CODEWITHSUNDEEP
iosswift
Nir RD
Nir RD

Reputation: 13

Validate receipts iOS

Look like apple is making any type of update this month.... recently my app was rejected with this message

When validating receipts on your server, your server needs to be able to handle a production-signed app getting its receipts from Apple’s test environment. The recommended approach is for your production server to always validate receipts against the production App Store first. If validation fails with the error code "Sandbox receipt used in production," you should validate against the test environment instead.

My app was approved before ... this is the code that i m using

  //Sandbox URL
       //let url = URL(string: "https://sandbox.itunes.apple.com/verifyReceipt")!
        let url = URL(string: "https://buy.itunes.apple.com/verifyReceipt")!

    var request = URLRequest(url: url)
    request.httpMethod = "POST"
    request.httpBody = bodyData

    let task = URLSession.shared.dataTask(with: request) { (responseData, response, error) in
        if let error = error {
            completion(.failure(.other(error)))
        } else if let responseData = responseData {
            let json = try! JSONSerialization.jsonObject(with: responseData, options: []) as! Dictionary<String, Any>
            //print(json)
            let session = Session(receiptData: data, parsedReceipt: json)
            self.sessions[session.id] = session
            let result = (sessionId: session.id, currentSubscription: session.currentSubscription)
            completion(.success(result))
        }
    }

    task.resume()
}

Upvotes: 1

Views: 2122

Answers (1)

Mobile Ben
Mobile Ben

Reputation: 7331

You don't have to use a server. You can validate it on the client if you want. Or you could completely forgo any validation if you wanted (not recommended).

The rejection you are getting is most likely because this time around, they used a test env to validate IAP.

Their documentation states

If you are doing receipt validation, be sure to verify your receipt with the production URL (https://buy.itunes.apple.com/verifyReceipt) first. This applies even in the case where your app is used in the sandbox environment. App Review will review the production version of your app in the sandbox. When your app processes the receipt, it must be capable of detecting the 21007 receipt status code and sending the receipt to the sandbox receipt validation server (https://sandbox.itunes.apple.com/verifyReceipt). Once your app is approved and running in the production environment, sending the receipt to the production server first is the correct action.

Notice that they don't specify where the receipt validation is done.

What your code lacks is the fallback to the sandbox. Hence why they rejected you this time around.

Upvotes: 1

Related Questions