@tamtamchik/app-store-receipt-parser 1.0.0 → 2.0.0

package/LICENSE

@@ -19,3 +19,36 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
+
+--- Third Party Licenses
+
+Copyright (c) 2014, GMO GlobalSign
+Copyright (c) 2015-2022, Peculiar Ventures
+All rights reserved.
+
+Author 2014-2019, Yury Strozhevsky
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice, this
+  list of conditions and the following disclaimer in the documentation and/or
+  other materials provided with the distribution.
+
+* Neither the name of the copyright holder nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

package/README.md

@@ -2,16 +2,20 @@
 
 [![Buy Me A Coffee][ico-coffee]][link-coffee]
 [![Latest Version on NPM][ico-version]][link-npm]
-[![CircleCI][ico-circleci]][link-circleci]
+[![Scrutinizer build][ico-scrutinizer-build]][link-scrutinizer]
+[![Scrutinizer quality][ico-scrutinizer-quality]][link-scrutinizer]
+[![Scrutinizer coverage][ico-scrutinizer-coverage]][link-scrutinizer]
 [![Software License][ico-license]](./LICENSE)
 [![Total Downloads][ico-downloads]][link-downloads]
 
 A lightweight TypeScript library for extracting transaction IDs from Apple's ASN.1 encoded Unified Receipts.
 
 > **Warning!** This library is not a full-fledged receipt parser. 
-> It only extracts transaction IDs from the Apple's ASN.1 encoded Unified Receipts.
+> It only extracts some information from the Apple's ASN.1 encoded Unified Receipts.
 > It does not work with the old style transactions receipts.
 
+> **Documentation for the version 1.x of the library can be found [here](https://github.com/tamtamchik/app-store-receipt-parser/tree/1.x/README.md).**
+
 ## Installation
 
 Using npm:
@@ -29,29 +33,50 @@ yarn add @tamtamchik/app-store-receipt-parser
 ## Usage
 
 ```typescript
-import { ReceiptParser } from '@tamtamchik/app-store-receipt-parser';
+import { parseReceipt } from '@tamtamchik/app-store-receipt-parser';
 
 // Unified Receipt string 
 const receiptString = "MII...";
-
-// As an instance ...
-const parser = new ReceiptParser(receiptString);
-const ids = parser.getTransactionIds();
-console.log(ids);
-// { 
-//    transactionIds: ['1000000000000000'], 
-//    originalTransactionIds: ['1000000000000000'], 
-// }
-
-// ... or as a static method
-const ids = ReceiptParser.getTransactionIds(receiptString);
-console.log(ids);
-// { 
-//    transactionIds: ['1000000000000000'], 
-//    originalTransactionIds: ['1000000000000000'], 
+const data = parseReceipt(receiptString);
+
+console.log(data);
+// {
+//   APP_VERSION: '1',
+//   ORIGINAL_APP_VERSION: '1.0',
+//   OPAQUE_VALUE: 'c4dd4054b0b61a07beb585f6a842e048',
+//   SHA1_HASH: '2e0a115beac1c57023a5bd37349955a9ad99db4d',
+//   BUNDLE_ID: 'com.mbaasy.ios.demo',
+//   RECEIPT_CREATION_DATE: '2015-08-13T07:50:46Z',
+//   ORIGINAL_PURCHASE_DATE: '2013-08-01T07:00:00Z',
+//   IN_APP_EXPIRES_DATE: '2015-08-10T07:19:32Z',
+//   IN_APP_CANCELLATION_DATE: '',
+//   IN_APP_QUANTITY: '020101',
+//   IN_APP_WEB_ORDER_LINE_ITEM_ID: '0207038d7ea69472c9',
+//   IN_APP_PRODUCT_ID: 'monthly',
+//   IN_APP_TRANSACTION_ID: '1000000166967782',
+//   IN_APP_TRANSACTION_IDS: [
+//     '1000000166865231',
+//     '1000000166965150',
+//     '1000000166965327',
+//     '1000000166965895',
+//     '1000000166967152',
+//     '1000000166967484',
+//     '1000000166967782'
+//   ],
+//   IN_APP_ORIGINAL_TRANSACTION_ID: '1000000166965150',
+//   IN_APP_ORIGINAL_TRANSACTION_IDS: [
+//     '1000000166865231',
+//     '1000000166965150'
+//   ],
+//   IN_APP_PURCHASE_DATE: '2015-08-10T07:14:32Z',
+//   IN_APP_ORIGINAL_PURCHASE_DATE: '2015-08-10T07:12:34Z'
 // }
 ```
 
+## Special Thanks
+
+- [@Jurajzovinec](https://github.com/Jurajzovinec) for his superb contribution to the project.
+
 ## Contributing
 
 Pull requests are always welcome. If you have bigger changes in mind, please open an issue first to discuss your ideas.
@@ -60,13 +85,19 @@ Pull requests are always welcome. If you have bigger changes in mind, please ope
 
 Apple Receipt Parser is [MIT licensed](./LICENSE).
 
