Pull Request: StoreKit 2 Support & Google Cloud Service Account Integration#380
Open
ugrkbt wants to merge 28 commits intovoltrue2:developfrom
Open
Pull Request: StoreKit 2 Support & Google Cloud Service Account Integration#380ugrkbt wants to merge 28 commits intovoltrue2:developfrom
ugrkbt wants to merge 28 commits intovoltrue2:developfrom
Conversation
# Conflicts: # package.json
- Add @apple/app-store-server-library dependency - Create lib/appleStoreKit2.js module with App Store Server API support - Add APPLE_STOREKIT2 service type to constants - Integrate StoreKit 2 into index.js (validate, validateOnce, getPurchaseData) - Add getSubscriptionStatus() and getTransactionHistory() API functions - Add comprehensive unit tests (12 passing tests) - Update README.md with StoreKit 2 documentation and usage examples
- Refactor setup to initialize multiple App Store Server clients (Prod & Sandbox) - Implement executeWithFallback mechanism to retry validation in alternate environment if transaction not found - Support automatic fallback for validatePurchase, getSubscriptionStatus, and getTransactionHistory - Fix var declaration issue in appleStoreKit2.js
…tion when configured and a transaction ID is present, including documentation and tests.
…data verification and update a console log message.
…g `httpStatusCode` and the `4040010` API error code.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR introduces major updates to the library, including modern Apple StoreKit 2 support and a streamlined Google Cloud integration for Android validation.
📋 Key Changes
Added a new feature to validate Google Play purchases using the Default Service Account when running within Google Cloud environments (e.g., Google Cloud Functions, Cloud Run).
Removes the need to manually provide googleServiceAccount, clientEmail, or privateKey in the configuration.
Usage: Simply set googleCloudUse: true in iap.config.
Integrated the official @apple/app-store-server-library.
Implemented JWT-based authentication and JWS (JSON Web Signature) signed transaction verification.
Provides cleaner, structured API responses with more detailed purchase data.
Optimized for projects using the Unity IAP plugin.
The library now automatically detects if a TransactionID is present within a Unity Apple receipt.
If the appleStoreKit2 configuration is active, the system automatically upgrades the validation to StoreKit 2.
This allows legacy project structures to move to the new API without client-side code changes.
Improved Retry Logic: If an Apple transaction is not found (404) in Production, the library automatically retries in the Sandbox environment. This ensures 100% reliability for TestFlight users and internal testers.
Embedded the Apple Root CA G3 certificate directly into the code to prevent SignedDataVerifier initialization failures across different server environments. This makes the StoreKit 2 setup "plug-and-play."
🛠 Technical Summary
Google Integration: Updated
lib/google.js
to support googleCloudUse flag for automatic environment-based authentication.
Apple Integration: Added
lib/appleStoreKit2.js
to encapsulate all modern App Store Server API logic.
Routing: Modified
index.js
validate
and
validateOnce
functions to support automatic service detection and Unity receipt upgrading.
Backward Compatibility: All existing v1.5 validation methods (iap.APPLE, iap.GOOGLE with manual keys) remain fully supported.
🧪 Test Status
Google Cloud default credentials validation logic.
Unity receipt -> StoreKit 2 automatic upgrade path.
Apple Production/Sandbox fallback logic.
Comprehensive testing via
test/storekit_switch.test.js
.