App Licensing – How-To
- AndroidPIT App Center 1.5 or higher
- Android version 1.6 or higher
- AndroidPIT Licensing Library
- Android License Verification Library (LVL)
- Eclipse Android Development Tools (ADT)
You are already using LVL?
If you are already using the Android License Verification Library, implementing the AndroidPIT Licensing Library is really simple.
Download the AndroidPIT Licensing Library and add it to your project.
Change the following two variable definitions from
Change the creation of the checker from
Change the definition of your listener from (example)
Change the type of the errorCode parameter in the applicationError method from
and extend the error handling with the AndroidPIT response codes (see below).
Thatʼs it! The call to the checker method as well as the allow() and dontAllow() callback method implementations do not need to be changed.
On the Quick Run
The AndroidPIT Licensing Library is very similar to Googleʼs Android License Verification Library (LVL). To use the AndroidPIT Licensing Library, add the Android License Verification Library (LVL) and the AndroidPIT Licensing Library to your project. In your onCreate() method, create an instance of the AndroidPitLicenseChecker and provide it with an instance of a class that implements the IAndroidPitLicenseCheckerCallback interface. Additionaly, you require a license key, which we will provide to you in your developer profile on the AndroidPIT website. An example of an Activity may look like this:
Additionally to checking for a valid license on AndroidPIT, you can easily allow the AndroidPIT licensing to check at the Android Market, too. To do so, adapt the constructor call of the AndroidPitLicenseChecker to take the Google policy and the Google public key as well. For all other steps to setup LVL, please consult the LVL documentation.
The AndroidPIT licensing system is oriented on the Android License Verification Library (LVL) introduced by Google. It provides capabilities to check the validity of apps, which are purchased via the AndroidPIT App Center. A requirement so is the connection to the AncroidPIT license server through the internet. Additionally, the end user requires to have a valid AndroidPIT account.
With the help of the AndroidPIT Licensing Library, your application will check via the App Center if the end user is in posession of a valid license to run your app. The validity check happens each time the application starts but earliest once a day or when an internet connection is available. In the meantime a cached value from the last request is returned (keep in mind that the time frame in which the cache is valid may change anytime).
This step-by-step guide is based on the fact that you are using the Eclipse ADT. In the case you are using different development tools, you may be required to do some more steps.
Download the AndroidPIT Licensing library and the Android License Verification Library (LVL) and add them as projects to Eclipse. To use the AndroidPIT Licensing Library, at least Android API version 4 is requred which was introduced with Android 1.6. Create a new Android application and add the androidpit-licensing-lib in the preferences under android as a dependend library to the application project. Please also check if the library correctly links to the Android License Verification Library (LVL).
My Project shows unresolved symbols or I can not compile my App.
Please check for the paths to the Google LVL and the AndroidPIT Licensing library inside the Preferences dialog of your Android Project. They should match to the paths on your filesystem.
The settings for the AndroidPIT Licensing Library should look like this, matching your paths:
How do I setup the license check in my code?
To allow the licensing library to check for a valid license via the AndroidPIT App Center, instantiate in the onCreate() method of your activity an instance of the class MyLicenseCheckerCallback. The constructor expects an instance of the context, which usually is the activity itself. The resulting code may look like this:
Furthermore, the constructor requires information about the package name of your app and the base64-encoded public key, which we provide to you in your developer profile on the AndroidPIT website.
How do I get notified from the license server?
The license is checked by calling checkAccess() on the AndroidPitLicenseChecker instance. The method requires a callback object which implements the interface IAndroidPitLicenseCheckerCallback. It is up to you to implement this class and fill it with code that suites your needs. The allow() method will be called from within the Licensing Library to notify you about a successful validation of the license of the user. In any other case dontAllow() is called. Additionally, the method applicationError() informs you about errors that may happen during the license check. You have full control on the actions, which will take place in these three methods.
How do I additionally check for a license in the Android Market?
