Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

verifyAndDecodeTransaction method throws an unexpected error when the bundleId of a transaction is nil which is a valid case #217

Open
benoitsan opened this issue Dec 3, 2024 · 0 comments
Open

verifyAndDecodeTransaction method throws an unexpected error when the bundleId of a transaction is nil which is a valid case #217

benoitsan opened this issue Dec 3, 2024 · 0 comments

Comments

@benoitsan
Copy link

If I run this sample code to get the information for a transaction about a non consumable in-app purchase, I get an error when verifyAndDecodeTransaction is perfomed. It throws an error VerificationError.INVALID_APP_IDENTIFIER.

func getTransactionInfo() async {
		let client = try! AppStoreServerAPIClient(signingKey: "[signingKey]", keyId: "[keyId]", issuerId: "[issuerId]", bundleId: "[bundleId]", environment: Environment.production)
		
		let response = await client.getTransactionInfo(transactionId: "180000300825378")
		
		switch response {
			case .success(let response):
				let appleRootCAs = [
					try! Data(contentsOf: Bundle.main.url(forResource: "AppleComputerRootCertificate", withExtension: "cer")!),
					try! Data(contentsOf: Bundle.main.url(forResource: "AppleIncRootCertificate", withExtension: "cer")!),
					try! Data(contentsOf: Bundle.main.url(forResource: "AppleRootCA-G2", withExtension: "cer")!),
					try! Data(contentsOf: Bundle.main.url(forResource: "AppleRootCA-G3", withExtension: "cer")!)
				]
				
				do {
					let verifier = try SignedDataVerifier(rootCertificates: appleRootCAs, bundleId: "[bundleId]", appAppleId: 12345, environment: Environment.production, enableOnlineChecks: true)
					
					let result = await verifier.verifyAndDecodeTransaction(signedTransaction: response.signedTransactionInfo!)
					
					switch result {
						case .valid(let payload):
							print(payload)
						case .invalid(let error):
							print(error)
					}
				} catch {
					//  --> WILL FAIL WITH ERROR VerificationError.INVALID_APP_IDENTIFIER
					print(error)
				}
			case .failure(let statusCode, let rawApiError, let apiError, let errorMessage, let causedBy):
				print(statusCode)
				print(rawApiError)
				print(apiError)
				print(errorMessage)
				print(causedBy)
		}
	}

The issue is these lines in verifyAndDecodeTransaction method (in SignedDataVerifier.swift file):

if self.bundleId != transaction.bundleId {
  return VerificationResult.invalid(VerificationError.INVALID_APP_IDENTIFIER)
}

This check is wrong because transaction.bundleId can be nil for a transaction. I don't know why it's missing for some transactions, perhaps because it's an old transaction (2017) in my case.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@benoitsan