从 google 应用引擎检查 chrome 网上商店用户许可证
Check chrome web store user license from google app engine
是否可以使用 client-side generated access token in a server-side call 到 chromewebstore/v1.1/userlicenses/ 来检查用户许可?扩展程序和应用程序引擎项目都在同一个 gmail 帐户上注册。我想知道我的网络应用程序的用户是否购买了我的扩展程序。
gapi.auth.authorize({
scope: [
"https://www.googleapis.com/auth/plus.me",
"https://www.googleapis.com/auth/plus.login",
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/chromewebstore.readonly"].join(" "),
client_id: "xxxxx"
}, () => gapi.client.myapi.check_payment().execute())
App 引擎代码
import os
import urllib
import endpoints
import httplib2
from oauth2client import client
from protorpc import remote
from protorpc.message_types import VoidMessage
EXTENSION_ID = "xxxxx" # my extension id from Chrome Web Store Developer Dashboard
API_KEY = "xxxxx" # api key from Google APIs Console
CLIENT_ID = "xxxxx" # OAuth 2.0 client ID from Google APIs Console
SCOPES = [endpoints.EMAIL_SCOPE]
@endpoints.api(name="myapi", version="v1", allowed_client_ids=[CLIENT_ID], scopes=SCOPES)
class MyApi(remote.Service):
@endpoints.method(VoidMessage, VoidMessage)
def check_payment(self, msg):
user = endpoints.get_current_user()
assert user is not None
if "HTTP_AUTHORIZATION" in os.environ:
(tokentype, token) = os.environ["HTTP_AUTHORIZATION"].split(" ")
credentials = client.AccessTokenCredentials(token, 'my-user-agent/1.0')
http = credentials.authorize(httplib2.Http())
params = urllib.urlencode({"key": API_KEY})
url = "https://www.googleapis.com/chromewebstore/v1.1/userlicenses/%s?%s" % (EXTENSION_ID, params)
response = http.request(url)
响应 403 状态:{"domain":"global","reason":"forbidden","message":"You don\'t have access to licensing data for App ID: xxxxx"}
所以,是的,那是行不通的,这种请求只能通过 identity.getAuthToken 铸造的令牌授权。
是否可以使用 client-side generated access token in a server-side call 到 chromewebstore/v1.1/userlicenses/ 来检查用户许可?扩展程序和应用程序引擎项目都在同一个 gmail 帐户上注册。我想知道我的网络应用程序的用户是否购买了我的扩展程序。
gapi.auth.authorize({
scope: [
"https://www.googleapis.com/auth/plus.me",
"https://www.googleapis.com/auth/plus.login",
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/chromewebstore.readonly"].join(" "),
client_id: "xxxxx"
}, () => gapi.client.myapi.check_payment().execute())
App 引擎代码
import os
import urllib
import endpoints
import httplib2
from oauth2client import client
from protorpc import remote
from protorpc.message_types import VoidMessage
EXTENSION_ID = "xxxxx" # my extension id from Chrome Web Store Developer Dashboard
API_KEY = "xxxxx" # api key from Google APIs Console
CLIENT_ID = "xxxxx" # OAuth 2.0 client ID from Google APIs Console
SCOPES = [endpoints.EMAIL_SCOPE]
@endpoints.api(name="myapi", version="v1", allowed_client_ids=[CLIENT_ID], scopes=SCOPES)
class MyApi(remote.Service):
@endpoints.method(VoidMessage, VoidMessage)
def check_payment(self, msg):
user = endpoints.get_current_user()
assert user is not None
if "HTTP_AUTHORIZATION" in os.environ:
(tokentype, token) = os.environ["HTTP_AUTHORIZATION"].split(" ")
credentials = client.AccessTokenCredentials(token, 'my-user-agent/1.0')
http = credentials.authorize(httplib2.Http())
params = urllib.urlencode({"key": API_KEY})
url = "https://www.googleapis.com/chromewebstore/v1.1/userlicenses/%s?%s" % (EXTENSION_ID, params)
response = http.request(url)
响应 403 状态:{"domain":"global","reason":"forbidden","message":"You don\'t have access to licensing data for App ID: xxxxx"}
所以,是的,那是行不通的,这种请求只能通过 identity.getAuthToken 铸造的令牌授权。