+## Third-Party Licenses
+
+This project uses `ASN1.js`, which is licensed under the BSD-3-Clause License. The license text can be found in [LICENSE](./LICENSE).
+
 [ico-coffee]: https://img.shields.io/badge/Buy%20Me%20A-Coffee-%236F4E37.svg?style=flat-square
 [ico-version]: https://img.shields.io/npm/v/@tamtamchik/app-store-receipt-parser.svg?style=flat-square
 [ico-license]: https://img.shields.io/npm/l/@tamtamchik/app-store-receipt-parser.svg?style=flat-square
 [ico-downloads]: https://img.shields.io/npm/dt/@tamtamchik/app-store-receipt-parser.svg?style=flat-square
-[ico-circleci]: https://img.shields.io/circleci/build/github/tamtamchik/app-store-receipt-parser.svg?style=flat-square
+[ico-scrutinizer-build]: https://img.shields.io/scrutinizer/build/g/tamtamchik/app-store-receipt-parser/main.svg?style=flat-square
+[ico-scrutinizer-quality]: https://img.shields.io/scrutinizer/quality/g/tamtamchik/app-store-receipt-parser/main.svg?style=flat-square
+[ico-scrutinizer-coverage]: https://img.shields.io/scrutinizer/coverage/g/tamtamchik/app-store-receipt-parser/main.svg?style=flat-square
 
 [link-coffee]: https://www.buymeacoffee.com/tamtamchik
 [link-npm]: https://www.npmjs.com/package/@tamtamchik/app-store-receipt-parser
 [link-downloads]: https://www.npmjs.com/package/@tamtamchik/app-store-receipt-parser
-[link-circleci]: https://app.circleci.com/pipelines/github/tamtamchik/app-store-receipt-parser?branch=main
+[link-scrutinizer]: https://scrutinizer-ci.com/g/tamtamchik/app-store-receipt-parser/

package/dist/index.js

@@ -20,87 +20,173 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
-  ReceiptParser: () => ReceiptParser
+  parseReceipt: () => parseReceipt
 });
 module.exports = __toCommonJS(src_exports);
 
