Hello!
We try to protect Google in-app from hacking with Freedom under root.
Here is link to GUIDE:
https://docs.coronalabs.com/guide/monetization/IAP/index.html
Here is quote frome guide:
local function storeTransaction( event )
local transaction = event.transaction
if ( transaction.state == “purchased” ) then
–handle a successful transaction here
print( “productIdentifier”, transaction.productIdentifier )
print( “receipt”, transaction.receipt )
print( “signature:”, transaction.signature )
print( “transactionIdentifier”, transaction.identifier )
print( “date”, transaction.date )
elseif ( transaction.state == “cancelled” ) then
–handle a cancelled transaction here
elseif ( transaction.state == “failed” ) then
–handle a failed transaction here
end
–tell the store that the transaction is complete!
–if you’re providing downloadable content, do not call this until the download has completed
store.finishTransaction( event.transaction )
end
Next quote:
- signature — a digital signature string that can be used to verify the purchase. This is the inapp_signature returned by Google Play.
So, we get a signature - how i knowed, it is json table, hashed with our google private key. So, i should prepare json string and hash it with some algorithm and our developer key, then compare result and signature from listener.
Questions are:
-
how to prepare this json string?
-
which algorithm i need for hashing?
-
Is it some tutorial about these actions on Corona?
Thanks!