PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false, ]; return Statics::$DB = new PDO($dsn, $_config['user'], $_config['password'], $opt); } function generateRandomAuthKey() { $random = ''; for ($i = 0; $i < 64; $i++) try { switch (random_int(1, 3)) { case 1: $random .= chr(random_int(ord('0'), ord('9'))); break; case 2: $random .= chr(random_int(ord('A'), ord('Z'))); break; case 3: $random .= chr(random_int(ord('a'), ord('z'))); break; } } catch (Exception $e) { die(json_encode(['success' => false, 'message' => 'Internal error - no randomness'])); } return $random; } /** * @param $url * @param $body * @param $header * @return array|object|string * @throws \Httpful\Exception\ConnectionErrorException */ function sendPOST($url, $body, $header) { $builder = \Httpful\Request::post($url); $builder->body($body); foreach ($header as $k => $v) $builder->addHeader($k, $v); $response = $builder->send(); if ($response->code != 200) throw new Exception("Repsponse code: " . $response->code); return $response->body; } function verifyOrderToken($tok) { // https://developers.google.com/android-publisher/api-ref/purchases/products/get try { $package = getConfig()['verify_api']['package_name']; $product = getConfig()['verify_api']['product_id']; $acctoken = getConfig()['verify_api']['accesstoken']; if ($acctoken == '') $acctoken = refreshVerifyToken(); $url = 'https://www.googleapis.com/androidpublisher/v3/applications/'.$package.'/purchases/products/'.$product.'/tokens/'.$tok.'?access_token='.$acctoken; $json = sendPOST($url, "", []); $obj = json_decode($json); if ($obj === null || $obj === false) { reportError('verify-token returned NULL'); return false; } if (isset($obj['error']) && isset($obj['error']['code']) && $obj['error']['code'] == 401) // "Invalid Credentials" -- refresh acces_token { $acctoken = refreshVerifyToken(); $url = 'https://www.googleapis.com/androidpublisher/v3/applications/'.$package.'/purchases/products/'.$product.'/tokens/'.$tok.'?access_token='.$acctoken; $json = sendPOST($url, "", []); $obj = json_decode($json); if ($obj === null || $obj === false) { reportError('verify-token returned NULL'); return false; } } if (isset($obj['purchaseState']) && $obj['purchaseState'] === 0) return true; return false; } catch (Exception $e) { reportError("VerifyOrder token threw exception: " . $e . "\n" . $e->getMessage() . "\n" . $e->getTraceAsString()); return false; } } /** @throws Exception */ function refreshVerifyToken() { $url = 'https://accounts.google.com/o/oauth2/token'. '?grant_type=refresh_token'. '&refresh_token='.getConfig()['verify_api']['refreshtoken']. '&client_id='.getConfig()['verify_api']['clientid']. '&client_secret='.getConfig()['verify_api']['clientsecret']; $json = sendPOST($url, "", []); $obj = json_decode($json); file_put_contents('.verify_accesstoken', $obj['access_token']); return $obj->access_token; }