I wrote an article the other week about subscriptions, receipts, and StoreKit in iOS14 (you can find it here). Towards the end of the article, I showed an example of a receipt I had validated through the Apple server API call.

Now I mentioned it in passing, but if you check the Apple documentation, you surely can’t help but notice this message in a red box.

A warning cut-and-pasted from the Apple Developer web page

And yes, that’s exactly what I did in the previous article to show you what a receipt looks like — and how I started to validate it. So why do Apple say this, and what’s wrong with that process? Here’s a quick table that briefly explains the difference.

Let’s walk through the validation of a receipt, learning how to locally validate it and, in doing so, understanding what could go wrong. Now I’m going to assume you’ve read the other article and have some receipts to play with. It makes no sense for me to play on my own — you need to join in, too.

I’m also going to assume in this article that you’re reasonably comfortable with the UNIX shell, too. The plan is to use some tools — like OpenSSL and others — to parse a receipt where I can. I aim do so in order to focus on the process and not so much on the code.

#swift #programming #ios #in-app-purchase #xcode