Inapp Billing Verifying Order On Web Server Php

I'm using a simple PHP script to verify Android order to parse download for the customer. $receipt = $_GET['purchaseData']; $billInfo = json_decode($receipt,true); $signature = $_G

Solution 1:

To verify the signature you want to make sure of the following:

1. INAPP_PURCHASE_DATA is not mutated in any way. Any encoding or escaping changes will result in a invalid verification. The best way to ensure it gets to your server intact is to base64 encoded it.
2. INAPP_DATA_SIGNATURE also must remain intact, it should already base64 encoded so sending that to your server should not be a problem.
3. openssl_verify expects both data and signature arguments to be in their raw state, so base64 decode before verifying.
4. It also takes signature_alg as the last argument, in this case sha1WithRSAEncryption should work as should the default, but if in doubt try a few other sha1 algorithms to see which ones work.

My best guess why it's not working for you right now is that you're not receiving the INAPP_PURCHASE_DATA on your server in the same condition that it was received on the app. This Stackoverflow question had the same problem.