-// src/ReceiptParser.ts
+// src/parser.ts
+var import_asn1js2 = require("asn1js");
+
+// src/mappings.ts
+var RECEIPT_FIELDS_MAP = /* @__PURE__ */ new Map([
+  [2, "BUNDLE_ID"],
+  [3, "APP_VERSION"],
+  [4, "OPAQUE_VALUE"],
+  [5, "SHA1_HASH"],
+  [12, "RECEIPT_CREATION_DATE"],
+  [18, "ORIGINAL_PURCHASE_DATE"],
+  [19, "ORIGINAL_APP_VERSION"],
+  [1701, "IN_APP_QUANTITY"],
+  [1702, "IN_APP_PRODUCT_ID"],
+  [1703, "IN_APP_TRANSACTION_ID"],
+  [1704, "IN_APP_PURCHASE_DATE"],
+  [1705, "IN_APP_ORIGINAL_TRANSACTION_ID"],
+  [1706, "IN_APP_ORIGINAL_PURCHASE_DATE"],
+  [1708, "IN_APP_EXPIRES_DATE"],
+  [1711, "IN_APP_WEB_ORDER_LINE_ITEM_ID"],
+  [1712, "IN_APP_CANCELLATION_DATE"]
+]);
+
+// src/constants.ts
+var IN_APP = 17;
+var CONTENT_ID = "pkcs7_content";
+var FIELD_TYPE_ID = "FieldType";
+var FIELD_VALUE_ID = "FieldTypeOctetString";
+
+// src/verifications.ts
 var import_asn1js = require("asn1js");
-var ReceiptParser = class _ReceiptParser {
-  constructor(receiptString) {
-    this.receiptString = receiptString;
+var receiptSchema = new import_asn1js.Sequence({
+  value: [
+    new import_asn1js.ObjectIdentifier(),
+    new import_asn1js.Constructed({
+      idBlock: { tagClass: 3, tagNumber: 0 },
+      value: [
+        new import_asn1js.Sequence({
+          value: [
+            new import_asn1js.Integer(),
+            new import_asn1js.Set({
+              value: [
+                new import_asn1js.Sequence({
+                  value: [new import_asn1js.ObjectIdentifier(), new import_asn1js.Any()]
+                })
+              ]
+            }),
+            new import_asn1js.Sequence({
+              value: [
+                new import_asn1js.ObjectIdentifier(),
+                new import_asn1js.Constructed({
+                  idBlock: { tagClass: 3, tagNumber: 0 },
+                  value: [new import_asn1js.OctetString({ name: CONTENT_ID })]
+                })
+              ]
+            })
+          ]
+        })
+      ]
+    })
+  ]
+});
+var fieldSchema = new import_asn1js.Sequence({
+  value: [
+    new import_asn1js.Integer({ name: FIELD_TYPE_ID }),
+    new import_asn1js.Integer(),
+    new import_asn1js.OctetString({ name: FIELD_VALUE_ID })
+  ]
+});
+function verifyReceiptSchema(receipt) {
+  const receiptVerification = (0, import_asn1js.verifySchema)(Buffer.from(receipt, "base64"), receiptSchema);
+  if (!receiptVerification.verified) {
+    throw new Error("Receipt verification failed.");
   }
-  static getTransactionIdsFromBlock(block) {
-    const { valueBlock } = block;
-    if (!valueBlock || !Array.isArray(valueBlock.value)) {
-      return null;
-    }
-    if (valueBlock.value.length === 3) {
-      const result2 = this.extractTransactionIds(valueBlock.value);
-      if (result2)
-        return result2;
-    }
-    const result = { transactionIds: [], originalTransactionIds: [] };
-    for (const innerBlock of valueBlock.value) {
-      const innerIds = this.getTransactionIdsFromBlock(innerBlock);
-      if (innerIds) {
-        result.transactionIds.push(...innerIds.transactionIds);
-        result.originalTransactionIds.push(...innerIds.originalTransactionIds);
-      }
-    }
-    result.transactionIds = [...new Set(result.transactionIds)];
-    result.originalTransactionIds = [...new Set(result.originalTransactionIds)];
-    return result;
+  return receiptVerification;
+}
+function verifyFieldSchema(sequence) {
+  const fieldVerification = (0, import_asn1js.verifySchema)(sequence.toBER(), fieldSchema);
+  if (!fieldVerification.verified) {
+    return null;
   }
-  static getTransactionIdsFromReceiptString(receiptString) {
-    const { result } = (0, import_asn1js.fromBER)(Buffer.from(receiptString, "base64"));
-    if (result.error) {
-      throw new Error(`Error parsing receipt: ${result.error}`);
+  return fieldVerification;
+}
+
+// src/utils.ts
+var uniqueArrayValues = (array) => Array.from(new Set(array));
+
+// src/parser.ts
+function isReceiptFieldKey(value) {
+  return Boolean(value && typeof value === "number" && RECEIPT_FIELDS_MAP.has(value));
+}
+function isParsedReceiptContentComplete(data) {
+  for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+    if (!(fieldKey in data)) {
+      return false;
     }
-    return this.getTransactionIdsFromBlock(result.toJSON());
   }
-  /**
-   * The transaction ID is encoded as an INTEGER with the value 0x06a7
-   */
-  static isTransactionIdBlock(block) {
-    return block.blockName === "INTEGER" && block.valueBlock.valueHex === "06a7";
+  return true;
+}
+function extractFieldValue(field) {
+  const [fieldValue] = field.valueBlock.value;
+  if (fieldValue instanceof import_asn1js2.IA5String || fieldValue instanceof import_asn1js2.Utf8String) {
+    return fieldValue.valueBlock.value;
   }
-  /**
-   * The original transaction ID is encoded as an INTEGER with the value 0x06a9
-   */
-  static isOriginalTransactionIdBlock(block) {
-    return block.blockName === "INTEGER" && block.valueBlock.valueHex === "06a9";
+  return field.toJSON().valueBlock.valueHex;
+}
+function appendField(parsed, name, value) {
+  if (name === "IN_APP_ORIGINAL_TRANSACTION_ID") {
+    parsed.IN_APP_ORIGINAL_TRANSACTION_IDS.push(value);
   }
-  static extractIdFromBlock(block) {
-    if (!Array.isArray(block.valueBlock.value)) {
-      return null;
-    }
-    if (block.blockName === "OCTET STRING" && block.valueBlock.value[0].blockName === "UTF8String") {
-      return block.valueBlock.value[0].valueBlock.value;
-    }
-    return null;
+  if (name === "IN_APP_TRANSACTION_ID") {
+    parsed.IN_APP_TRANSACTION_IDS.push(value);
   }
-  static extractTransactionIds(blocks) {
-    const [firstBlock, , lastBlock] = blocks;
-    const result = { transactionIds: [], originalTransactionIds: [] };
-    if (this.isTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock);
-      if (id)
-        result.transactionIds.push(id);
-    } else if (this.isOriginalTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock);
-      if (id)
-        result.originalTransactionIds.push(id);
-    } else {
-      return null;
+  parsed[name] = value;
+}
+function processField(parsed, fieldKey, fieldValue) {
+  if (fieldKey === IN_APP) {
+    parseOctetStringContent(parsed, fieldValue);
+    return;
+  }
+  if (!isReceiptFieldKey(fieldKey)) {
+    return;
+  }
+  const name = RECEIPT_FIELDS_MAP.get(fieldKey);
+  appendField(parsed, name, extractFieldValue(fieldValue));
+}
+function parseOctetStringContent(parsed, content) {
+  const [contentSet] = content.valueBlock.value;
+  const contentSetSequences = contentSet.valueBlock.value.filter((v) => v instanceof import_asn1js2.Sequence);
+  for (const sequence of contentSetSequences) {
+    const verifiedSequence = verifyFieldSchema(sequence);
+    if (verifiedSequence) {
+      const fieldKey = verifiedSequence.result[FIELD_TYPE_ID].valueBlock.valueDec;
+      const fieldValueOctetString = verifiedSequence.result[FIELD_VALUE_ID];
+      processField(parsed, fieldKey, fieldValueOctetString);
     }
-    return result;
   }
-  getTransactionIds() {
-    return _ReceiptParser.getTransactionIdsFromReceiptString(this.receiptString);
+}
+function postprocessParsedReceipt(parsed) {
+  parsed.IN_APP_ORIGINAL_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_ORIGINAL_TRANSACTION_IDS);
+  parsed.IN_APP_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_TRANSACTION_IDS);
+}
+function parseReceipt(receipt) {
+  const rootSchemaVerification = verifyReceiptSchema(receipt);
+  const content = rootSchemaVerification.result[CONTENT_ID];
+  const parsed = {
+    IN_APP_ORIGINAL_TRANSACTION_IDS: [],
+    IN_APP_TRANSACTION_IDS: []
+  };
+  parseOctetStringContent(parsed, content);
+  if (!isParsedReceiptContentComplete(parsed)) {
+    const missingProps = [];
+    for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+      if (!(fieldKey in parsed)) {
+        missingProps.push(fieldKey);
+      }
+    }
+    throw new Error(`Missing required fields: ${missingProps.join(", ")}`);
   }
-};
+  postprocessParsedReceipt(parsed);
+  return parsed;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  ReceiptParser
+  parseReceipt
 });

