Venice is a simple gem for verifying Apple In-App Purchase receipts, and retrieving the information associated with receipt data.
There are two reasons why you should verify in-app purchase receipts on the server: First, it allows you to keep your own records of past purchases, which is useful for up-to-the-minute metrics and historical analysis. Second, server-side verification over SSL is the most reliable way to determine the authenticity of purchasing records.
See Apple's In-App Purchase Programming Guide for additional information.
Venice is named for Venice, Italy—or more specifically, Shakespeare's The Merchant of Venice. It's part of a series of world-class command-line utilities for iOS development, which includes Cupertino (Apple Dev Center management), Shenzhen (Building & Distribution), Houston (Push Notifications), and Dubai (Passbook pass generation).
$ gem install venice
require 'venice'
data = "(Base64-Encoded Receipt Data)"
if receipt = Venice::Receipt.verify(data)
p receipt.to_h
end
Venice also comes with the iap binary, which provides a convenient way to verify receipts from the command line.
$ iap verify /path/to/receipt
+--------------------------------+------------------------------------+
| Receipt |
+--------------------------------+------------------------------------+
| adam_id | 664753504 |
| application_version | 123 |
| bundle_id | com.example.product |
| download_id | 30000000000005 |
| expires_at | |
| latest_receipt | |
| original_application_version | 123 |
| original_purchase_date | Fri, 07 Mar 2014 20:59:24 GMT |
| receipt_type | Production |
| requested_at | Mon, 23 Jun 2014 17:59:38 GMT |
+--------------------------------+------------------------------------+
| in_app | 1 |
| - app_item_id | |
| - cancellation_at | |
| - expires_at | |
| - original_purchase_date | |
| - original_transaction_id | 1000000000000001 |
| - product_id | com.example.product |
| - purchase_date | |
| - quantity | 1 |
| - transaction_id | 1000000000000001 |
| - version_external_identifier | |
+--------------------------------+------------------------------------+
Mattt Thompson
Venice is available under the MIT license. See the LICENSE file for more info.
FAQs
Unknown package
We found that bn-venice demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.