How to verify non-renewing subscription

I am confused how to properly deal with the non-renewing subscription validation backend. My validation flow roughly like this: First, when user choose IAP item and click the 

Buy
button, it will send a 
POST
request to our backend for generating a order which will contain info like 
product_id
. And then return the 
order_id
to the ios. Secondly, the ios end call our receipt verify API which should be passed through some args including 
receipt_data
, 
order_id
, 
product_id
, 
transaction_id
. Thirdly, when above args passed, we query db with 
transaction_id
for avoid delivering dulplicate goods with same receipt. Then, sending a POST request to the App Store endpoint 
/verifyReceipt
. We parse the resp considering different style of receipt, get the 
status
field first to judge if its value equels to 
0
, then travesing the 
in_app
field to find if there is one which 
transaction_id
matches the one passed from ios. Then, we compare the 
product_id
with the matched one. Is there something else that i should pay attention to or there are some logic bugs?
Up vote post of gorgine_hoo Down vote post of gorgine_hoo
472 views
Posted by
gorgine_hoo
Reply
Add a Comment

Replies

What you write is hard to understand.

The app on the device does the entire purchase.

When it gets a call to updatedTransactions there is a receipt on the device.

Grab that receipt and either:


1) decode it in the app on the device using OpenSSL - check that the identifierForVendor is correct and of so believe the receipt


or


2) send the receipt securely to your server. have your server send the receipt to Apple servers to decode. check the receipt's transaction_id for a non-renewing subscription (there could be multiple such subscription purchases in one receipt) to be sure it is unique before accepting the receipt. If the transaction_id is unique, accept the content of the receipt (i.e. the product_id and any relevant dates) and provide the device with the subscription.

Posted by
PBK
Up vote reply of PBK Down vote reply of PBK
Add a Comment