question

101apps avatar image
101apps asked

more info on RVSSandbox.war please

hi i'd like to implement and test the receipt validation service. what is the RVSSandbox.war file? where can i see an example that i can edit to suite my needs? thanks 101apps
iap
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi 101apps, Thank you for writing to us. RVSSandbox.war is a Receipt Verification Service Sandbox testing environment is provided in the Amazon Mobile App SDK package as a deployable (in a java based web server like Tomcat) WAR file. You can refer below link to get the information on deployment steps of web application resource (WAR) files. http://tomcat.apache.org/tomcat-6.0-doc/deployer-howto.html Once you deploy the war in the Tomcat in localhost, you should call the service by following url http://localhost:8080/RVSSandbox/verify/developer/{developerSecret}/user/{appUserId}/purchaseToken/{token} http://localhost:8080/RVSSandbox//renew/developer/{developerSecret}/user/{appUserId}/purchaseToken/{token} The sandbox always returns 200 as returns code for verify request. You may want to change the response code for testing your RVS implementation in you app server. You can modify the existing code or write a your own Servlet to fulfill your need. Below is the code what is there in the RVSSandbox service public class IAPVerificationService { private static ObjectMapper mapper = new ObjectMapper(); private static final Random rand = new Random(); @GET @Path("/verify/developer/{developerSecret}/user/{appUserId}/purchaseToken/{token}") @Produces({"application/json"}) public Response verifyToken(@PathParam("developerSecret") String developerSecret, @PathParam("appUserId") String appUserId, @PathParam("token") String encodedToken) { try { String tokenJson = new String(Base64.decodeBase64(encodedToken.getBytes("UTF-8"))); Token token = (Token)mapper.readValue(tokenJson.getBytes(), Token.class); switch (validateToken(token)) { case 496: return Response.serverError().entity(VerifyError.secret).status(496).build(); case 497: return Response.serverError().entity(VerifyError.appUserId).status(497).build(); case 498: return Response.serverError().entity(VerifyError.invalidToken).status(498).build(); case 499: return Response.serverError().entity(VerifyError.invalidToken).status(499).build(); } return Response.ok().entity(new VerifyResponse(token.getType(), token.getSku(), token.getStartDate(), token.getStopDate(), encodedToken)).build(); } catch (JsonParseException e) { e.printStackTrace(); return Response.serverError().entity(VerifyError.invalidToken).status(498).build(); } catch (UnrecognizedPropertyException e) { e.printStackTrace(); return Response.serverError().entity(VerifyError.invalidToken).status(498).build(); } catch (Exception e) { e.printStackTrace(); return Response.serverError().entity(e).status(500).build(); } } @GET @Path("/renew/developer/{developerSecret}/user/{appUserId}/purchaseToken/{token}") @Produces({"application/json"}) public Response renewToken(@PathParam("devSecret") String developerSecret, @PathParam("appUserId") String appUserId, @PathParam("token") String token) { return Response.ok().entity(new RenewResponse(token)).build(); } private int validateToken(Token token) { return 0; } } Let us know if you have further questions.
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

101apps avatar image
101apps answered
hi, okay got Tomcat up and running and when running sandbox i get "receipt verification service sandbox is up!" so seems that's all working. now my problem: i am not familiar with servlets and java server pages so i need some help with what i need to study up on: 1) seems i need to set up a test website on the tomcat server. this needs a servlet or java server page which will receive 2 values from the android app: (1) the user id and (2) the token. it then builds a httpget string containing the ID, token and secret code. this is then sent to sandbox which returns a response 2) the test website needs a servlet or java server page to receive the response code (200, 400, etc). it processes this code and takes the appropriate action, either allow the file (that the app user has purchased) to download or send a failure message back to the app. so, if i am correct with this, essentially i need to find out how to create a java server page or servlet to receive the user id and token from the app (once the purchase has been made) and place this in the test website. it is this page that will then communicate with the amazon receipt verification service. on receiving the resulting response code, this servlet or java server page will then communicate back with the android app. but in a live situation, what do i do? i take it i place this servlet or java page in the live website? but then surely the httpget address will differ as it will have to be directed to the live amazon verification service? is it possible to get an example of the servlet or java server page that will need to be placed in the live website to communicate with the app and the amazon verification service? appreciate some help here thanks regards 101apps
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

beesquare2013 avatar image
beesquare2013 answered
The developer secret/shared secret has invalid characters such '/'. Does the secret key need to be encoded in some way? Base64 for example?
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi 101apps, RVSSandbox.war is provided for testing your apps transactions during development/QA. When you submit the app after final QA check, you are supposed to modify the RVS url to the live one. During development, you can set up your own RVS system by using the RVS sample and also modify it for testing different scenarios, e.g. non 200 response codes.
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
developerSecret should never contain character like '/'. If this is the case please raise a ContactUs ( https://developer.amazon.com/help/contactus.html) with the account details and developerSecret, we would investigate further.
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

durandal-x avatar image
durandal-x answered
There isn't any documentation on RVSSandbox.war on the Amazon website - there are some hyperlinks that allude to some documentation but they just point at some web pages that point back at the original source. So - let me add some notes to jump start other developers who are looking at implementing external receipt validation. - RVSSandbox.war simulates the Amazon receipt verification service, not the service you need to implement for your app to talk to. Your receipt verification web app should redirect its sandbox verification requests to a tomcat server you set up that runs the RVSSandbox.war. - The URL pathing to RVSSandbox is currently not what's listed in several of the forums posts. The definitive answer is in the WEB-INF/web.xml of the RVSSandbox.war file (unzip it and look at it). Currently, the correct path to the sandbox is: http:// /version/2.0/verify/developer/ /user/ /purchaseToken/ - I don't believe or are used. Only purchase token is unpacked and the values in it drives some logic in RVSSandbox.war Hopefully any Amazon representatives will correct any errors on my notes here.
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Thanks Durandal for giving more clarity on RVSSandbox to community. You are correct in all aspects.
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

bisonburt avatar image
bisonburt answered
FYI:I had to add /version/2.0/ to the url http://localhost:8080/RVSSandbox/version/2.0/verify/developer/...
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Looking at web.xml of current war file. CXFServlet /version/2.0/* Also the path defined for sample calls are documented same way. https://developer.amazon.com/public/apis/earn/in-app-purchasing/docs/rvs#Sample%20Calls%20and%20Responses
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Charles W Linker avatar image
Charles W Linker answered
Thanks durandal_x, I just got asked to try to setup this Sandbox w/o any real documentation about how to go about it. Found this post quickly though, so perhaps I'll be able to squeeze in this request after all. Your post will likely be saving other developers lots of time and frustration. Seems like Amazon should at least add a few thousand bucks to your Amazon account as a thank you. :)
10 |5000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.