Is there a way to detect if a macOS app running is from the Mac App Store or not?

Question

I have this app of mine that is distributed on the Mac App Store and outside it, from my own site.

I need to detect, at run time, what version is running, so I can do some decisions inside the code.

Is there a way to detect that? How can I differentiate that? Is there a way to know if the app is signed for the App Store or not?

---

Edit: I have found this library but this is not good because it tells the app is not from the app store simply if the receipt is missing. But the receipt may be missing for other reasons. The lack of receipt is not a good enough reason.

Answer 1

I see two ways to do this:

1. Make a compile-time flag. Compile it one way for submission to the App Store, the other way for distribution outside the App Store.
2. Rather than just checking your app's code signature validity (as the library you found does), call SecCodeCopySigningInformation to get signature details, and look at the kSecCodeInfoCertificates array to see whether it includes your Developer ID cert or the "Apple Mac OS Application Signing" cert used by the App Store.

IMO the second option is significantly more complex and fragile; for example, if Apple changes how they sign App Store apps, your code may break. I'd go with the first option.