发表新帖
发表新帖

Mac App Store Receipt Validation Code?

前端 未结
关注
13 1667
广开言路
广开言路 2020-12-07 09:04

Wondering if anyone has a tutorial or working code for the new Mac App Store\'s receipt validation? About the only references I\'ve been able to find so far are Apple\'s st

相关标签:
13条回答
  • 执笔经年
    2020-12-07 09:27

    When creating the sample receipt from Apple Docs, be sure not to include any extra characters after 'end' else the uudecode will fail.

    0 讨论(0)
  • 情歌与酒
    2020-12-07 09:30

    I reviewed Alan Quartermain's code and it looks good. Something to think about:

    the last parameter here could/should be a compiled requirement stating that the code must be signed by YOUR certificate and no-one else's.

    When the developer submits an app to the store for approval, the signing certificates are as follows:

    3rd Party Mac Developer Application: me
Apple Worldwide Developer Relations Certification Authority
Apple Root CA

    After the app is delivered from the App Store to the end user, the signing certificates are as follows:

    Apple Mac OS Application Signing
Apple Worldwide Developer Relations Certification Authority
Apple Root CA

    Also, I suggest only exit(173) when the receipt is missing, but everything else is in order.

    0 讨论(0)
  • 一向
    2020-12-07 09:30

    Yes, in their docs it says, "It is important that you employ a solution that is unique to your application."

    0 讨论(0)
  • 被撕碎了的回忆
    2020-12-07 09:35

    Be sure to check that you are validating a receipt for your app. Easy to do all the crypto and verification of signatures for the wrong receipt.

    See http://pastebin.com/1eWf9LCg where it looks like Angry Birds missed this bit and left them open to people substituting in a receipt from a free app.

    Alan Quatermain also has code to do this up on github. https://github.com/AlanQuatermain/mac-app-store-validation-sample

    It should not be used as-is to avoid automated removal.

    0 讨论(0)
  • 我寻月下人不归
    2020-12-07 09:35

    You can Refer the RVNReceiptValidation it is easy to implement. Just you have to set the Bundle id in RVNReceiptValidation.m file and version of your App. Remember to get the receipt from the apple you have to launch the app from the Finder. This Class also helps in the implementation of InApp Purchase.

    0 讨论(0)
  • 我寻月下人不归
    2020-12-07 09:35

    Even with NPReceiptValidation you still should validate the security of your application bundle including the signing certificates. This is documented in the WWDR recommendations for developers.

    A solution: http://itunes.apple.com/us/app/apptight-pro-app-store-code/id427083596?mt=12

    One potential problem with NPReceiptValidation is that method selectors on Cocoa objects are very easy to hijack. It's the most popular way of extending apps.

    Here's another tool for assisting with In-App purchase parsing:

    http://itunes.apple.com/us/app/pkcs-7viewer/id547539804?mt=12

    0 讨论(0)
 看不清?
提交回复
热议问题