storekit 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 1ee9b3cd6f71b6dd6d5505efc6cc45d0bfde0126
+  data.tar.gz: 39f312184c3d8e3f3a8559d61e97c405ddc9abc1
+SHA512:
+  metadata.gz: 7e917170d988f9120b46647d489ac718263dc0c345e3ed1929390868f8668fa5b6366457150f4d2f8abd8766f2ed84a89157b2b49ccda6a3cecab9bd8fb12fe7
+  data.tar.gz: 9a9b9cd81e8089d56b8f5ce8afafdfa151edcba212e29ae34f9a4cd9ed733f2200fd3987a0df329339a55b31a579afa5cfa14b75038c9691eb3491cbc4335d4c

data/.gitignore

@@ -0,0 +1,36 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 R&D Allm Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,47 @@
+# storekit_ruby
+
+[![Code Climate](https://codeclimate.com/github/sujrd/storekit_ruby/badges/gpa.svg)](https://codeclimate.com/github/sujrd/storekit_ruby)
+[![Gem Version](http://img.shields.io/gem/v/storekit.svg)](https://rubygems.org/gems/storekit)
+
+This is a no frills gem for verifying Apple App Store In App Purchase receipts.
+
+## Installation
+
+  $ gem install storekit
+
+## Usage
+
+```ruby
+require 'storekit'
+
+data = "<Base64-Encoded Receipt Data>"
+
+# This client tries to validate against the production endpoint first. If it
+# fails because of error 21007, it automatically validates against the sandbox
+# endpoint.
+client = StoreKit::FallbackClient.new
+client.shared_secret = "really secret string"
+
+begin
+  receipt = client.verify! data
+
+  # The raw data
+  p receipt.receipt_data
+
+  # Just the IAP receipts
+  p receipt.iap_receipts
+
+  # Hash, mapping from original TX IDs to array of transactions sorted in
+  # ascending order by purchase date.
+  p receipt.receipt_chains
+
+  # Do whatever you need to do to store the purchase state...
+rescue StoreKit::ValidationError => e
+  # ¯\_(ツ)_/¯
+  raise 'no soup for you!'
+end
+```
+
+## License
+
+This gem is available under the MIT license. See the LICENSE file for more info.

data/Rakefile

@@ -0,0 +1,9 @@
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+desc 'Run tests'
+task default: :test

data/lib/storekit.rb

@@ -0,0 +1,12 @@
+require 'net/http'
+require 'openssl'
+require 'json'
+
+module StoreKit
+end
+
+require 'storekit/version'
+require 'storekit/client'
+require 'storekit/fallback_client'
+require 'storekit/error'
+require 'storekit/receipt'

data/lib/storekit/client.rb

@@ -0,0 +1,39 @@
+module StoreKit
+  SANDBOX_HOST = 'sandbox.itunes.apple.com'
+  PRODUCTION_HOST = 'buy.itunes.apple.com'
+
+  class Client
+    attr_accessor :shared_secret
+
+    def self.sandbox
+      new(SANDBOX_HOST)
+    end
+
+    def self.production
+      new(PRODUCTION_HOST)
+    end
+
+    def initialize(host)
+      @http = Net::HTTP.new host, 443
+      @http.use_ssl = true
+      @http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+    end
+
+    def verify!(base64_payload)
+      payload = {'receipt-data' => base64_payload}
+      payload['password'] = shared_secret if shared_secret
+
+      req = Net::HTTP::Post.new '/verifyReceipt'
+      req.body = JSON.generate payload
+      resp = @http.request(req)
+
+      decoded = JSON.parse resp.body
+
+      if decoded['status'] == 0
+        Receipt.new decoded
+      else
+        raise ValidationError.new decoded['status']
+      end
+    end
+  end
+end

data/lib/storekit/error.rb

@@ -0,0 +1,29 @@
+module StoreKit
+  class Error < ::StandardError
+  end
+
+  class ValidationError < Error
+    attr_reader :status_code
+
+    def initialize(status_code)
+      @status_code = status_code
+      message =
+        case status_code
+        when 21000 then 'The App Store could not read the JSON object you provided.'
+        when 21002 then 'The data in the receipt-data property was malformed or missing.'
+        when 21003 then 'The receipt could not be authenticated.'
+        when 21004 then 'The shared secret you provided does not match the shared secret on file for your account.'
+        when 21005 then 'The receipt server is not currently available.'
+        when 21006 then 'This receipt is valid but the subscription has expired.'
+        when 21007 then 'This receipt is from the test environment, but it was sent to the production environment for verification.'
+        when 21008 then 'This receipt is from the production environment, but it was sent to the test environment for verification.'
+        else 'Unknown error'
+        end
+      super(message)
+    end
+
+    def server_error?
+      [21004, 21007, 21008].include?(status_code) || message == 'Unknown error'
+    end
+  end
+end