package/dist/index.mjs

@@ -1,79 +1,165 @@
-// src/ReceiptParser.ts
-import { fromBER } from "asn1js";
-var ReceiptParser = class _ReceiptParser {
-  constructor(receiptString) {
-    this.receiptString = receiptString;
+// src/parser.ts
+import { IA5String, Sequence as Sequence2, Utf8String } from "asn1js";
+
+// src/mappings.ts
+var RECEIPT_FIELDS_MAP = /* @__PURE__ */ new Map([
+  [2, "BUNDLE_ID"],
+  [3, "APP_VERSION"],
+  [4, "OPAQUE_VALUE"],
+  [5, "SHA1_HASH"],
+  [12, "RECEIPT_CREATION_DATE"],
+  [18, "ORIGINAL_PURCHASE_DATE"],
+  [19, "ORIGINAL_APP_VERSION"],
+  [1701, "IN_APP_QUANTITY"],
+  [1702, "IN_APP_PRODUCT_ID"],
+  [1703, "IN_APP_TRANSACTION_ID"],
+  [1704, "IN_APP_PURCHASE_DATE"],
+  [1705, "IN_APP_ORIGINAL_TRANSACTION_ID"],
+  [1706, "IN_APP_ORIGINAL_PURCHASE_DATE"],
+  [1708, "IN_APP_EXPIRES_DATE"],
+  [1711, "IN_APP_WEB_ORDER_LINE_ITEM_ID"],
+  [1712, "IN_APP_CANCELLATION_DATE"]
+]);
+
+// src/constants.ts
+var IN_APP = 17;
+var CONTENT_ID = "pkcs7_content";
+var FIELD_TYPE_ID = "FieldType";
+var FIELD_VALUE_ID = "FieldTypeOctetString";
+
+// src/verifications.ts
+import { Any, Constructed, Integer, ObjectIdentifier, OctetString, Sequence, Set as Set2, verifySchema } from "asn1js";
+var receiptSchema = new Sequence({
+  value: [
+    new ObjectIdentifier(),
+    new Constructed({
+      idBlock: { tagClass: 3, tagNumber: 0 },
+      value: [
+        new Sequence({
+          value: [
+            new Integer(),
+            new Set2({
+              value: [
+                new Sequence({
+                  value: [new ObjectIdentifier(), new Any()]
+                })
+              ]
+            }),
+            new Sequence({
+              value: [
+                new ObjectIdentifier(),
+                new Constructed({
+                  idBlock: { tagClass: 3, tagNumber: 0 },
+                  value: [new OctetString({ name: CONTENT_ID })]
+                })
+              ]
+            })
+          ]
+        })
+      ]
+    })
+  ]
+});
+var fieldSchema = new Sequence({
+  value: [
+    new Integer({ name: FIELD_TYPE_ID }),
+    new Integer(),
+    new OctetString({ name: FIELD_VALUE_ID })
+  ]
+});
+function verifyReceiptSchema(receipt) {
+  const receiptVerification = verifySchema(Buffer.from(receipt, "base64"), receiptSchema);
+  if (!receiptVerification.verified) {
+    throw new Error("Receipt verification failed.");
   }
-  static getTransactionIdsFromBlock(block) {
-    const { valueBlock } = block;
-    if (!valueBlock || !Array.isArray(valueBlock.value)) {
-      return null;
-    }
-    if (valueBlock.value.length === 3) {
-      const result2 = this.extractTransactionIds(valueBlock.value);
-      if (result2)
-        return result2;
-    }
-    const result = { transactionIds: [], originalTransactionIds: [] };
-    for (const innerBlock of valueBlock.value) {
-      const innerIds = this.getTransactionIdsFromBlock(innerBlock);
-      if (innerIds) {
-        result.transactionIds.push(...innerIds.transactionIds);
-        result.originalTransactionIds.push(...innerIds.originalTransactionIds);
-      }
-    }
-    result.transactionIds = [...new Set(result.transactionIds)];
-    result.originalTransactionIds = [...new Set(result.originalTransactionIds)];
-    return result;
+  return receiptVerification;
+}
+function verifyFieldSchema(sequence) {
+  const fieldVerification = verifySchema(sequence.toBER(), fieldSchema);
+  if (!fieldVerification.verified) {
+    return null;
   }
-  static getTransactionIdsFromReceiptString(receiptString) {
-    const { result } = fromBER(Buffer.from(receiptString, "base64"));
-    if (result.error) {
-      throw new Error(`Error parsing receipt: ${result.error}`);
+  return fieldVerification;
+}
+
+// src/utils.ts
+var uniqueArrayValues = (array) => Array.from(new Set(array));
+
+// src/parser.ts
+function isReceiptFieldKey(value) {
+  return Boolean(value && typeof value === "number" && RECEIPT_FIELDS_MAP.has(value));
+}
+function isParsedReceiptContentComplete(data) {
+  for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+    if (!(fieldKey in data)) {
+      return false;
     }
-    return this.getTransactionIdsFromBlock(result.toJSON());
   }
-  /**
-   * The transaction ID is encoded as an INTEGER with the value 0x06a7
-   */
-  static isTransactionIdBlock(block) {
-    return block.blockName === "INTEGER" && block.valueBlock.valueHex === "06a7";
+  return true;
+}
+function extractFieldValue(field) {
