Validate My Experience
Validate My Experience
Check out what's new in receipt validation for iOS 11 app subscriptions in these guides to different aspects of validation with Swift.
Join the DZone community and get the full member experience.Join For Free
Download this comprehensive Mobile Testing Reference Guide to help prioritize which mobile devices and OSs to test against, brought to you in partnership with Sauce Labs.
So we’re looking at updating one of our apps here for iOS 11 and joining the move to subscriptions which it appears is the only reasonable path to sustaining a productivity app on the horizon, so we’re seeing what’s new in receipt validation to support that, as last time we checked into it was four years ago and all and RMStore we picked then has languished since.
Let’s look around a bit … hmmm … hmmm … oh, what’s this? A comprehensive series walking through the whole process, updated for Swift 3? Well, bit late to the party, but looks like it’s all still relevant, and receipt validation code is something we really ought to write ourselves:
"After having to piece together each step along the path of preparing to test receipt validation for iOS apps, I’ve decided to combine everything into the following guide. Whether you’re working to implement receipt validation for a new iOS app, or for an existing one, this walk-through should provide guidance to get you ready to work with receipts in your iOS application…"
"There are at least 5 steps to validate a receipt, as the Receipt Validation Programming Guide outlines…"
"Before attempting to work with OpenSSL’s PKCS7 functions, you’ve got to do a little prep work to get the functions to play nicely with Swift. Unfortunately, Swift doesn’t work well with C union types. It simply can’t see things defined with a C union…"
"The aim of this guide is to help you take a look inside the PKCS #7 container, and verify the presence and authenticity of the signature on the receipt…"
"The aim of this guide is to help you parse a receipt and decode it so that you have readable pieces of metadata to inspect and finalize all of the receipt validation steps…"
"After finishing this guide, you’ll simply need to use the parsed receipt data to perform any app-specific enabling/disabling of features based on the data within a valid receipt. If the receipt is invalid, you’ll need to handle that as well. But all of the relatively difficult work of working with the Open SSL crypto library will be DONE after this guide….
… The bottom line is that from this point on, you no longer need Open SSL or any additional cryptic, low-level, unsafe pointer-type stuff to finish things out. I hope this series has been helpful in setting you up to validate receipts locally on a user’s device!"
That … is a veritably monumental guide to the validation process. And conveniently finished up right when we need it too, thanks ever so much @andrewcbancroft!
We just beat by a day Messr. Bancroft pulling together his own collection guide, now that you’ve read ours, go to the real thing!
and code at SwiftyLocalReceiptValidator!
Published at DZone with permission of Alex Curylo, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.