Feat: receipt verification (#5)

* Feat: receipt verification

* Add info about code

* Fix typos

* Chnage method name

Author: cp-sumi-k

.github/workflows/test.yml

@@ -14,4 +14,5 @@ jobs:
 
       - name: Run tests
         run: |
-          cd auth && go test .
+          cd auth && go test . && cd ..
+          cd receipt && go test . && cd ..

README.md

@@ -11,9 +11,9 @@ To use any apple service
 import github.com/canopas/apple-sdk-go/<service-name>
 ```
 
-## SignIn
+## Services
 
-Find reference of signIn flow in [auth doc](https://github.com/canopas/apple-sdk-go/blob/main/auth/README.md).
+- [SignIn](https://github.com/canopas/apple-sdk-go/blob/main/auth/README.md)
+- [Appstore receipt verification](https://github.com/canopas/apple-sdk-go/blob/main/receipt/README.md)
 
-For more information about apple sign in, please review [apple doc](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api).
 

auth/README.md

@@ -1,6 +1,6 @@
-# Go client library for signing in user
+# Go client library for signing in with apple
 
-Go client library for signing in user.
+For more information about apple sign in, please review [apple doc](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api).
 
 ## Install
 
@@ -21,8 +21,20 @@ go get github.com/canopas/apple-sdk-go/auth
 
 ```go
 
-// create auth client
-req, err := auth.NewClient("team-id", "client-id", "key-id", "secret-key-file-path")
+// Create new secret request with default client
+req, err := auth.WithDefaultClient("team-id", "client-id", "key-id", "secret-key-file-path")
+
+if err != nil {
+	log.Fatal(err.Error())
+}
+
+// OR
+// Create new secret request with custom client
+client := &http.Client{
+	Timeout: 10 * time.Second,
+}
+
+req, err := auth.WithCustomClient(client, "team-id", "client-id", "key-id", "secret-key-file-path")
 
 if err != nil {
 	log.Fatal(err.Error())

auth/client.go

@@ -1,12 +1,33 @@
 package auth
 
 import (
+	"errors"
 	"io/ioutil"
 	"net/http"
+	"time"
 )
 
-// Returns new secret request
-func NewClient(teamId, clientId, keyId, secretKeyPath string) (*Request, error) {
+var InvalidSecretFileMsg = "please specify secret key file path"
+
+// Returns new secret request with default client
+func WithDefaultClient(teamId, clientId, keyId, secretKeyPath string) (*Request, error) {
+	client := &http.Client{
+		Timeout: 10 * time.Second,
+	}
+	return createRequest(teamId, clientId, keyId, secretKeyPath, client)
+}
+
+// Returns new secret request with given client
+func WithCustomClient(client httpClient, teamId, clientId, keyId, secretKeyPath string) (*Request, error) {
+	return createRequest(teamId, clientId, keyId, secretKeyPath, client)
+}
+
+func createRequest(teamId, clientId, keyId, secretKeyPath string, client httpClient) (*Request, error) {
+
+	if secretKeyPath == "" {
+		return nil, errors.New(InvalidSecretFileMsg)
+	}
+
 	secretContent, err := ioutil.ReadFile(secretKeyPath)
 
 	if err != nil {
@@ -18,6 +39,6 @@ func NewClient(teamId, clientId, keyId, secretKeyPath string) (*Request, error)
 		ClientID:     clientId,
 		KeyID:        keyId,
 		ClientSecret: secretContent,
-		HttpClient:   &http.Client{},
+		HttpClient:   client,
 	}, nil
 }

auth/client_test.go

@@ -0,0 +1,17 @@
+package auth
+
+import (
+	"errors"
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCreateRequest(t *testing.T) {
+	gotResp, gotErr := createRequest("1234567890", "com.example.app", "abc123def4", "", &http.Client{})
+	expectedErr := errors.New(InvalidSecretFileMsg)
+
+	assert.Equal(t, expectedErr, gotErr)
+	assert.NotEqual(t, nil, gotResp)
+}

go.mod

@@ -4,9 +4,4 @@ go 1.18
 
 replace auth => ./auth
 
-require auth v0.0.0-00010101000000-000000000000
-
-require (
-	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
-	github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
-)
+replace receipt => ./receipt

go.sum

@@ -1,9 +0,0 @@
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
-github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

