Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Default environment as Production for AppStoreServerAPIClient.java, for handling production usecase easily #86

Open
sagar-rai opened this issue Apr 2, 2024 · 3 comments
Open

Add Default environment as Production for AppStoreServerAPIClient.java, for handling production usecase easily #86

sagar-rai opened this issue Apr 2, 2024 · 3 comments

Comments

@sagar-rai
Copy link

Generally, while integrating the app to the production use case, its better to by default use the production api call and switch the endpoint in case the response code is 4040010. The decoded transaction info will already contain the correct environment, and it will be easier for the end users to integrate the library into their existing code base.

This makes the job for the end backend developer easier, as it will not require them to manually switch the context and they can do the separate processing if required for sandbox account based on the response from the client.
@sagar-rai
Copy link
Author

I propose that we add a similar flag while verifying the signed payload using the SignedDataVerifier class, by adding a boolean flag as method param which will enable or disable the environment check atleast in some of the methods like decoding the TransactionInfo, which in general in the production environment will also have some sandbox calls, due to regression/qa testing

if (!this.environment.equals(transaction.getEnvironment())) {
            throw new VerificationException(VerificationStatus.INVALID_ENVIRONMENT);
        }

@alexanderjordanbaker
Copy link
Collaborator

@sagar-rai When the app passes signed data to the server, it should also pass the expected environment, negating the need to check which environment is expected. The environment property can be found on-device here https://developer.apple.com/documentation/storekit/transaction/3963920-environment

@sagar-rai
Copy link
Author

sagar-rai commented Apr 2, 2024
edited

@alexanderjordanbaker i completely agree with your point, but i think for maintaining the backward compatibility with the older versions of the app which do not send the signed data but the receipt to the backend, which was earlier used in the verifyReceipt endpoint we can add these changes, in case the application is not sending the environment to the backend.

In these cases we can still use the ReceiptUtility class to extract the transaction Id and do the needful backend process, and in my opinion i think it would be better if we could integrate the above mentioned suggestions, else it adds an add on to the developer to integrate extra boilerplate code just for handling the environment

Please feel free to close the issue if you think the change is not needed @alexanderjordanbaker , else i can open a pr regarding the same

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexanderjordanbaker @sagar-rai