Skip to main content
Question

Having trouble with Apple Server Notification Forwarding

  • May 10, 2024
  • 1 reply
  • 168 views
L
Forum|alt.badge.img+3

Hello, I am trying to setup Apple Server Notification Forwarding. I can verify that I am getting a notification forwarded to my api route, but I am having trouble parsing the response. 

When I try to verify the signedPayload against the in-app-purhcase-key I always get the JONSWebTokenError.

The I am using the same .p8 key that I uploaded to revenue cat. Any suggestions? 
 

export default async function handler(
  req: NextApiRequest,
  res: NextApiResponse
) {
  const signedPayload = req.body.signedPayload
  console.log('the signed payload', req.body.signedPayload)
  if (!signedPayload) {
    return res
      .status(400)
      .json({ error: 'Signed payload not found in request body' })
  }

  // Verify and decode the signed payload using your App Store public key
  // const publicKey =
  //   '-----BEGIN PRIVATE KEY----- *** my key ***
-----END PRIVATE KEY-----`

  console.log('private key', privateKey)

  let decodedPayload
  try {
    decodedPayload = jwt.verify(signedPayload, privateKey)
  } catch (error) {
    console.error('Error verifying signature:', error)
    return res.status(403).json({ error: 'Invalid signature' })
  }
pieces.pngCopy And Savelink.pngSharecopilot.pngAsk Copilotsettings.png

 

This post has been closed for comments

1 reply

wes_clark
RevenueCat Staff
Forum|alt.badge.img+6
  • wes_clark
  • RevenueCat Staff
  • 288 replies
  • May 14, 2024

Hi! I saw that you also reached out via an individual support ticket and were helped by my coworker, Jeffrey, but I just wanted to repost his response here as well in case anyone else runs into the same issue and comes across this post.

His Response:

“For context, when you add a forwarding URL to RevenueCat, we catch the notification from Apple and reply to them with a "Temporary Redirect" response, to which Apple follows the redirect and forwards the original notification to you. So, the server notification technically comes from Apple.
 
Here is Apple's documentation on receiving App Store Server Notifications: https://developer.apple.com/documentation/appstoreservernotifications/receiving_app_store_server_notifications
 
Specifically, here are instructions on parsing the signed payload: https://developer.apple.com/documentation/appstoreservernotifications/responsebodyv2

Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings