发表新帖
发表新帖

Google Play Developer API - Query purchase token returns Invalid Value

后端 未结
关注
3 1003
长情又很酷
长情又很酷 2020-12-03 10:28

I am trying to set up a web service to query Google Play purchases. We store the order information for customers and this service would call Google Play API to query the su

3条回答
  • 心在旅途
    心在旅途 (楼主)
    2020-12-03 10:59

    First I want to share with you what is 400 bad request and what is the real cause for occuring it?

    Ans: It indicates that the query was invalid. E.g., parent ID was missing or the combination of dimensions or metrics requested was not valid.

    Recommended Action: You need to make changes to the API query in order for it to work.

    Resource Link: Standard Error Responses

    Your problem:

    Your code was running properly and returning related json file as output. But after a period,it is not working when you want to get information about purchase. It gives error message "HTTP/1.1 400 Bad Request"

    Root cause:

    For refresh token, the response always includes a new access token. A response is shown below:

    {
  "access_token":"1/fFBGRNJru1FQd44AzqT3ZgXXXXXX",
  "expires_in":3920,
  "token_type":"Bearer",
}

    So, access token has a expiry time. after a expiry time, the access token will not work.

    There is another restriction also. There are limits on the number of refresh tokens that will be issued; one limit per client/user combination, and another per user across all clients.

    So, in your case, you have already crossed your limit of creating refresh token.

    Solution:

    So, you first need to revoke the token. Then save refresh tokens in long-term storage and continue to use them as long as they remain valid.

    As you are using refresh token, then you need to change the http post request https://accounts.google.com/o/oauth2/token to https://www.googleapis.com/oauth2/v4/token

    So your code will be look like below:

    String refreshToken = "1/ljll6d9ME3Uc13jMrBweqXugV4g4timYcXXXXXXXXX";
HttpPost request = new HttpPost("https://www.googleapis.com/oauth2/v4/token");
List params = new ArrayList();
...............
...............

    Revoking procedure:

    There are 2 ways for revoking.

    1. A user can revoke access by visiting Account Settings
    2. It is also possible for an application to programmatically revoke the access given to it.

    To programmatically revoke a token, your application makes a request to https://accounts.google.com/o/oauth2/revoke and includes the token as a parameter:

    curl https://accounts.google.com/o/oauth2/revoke?token={token}

    The token can be an access token or a refresh token. If the token is an access token and it has a corresponding refresh token, the refresh token will also be revoked.

    N.B: If the revocation is successfully processed, then the status code of the response is 200. For error conditions, a status code 400 is returned along with an error code.

    Resource Link:

    1. Offline access, Using refresh token and Revoke a token

    0 讨论(0)
 看不清?
提交回复
热议问题