Search code examples
iphoneiosobjective-cstorekitmkstorekit

Why MKStoreKit isSubscriptionActive method is always returning NO?


Working in an app that uses StoreKit through MKStoreKit, I have noticed that the method for checking if a subscription is still valid is always returning 0 (NO or false).

I've tracked the error and I found that inside the method - (BOOL) isSubscriptionActive:(NSString*) featureId the jsonObject generated by this line:

id jsonObject = [NSJSONSerialization JSONObjectWithData:subscriptionProduct.receipt options:NSJSONReadingAllowFragments error:nil];

is nil.

Then I checked the error returned from this method, which is:

[MKStoreManager isSubscriptionActive:]] Error Domain=NSCocoaErrorDomain Code=3840 "The operation couldn’t be completed. (Cocoa error 3840.)" (No value for key in object around character 15.) UserInfo=0x200c0300 {NSDebugDescription=No value for key in object around character 15.} (lldb)

So then I checked the receipt and I found that the problem is that the supposed "JSON Receipt" is not a JSON, since it uses "=" instead of ":". I suppose that someone has already been dealing with this issue, so what is your solution?

EDIT I'm working with sandbox environment.


Solution

  • The receipt is not a JSON object. It's private format that should be passed to the App store for validation - you shouldn't be attempting to parse it yourself. From the In-App Purchase Programming Guide:

    Note: On iOS, the contents and format of the store receipt is private and subject to change. Your application should not attempt to parse the receipt data directly. Use the mechanism described here to validate the receipt and retrieve the information stored inside it.

    However, from my brief look at the MKSKSubscriptionProduct implementation, the codes appears to override the initial receipt data with the JSON response from the App Store's verification server. So some of the time that receipt property may be a valid JSON object and some of the time it won't be.

    In addition, the code appears to be validating the receipt with the App Store directly. This is considered a security risk. Quoting from Apple's recommendations regarding the iOS5 App Store vulnerability:

    The best practice for validating receipts is to send the receipt to your server, and have your server perform the validation with the App Store server. If your app connects to the App Store server directly from the device, your app may be affected by this vulnerability.

    The bottom line is that it looks to me like there are some bugs in the MKStoreKit implementation, and it might be worth raising these issues with the developer.

    Update

    I should add that the App Store sandbox environment has a tendency to break at the most inopportune times. It could just be that the sandbox is failing to respond to receipt verification requests, and as a result the MKSKSubscriptionProduct receipt is left it its initial non-JSON state, and thus the failure.

    If that is the case, you may find that it will suddenly start working at some point, once the sandbox has been fixed.