Socket
Socket
Sign inDemoInstall

parse-tunes

Package Overview
Dependencies
8
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

parse-tunes

Library for fetching select data on iOS apps from the Apple Apple Store via undocumented internal iTunes APIs.


Version published
Maintainers
1
0

Weekly downloads

Readme

Source

parse-tunes

Library for fetching select data on iOS apps from the Apple Apple Store via undocumented internal iTunes APIs.

This library is able to fetch and parse data from undocumented internal API endpoints of the Apple App Store. Currently, it can fetch the charts of the most popular apps, according to various criteria, and details (including privacy labels) for individual apps. We'll extend the supported API endpoints in the future. The focus will mostly be on functions useful for research into mobile privacy and data protection.

As all the used endpoints are undocumented, we had to resort to reverse-engineering them. It is possible that we have misinterpreted the meaning of parameters or endpoints. It is also entirely possible that some or all of the endpoints will stop working out of the blue at some point, or change their request and/or response formats.

Installation

You can install parse-tunes using yarn or npm:

yarn add parse-tunes
# or `npm i parse-tunes`

API reference

A full API reference can be found in the docs folder.

Example usage

Fetch app top charts

The following example fetches the app IDs of the current 200 top free iPhone apps across all categories for Germany:

import { fetchTopApps, charts, countries, genres } from 'parse-tunes';

(async () => {
    const topChart = await fetchTopApps({ genre: genres.all, chart: charts.topFreeIphone, country: countries.DE });
    console.log(topChart.length); // 200
    console.log(topChart[0]); // 1186271926
})();

Fetching more app metadata in addition to the app IDs is currently not possible due to server-side limitations by the endpoint we're using. See #2 for details.

Fetch app metadata

The following example fetches the developer name and custom artwork for the Facebook app on iPhone for the German App Store in German:

import { fetchAppDetails } from 'parse-tunes';

(async () => {
    const appDetails = await fetchAppDetails({
        appId: 284882215,
        platforms: ['iphone'],
        attributes: ['artistName', 'customArtwork'],
        country: 'DE',
        language: 'de-DE',
    });
    console.log(appDetails.artistName);
    // Meta Platforms, Inc.
    console.log(appDetails.platformAttributes.ios?.customAttributes.default.default.customArtwork.url);
    // https://is5-ssl.mzstatic.com/image/thumb/Purple113/v4/45/ab/be/45abbeac-3a7e-aa86-c1c5-007c09df6d7c/Icon-Production-0-1x_U007emarketing-0-7-0-85-220.png/{w}x{h}{c}.{f}
})();

This function uses Apple's internal media API (amp-api.apps.apple.com), which requires a token. If you don't provide a token, one will be fetched automatically. If you want to fetch data for multiple apps, it is recommended to fetch the token once using fetchMediaApiToken() and pass it to all subsequent calls to fetchAppDetails() to avoid the unnecessary requests:

import { fetchAppDetails, fetchMediaApiToken } from 'parse-tunes';

(async () => {
    const token = await fetchMediaApiToken();

    for (const appId of [1444383602, 490109661, 462054704]) {
        const appDetails = await fetchAppDetails({
            appId,
            platforms: ['ipad', 'watch'],
            attributes: ['bundleId', 'isIOSBinaryMacOSCompatible'],
            country: 'US',
            language: 'en-US',
            token,
        });
        console.log(appDetails.platformAttributes.ios?.bundleId, '::', appDetails.isIOSBinaryMacOSCompatible);
    }
})();

Through the app details function, you can also fetch an app's privacy labels:

import { fetchAppDetails } from 'parse-tunes';

(async () => {
    const { privacyDetails } = await fetchAppDetails({
        appId: 1113153706,
        platforms: ['iphone'],
        attributes: ['privacyDetails'],
        country: 'DE',
        language: 'en-GB',
    });

    console.dir(privacyDetails, { depth: null });
})();
Privacy label response The response looks like this:
{
  managePrivacyChoicesUrl: null,
  privacyTypes: [
    {
      privacyType: 'Data Linked to You',
      identifier: 'DATA_LINKED_TO_YOU',
      description: 'The following data, which may be collected and linked to your identity, may be used for the following purposes:',
      dataCategories: [],
      purposes: [
        {
          purpose: 'Analytics',
          identifier: 'ANALYTICS',
          dataCategories: [
            {
              dataCategory: 'Location',
              identifier: 'LOCATION',
              dataTypes: [ 'Coarse Location' ]
            },
            {
              dataCategory: 'Identifiers',
              identifier: 'IDENTIFIERS',
              dataTypes: [ 'User ID', 'Device ID' ]
            },
            {
              dataCategory: 'Usage Data',
              identifier: 'USAGE_DATA',
              dataTypes: [ 'Product Interaction' ]
            },
            {
              dataCategory: 'Diagnostics',
              identifier: 'DIAGNOSTICS',
              dataTypes: [ 'Performance Data' ]
            }
          ]
        },
        {
          purpose: 'App Functionality',
          identifier: 'APP_FUNCTIONALITY',
          dataCategories: [
            {
              dataCategory: 'Location',
              identifier: 'LOCATION',
              dataTypes: [ 'Precise Location', 'Coarse Location' ]
            },
            {
              dataCategory: 'Contact Info',
              identifier: 'CONTACT_INFO',
              dataTypes: [ 'Email Address', 'Name', 'Phone Number' ]
            },
            {
              dataCategory: 'Contacts',
              identifier: 'CONTACTS',
              dataTypes: [ 'Contacts' ]
            },
            {
              dataCategory: 'User Content',
              identifier: 'USER_CONTENT',
              dataTypes: [
                'Photos or Videos',
                'Audio Data',
                'Other User Content'
              ]
            },
            {
              dataCategory: 'Identifiers',
              identifier: 'IDENTIFIERS',
              dataTypes: [ 'User ID', 'Device ID' ]
            },
            {
              dataCategory: 'Usage Data',
              identifier: 'USAGE_DATA',
              dataTypes: [ 'Product Interaction' ]
            },
            {
              dataCategory: 'Diagnostics',
              identifier: 'DIAGNOSTICS',
              dataTypes: [
                'Crash Data',
                'Performance Data',
                'Other Diagnostic Data'
              ]
            }
          ]
        }
      ]
    }
  ]
}

License

This code is licensed under the MIT license, see the LICENSE file for details.

Issues and pull requests are welcome! Please be aware that by contributing, you agree for your work to be licensed under an MIT license.

FAQs

Last updated on 24 Jan 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc