soulchild’s Profile | Apple Developer Forums

Replied In Restore non-renewable subscription

Hi Frank, all non-renewing subscription purchase transactions will be recorded in the receipt, you can call SKReceiptRefresh to get the latest receipt for the app, and all the previous non-renewing subscription transactions will be stored there. https://developer.apple.com/documentation/storekit/skreceiptrefreshrequest I am using non-renewing subscription for my own app without server, and it restores just fine.

Replied In Non-Renewing Subscription multiple Times

If it is a non-renewing subscription, user can buy the same product again and again. Your app will need to check whether the user is still within the particular challenge period (within 30 days after buying the daily workout challenge), so that they wont accidentally buy the same challenge again while still inside the 30 days period.

Replied In For a free app downloaded from the app store, whether there is a receipt as soon as the app is opened.

Yes, if an app is downloaded from App Store, the receipt will be included in the app bundle by default, even if the app is free.

Replied In Is Sign in with Apple is also mandatory for older version of iOS ?

Yes, App Store Reviewer will review your app using the latest iOS (which is 13 now), if Sign in with Apple works on their review device, your app will pass the review.

Replied In another invalid_client issue

Just to confirm, did you generate the public key using your .p8 private key, and use that public key in https://jwt.io/#debugger to verify that the signature of your generated client secret is correct?Another suggestion from me would be to remove the "User-Agent" header and see if it works

Replied In What is 3rd part in id_token decoded response?

The third part is the signature, which is an encrypted hash of header + body, which is encrypted using Apple's private key.The signature is used to verify that the id_token indeed comes from Apple, not maliciously crafted by the end user or attacker.You can verify the signature using the Apple's public key : https://appleid.apple.com/auth/keys

Replied In "invalid_client" no matter what I do.

How did you generate the client secret? Can you post the code you used to generate your client secret? Most likely the issue is because the signature is incorrect for the client secret JWT.

Replied In Will Apple change the public key in the future?

Yes it can and has changed before. Few months ago Apple public key was AIDOPK1, then this month they have changed to other Key ID. My guess would be like Apple change the public key once every month? You can set up a cron job to call the public key endpoint once every 24 hours, then save the latest public keys JSON into your database (and replace the old one), then your backend can use the saved public keys to verify the identityToken.

Replied In another invalid_client issue

My guess would be the signature generation part might be incorrect, which generated DER encoded format instead of the raw concatenation of the R and S values, as explained further in this StackOverflow answer.You can generate the public key of your .p8 private key by running this code in the terminal :openssl ec -in AuthKey_123ABC456.p8 -pubout -out AuthKey_123ABC456_Public.p8Then using the public key generated, you can paste your client secret JWT in https://jwt.io/#debugger , and paste the public key to check if the signature verification succeed. If it fails, it mean that there's something wrong with signature generation.

Replied In Appstore connect keeps rejecting App Preview Video!

Did you get it working? I am facing the same exact issue! Seems like I have no choice to submit the app without app video previews though 😟

User Profile

soulchild

Posts

Posts