V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
jarytom
V2EX  ›  Google Play

谷歌支付服务端校验权限不足

  •  
  •   jarytom · 2023-11-03 18:42:56 +08:00 · 681 次点击
    这是一个创建于 380 天前的主题,其中的信息可能已经有所发展或是发生改变。
    from google.oauth2 import service_account
    from googleapiclient.discovery import build
    
    # 载入你的 JSON 密钥文件
    credentials = service_account.Credentials.from_service_account_info(
        info={
      "type": "service_account",
      "project_id": "noted-stxxxxx03902",
      "private_key_id": "e131704d8.....7eaf5b5060181c",
      "private_key": "-----BEGIN PRIVATE KEY-----xxxxxx=-----END PRIVATE KEY-----",
      "client_email": "googlepa....eaccount.com",
      "client_id": "112233...6934233",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://oauth2.googleapis.com/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot....unt.com",
      "universe_domain": "googleapis.com"
    },
        scopes=['https://www.googleapis.com/auth/androidpublisher']
    )
    
    # 创建 AndroidPublisher 客户端
    android_publisher = build('androidpublisher', 'v3', credentials=credentials)
    
    
    def verify_google_pay_transaction(product_id, package_name, purchase_token) -> dict | None:
        '''
        验证交易
        :param product_id: 商品 ID
        :param package_name: 包名
        :param purchase_token: 购买凭证
        :return: 交易信息(可能为空), 示例值 {'purchaseTimeMillis': '1698053056154', 'purchaseState': 0, 'consumptionState': 1, 'developerPayload': '', 'orderId': 'GPA.3312-7728-1791-92249', 'purchaseType': 0, 'acknowledgementState': 1, 'kind': 'androidpublisher#productPurchase', 'obfuscatedExternalAccountId': '7522', 'obfuscatedExternalProfileId': '2023102309241075224111', 'regionCode': 'US'}
        '''
        try:
            # 使用 AndroidPublisher 客户端进行购买验证
            result = android_publisher.purchases().products().get(
                packageName=package_name,
                productId=product_id,
                token=purchase_token
            ).execute()
            print(result)
            return result
        except Exception as e:
            print(f"验证失败: {e}")
            return None
    
    
    if __name__ == '__main__':
        product_id = 'avatar_generate_1.99'
        package_name = 'com.xxx.camera'
        purchase_token = 'bijdhmoimifmbioicfligjlk.AO-J1Ox0wST7o5LhRyW1CJoFIq7eV7Bgn3TSPc-N_wh7aR0-zIqA-YgHHypU6sj8sS0sw6C10F7CTugpBH8Fss-VkbD5sLzc8A'
        g_res = verify_google_pay_transaction(product_id, package_name, purchase_token)
        print(g_res)
    
    

    json 内容已脱敏 运行上面的代码,返回响应信息 验证失败: <HttpError 401 when requesting https://androidpublisher.googleapis.com/androidpublisher/v3/applications/com.aipersona.camera/purchases/products/avatar_generate_1.99/tokens/bijdhmoimifmbioicfligjlk.AO-J1Ox0wST7o5LhRyW1CJoFIq7eV7Bgn3TSPc-N_wh7aR0-zIqA-YgHHypU6sj8sS0sw6C10F7CTugpBH8Fss-VkbD5sLzc8A?alt=json returned "The current user has insufficient permissions to perform the requested operation.". Details: "[{'message': 'The current user has insufficient permissions to perform the requested operation.', 'domain': 'androidpublisher', 'reason': 'permissionDenied'}]">

    想问一下各位大佬这个怎么排查

    1 条回复    2023-11-04 12:57:23 +08:00
    lingling47
        1
    lingling47  
       2023-11-04 12:57:23 +08:00
    这是用来做啥的
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   6196 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 02:57 · PVG 10:57 · LAX 18:57 · JFK 21:57
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.