receipt/README.md

@@ -0,0 +1,48 @@
+# Go client library for verifying receipt-data from appstore
+
+For more information about appstore receipts, please review [apple doc](https://developer.apple.com/documentation/appstorereceipts).
+
+## Install
+
+```bash
+go get github.com/canopas/apple-sdk-go/receipt
+```
+
+## How to use?
+
+- **ReceiptData** :  base64 encoded receipt data
+
+- **Password** : Appstore shared secret (Ex: 8h1b362b673b442d8ali4b2141912948)
+
+```go
+
+// Create new IAP request with default client
+client := receipt.WithDefaultClient()
+
+// OR
+// Create new IAP request with custom client
+httpCli := &http.Client{
+	Timeout: 10 * time.Second,
+}
+
+client := receipt.WithCustomClient(httpCli)
+
+// verify receipt data
+response, err := client.Verify(context.Background(), receipt.IAPRequest{
+	ReceiptData: "your-receipt-data",
+	Password:    "shared-secret",
+})
+
+if err != nil {
+	log.Fatal(err.Error())
+}
+
+// handle errors if any
+if response.Status != 0 {
+	err = receipt.HandleErrors(response.Status)
+	log.Fatal(err.Error())
+}
+
+log.Println(response)
+
+```

receipt/errors.go

@@ -0,0 +1,59 @@
+// errors contains all possible errors info when proccessing with app store receipt
+package receipt
+
+import "errors"
+
+// list of errors
+var (
+	ErrAppStoreServer          = errors.New("appStore server error")
+	ErrInvalidJSON             = errors.New("the App Store could not read the JSON object you provided")
+	ErrInvalidReceiptData      = errors.New("the data in the receipt-data property was malformed or missing")
+	ErrReceiptUnauthenticated  = errors.New("the receipt could not be authenticated")
+	ErrInvalidSharedSecret     = errors.New("the shared secret you provided does not match the shared secret on file for your account")
+	ErrServerUnavailable       = errors.New("the receipt server is not currently available")
+	ErrReceiptIsForTest        = errors.New("this receipt is from the test environment, but it was sent to the production environment for verification. Send it to the test environment instead")
+	ErrReceiptIsForProduction  = errors.New("this receipt is from the production environment, but it was sent to the test environment for verification. Send it to the production environment instead")
+	ErrReceiptUnauthorized     = errors.New("this receipt could not be authorized. Treat this the same as if a purchase was never made")
+	ErrSubscriptionExpired     = errors.New("subscription has expired")
+	ErrDuplicateReceipt        = errors.New("duplicate receipt")
+	ErrInternalDataAccessError = errors.New("internal data access error")
+	ErrUnknown                 = errors.New("an unknown error occurred")
+)
+
+// Returns error message by status code
+// Use this method after verifying receipt, to check errors
+func HandleErrors(status int) error {
+	var e error
+	switch status {
+	case 0:
+		return nil
+	case 21000:
+		e = ErrInvalidJSON
+	case 21002:
+		e = ErrInvalidReceiptData
+	case 21003:
+		e = ErrReceiptUnauthenticated
+	case 21004:
+		e = ErrInvalidSharedSecret
+	case 21005:
+		e = ErrServerUnavailable
+	case 21006:
+		e = ErrSubscriptionExpired
+	case 21007:
+		e = ErrReceiptIsForTest
+	case 21008:
+		e = ErrReceiptIsForProduction
+	case 21009:
+		e = ErrInternalDataAccessError
+	case 21010:
+		e = ErrReceiptUnauthorized
+	default:
+		if status >= 21100 && status <= 21199 {
+			e = ErrInternalDataAccessError
+		} else {
+			e = ErrUnknown
+		}
+	}
+
+	return e
+}

receipt/go.mod

@@ -0,0 +1,15 @@
+module github.com/canopas/apple-sdk-go/receipt
+
+go 1.18
+
+require (
+	github.com/stretchr/testify v1.8.1
+	github.com/tj/assert v0.0.3
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/objx v0.5.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

receipt/go.sum

@@ -0,0 +1,22 @@
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/tj/assert v0.0.3 h1:Df/BlaZ20mq6kuai7f5z2TvPFiwC3xaWJSDQNiIS3Rk=
+github.com/tj/assert v0.0.3/go.mod h1:Ne6X72Q+TB1AteidzQncjw9PabbMp4PBMZ1k+vd1Pvk=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=