+  const [fieldValue] = field.valueBlock.value;
+  if (fieldValue instanceof IA5String || fieldValue instanceof Utf8String) {
+    return fieldValue.valueBlock.value;
   }
-  /**
-   * The original transaction ID is encoded as an INTEGER with the value 0x06a9
-   */
-  static isOriginalTransactionIdBlock(block) {
-    return block.blockName === "INTEGER" && block.valueBlock.valueHex === "06a9";
+  return field.toJSON().valueBlock.valueHex;
+}
+function appendField(parsed, name, value) {
+  if (name === "IN_APP_ORIGINAL_TRANSACTION_ID") {
+    parsed.IN_APP_ORIGINAL_TRANSACTION_IDS.push(value);
   }
-  static extractIdFromBlock(block) {
-    if (!Array.isArray(block.valueBlock.value)) {
-      return null;
-    }
-    if (block.blockName === "OCTET STRING" && block.valueBlock.value[0].blockName === "UTF8String") {
-      return block.valueBlock.value[0].valueBlock.value;
-    }
-    return null;
+  if (name === "IN_APP_TRANSACTION_ID") {
+    parsed.IN_APP_TRANSACTION_IDS.push(value);
+  }
+  parsed[name] = value;
+}
+function processField(parsed, fieldKey, fieldValue) {
+  if (fieldKey === IN_APP) {
+    parseOctetStringContent(parsed, fieldValue);
+    return;
+  }
+  if (!isReceiptFieldKey(fieldKey)) {
+    return;
   }
-  static extractTransactionIds(blocks) {
-    const [firstBlock, , lastBlock] = blocks;
-    const result = { transactionIds: [], originalTransactionIds: [] };
-    if (this.isTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock);
-      if (id)
-        result.transactionIds.push(id);
-    } else if (this.isOriginalTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock);
-      if (id)
-        result.originalTransactionIds.push(id);
-    } else {
-      return null;
+  const name = RECEIPT_FIELDS_MAP.get(fieldKey);
+  appendField(parsed, name, extractFieldValue(fieldValue));
+}
+function parseOctetStringContent(parsed, content) {
+  const [contentSet] = content.valueBlock.value;
+  const contentSetSequences = contentSet.valueBlock.value.filter((v) => v instanceof Sequence2);
+  for (const sequence of contentSetSequences) {
+    const verifiedSequence = verifyFieldSchema(sequence);
+    if (verifiedSequence) {
+      const fieldKey = verifiedSequence.result[FIELD_TYPE_ID].valueBlock.valueDec;
+      const fieldValueOctetString = verifiedSequence.result[FIELD_VALUE_ID];
+      processField(parsed, fieldKey, fieldValueOctetString);
     }
-    return result;
   }
-  getTransactionIds() {
-    return _ReceiptParser.getTransactionIdsFromReceiptString(this.receiptString);
+}
+function postprocessParsedReceipt(parsed) {
+  parsed.IN_APP_ORIGINAL_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_ORIGINAL_TRANSACTION_IDS);
+  parsed.IN_APP_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_TRANSACTION_IDS);
+}
+function parseReceipt(receipt) {
+  const rootSchemaVerification = verifyReceiptSchema(receipt);
+  const content = rootSchemaVerification.result[CONTENT_ID];
+  const parsed = {
+    IN_APP_ORIGINAL_TRANSACTION_IDS: [],
+    IN_APP_TRANSACTION_IDS: []
+  };
+  parseOctetStringContent(parsed, content);
+  if (!isParsedReceiptContentComplete(parsed)) {
+    const missingProps = [];
+    for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+      if (!(fieldKey in parsed)) {
+        missingProps.push(fieldKey);
+      }
+    }
+    throw new Error(`Missing required fields: ${missingProps.join(", ")}`);
   }
-};
+  postprocessParsedReceipt(parsed);
+  return parsed;
+}
 export {
-  ReceiptParser
+  parseReceipt
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tamtamchik/app-store-receipt-parser",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "description": "A lightweight TypeScript library for extracting transaction IDs from Apple's ASN.1 encoded receipts.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -34,15 +34,15 @@
     "asn1js": "3.0.5"
   },
   "devDependencies": {
-    "@types/jest": "29.5.3",
-    "@types/node": "20.5.1",
-    "@typescript-eslint/eslint-plugin": "6.4.0",
-    "@typescript-eslint/parser": "6.4.0",
-    "eslint": "8.47.0",
-    "jest": "29.6.2",
+    "@types/jest": "29.5.11",
+    "@types/node": "20.10.6",
+    "@typescript-eslint/eslint-plugin": "6.17.0",
+    "@typescript-eslint/parser": "6.17.0",
+    "eslint": "8.56.0",
+    "jest": "29.7.0",
     "ts-jest": "29.1.1",
-    "tsup": "7.2.0",
-    "typescript": "5.1.6"
+    "tsup": "8.0.1",
+    "typescript": "5.3.3"
   },
   "scripts": {
     "build": "tsup src/index.ts --format cjs,esm --clean",

