diff --git a/docs/api/purchase.md b/docs/api/purchase.md index 5ed23ff..c63ba52 100644 --- a/docs/api/purchase.md +++ b/docs/api/purchase.md @@ -21,7 +21,7 @@ On a invalid request body: HTTP status code 400 Bad request On a invalid auth token: HTTP status code 401 Unauthorized -On success: a JSON object with the property ``canDoPurchase`` of the type string +On success: a JSON object with the property ``canDoPurchase`` (string) and ``googlePlayPublicKey`` (string, base64) possible values of ``canDoPurchase``: @@ -29,6 +29,8 @@ possible values of ``canDoPurchase``: - ``no due to old purchase`` - ``no because not supported by the server`` +The ``googlePlayPublicKey`` is the key by which purchases using google play should be signed. + ## POST /purchase/finish-purchase-by-google-play Use this to report a purchase to the server/ unlock all features after a purchase diff --git a/src/api/purchase.ts b/src/api/purchase.ts index fcf80b9..2a53f6f 100644 --- a/src/api/purchase.ts +++ b/src/api/purchase.ts @@ -23,6 +23,7 @@ import { addPurchase, areGooglePlayPaymentsPossible, canDoNextPurchase, + googlePlayPublicKey, isGooglePlayPurchaseSignatureValid, requireFamilyEntry } from '../function/purchase' @@ -54,7 +55,8 @@ export const createPurchaseRouter = ({ database, websocket }: { const result = canDoNextPurchase({ fullVersionUntil: parseInt(familyEntry.fullVersionUntil, 10) }) res.json({ - canDoPurchase: result ? 'yes' : 'no due to old purchase' + canDoPurchase: result ? 'yes' : 'no due to old purchase', + googlePlayPublicKey }) } catch (ex) { next(ex) diff --git a/src/function/purchase/index.ts b/src/function/purchase/index.ts index 2d70929..9f811bb 100644 --- a/src/function/purchase/index.ts +++ b/src/function/purchase/index.ts @@ -1,6 +1,6 @@ /* * server component for the TimeLimit App - * Copyright (C) 2019 Jonas Lochmann + * Copyright (C) 2019 - 2020 Jonas Lochmann * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -17,5 +17,7 @@ export { canDoNextPurchase } from './can-do-next-purchase' export { requireFamilyEntry } from './require-family-entry' -export { isGooglePlayPurchaseSignatureValid, areGooglePlayPaymentsPossible } from './verification' +export { + isGooglePlayPurchaseSignatureValid, areGooglePlayPaymentsPossible, googlePlayPublicKey +} from './verification' export { addPurchase } from './add-purchase' diff --git a/src/function/purchase/verification.ts b/src/function/purchase/verification.ts index fbe9b52..ed03c27 100644 --- a/src/function/purchase/verification.ts +++ b/src/function/purchase/verification.ts @@ -19,7 +19,7 @@ const IABVerifier: new (publicKey: string) => { verifyReceipt: (data: string, signature: string) => boolean } = require('iab_verifier') -const googlePlayPublicKey = process.env.GOOGLE_PLAY_PUBLIC_KEY || '' +export const googlePlayPublicKey = process.env.GOOGLE_PLAY_PUBLIC_KEY || '' const verifier = new IABVerifier(googlePlayPublicKey)