Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add decode utils for response body v2 of app store #156

Open
takecy opened this issue Jan 25, 2022 · 7 comments
Open

add decode utils for response body v2 of app store #156

takecy opened this issue Jan 25, 2022 · 7 comments
Labels
app store

Comments

@takecy
Copy link
Member

takecy commented Jan 25, 2022

@takecy takecy mentioned this issue Jan 25, 2022
Closed
@thilonel
Copy link

@takecy I was trying to figure this out, here's a gist of where I am: https://gist.github.com/thilonel/7b7285b9bad211cc88a1b8ccfdbe9e0e

What do you think?

@takecy
Copy link
Member Author

takecy commented Jan 26, 2022

Thanks! Looks like a good example 👀
If the tokenString in the gist is the following, it should work.
https://developer.apple.com/documentation/appstoreservernotifications/responsebodyv2

I have used this package which is very similar.
https://github.com/dgrijalva/jwt-go

This package made by squre also seems to be used a lot.
https://github.com/square/go-jose

@thilonel
Copy link

@takecy tokenString is the value of signedPayload. What I'm mostly worried about here, is if verifying the signature of the signing cert by the intermediate is enough or not.

The about section of https://github.com/dgrijalva/jwt-go links to golang-jwt, which I've used. It's practically the same, just got cloned to a community maintained repo.

I also checked go-jose, but ended up with this. 🤷‍♂️

Will you integrate this functionality into go-iap or do you want me to fork and PR? I'd say with the help of the gist, you're gonna be way faster by yourself :) No forth and back on anything :)

@RealLau
Copy link

RealLau commented May 14, 2023

any update bro?
I also found an example that uses Python, but I don't know how to convert it to golang:
here

@richzw richzw mentioned this issue May 15, 2023
Merged
@richzw
Copy link
Collaborator

richzw commented May 15, 2023

@RealLau , I try to add the method ParseNotificationV2 to parse the notification v2 body. You could try it.

@Daydaylw3
Copy link
Contributor

@richzw hi, thx for your method. But could you give me an example about how to decode SignedRenewalInfo and SignedTransactionInfo field?

@richzw
Copy link
Collaborator

richzw commented May 23, 2023

@Daydaylw3

Here is one sample code to use ParseNotificationV2 to decode SignedRenewalInfo and SignedTransactionInfo field

      tokenStr := SignedRenewalInfo // or SignedTransactionInfo
      if err := c.ParseNotificationV2(tokenStr, result); err != nil {
      }

      if !result.Valid {
      }

      claims := result.Claims.(jwt.MapClaims)
      for key, val := range claims {
        fmt.Printf("Key: %v, value: %v\n", key, val) // key value of SignedRenewalInfo
      }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
app store
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@takecy @richzw @thilonel @RealLau @Daydaylw3