search

apple / app-store-server-library-node

MIT License
183 stars 38 forks source link

Not compatible with Bun #198

Closed Faolain closed 2 months ago

Faolain commented 2 months ago

Making a new issue here in case the other gets buried as it's closed

https://github.com/apple/app-store-server-library-node/issues/173#issuecomment-2334604252

When I import the library for use within Bun and execute

const appleRootCAs: Buffer[] = await loadAppleRootCertificates();
const enableOnlineChecks = true;
const environment = env.APPLE_ENVIRONMENT === "PRODUCTION"
? Environment.PRODUCTION
: Environment.SANDBOX;

const appAppleId = env.APPLE_ENVIRONMENT === "PRODUCTION"
? Number(env.APP_APPLE_ID)
: undefined; // appAppleId is required when the environment is Production

const verifier = new SignedDataVerifier(
appleRootCAs,
enableOnlineChecks,
environment,
bundleId,
appAppleId,
);

I get the error:

Error processing transaction: 40 |     constructor(appleRootCertificates, enableOnlineChecks, environment, bundleId, appAppleId) {
41 |         this.JWSRenewalInfoDecodedPayloadValidator = new JWSRenewalInfoDecodedPayload_1.JWSRenewalInfoDecodedPayloadValidator();
42 |         this.JWSTransactionDecodedPayloadValidator = new JWSTransactionDecodedPayload_1.JWSTransactionDecodedPayloadValidator();
43 |         this.responseBodyV2DecodedPayloadValidator = new ResponseBodyV2DecodedPayload_1.ResponseBodyV2DecodedPayloadValidator();
44 |         this.appTransactionValidator = new AppTransaction_1.AppTransactionValidator();
45 |         this.rootCertificates = appleRootCertificates.map(cert => new crypto_1.X509Certificate(cert));
                                                                       ^
TypeError: undefined is not a constructor (evaluating 'new crypto_1.X509Certificate(cert)')
      at /Users/desktopuser/backend/node_modules/@apple/app-store-server-library/dist/jws_verification.js:45:67
      at map (1:11)
      at new SignedDataVerifier (/Users/desktopuser/backend/node_modules/@apple/app-store-server-library/dist/jws_verification.js:45:55)

I assume this has something to do with the crypto module however Bun I thought had support for node functions whether via

import { X509Certificate } from "node:crypto";
new X509Certificate(...);

or

Although the export exists it is marked as "missing" here https://bun.sh/docs/runtime/nodejs-apis#node-crypto , and when I try the following:

import { X509Certificate } from "node:crypto";

const certs = await loadAppleRootCertificates();

for (const cert of certs) {
    const x509cert = new X509Certificate(cert);
    console.log(x509cert);
}

I get the error: SyntaxError: Export named 'X509Certificate' not found in module 'crypto'. any thoughts on using a polyfill/library that doesn't depend on the node library itself and can bundle in support which doesn't call the node lib? A microservice? Forking to use node-forge replacing the "node native (but not supported elsewhere)" crypto package? Either that or should the transactions then be manually verified using JOSE/jsonwebtoken? If so can you provide an example of this?

alexanderjordanbaker commented 2 months ago

As you stated, Bun does not appear to support X509Certificate at this time, which is part of the cryptographic verification process. As this is core cryptography to the process, we recommend using Node.js.

Faolain commented 2 months ago

Fair enough @alexanderjordanbaker! I created a workaround with Bun I will edit this thread with. Thank you.