search

awa / go-iap

go-iap verifies the purchase receipt via AppStore, GooglePlayStore, AmazonAppStore and Huawei HMS.
MIT License
890 stars 248 forks source link

Sandbox 401 error by appstore server api #283

Closed takeone90 closed 5 months ago

takeone90 commented 5 months ago

I'm migrating the App Store Server API for iOS. I understand that Sandbox and Production differ only in their endpoints (with KeyID, BundleID, Issuer, and KeyContent being the same). However, when I call GetTransactionInfo() with the TransactionID of a Sandbox receipt, I receive a 401 response.

Please help.

richzw commented 5 months ago

You may get the details of the error from app store api error https://github.com/awa/go-iap/blob/master/appstore/api/store.go#L583, you could find more error information from errorMessage, related docs https://developer.apple.com/documentation/appstoreserverapi/error_codes @takeone90

takeone90 commented 5 months ago

You may get the details of the error from app store api error https://github.com/awa/go-iap/blob/master/appstore/api/store.go#L583, you could find more error information from errorMessage, related docs https://developer.apple.com/documentation/appstoreserverapi/error_codes @takeone90

First off, thanks for your reply. @richzw I checked the part you mentioned about newAppStoreAPIError(), and the StatusCode is 401 with an empty bodyBytes, so it returns 'nil, false'. I couldn't get detailed information. Is this an issue with the API server?

richzw commented 5 months ago

You may get the details of the error from app store api error https://github.com/awa/go-iap/blob/master/appstore/api/store.go#L583, you could find more error information from errorMessage, related docs https://developer.apple.com/documentation/appstoreserverapi/error_codes @takeone90

First off, thanks for your reply. @richzw I checked the part you mentioned about newAppStoreAPIError(), and the StatusCode is 401 with an empty bodyBytes, so it returns 'nil, false'. I couldn't get detailed information. Is this an issue with the API server?

After reviewing the doc again, the 401 means

401 Unauthorized The JSON Web Token (JWT) in the authorization header is invalid. For more information, see Generating JSON Web Tokens for API requests.

Please double check those KeyID, BundleID, Issuer, and KeyContent are correct. @takeone90

takeone90 commented 5 months ago

@richzw Oh my god, I found the worst mistake... One of the letters in the BundleID was uppercase... I'm sorry. Thank you so much, you've helped me cut down on a lot of wasted time.

But why is there no issue with Production...????