app-store-server-library 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/app_store/signed_data_verifier.rb +8 -17
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c393a6e8b61ce0a2639b8d70cd63f7157d6d3493bb5ca1aacf84bd40e562116e
|
4
|
+
data.tar.gz: ac9b3992dfff499a76e604804e66e9516c320f02706124c47a75e0c256098182
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b1b59770239a30efe2c889e3ae6478be50262b21b5d5099e44b379b3dffbfbecd8058288a106d5d287ca247e55d3585781d926b1c76bfe3a3878677808012c09
|
7
|
+
data.tar.gz: 8bc948d2348b30e00bfb965eb41fead0056cc8b3317c8516bd081ed9c20e5fa28c4dbcfd13cc5541f7bdc1dddf8c9b1adc5db82ebb9749b429626677335081b3
|
@@ -44,7 +44,13 @@ module AppStore
|
|
44
44
|
|
45
45
|
def verify_and_decode_notification(signed_payload)
|
46
46
|
decoded_jwt = verify_jwt(signed_payload)
|
47
|
-
|
47
|
+
payload = decoded_jwt['data'] || decoded_jwt['summary'] || decoded_jwt['externalPurchaseToken']
|
48
|
+
app_apple_id = payload['appAppleId']
|
49
|
+
bundle_id = payload['bundleId']
|
50
|
+
environment = payload['environment']
|
51
|
+
if payload['externalPurchaseId']
|
52
|
+
environment = payload['externalPurchaseId']&.start_with?('SANDBOX') ? ENVIRONMENTS[:sandbox] : ENVIRONMENTS[:production]
|
53
|
+
end
|
48
54
|
verify_notification(bundle_id, app_apple_id, environment)
|
49
55
|
decoded_jwt
|
50
56
|
end
|
@@ -77,7 +83,7 @@ module AppStore
|
|
77
83
|
|
78
84
|
payload
|
79
85
|
rescue JWT::DecodeError, JWT::VerificationError => e
|
80
|
-
raise VerificationException
|
86
|
+
raise VerificationException, :verification_failure
|
81
87
|
end
|
82
88
|
|
83
89
|
def verify_certificate_chain(trusted_roots, leaf, intermediate, effective_date)
|
@@ -110,21 +116,6 @@ module AppStore
|
|
110
116
|
raise VerificationException, :invalid_certificate
|
111
117
|
end
|
112
118
|
|
113
|
-
def extract_info(decoded_jwt)
|
114
|
-
app_apple_id = decoded_jwt.dig('data', 'appAppleId') ||
|
115
|
-
decoded_jwt.dig('summary', 'appAppleId') ||
|
116
|
-
decoded_jwt.dig('externalPurchaseToken', 'appAppleId')
|
117
|
-
bundle_id = decoded_jwt.dig('data', 'bundleId') ||
|
118
|
-
decoded_jwt.dig('summary', 'bundleId') ||
|
119
|
-
decoded_jwt.dig('externalPurchaseToken', 'bundleId')
|
120
|
-
environment = if decoded_jwt.dig('externalPurchaseToken', 'externalPurchaseId')&.start_with?('SANDBOX')
|
121
|
-
ENVIRONMENTS[:sandbox]
|
122
|
-
else
|
123
|
-
ENVIRONMENTS[:production]
|
124
|
-
end
|
125
|
-
[app_apple_id, bundle_id, environment]
|
126
|
-
end
|
127
|
-
|
128
119
|
def verify_notification(bundle_id, app_apple_id, environment)
|
129
120
|
if @bundle_id != bundle_id || (environment == ENVIRONMENTS[:production] && @app_apple_id != app_apple_id)
|
130
121
|
raise VerificationException, :invalid_app_identifier
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: app-store-server-library
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Illia Kasianenko
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-08-
|
11
|
+
date: 2024-08-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|