data/lib/storekit/fallback_client.rb

@@ -0,0 +1,16 @@
+module StoreKit
+  class FallbackClient
+    attr_accessor :shared_secret
+
+    def verify!(base64_payload)
+      client = Client.production
+      client.shared_secret = shared_secret
+      client.verify! base64_payload
+    rescue ValidationError => err
+      raise err unless err.status_code == 21007
+      client = Client.sandbox
+      client.shared_secret = shared_secret
+      client.verify! base64_payload
+    end
+  end
+end

data/lib/storekit/receipt.rb

@@ -0,0 +1,19 @@
+module StoreKit
+  class Receipt
+    attr_reader :receipt_data
+
+    def initialize(receipt_data)
+      @receipt_data = receipt_data
+    end
+
+    def iap_receipts
+      @receipt_data['receipt']['in_app'] || []
+    end
+
+    def receipt_chains
+      iap_receipts
+        .group_by   { |receipt| receipt['original_transaction_id'] }
+        .each_value { |chain| chain.sort_by! { |receipt| receipt['purchase_date_ms'].to_i } }
+    end
+  end
+end

data/lib/storekit/version.rb

@@ -0,0 +1,3 @@
+module StoreKit
+  VERSION = '0.1.0'
+end

data/storekit.gemspec

@@ -0,0 +1,21 @@
+$LOAD_PATH.unshift 'lib'
+require 'storekit/version'
+
+Gem::Specification.new do |s|
+  s.name          = 'storekit'
+  s.version       = StoreKit::VERSION
+  s.date          = Time.now.strftime('%Y-%m-%d')
+  s.summary       = 'Apple App Store IAP receipt validation'
+  s.description   = 'Validate In App Purchase receipts against the Apple App Store'
+  s.homepage      = 'http://github.com/sujrd/storekit_ruby'
+  s.authors       = ['Douglas Teoh']
+  s.email         = 'douglas@dteoh.com'
+  s.has_rdoc      = false
+  s.files         = `git ls-files -z`.split("\x0")
+  s.test_files    = s.files.grep(%r{^(test|spec|features)/})
+  s.require_paths = %w(lib)
+  s.license       = 'MIT'
+
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'minitest'
+end

