Validate Windows Phone In-App purchase receipts

memsswano

New Member
I'm working on a Windows Phone 8 app. My app will include in-app purchases. I'm trying to understand the receipt concept. From my understanding, after someone purchases a product inside of my app, a receipt is generated. \[code\]<?xml version="1.0"?><Receipt Version="1.0" CertificateId="{Identifier1}" xmlns="http://schemas.microsoft.com/windows/2012/store/receipt"> <ProductReceipt PurchasePrice="${PurchaseAmount}" PurchaseDate="{DateTime}" Id="{Guid1}" AppId="{Guid2}" ProductId="{ProductName}" ProductType="Consumable" PublisherUserId="{Identifier2}" PublisherDeviceId="{Identifier3}" MicrosoftProductId="{Guid3}" /> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> <Reference URI=""> <Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /></Transforms> <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> <DigestValue>{Identifier4}</DigestValue> </Reference> </SignedInfo> <SignatureValue>{HashedValue}</SignatureValue> </Signature></Receipt>\[/code\]Great! I'm not sure how to tell if this receipt came from Microsoft's servers though. Can someone explain to me how to verify that? I saw this: http://code.msdn.microsoft.com/wpapps/In-app-purchase-receipt-c3e0bce4 However, it doesn't make sense to me. I don't understand the certificates in the example. Is "IapReceiptProduction.cer" a set thing? Or is just for this sample? I'm sorry if this is a dumb question.
 
Back
Top