) 
+      else 
+        false 
+      end
+    end
+
+    private
+
+    def json_response_from_verifying_token(attributes = {})
+      uri = URI("https://www.googleapis.com/androidpublisher/v1.1/applications/#{attributes[:package_name]}/inapp/#{attributes[:product_id]}/purchases/#{attributes[:token]}")
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+      request = Net::HTTP::Get.new(uri.request_uri)
+      request['Accept'] = "application/json"
+      request['Content-Type'] = "application/json"
+      request['Authorization'] = "Bearer #{ENV['GOOGLE_PLAY_ACCESS_TOKEN']}"
+
+      response = http.request(request)
+
+      JSON.parse(response.body)
+    end
+  end
+end

data/lib/verona/receipt.rb

@@ -0,0 +1,65 @@
+require 'time'
+
+module Verona
+  class Receipt
+    # The package name for the application
+    attr_reader :package_name
+
+    # The product identifier of the item that was purchased.
+    attr_reader :product_id
+
+    # The receipt's token
+    attr_reader :token
+
+    # The date and time this transaction occurred.
+    attr_reader :purchase_date
+
+    # The state of the purchase
+    attr_reader :purchase_state
+
+    # The consumption state of the purchase
+    attr_reader :consumed
+
+    # Developer payload
+    attr_reader :developer_payload
+
+    def initialize(attributes = {})
+      @package_name = attributes[:package_name] if attributes[:package_name]
+      @product_id = attributes[:product_id] if attributes[:product_id]
+      @token = attributes[:token] if attributes[:token]
+      @purchase_date = Time.at(attributes['purchaseTime'].to_i / 1000) if attributes['purchaseTime']
+      @purchase_state = Integer(attributes['purchaseState']) if attributes['purchaseState']
+      @consumed = Integer(attributes['consumptionState']) if attributes['consumptionState']
+      @developer_payload = attributes['developerPayload'] if attributes['developerPayload']
+    end
+
+    def to_h
+      {
+        :package_name => @package_name,
+        :product_id => @product_id,
+        :purchase_date => @purchase_date.httpdate,
+        :purchase_state => @purchase_state,
+        :consumed => @consumed,
+        :developer_payload => (@developer_payload rescue nil)
+      }
+    end
+
+    def to_json
+      self.to_h.to_json
+    end
+
+    class << self
+      def verify(data, options = {})
+        return verify!(data, options) rescue false
+      end
+
+      def verify!(data, options = {})
+        client = Client.new
+        client.verify!(data, options) rescue false
+      end
+
+      alias :validate :verify
+      alias :validate! :verify!
+    end
+  end
+end

data/lib/verona/version.rb

@@ -0,0 +1,3 @@
+module Verona
+  VERSION = "0.0.1"
+end

data/verona.gemspec

@@ -0,0 +1,21 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "verona/version"
+
+Gem::Specification.new do |s|
+  s.name        = "verona"
+  s.authors     = ["Simon Maddox"]
+  s.email       = "simon@simonmaddox.com"
+  s.license     = "MIT"
+  s.homepage    = "http://simonmaddox.com"
+  s.version     = Verona::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.summary     = "Google Play In-App Purchase Token Verification"
+  s.description = ""
+
+  s.add_dependency "json"
+
+  s.files         = Dir["./**/*"].reject { |file| file =~ /\.\/(bin|log|pkg|script|spec|test|vendor)/ }
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification
+name: verona
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Simon Maddox
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-06-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ''
+email: simon@simonmaddox.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ./Gemfile
+- ./Gemfile.lock
+- ./lib/verona/client.rb
+- ./lib/verona/receipt.rb
+- ./lib/verona/version.rb
+- ./lib/verona.rb
+- ./LICENSE
+- ./Rakefile
+- ./README.md
+- ./verona.gemspec
+homepage: http://simonmaddox.com
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.9
+signing_key: 
+specification_version: 4
+summary: Google Play In-App Purchase Token Verification
+test_files: []