You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm attempting to build out the backend of an IOS app on a Supabase edge function want to be able to verify the purchase of in-app purchases using an edge function. I have a block of code interacting with the Apple api working in nodejs on my local machine,
When I attempt to bundle the working code up and run it with Deno I'm running into some runtime errors within the dependencies.
I've tried the import using the npm: prefix like so
import pkg from "npm:@apple/app-store-server-library";
const { AppStoreServerAPIClient, Environment, SignedDataVerifier } = pkg;
And when i attempt to run my code this way I get this error:
Error: "alg" parameter "ES256" requires curve "prime256v1".
at module.exports (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/jsonwebtoken/9.0.2/lib/validateAsymmetricKey.js:46:15)
at module.exports [as sign] (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/jsonwebtoken/9.0.2/sign.js:179:7)
at AppStoreServerAPIClient.createBearerToken (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:323:29)
at AppStoreServerAPIClient.makeRequest (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:93:47)
at AppStoreServerAPIClient.getTransactionInfo (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:285:27)
at getTransactionInformation (file:///home/deno/functions/_shared/apple-helpers.ts:49:31)
at eventLoopTick (ext:core/01_core.js:64:7)
at async Object.handler (file:///home/deno/functions/apple-pay-test/index.ts:14:16)
at async handleHttp (ext:sb_core_main_js/js/http.js:102:17)
I'm able to reproduce the problem the first error locally using the deno command line utility. I've got it hooked up to a debugger and I've pinpointed the resulting issue but still can't figure out the underlying cause or how to fix it.
The error "alg" parameter "ES256" requires curve "prime256v1", comes from the validateAsymmetricKey.js file within the jsonwebtoken module. Specifically this block of code
if (ASYMMETRIC_KEY_DETAILS_SUPPORTED) {
switch (keyType) {
case 'ec':
const keyCurve = key.asymmetricKeyDetails.namedCurve;
const allowedCurve = allowedCurves[algorithm];
if (keyCurve !== allowedCurve) {
debugger;
console.log('heya')
throw new Error(`"alg" parameter "${algorithm}" requires curve "${allowedCurve}".`);
}
break;
When I run my code with Deno the value of keyCurve above is 'p256'. Assuming from the text of the error, this needs to be 'prime256v1'.
To find out where the 'p256' value was coming from I followed the debugger into ext:deno_node/internal/crypto/keys.ts which has this function
export function createPrivateKey(key) {
const { data, format, type } = prepareAsymmetricKey(key);
const details = op_node_create_private_key(data, format, type);
const handle = setOwnedKey(copyBuffer(data));
return new PrivateKeyObject(handle, details);
}
The op_node_create_private_key function is the first instance of the string 'p256' I can see appearing in my program, but I can't step into it.
Searching further I found the 'p256' string inside of the deno crypto module here:
I have no idea what's going on in these packages so I don't know if its a string value problem or it's missing an actual algorithm under the hood. I'd really love to be able to get this working so I don't have to spin up another piece of infrastructure to validate in-app purchases.
If anyone could point me in the right direction for debugging further, I'd be much appreciated.
It's not possible to post my code because it requires a number of private pieces of information from my apple account in order to run.
The text was updated successfully, but these errors were encountered:
deno run --allow-read --allow-net deno-jsonwebtoken-test.js
error: Uncaught (in promise) Error: secretOrPrivateKey must be an asymmetric key when using ES256
at Module.de.exports (https://esm.sh/v135/jsonwebtoken@9.0.2/denonext/jsonwebtoken.mjs:21:10470)
To test this, put any contents into the apple.p8 file. apple.p8
-----BEGIN PRIVATE KEY-----
test key
-----END PRIVATE KEY-----
The Deno version will fail no matter the contents. The Node version will complain that the key is not an asymetric key if you don't specify a valid key. If I send it a valid asymetric key, I'll get back a signed JWT.
