We use essential cookies for the website to function, as well as analytics cookies for analyzing and creating statistics of the website performance. To agree to the use of analytics cookies, click "Accept All". You can manage your preferences at any time by clicking "Cookie Settings" on the footer. More Information.

Only Essential Cookies
Accept All

API for Confirming the Purchase for the Order Service

Function

This API is used to notify the Huawei IAP server to update the delivery status of a consumable after it is successfully delivered. If no notification is sent, the consumable cannot be purchased again.

NOTE

This API has a similar usage to the consumeOwnedPurchase API of the IAP client.

When you use this API to confirm orders, the IAP server may have updated the product confirmation status but the IAP client not due to the cache mechanism of the IAP client, that is, the obtainOwnedPurchases API of the IAP client returns confirmed orders. In this case, when this API is used to send a confirmation request to the IAP server, you are advised to record the confirmation result to your server. Before confirming the order returned by the obtainOwnedPurchases API, you can check the confirmation status of the order on your server.

Prototype

Protocol

HTTPS POST

Direction

Developer server -> Huawei IAP server

URL

{rootUrl}/applications/v2/purchases/confirm

NOTE

The value of rootUrl varies depending on the site. You must select the order service address of the nearest site for access. For details, please refer to Site Information and Site Selection.

Data Format

Request: Content-Type: application/json

Response: Content-Type: application/json

Request Parameters

Request Header

Parameter

Mandatory (M)/Optional (O)

Type

Description

Content-Type

M

String

Value: application/json; charset=UTF-8

Authorization

M

String

Authentication information, which should contain data generated based on the access token for authentication by the Huawei IAP server. The access token is obtained through the Huawei public API for OAuth 2.0-based authentication. The authentication information format is described in Overview, and for details about how to obtain the access token, please refer to App-Level Access Token Obtaining.

Request Body

Parameter

Mandatory (M)/Optional (O)

Type

Description

purchaseToken

M

String

Purchase token of a product, which is returned when an app initiates a purchase request or queries subscription information.

productId

M

String

Product ID.

Request Example

POST /applications/v2/purchases/confirm
Content-Type: application/json; charset=UTF-8
Authorization: Basic QVQ6Q1YzQ1NPbVlBaGwrZUtRWExtMTBVV2pyWXZHTVF4MmYvcVMya1B0ZElLY3UwaFJrdFNTMmxwdk1FQkIyYldXWGt0REVaR3I4UjFUTTRLMVlmNXdwWU80RG04THdXQWxjaFhEYjBMUjBNTUJtWnFYcGFtazc3THN3UnFJbkhHK28xekdqRzNSMg==
Accept: application/json
Content-Length: 143
{
  "purchaseToken": "00000173741056a37eef310dff9c6a86fec57efafe318ae478e52d9c4261994d64c8f6fc8ea1abbdx5347.5.3089",
  "productId": "prd1"
}

Response Parameters

Response Header

Parameter

Mandatory (M)/Optional (O)

Type

Description

Content-Type

M

String

Value: application/json; charset=UTF-8

Response Body

Parameter

Mandatory (M)/Optional (O)

Type

Description

responseCode

M

String

Result code. The options are as follows:

  • 0: success
  • Other values: failure. For details about the result codes, please refer to Result Codes.

responseMessage

O

String

Response description.

Response Example

HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 67
{
  "responseCode": "0"
  "responseMessage": "consume success"
}

Call Example

NOTE

After a payment is complete, your app obtains the InAppPurchaseData string in JSON format. InAppPurchaseData contains the accountFlag field.

The following is a part of Java sample code in Server Sample Code, in which you also can find sample code of other languages. You can download the sample code to check the libraries and methods in detail.

Java
Python
Go
public class OrderService {
    // Use the actual IP address and port number in ip:port. Process logic related to certificate authentication when HTTPS is used.
    public static final String TOC_SITE_URL = "https://ip:port";
    // Service address provided for telecom carriers.
    public static final String TOBTOC_SITE_URL = "https://orders-at-dre.iap.dbankcloud.com";

    // The value of accountFlag can be obtained from InAppPurchaseData.
    public static String getRootUrl(Integer accountFlag) {
        if (accountFlag != null && accountFlag == 1) {
            return TOBTOC_SITE_URL;
        }
        return TOC_SITE_URL;
    }

    public static void confirmPurchase(String purchaseToken, String productId, String developerPayload,Integer accountFlag)
        throws Exception {
        // Obtain the app-level access token.
        String appAt = AtDemo.getAppAT();
        // Construct an Authorization object in the request header.
        Map<String, String> headers = AtDemo.buildAuthorization(appAt);

        // Generate the request body.
        Map<String, String> bodyMap = new HashMap<>();
        bodyMap.put("purchaseToken", purchaseToken);
        bodyMap.put("productId", productId);
     

        String msgBody = JSONObject.toJSONString(bodyMap);
        // In the demo, 5000 is used as the timeout interval. You can adjust the value as required.
        String response = AtDemo.httpPost(getRootUrl(accountFlag) + "/applications/v2/purchases/confirm",
            "application/json; charset=UTF-8", msgBody, 5000, 5000, headers);
        // Display the response as a character string on the console. You can replace the processing method based on the service logic.
        System.out.println(response);
    }
}
class OrderService:
    def __init__(self):
        # TODO: Replace ip:port with the actual IP address and port number. Process logic related to certificate authentication when HTTPS is used.
        self.TOC_SITE_URL = "https://ip:port"
        # Service address provided for telecom carriers.
        self.TOBTOC_SITE_URL = "https://orders-at-dre.iap.dbankcloud.com"
        self.confirmPurchaseUrl = "%s/applications/v2/purchases/confirm"

    def getRootUrl(self, accountFlag):
        if accountFlag is not None and accountFlag == 1:
            return self.TOBTOC_SITE_URL
        return self.TOC_SITE_URL

    def confirmPurchase(self, purchaseToken, productId, accountFlag):
        # Obtain the app-level access token.
        appAt = AtDemo.getAppAT()
        if appAt is None or appAt == "":
            return
        # Add authorization information to the request header.
        headers = AtDemo.buildAuthorization(appAt)
        # Generate the request body.
        bodyDict = {"purchaseToken": purchaseToken, "productId": productId}
        data = json.dumps(bodyDict)
        response = AtDemo.httpPost(self.confirmPurchaseUrl % self.getRootUrl(accountFlag), str.encode(data), headers)
        # TODO: Show the response as a character string in the console. You can change the processing method based on the service logic.
        print(response)
type OrderClient struct {
}

var OrderDemo = &OrderClient{}

func getOrderUrl(accountFlag int) string {
  if accountFlag == 1 {
    // Service address provided for telecom carriers.
    return  "https://orders-at-dre.iap.dbankcloud.com"
  } else
  {
    // TODO: Replace ip:port with the actual IP address and port number. Process logic related to certificate authentication when HTTPS is used.
    return  "https://ip:port"
  }
}

func (orderDemo *OrderClient) ConfirmPurchase(productId, purchaseToken string,accountFlag int) {
  bodyMap := map[string]string{
    "purchaseToken":             purchaseToken,
    "productId":          productId,
  }
  url := getOrderUrl(accountFlag)+ "/applications/v2/purchases/confirm"
  bodyBytes, err := SendRequest(url, bodyMap)
  if err != nil {
    log.Printf("err is %s", err)
  }
  // TODO: Show the response as a character string in the console. You can change the processing method based on the service logic.
  log.Printf("%s", bodyBytes)
}
Search
Enter a keyword.