function _dovetail_edition_credentials($url, $product_id, $secret, $token) { $response = null; $status = 'NOT_ENTITLED'; if ($token != '' && $product_id != '') { $status = 'OK'; $response = _dovetail_verify_entitlement($url, $product_id, $token); $check = _dovetail_check_entitlement_response($response); $failopen = $check['failopen']; $failmessage = $check['failmessage']; $state = $check['state']; if (!$state) { $status = 'NOT_ENTITLED'; } } $comments = array(); if ($token == '') { $comments[] = "NO TOKEN PROVIDED"; } if ($product_id == '') { $comments[] = "NO PRODUCT ID PROVIDED"; } if ($failopen) { $comments[] = "FAILING OPEN: " . $failmessage; } if ($response == NULL) { _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled = false, 'NOT_ENTITLED', $comments, array(), '', '', array()); } $comments[] = "Full Request:\n" . $response->request; $comments[] = "Code: " . $response->code; $status_message = empty($response->status_message) ? null : $response->status_message; $comments[] = "Status Message: {$status_message}"; if (isset($response->error) && !is_null($response->error) && $response->error != '' && (empty($status_message) || $response->error != $status_message)) { $comments[] = $response->error; } if ($status == 'OK') { _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled = true, 'active', $comments, array(), '', '', array()); } else { _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled = false, $status, $comments, array(), '', '', array()); } }
function pugpig_send_itunes_edition_credentials($appStorePassword, $subscriptionPrefix, $allowedSubscriptionArray, $binaryReceipt, $secret, $comments = array(), $proxy_server = '', $proxy_port = '') { global $iTunesErrorCodes; $itunesUrl = ''; $jsonResult = null; $jsonReceipt = null; $status = -1; $exception = ''; if ($binaryReceipt) { $base64Receipt = base64_encode($binaryReceipt); $jsonReceipt = json_encode(array('receipt-data' => $base64Receipt, 'password' => $appStorePassword)); // Always verify your receipt first with the production URL; proceed to // verify with the sandbox URL if you receive a 21007 status code. // Following this approach ensures that you do not have to switch between // URLs while your application is being tested or reviewed in the sandbox // or is live in the App Store. $itunesUrl = 'https://buy.itunes.apple.com/verifyReceipt'; $jsonResult = pugpig_validate_receipt_with_itunes($itunesUrl, $jsonReceipt, $proxy_server, $proxy_port); if ($jsonResult) { $status = $jsonResult->status; $comments[] = "BUY: Got status {$status}."; if (array_key_exists($status, $iTunesErrorCodes)) { $comments[] = "BUY: " . $iTunesErrorCodes[$status]; } if (isset($jsonResult->exception)) { $exception = $jsonResult->exception; } } else { $comments[] = "PUGPIG: Failed to connect to production iTunes. Maybe check your outbound rules."; } if ($status == 21007) { $comments[] = "PUGPIG: Trying the Sandbox validator."; $status = -1; $exception = ''; $itunesUrl = 'https://sandbox.itunes.apple.com/verifyReceipt'; $jsonResult = pugpig_validate_receipt_with_itunes($itunesUrl, $jsonReceipt, $proxy_server, $proxy_port); if ($jsonResult) { $status = $jsonResult->status; $comments[] = "SANDBOX: Got status {$status}."; if (array_key_exists($status, $iTunesErrorCodes)) { $comments[] = "SANDBOX: " . $iTunesErrorCodes[$status]; } if (isset($jsonResult->exception)) { $exception = $jsonResult->exception; } } else { $comments[] = "PUGPIG: Failed to connect to sandbox iTunes. Maybe it is down."; } } } else { $comments[] = "PUGPIG: No receipt data sent."; } $comments[] = "PUGPIG: Validated using: {$itunesUrl}"; if ($status == 0) { $receiptData = $jsonResult->receipt; $productId = $receiptData->product_id; $comments[] = "PUGPIG: Receipt Product ID: {$productId}"; $purchaseDate = $receiptData->original_purchase_date; $restoreDate = $receiptData->purchase_date; $expiresDate = ''; $comments[] = "PUGPIG: Valid receipt. Purchase date: {$purchaseDate}, Restore date: {$restoreDate}"; if (property_exists($receiptData, 'expires_date')) { $expiresDate = $receiptData->expires_date; } if ($expiresDate) { $expiresDate = gmdate('Y-m-d H:i:s \\E\\t\\c/\\G\\M\\T', $expiresDate / 1000); $comments[] = "PUGPIG: Valid receipt. Expires