package/src/constants.ts

@@ -0,0 +1,11 @@
+/** Identifier for in-app receipt fields (starting with 17*) */
+export const IN_APP: number = 17
+
+/** Identifies pkcs7 content information encoded as Octet string  */
+export const CONTENT_ID = 'pkcs7_content'
+
+/** Identifies field type id information */
+export const FIELD_TYPE_ID: string = 'FieldType'
+
+/** Identifies field value information encoded as Octet string */
+export const FIELD_VALUE_ID: string = 'FieldTypeOctetString'

package/src/index.ts

@@ -1 +1,2 @@
-export { ReceiptParser, TransactionIds } from './ReceiptParser'
+export type { ParsedReceipt } from './parser'
+export { parseReceipt } from './parser'

package/src/mappings.ts

@@ -0,0 +1,59 @@
+export type ReceiptFieldsKeyValues =
+  | 2
+  | 3
+  | 4
+  | 5
+  | 12
+  | 18
+  | 19
+  | 1701
+  | 1702
+  | 1703
+  | 1704
+  | 1705
+  | 1706
+  | 1708
+  | 1711
+  | 1712
+
+export type ReceiptFieldsKeyNames =
+  | 'BUNDLE_ID'
+  | 'APP_VERSION'
+  | 'OPAQUE_VALUE'
+  | 'SHA1_HASH'
+  | 'RECEIPT_CREATION_DATE'
+  | 'ORIGINAL_PURCHASE_DATE'
+  | 'ORIGINAL_APP_VERSION'
+  | 'IN_APP_QUANTITY'
+  | 'IN_APP_PRODUCT_ID'
+  | 'IN_APP_TRANSACTION_ID'
+  | 'IN_APP_PURCHASE_DATE'
+  | 'IN_APP_ORIGINAL_TRANSACTION_ID'
+  | 'IN_APP_ORIGINAL_PURCHASE_DATE'
+  | 'IN_APP_EXPIRES_DATE'
+  | 'IN_APP_WEB_ORDER_LINE_ITEM_ID'
+  | 'IN_APP_CANCELLATION_DATE'
+
+/**
+ * Receipt fields
+ * @see https://developer.apple.com/library/archive/releasenotes/General/ValidateAppStoreReceipt/Chapters/ReceiptFields.html
+ */
+export const RECEIPT_FIELDS_MAP: ReadonlyMap<ReceiptFieldsKeyValues, ReceiptFieldsKeyNames> = new Map([
+  [2, 'BUNDLE_ID'],
+  [3, 'APP_VERSION'],
+  [4, 'OPAQUE_VALUE'],
+  [5, 'SHA1_HASH'],
+  [12, 'RECEIPT_CREATION_DATE'],
+  [18, 'ORIGINAL_PURCHASE_DATE'],
+  [19, 'ORIGINAL_APP_VERSION'],
+  [1701, 'IN_APP_QUANTITY'],
+  [1702, 'IN_APP_PRODUCT_ID'],
+  [1703, 'IN_APP_TRANSACTION_ID'],
+  [1704, 'IN_APP_PURCHASE_DATE'],
+  [1705, 'IN_APP_ORIGINAL_TRANSACTION_ID'],
+  [1706, 'IN_APP_ORIGINAL_PURCHASE_DATE'],
+  [1708, 'IN_APP_EXPIRES_DATE'],
+  [1711, 'IN_APP_WEB_ORDER_LINE_ITEM_ID'],
+  [1712, 'IN_APP_CANCELLATION_DATE'],
+])
+