data/test/storekit/receipt_test.rb

@@ -0,0 +1,145 @@
+require 'test_helper'
+
+module StoreKit
+  class ReceiptTest < Test
+
+    def test_get_iap_receipts
+      data = single_purchase_receipt_data
+      receipt = Receipt.new data
+      assert_respond_to receipt, :iap_receipts
+      assert_equal data['receipt']['in_app'], receipt.iap_receipts
+    end
+
+    def test_get_receipt_chains
+      receipt = Receipt.new recurring_purchases_receipt_data
+      assert_respond_to receipt, :receipt_chains
+
+      chains = receipt.receipt_chains
+      # The keys are the original transaction ID
+      assert chains.has_key? '1000000165289217'
+      assert chains.has_key? '1000000165289219'
+
+      assert_equal 2, chains['1000000165289217'].size
+      assert_equal 1, chains['1000000165289219'].size
+    end
+
+    def test_individual_receipt_chain_transactions_sorted_by_purchase_date
+      receipt = Receipt.new recurring_purchases_receipt_data
+      chains = receipt.receipt_chains
+
+      expected_tx_id_order = ['1000000165289944', '1000000165290338']
+      assert_equal expected_tx_id_order, chains['1000000165289217'].map{ |tx| tx['transaction_id'] }
+    end
+
+    private
+
+    def single_purchase_receipt_data
+      {
+        "status" => 0,
+        "environment" => "Sandbox",
+        "receipt" => {
+          "receipt_type" => "ProductionSandbox",
+          "adam_id" => 0,
+          "app_item_id" => 0,
+          "bundle_id" => "com.example.FakeApp",
+          "application_version" => "5",
+          "download_id" => 0,
+          "version_external_identifier" => 0,
+          "request_date" => "2015-07-29 00:30:46 Etc/GMT",
+          "request_date_ms" => "1438129846850",
+          "request_date_pst" => "2015-07-28 17:30:46 America/Los_Angeles",
+          "original_purchase_date" => "2013-08-01 07:00:00 Etc/GMT",
+          "original_purchase_date_ms" => "1375340400000",
+          "original_purchase_date_pst" => "2013-08-01 00:00:00 America/Los_Angeles",
+          "original_application_version" => "1.0",
+          "in_app" => [{
+            "quantity" => "1",
+            "product_id" => "com.example.FakeApp.Product1",
+            "transaction_id" => "1000000165471599",
+            "original_transaction_id" => "1000000165471599",
+            "purchase_date" => "2015-07-29 01:31:33 Etc/GMT",
+            "purchase_date_ms" => "1438133493000",
+            "purchase_date_pst" => "2015-07-28 18:31:33 America/Los_Angeles",
+            "original_purchase_date" => "2015-07-29 01:31:33 Etc/GMT",
+            "original_purchase_date_ms" => "1438133493000",
+            "original_purchase_date_pst" => "2015-07-28 18:31:33 America/Los_Angeles",
+            "is_trial_period" => "false"
+          }]
+        }
+      }
+    end
+
+    def recurring_purchases_receipt_data
+      {
+        "status" => 0,
+        "environment" => "Sandbox",
+        "receipt" => {
+          "receipt_type" => "ProductionSandbox",
+          "adam_id" => 0,
+          "app_item_id" => 0,
+          "bundle_id" => "com.manabook.FakeApp",
+          "application_version" => "5",
+          "download_id" => 0,
+          "version_external_identifier" => 0,
+          "request_date" => "2015-07-29 00:30:46 Etc/GMT",
+          "request_date_ms" => "1438129846850",
+          "request_date_pst" => "2015-07-28 17:30:46 America/Los_Angeles",
+          "original_purchase_date" => "2013-08-01 07:00:00 Etc/GMT",
+          "original_purchase_date_ms" => "1375340400000",
+          "original_purchase_date_pst" => "2013-08-01 00:00:00 America/Los_Angeles",
+          "original_application_version" => "1.0",
+          "in_app" => [{
+            "quantity" => "1",
+            "product_id" => "com.example.FakeApp.Product2",
+            "transaction_id" => "1000000165290338",
+            "original_transaction_id" => "1000000165289217",
+            "purchase_date" => "2015-07-28 01:44:38 Etc/GMT",
+            "purchase_date_ms" => "1438047878000",
+            "purchase_date_pst" => "2015-07-27 18:44:38 America/Los_Angeles",
+            "original_purchase_date" => "2015-07-28 01:42:39 Etc/GMT",
+            "original_purchase_date_ms" => "1438047759000",
+            "original_purchase_date_pst" => "2015-07-27 18:42:39 America/Los_Angeles",
+            "expires_date" => "2015-07-28 01:49:38 Etc/GMT",
+            "expires_date_ms" => "1438048178000",
+            "expires_date_pst" => "2015-07-27 18:49:38 America/Los_Angeles",
+            "web_order_line_item_id" => "1000000030215909",
+            "is_trial_period" => "false"
+          }, {
+            "quantity" => "1",
+            "product_id" => "com.example.FakeApp.Product2",
+            "transaction_id" => "1000000165289944",
+            "original_transaction_id" => "1000000165289217",
+            "purchase_date" => "2015-07-28 01:39:38 Etc/GMT",
+            "purchase_date_ms" => "1438047578000",
+            "purchase_date_pst" => "2015-07-27 18:39:38 America/Los_Angeles",
+            "original_purchase_date" => "2015-07-28 01:37:43 Etc/GMT",
+            "original_purchase_date_ms" => "1438047463000",
+            "original_purchase_date_pst" => "2015-07-27 18:37:43 America/Los_Angeles",
+            "expires_date" => "2015-07-28 01:44:38 Etc/GMT",
+            "expires_date_ms" => "1438047878000",
+            "expires_date_pst" => "2015-07-27 18:44:38 America/Los_Angeles",
+            "web_order_line_item_id" => "1000000030215898",
+            "is_trial_period" => "false"
+          }, {
+            "quantity" => "1",
+            "product_id" => "com.example.FakeApp.Product3",
+            "transaction_id" => "1000000165289217",
+            "original_transaction_id" => "1000000165289219",
+            "purchase_date" => "2015-07-28 01:34:38 Etc/GMT",
+            "purchase_date_ms" => "1438047278000",
+            "purchase_date_pst" => "2015-07-27 18:34:38 America/Los_Angeles",
+            "original_purchase_date" => "2015-07-28 01:34:39 Etc/GMT",
+            "original_purchase_date_ms" => "1438047279000",
+            "original_purchase_date_pst" => "2015-07-27 18:34:39 America/Los_Angeles",
+            "expires_date" => "2015-07-28 01:39:38 Etc/GMT",
+            "expires_date_ms" => "1438047578000",
+            "expires_date_pst" => "2015-07-27 18:39:38 America/Los_Angeles",
+            "web_order_line_item_id" => "1000000030215897",
+            "is_trial_period" => "false"
+          }]
+        }
+      }
+    end
+
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,7 @@
+require 'minitest/autorun'
+require 'storekit'
+
+module StoreKit
+  class Test < Minitest::Test
+  end
+end

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification
+name: storekit
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Douglas Teoh
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-04-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Validate In App Purchase receipts against the Apple App Store
+email: douglas@dteoh.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/storekit.rb
+- lib/storekit/client.rb
+- lib/storekit/error.rb
+- lib/storekit/fallback_client.rb
+- lib/storekit/receipt.rb
+- lib/storekit/version.rb
+- storekit.gemspec
+- test/storekit/receipt_test.rb
+- test/test_helper.rb
+homepage: http://github.com/sujrd/storekit_ruby
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Apple App Store IAP receipt validation
+test_files:
+- test/storekit/receipt_test.rb
+- test/test_helper.rb