date: {$expiresDate}"; } // If this is an allowed subscription product, use the ID in the query string // We either match the prefix, or $is_subscription_product = false; if (!empty($subscriptionPrefix) && strpos($productId, $subscriptionPrefix) === 0) { $is_subscription_product = true; $comments[] = "PUGPIG: Subscription found - {$productId} matches {$subscriptionPrefix}"; } if (in_array($productId, $allowedSubscriptionArray)) { $is_subscription_product = true; $comments[] = "PUGPIG: Subscription found - {$productId} in supplied array"; } if ($is_subscription_product) { $productId = $_GET['productid']; } else { $comments[] = "PUGPIG: Using product ID from receipt data"; } _pugpig_subs_edition_credentials_response($productId, $secret, $entitled = true, 'active', $comments, array(), '', '', array()); } else { $writer = new XMLWriter(); $writer->openMemory(); $writer->setIndent(true); $writer->setIndentString(' '); $writer->startDocument('1.0', 'UTF-8'); $writer->startElement('error'); $writer->writeAttribute('status', $status); $writer->writeAttribute('exception', $exception); $writer->writeAttribute('validationurl', $itunesUrl); $writer->writeElement('subs_prefix', $subscriptionPrefix); $writer->writeElement('subs_list', implode(",", $allowedSubscriptionArray)); $writer->endElement(); foreach ($comments as $comment) { $writer->writeComment(" " . $comment . " "); } $writer->endDocument(); header('Content-type: text/xml'); echo $writer->outputMemory(); exit; } }
function pugpig_send_bbappworld_edition_credentials($license_secret, $subscription_prefix, $allow_sandbox, $pugpig_auth_secret, $product_id, $sku, $license, $receipt) { // the product_id is the id in the opds atom feed e.g. com.kaldorgroup.edition_141 // the sku is the id in the BlackBerry App World vendor portal for the virtual good, e.g. com_kaldorgroup_edition_141 // _pugpig_bbappworld_checks($license_secret); $comments = array(); $status = 'failed'; $error = ''; // todo: handle expiry at all here? $comments[] = "Checking product id: '{$product_id}'"; $comments[] = "With sku: '{$sku}'"; $comments[] = "Subscription prefix: '{$subscription_prefix}'"; $comments[] = "license: '{$license}'"; $comments[] = "Allow Sandbox: '{$allow_sandbox}'"; $decrypted_license = _pugpig_bbappworld_decrypt($license, $license_secret); if (empty($decrypted_license)) { $error = 'License will not decrypt.'; } else { $comments[] = 'License data: ' . $decrypted_license; $data = json_decode($decrypted_license, true); if (!$allow_sandbox && strcasecmp($data['test'], 'true')) { $comments[] = "License is for the test (sandbox) environment and this isn't allowed"; } else { $comments[] = 'Request is not for sandbox (or sandbox allowed).'; $license_sku = $data['sku']; $license_product_name = $data['product']; // check to see if the purchase was a subscription - either product name or sku can be matched $is_subscription_product = false; if (!empty($subscription_prefix)) { if (strpos($license_product_name, $subscription_prefix) === 0) { $is_subscription_product = true; $comments[] = "Subscription found - license product name '{$license_product_name}' matches '{$subscription_prefix}'"; } elseif (strpos($license_sku, $subscription_prefix) === 0) { $is_subscription_product = true; $comments[] = "Subscription found - license sku '{$license_sku}' matches '{$subscription_prefix}'"; } else { $comments[] = "Subscription not matched"; } } $product_allowed = false; if (!$is_subscription_product) { // it wasn't a subscription purchase, so check the specific sku $product_allowed = !strcasecmp($license_sku, $sku); if ($product_allowed) { $comments[] = "License's sku '{$license_sku}' matches requested sku '{$sku}'"; } else { $comments[] = "License's sku '{$license_sku}' does not match requested sku '{$sku}'"; } } if ($is_subscription_product || $product_allowed) { $status = 'OK'; } } } _pugpig_subs_edition_credentials_response($product_id, $pugpig_auth_secret, 'OK' === $status, $status, $comments, array(), $error); }