package/src/parser.ts

@@ -0,0 +1,110 @@
+import { IA5String, Integer, OctetString, Sequence, Set, Utf8String } from 'asn1js'
+
+import { RECEIPT_FIELDS_MAP, ReceiptFieldsKeyNames, ReceiptFieldsKeyValues } from './mappings'
+import { CONTENT_ID, FIELD_TYPE_ID, FIELD_VALUE_ID, IN_APP } from './constants'
+import { verifyFieldSchema, verifyReceiptSchema } from './verifications'
+import { uniqueArrayValues } from './utils'
+
+export type ParsedReceipt = Partial<Record<ReceiptFieldsKeyNames, string>> & {
+  IN_APP_ORIGINAL_TRANSACTION_IDS: string[]
+  IN_APP_TRANSACTION_IDS: string[]
+}
+
+function isReceiptFieldKey (value: unknown): value is ReceiptFieldsKeyValues {
+  return Boolean(value && typeof value === 'number' && RECEIPT_FIELDS_MAP.has(value as ReceiptFieldsKeyValues))
+}
+
+function isParsedReceiptContentComplete (data: ParsedReceipt): data is ParsedReceipt {
+  for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+    if (!(fieldKey in data)) {
+      return false
+    }
+  }
+
+  return true
+}
+
+function extractFieldValue (field: OctetString): string {
+  const [fieldValue] = field.valueBlock.value
+
+  if (fieldValue instanceof IA5String || fieldValue instanceof Utf8String) {
+    return fieldValue.valueBlock.value
+  }
+
+  return field.toJSON().valueBlock.valueHex
+}
+
+function appendField (parsed: ParsedReceipt, name: ReceiptFieldsKeyNames, value: string) {
+  if (name === 'IN_APP_ORIGINAL_TRANSACTION_ID') {
+    parsed.IN_APP_ORIGINAL_TRANSACTION_IDS.push(value)
+  }
+
+  if (name === 'IN_APP_TRANSACTION_ID') {
+    parsed.IN_APP_TRANSACTION_IDS.push(value)
+  }
+
+  parsed[name] = value
+}
+
+function processField (parsed: ParsedReceipt, fieldKey: number, fieldValue: OctetString) {
+  if (fieldKey === IN_APP) {
+    parseOctetStringContent(parsed, fieldValue)
+    return
+  }
+
+  if (!isReceiptFieldKey(fieldKey)) {
+    return
+  }
+
+  const name = RECEIPT_FIELDS_MAP.get(fieldKey)!
+  appendField(parsed, name, extractFieldValue(fieldValue))
+}
+
+function parseOctetStringContent (parsed: ParsedReceipt, content: OctetString) {
+  const [contentSet] = content.valueBlock.value as Set[]
+  const contentSetSequences = contentSet.valueBlock.value.filter(v => v instanceof Sequence) as Sequence[]
+
+  for (const sequence of contentSetSequences) {
+    const verifiedSequence = verifyFieldSchema(sequence)
+    if (verifiedSequence) {
+      // We are confident to use "as" assertion because Integer type is guaranteed by positive verification above
+      const fieldKey = (verifiedSequence.result[FIELD_TYPE_ID] as Integer).valueBlock.valueDec
+      const fieldValueOctetString = verifiedSequence.result[FIELD_VALUE_ID] as OctetString
+
+      processField(parsed, fieldKey, fieldValueOctetString)
+    }
+  }
+}
+
+function postprocessParsedReceipt (parsed: ParsedReceipt) {
+  parsed.IN_APP_ORIGINAL_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_ORIGINAL_TRANSACTION_IDS)
+  parsed.IN_APP_TRANSACTION_IDS = uniqueArrayValues(parsed.IN_APP_TRANSACTION_IDS)
+}
+
+export function parseReceipt (receipt: string): ParsedReceipt {
+  const rootSchemaVerification = verifyReceiptSchema(receipt)
+
+  const content = rootSchemaVerification.result[CONTENT_ID] as OctetString
+  const parsed: ParsedReceipt = {
+    IN_APP_ORIGINAL_TRANSACTION_IDS: [],
+    IN_APP_TRANSACTION_IDS: [],
+  }
+
+  parseOctetStringContent(parsed, content)
+
+  // Verify if the parsed content contains all the required fields
+  if (!isParsedReceiptContentComplete(parsed)) {
+    const missingProps = []
+    for (const fieldKey of RECEIPT_FIELDS_MAP.values()) {
+      if (!(fieldKey in parsed)) {
+        missingProps.push(fieldKey)
+      }
+    }
+
+    throw new Error(`Missing required fields: ${missingProps.join(', ')}`)
+  }
+
+  postprocessParsedReceipt(parsed)
+
+  return parsed as ParsedReceipt
+}

package/src/utils.ts

@@ -0,0 +1 @@
+export const uniqueArrayValues = (array: string[]) => Array.from(new Set(array))

