Reading and Validating In App Store Receipt
Clone or download
tikhop Merge pull request #20 from joaocolaco/joaocolaco-XCode10-link-error-…
…patch

Joaocolaco x code10 link error patch
Latest commit d63161a Jun 21, 2018

README.md

CocoaPods Compatible Platform GitHub license

TPInAppReceipt

A lightweight iOS library for reading and validating In-App Receipt.

Features

  • Parse the Payload and Extract the Receipt Attributes
  • Hash Verification
  • Verify the Receipt Signature
  • Verify Version and Bundle Identifiers

Installation

CocoaPods

To integrate TPInAppReceipt into your project using CocoaPods, specify it in your Podfile:

platform :ios, '8.3'

target 'YOUR_TARGET' do
    use_frameworks!

    pod 'TPInAppReceipt'
end

Then, run the following command:

$ pod install

Requirements

  • iOS 8.3+ / OSX 10.11+
  • Xcode 8.0+
  • Swift 3.0+

Openssl

OpenSSL is included as a built by https://github.com/jasonacox/Build-OpenSSL-cURL

Usage

Working With a Receipt

do {
  let receipt = try InAppReceipt.localReceipt() 
  
  //let receiptData: Data = ...
  //let receipt = try InAppReceipt.receipt(from: receiptData)
} catch {
  print(error)
}

Useful methods

// Retrieve Original TransactionIdentifier for Product Name
receipt.originalTransactionIdentifier(ofProductIdentifier: subscriptionName)

// Retrieve Active Auto Renewable Subscription's Purchases for Product Name and Specific Date
receipt.activeAutoRenewableSubscriptionPurchases(ofProductIdentifier: subscriptionName, forDate: Date())

// Retrieve All Purchases for Product Name
receipt.purchases(ofProductIdentifier: subscriptionName)

Receipt Validation

do {
    try r.verify()
} catch ReceiptValidatorError.hashValidationFaied {
    // Do smth
} catch ReceiptValidatorError.receiptSignatureVerificationFailed {
    // Do smth
} catch {
    // Do smth
}

In the above example, the validation process goes through the all verification steps. First, it verifies signature and make sure that it's valid. Second, it makes the hash validation by computing the hash of the GUID and matching with receipt's hash.

Hash Validation

do {
    try r.verifyHash()
} catch ReceiptValidatorError.hashValidationFaied {
    // Do smth
} catch {
    // Do smth
}

Signature Validation

do {
    try r.verifySignature()
} catch {
    // Do smth
}