} } elseif (endsWith($user, "random")) { $issues = patcf_get_some_issues($all_issues, true); $message .= " You have access to an ever changing random set. Any download may fail"; } else { $issues = array(); $message .= " We don't know who you are."; } } } if ($issues === NULL || in_array($product_id, $issues)) { $entitled = true; } else { $entitled = false; } $extra_headers = array(); if ($user == "credserror") { $error_message = 'something bad happened'; $writer = _pugpig_subs_start_xml_writer(); $writer->startElement('credentials'); $writer->startElement('error'); if (!empty($error_message)) { $writer->writeAttribute('message', $error_message); } $writer->endElement(); $writer->endElement(); _pugpig_subs_end_xml_writer($writer); exit; } _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled, $state, $comments, array(), $message, $token, $extra_headers);
$message .= " You should have access to all issues while subscribed."; } else { $issues = array(); $message .= " You aren't active. You get nothing."; } } else { if (endsWith($user, "none")) { $issues = array(); $message .= " Sadly you don't have access to any issues anyway."; } else { if (endsWith($user, "some")) { $issues = patcf_get_some_issues($all_issues, FALSE); $message .= " You have access to every second issue."; } else { if (endsWith($user, "random")) { $issues = patcf_get_some_issues($all_issues, TRUE); $message .= " You have access to an ever changing random set. Any download may fail"; } else { $issues = array(); $message .= " We don't know who you are."; } } } } if ($issues === NULL || in_array($product_id, $issues)) { $entitled = TRUE; } else { $entitled = FALSE; } _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled, $state, $comments);
function pugpig_subs_cds_edition_credentials($url_base, $issue_prefix, $ignore_issue_based, $token, $product_id, $published_edition_tags, $secret, $proxy_server = null, $proxy_port = null, $comments = array(), $api_type = PUGPIG_CDS_DEFAULT_API_TYPE, $originator = null) { $comments[] = "Token is {$token}"; $issues = array(); $failed = false; $status = _pugpig_subs_cds_get_token_status_and_issues($url_base, $issue_prefix, $ignore_issue_based, $token, $issues, $comments, $failed, $published_edition_tags, $proxy_server, $proxy_port, $api_type, $originator); $error_message = ''; $entitled = true; if ($status != PugpigCDSStatus::Active && $status != PugpigCDSStatus::Inactive) { $error_message = 'User not recognised or suspended.'; $entitled = false; } elseif ($issues === NULL) { $comments[] = 'User has access to all issues'; $entitled = true; } else { $comments[] = 'User has access to only some issues'; if (in_array($product_id, $issues)) { $comments[] = 'This issue is in the allowed list'; $entitled = true; } else { $comments[] = 'This issue is not in the allowed list'; $error_message = 'Your subscription does not entitle you to this issue.'; $entitled = false; } } _pugpig_subs_edition_credentials_response($product_id, $secret, $entitled, $status, $comments, array(), $error_message); }
function pugpig_send_amazon_edition_credentials($user_id, $product_sku, $subs_sku, $token, $base_url, $amazon_secret, $pugpig_secret, $proxy_server = '', $proxy_port = '') { $result = _amazon_verify_token($user_id, $product_sku, $subs_sku, $token, $base_url, $amazon_secret, $proxy_server, $proxy_port); $status = $result['status']; $comments = $result['comments']; _pugpig_subs_edition_credentials_response($product_sku, $pugpig_secret, $status == 'OK', $status, $comments); }
function pugpig_send_google_edition_credentials($public_key, $signature, $signed_data, $sku, $base_url, $pugpig_secret) { $result = _google_verify_token($public_key, $signature, $signed_data, $sku, $base_url); _pugpig_subs_edition_credentials_response($sku, $pugpig_secret, $result['status'] == 'OK', $result['status'], $result['comments'], array(), $result['error']); }
function pugpig_send_google_edition_credentials($public_key, $signature, $signed_data, $sku, $base_url, $pugpig_secret, $subscriptionPrefix = '', $allowedSubscriptionArray = array()) { if ($allowedSubscriptionArray == '') { $allowedSubscriptionArray = array(); } $result = _pugpig_google_verify_token($public_key, $signature, $signed_data, $sku, $base_url, $subscriptionPrefix, $allowedSubscriptionArray); _pugpig_subs_edition_credentials_response($sku, $pugpig_secret, $result['status'] == 'OK', $result['status'], $result['comments'], array(), $result['error']); }