package/src/verifications.ts

@@ -0,0 +1,62 @@
+import { Any, Constructed, Integer, ObjectIdentifier, OctetString, Sequence, Set, verifySchema } from 'asn1js'
+
+import { CONTENT_ID, FIELD_TYPE_ID, FIELD_VALUE_ID } from './constants'
+
+const receiptSchema = new Sequence({
+  value: [
+    new ObjectIdentifier(),
+    new Constructed({
+      idBlock: { tagClass: 3, tagNumber: 0 },
+      value: [
+        new Sequence({
+          value: [
+            new Integer(),
+            new Set({
+              value: [
+                new Sequence({
+                  value: [new ObjectIdentifier(), new Any()],
+                }),
+              ],
+            }),
+            new Sequence({
+              value: [
+                new ObjectIdentifier(),
+                new Constructed({
+                  idBlock: { tagClass: 3, tagNumber: 0 },
+                  value: [new OctetString({ name: CONTENT_ID })],
+                }),
+              ],
+            }),
+          ],
+        }),
+      ],
+    }),
+  ],
+})
+
+const fieldSchema = new Sequence({
+  value: [
+    new Integer({ name: FIELD_TYPE_ID }),
+    new Integer(),
+    new OctetString({ name: FIELD_VALUE_ID })
+  ],
+})
+
+export function verifyReceiptSchema (receipt: string) {
+  const receiptVerification = verifySchema(Buffer.from(receipt, 'base64'), receiptSchema)
+  if (!receiptVerification.verified) {
+    throw new Error('Receipt verification failed.')
+  }
+
+  return receiptVerification
+}
+
+export function verifyFieldSchema (sequence: Sequence) {
+  const fieldVerification = verifySchema(sequence.toBER(), fieldSchema)
+  if (!fieldVerification.verified) {
+    // Return null if the field schema verification fails, so we can skip the field
+    return null
+  }
+
+  return fieldVerification
+}

package/tsconfig.json

@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "target": "esnext",
+    "module": "esnext",
+    "strict": true,
+    "esModuleInterop": true,
+    "declaration": true,
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "moduleResolution": "node"
+  },
+  "include": [
+    "src/**/*.ts",
+    "test/**/*.ts"
+  ],
+  "exclude": [
+    "node_modules",
+    "dist"
+  ]
+}

package/src/ReceiptParser.ts

@@ -1,109 +0,0 @@
-import { fromBER } from 'asn1js'
-
-interface Block {
-  blockName: string
-  valueBlock: {
-    valueHex?: string
-    value?: Block[] | string
-  }
-}
-
-export interface TransactionIds {
-  transactionIds: string[]
-  originalTransactionIds: string[]
-}
-
-/**
- * Parses a receipt string and extracts the transaction IDs from it.
- * Warning! This class does not validate the receipt string, only extracts them.
- */
-export class ReceiptParser {
-  constructor (private readonly receiptString: string) {}
-
-  static getTransactionIdsFromBlock (block: Block): TransactionIds | null {
-    const { valueBlock } = block
-
-    if (!valueBlock || !Array.isArray(valueBlock.value)) {
-      return null
-    }
-
-    if (valueBlock.value.length === 3) {
-      const result = this.extractTransactionIds(valueBlock.value)
-      if (result) return result
-    }
-
-    const result: TransactionIds = { transactionIds: [], originalTransactionIds: [] }
-
-    for (const innerBlock of valueBlock.value) {
-      const innerIds = this.getTransactionIdsFromBlock(innerBlock)
-      if (innerIds) {
-        result.transactionIds.push(...innerIds.transactionIds)
-        result.originalTransactionIds.push(...innerIds.originalTransactionIds)
-      }
-    }
-
-    // Deduplicate the IDs
-    result.transactionIds = [...new Set(result.transactionIds)]
-    result.originalTransactionIds = [...new Set(result.originalTransactionIds)]
-
-    return result
-  }
-
-  static getTransactionIdsFromReceiptString (receiptString: string): TransactionIds | null {
-    const { result } = fromBER(Buffer.from(receiptString, 'base64'))
-
-    if (result.error) {
-      throw new Error(`Error parsing receipt: ${result.error}`)
-    }
-
-    return this.getTransactionIdsFromBlock(result.toJSON() as Block)
-  }
-
-  /**
-   * The transaction ID is encoded as an INTEGER with the value 0x06a7
-   */
-  private static isTransactionIdBlock (block: Block): boolean {
-    return block.blockName === 'INTEGER' && block.valueBlock.valueHex === '06a7'
-  }
-
-  /**
-   * The original transaction ID is encoded as an INTEGER with the value 0x06a9
-   */
-  private static isOriginalTransactionIdBlock (block: Block): boolean {
-    return block.blockName === 'INTEGER' && block.valueBlock.valueHex === '06a9'
-  }
-
-  private static extractIdFromBlock (block: Block): string | null {
-    if (!Array.isArray(block.valueBlock.value)) {
-      return null
-    }
-
-    // The transaction ID is encoded as an OCTET STRING containing a UTF8String
-    if (block.blockName === 'OCTET STRING' && block.valueBlock.value[0].blockName === 'UTF8String') {
-      return block.valueBlock.value[0].valueBlock.value as string
-    }
-
-    return null
-  }
-
-  private static extractTransactionIds (blocks: Block[]): TransactionIds | null {
-    const [firstBlock, , lastBlock] = blocks
-    const result: TransactionIds = { transactionIds: [], originalTransactionIds: [] }
-
-    if (this.isTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock)
-      if (id) result.transactionIds.push(id)
-    } else if (this.isOriginalTransactionIdBlock(firstBlock)) {
-      const id = this.extractIdFromBlock(lastBlock)
-      if (id) result.originalTransactionIds.push(id)
-    } else {
-      return null
-    }
-
-    return result
-  }
-
-  getTransactionIds (): TransactionIds | null {
-    return ReceiptParser.getTransactionIdsFromReceiptString(this.receiptString)
-  }
-}