In addition to the check against our licensing system, we provide an easy to use integration of Googleʼs Android License Verification Library (LVL). To integrate this, just add your LVL policy and public key to the constructor of our AndroidPitLicenseChecker. The license check will then take place inside the code of the license library. If the license check against Google is successful you will directly be notified by the callback object through the allow() method you wrote some minutes before. Negative responses will result in an additional request to the AndroidPIT licensing servers. Only if these calls fail, you will get a negative answer from the licensing library.
This example orients on the example from the Google API.
How can I test different error messages from the licensing server?
On the licensing page in your developer profile at AndroidPIT, you can set up a response code that will be send by the licensing server. This is useful if you want to test if your application correctly responds to the error messages from our license server. To accomplish this, just select the appropriate value from the drop down list. Then, the license server will always answer with the selected response code if you are logged in with your developer account on your test device.
How do I disable the caching of the result in the App Center?
The App Center stores the result of the last request for at least a day or until the mobile device is able to contact our license server through the internet. To disable this caching, you can enable the debug mode in the license checker. To do this just call setDebug(true). This will disable caching of all requests send to the App Center. Donʼt forget to turn off debug mode before publishing your app.
What happens if the user is not logged in into the App Center?
If no or invalid credentials are stored in the App Center, the library will show a popup dialog to ask for the userʼs AndroidPIT e-mail address and password.
How can I make sure, that the license requests hits the license server?
The AndroidPIT license library contains the class AndroidPitSignedLicenseChecker. This class provides the possibility to check if the request reached the license server or not. To asure that the license server signes the license response using the private key of the developer of the App. The library validates the received data with the signature using the AndroidPitLicenseingResponseValidator additionaly by comparing the Salt send in the request with the Salt found in the response data. Please consider that this mechanism does not provide any caching of the license state. Every response has to be calculated at the license server by the given request data. If the user has no connection to the license server, the library responses with a ERROR_NOT_CONNECTED.
An example using the AndroidPitSignedLicenseChecker may look like this:
Can I provide my own license validator? I want to check the validity of the response on my own behalf.
Yes, that is possible. Please implement the Inteface ILicensingResponseValidator and provide an instance of the implementing class to the AndroidPitSignedLicenseChecker. This class has to implement two methods. getSalt() has to return an integer, wich will be used as a Salt on the license check validation. This salt should be stored during the request to be able to check against the salt returned on the response if this check is desired. The method checkResponse() should validate the response data and should return a AndroidPitLicenseCheckCode.NOT_LICENSED on failure. If the validation succeeds the response code from the server has to be returned. As a sample implementation you can consult AndroidPitLicensingResponseValidator from the AndroidPIT licensing library.
My project can not find the enumeration de.androidpit.AndroidPitLicenseCheckError.
This enumeration was renamed to de.androidpit.AndroidPitLicenseCheckCode.
How can I create a PublicKey based on the Base64-String?
As you may noticed we provide you the public key as a Base64 encoded string. In order to check the signature to the response data you are required to convert this String into a PublicKey object. The following code will show you how to accomplish that.
AndroidPIT Licensing Library
If you are using the old Android Market licensing library (Package
com.android.vending.licensing), please use this version of the AndroidPIT licensing library:
AndroidPIT Licensing Library Version 1.3
If you are using the new Google Play library (Package
com.google.android.vending.licensing), use the following version of the AndroidPIT licensing library:
AndroidPIT Licensing Library Version 2.1
- My Project shows unresolved symbols or I can not compile my App.
- How do I setup the license check in my code?
- How do I get notified from the license server?
- How do I additionally check for a license in the Android Market?
- How can I test different error messages from the licensing server?
- How do I disable the caching of the result in the App Center?
- What happens if the user is not logged in into the App Center?
- How can I make sure, that the license requests hits the license server?
- Can I provide my own license validator? I want to check the validity of the response on my own behalf.
- My project can not find the enumeration de.androidpit.AndroidPitLicenseCheckError.
- How can I create a PublicKey based on the Base64-String?