search

Shopify / mobile-buy-sdk-ios

Shopify’s Mobile Buy SDK makes it simple to sell physical products inside your mobile app. With a few lines of code, you can connect your app with the Shopify platform and let your users buy your products using Apple Pay or their credit card.
MIT License
453 stars 198 forks source link

ApplePay - Self-signed vs Shopify-signed CSR #1229

Open storelab-team opened 6 months ago

storelab-team commented 6 months ago

Hi,

We've been using this SDK for well over 2 years now and had ApplePay working natively in our mobile apps using a self-signed CSR file. Recently it has stopped working and the payment would fail with no errors. Unfortunately this has resulted in us disabling native ApplePay from our mobile apps.

After some investigation, we found a solution where we use the Shopify generated CSR to create the Apple Pay certificate and upload the CER file back to Shopify. This is achieved by creating a "Custom App" for a given store: Shopify Admin Dashboard, navigate to Settings -> Apps and Sales Channels -> Custom App Development -> -> Configuration, then you will be able to see this settings page:

Screenshot 2024-01-22 at 09 58 21

As you can see, this is a very manual process and not the best user journey for our customers. Furthermore, it does not seem possible with live & published apps on the Shopify App Store as we do not get access to these configuration settings. Is this intentionally missing from the Storefront API / iOS Buy SDK or am I looking in the wrong place? If this is the only solution, it would also result in duplicate tokens being generated and not associate the ApplePay certificate to our app but instead the custom app even if the merchant ID is correctly linked.

I hope my question makes sense and I will gladly jump on a call to provide more context, insight and details if needed.

Unfortunately I've had no help from Shopify's other channels: Community, Support, Slack, Discord or Facebook

References: Local CSR - https://developer.apple.com/help/account/create-certificates/create-a-certificate-signing-request Shopify CSR - https://shopify.dev/docs/custom-storefronts/mobile-apps/buy-sdk-ios#enable-apple-pay

Thanks for you help.

meta-merritt commented 4 months ago

When you downloaded the Shopify CSR file and tried uploading it to Apple Developer, did you get the following error message from Apple? "CSR algorithm/size incorrect. Expected: RSA(2048)"

I used the Mac terminal to create a RSA encryption vs the elliptic curve public key. Uploaded the new CSR file to Apple Developer, worked just fine. Downloaded the Merchant ID cert, uploaded back to Shopify and it now gives me an error occurred while trying to save the cert. You run into these issues at all? Thanks