Version: deno 1.41.2 (release, x86_64-unknown-linux-gnu)
v8 12.1.285.27
typescript 5.3.3
Hi,
I'm attempting to build out the backend of an IOS app on a Supabase edge function want to be able to verify the purchase of in-app purchases using an edge function. I have a block of code interacting with the Apple api working in nodejs on my local machine,
When I attempt to bundle the working code up and run it with Deno I'm running into some runtime errors within the dependencies.
I've tried the import using the npm: prefix like so
import pkg from "npm:@apple/app-store-server-library";
const { AppStoreServerAPIClient, Environment, SignedDataVerifier } = pkg;
And when i attempt to run my code this way I get this error:
Error: "alg" parameter "ES256" requires curve "prime256v1".
at module.exports (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/jsonwebtoken/9.0.2/lib/validateAsymmetricKey.js:46:15)
at module.exports [as sign] (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/jsonwebtoken/9.0.2/sign.js:179:7)
at AppStoreServerAPIClient.createBearerToken (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:323:29)
at AppStoreServerAPIClient.makeRequest (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:93:47)
at AppStoreServerAPIClient.getTransactionInfo (file:///tmp/sb-compile-edge-runtime/node_modules/localhost/@apple/app-store-server-library/1.0.1/dist/index.js:285:27)
at getTransactionInformation (file:///home/deno/functions/_shared/apple-helpers.ts:49:31)
at eventLoopTick (ext:core/01_core.js:64:7)
at async Object.handler (file:///home/deno/functions/apple-pay-test/index.ts:14:16)
at async handleHttp (ext:sb_core_main_js/js/http.js:102:17)
I've also tried using esm.sh like so:
import pkg from "https://esm.sh/@apple/app-store-server-library";
const { AppStoreServerAPIClient, Environment, SignedDataVerifier } = pkg;
which results in a different error:
TypeError: Right-hand side of 'instanceof' is not an object
at de.exports [as sign] (https://esm.sh/v135/jsonwebtoken@9.0.2/esnext/jsonwebtoken.mjs:21:10119)
at e.createBearerToken (https://esm.sh/v135/@apple/app-store-server-library@1.0.1/esnext/app-store-server-library.mjs:14:44515)
at e.makeRequest (https://esm.sh/v135/@apple/app-store-server-library@1.0.1/esnext/app-store-server-library.mjs:14:41417)
at e.getTransactionInfo (https://esm.sh/v135/@apple/app-store-server-library@1.0.1/esnext/app-store-server-library.mjs:14:43969)
at getTransactionInformation (file:///home/deno/functions/_shared/apple-helpers.ts:49:31)
at eventLoopTick (ext:core/01_core.js:64:7)
at async Object.handler (file:///home/deno/functions/apple-pay-test/index.ts:14:16)
at async handleHttp (ext:sb_core_main_js/js/http.js:102:17)
I'm able to reproduce the problem the first error locally using the deno command line utility. I've got it hooked up to a debugger and I've pinpointed the resulting issue but still can't figure out the underlying cause or how to fix it.
The error "alg" parameter "ES256" requires curve "prime256v1", comes from the
validateAsymmetricKey.js
file within thejsonwebtoken
module. Specifically this block of codeWhen I run my code with Deno the value of
keyCurve
above is 'p256'. Assuming from the text of the error, this needs to be 'prime256v1'.To find out where the 'p256' value was coming from I followed the debugger into
ext:deno_node/internal/crypto/keys.ts
which has this functionThe
op_node_create_private_key
function is the first instance of the string 'p256' I can see appearing in my program, but I can't step into it.Searching further I found the 'p256' string inside of the deno crypto module here:
deno/ext/node/ops/crypto/mod.rs
Line 1445 in c10d96c
I have no idea what's going on in these packages so I don't know if its a string value problem or it's missing an actual algorithm under the hood. I'd really love to be able to get this working so I don't have to spin up another piece of infrastructure to validate in-app purchases.
If anyone could point me in the right direction for debugging further, I'd be much appreciated.
It's not possible to post my code because it requires a number of private pieces of information from my apple account in order to run.
The text was updated successfully, but these errors were encountered: