From c9c5a157d8f90f312b3affb90ba37a6612d8ffa5 Mon Sep 17 00:00:00 2001
From: Laurent <laurent@staxriver.com>
Date: Tue, 16 Jan 2024 14:23:02 +0100
Subject: [PATCH] test

---
 jwt_signed.txt         |  2 +-
 subscriptions/views.py | 34 ++++++++++++++++++++++++++--------
 token_generator.py     |  2 +-
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/jwt_signed.txt b/jwt_signed.txt
index 9dc6931..1c91206 100644
--- a/jwt_signed.txt
+++ b/jwt_signed.txt
@@ -1 +1 @@
-eyJhbGciOiJFUzI1NiIsImtpZCI6IkpaQzlMNzZURFQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiI2OWE2ZGU4My0wMmYyLTQ3ZTMtZTA1My01YjhjN2MxMWE0ZDEiLCJpYXQiOjE3MDUzOTYxMjMsImV4cCI6MTcwNTM5OTY2MywiYXVkIjoiYXBwc3RvcmVjb25uZWN0LXYxIiwiYmlkIjoic3RheC5TbGFzaFBva2VyLm5vc2VibGVlZCJ9.58Gr-6SuOER_AzTSdc0Lj_qvwxe0RqyAnOBW8uUiirmW-ocwENIhEkoCU5zs6z4HUqVR2MsOZFrdiR1hYvC5pQ
\ No newline at end of file
+eyJhbGciOiJFUzI1NiIsImtpZCI6IkpaQzlMNzZURFQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiI2OWE2ZGU4My0wMmYyLTQ3ZTMtZTA1My01YjhjN2MxMWE0ZDEiLCJpYXQiOjE3MDU0MDkxNjEsImV4cCI6MTcwNTQxMjcwMSwiYXVkIjoiYXBwc3RvcmVjb25uZWN0LXYxIiwiYmlkIjoic3RheC5TbGFzaFBva2VyLm5vc2VibGVlZCJ9.BYF6iaxsFE1bDO4U3K7PB-hkhkWcbZdIvfAlq8HZyPTyUPddEufTExPH8oKnaxoZrC-wfYJTL-eNwz-1z9IJ2A
\ No newline at end of file
diff --git a/subscriptions/views.py b/subscriptions/views.py
index 798d2c6..bc9452b 100644
--- a/subscriptions/views.py
+++ b/subscriptions/views.py
@@ -4,8 +4,11 @@ from django.views.decorators.csrf import csrf_exempt
 from .models import ASSNotification
 from django.conf import settings
 
-from appstoreserverlibrary.models.Environment import Environment
+
 from appstoreserverlibrary.signed_data_verifier import VerificationException, SignedDataVerifier
+from appstoreserverlibrary.api_client import AppStoreServerAPIClient, APIException
+from appstoreserverlibrary.models.Environment import Environment
+import requests
 
 import json, jwt
 import base64
@@ -20,7 +23,10 @@ from OpenSSL.crypto import (
   FILETYPE_PEM
 )
 
-from .validate_apple_storekit_2_jwt import get_validated_jwt_content
+ROOT_CER_URL = "https://www.apple.com/certificateauthority/AppleRootCA-G3.cer"
+G6_CER_URL = "https://www.apple.com/certificateauthority/AppleWWDRCAG6.cer"
+root_cert_bytes: bytes = requests.get(ROOT_CER_URL).content
+g6_cert_bytes: bytes = requests.get(G6_CER_URL).content
 
 # import app_store_notifications_v2_validator as asn2
 # from app_store_notifications_v2_validator import InvalidTokenError
@@ -42,14 +48,26 @@ def test(request):
 def app_store_webhook(request):
 
     decoded = request.body.decode('utf-8')
-    json = get_validated_jwt_content(decoded)
+    fulljson = json.loads(decoded)
+    signedPayload = fulljson['signedPayload']
+
+    client = AppStoreServerAPIClient(private_key_bytes, key_id, issuer_id, bundle_id, environment)
+    verifier = SignedDataVerifier([root_cert_bytes, g6_cert_bytes], False, environment, bundle_id)
+    try:
+        # response = client.get_transaction_info(<txn-id>)
+        decoded_txn = verifier.verify_and_decode_signed_transaction(signedPayload)
+        print(decoded_txn)
+
+        type = data['notificationType']
+
+        notification = ASSNotification(
+            content=type,
+        )
+        notification.save()
 
-    type = json['notificationType']
+    except APIException as e:
+        print(e)
 
-    notification = ASSNotification(
-        content=type,
-    )
-    notification.save()
 
 
     # Parse the JSON payload
diff --git a/token_generator.py b/token_generator.py
index 4c9c5a1..a5f08fe 100644
--- a/token_generator.py
+++ b/token_generator.py
@@ -43,7 +43,7 @@ key=key
 with open('jwt_signed.txt', 'w') as output:
      output.write(client_secret)
 
-# curl -X POST -v -H 'Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6IkpaQzlMNzZURFQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiI2OWE2ZGU4My0wMmYyLTQ3ZTMtZTA1My01YjhjN2MxMWE0ZDEiLCJpYXQiOjE3MDUzOTYxMjMsImV4cCI6MTcwNTM5OTY2MywiYXVkIjoiYXBwc3RvcmVjb25uZWN0LXYxIiwiYmlkIjoic3RheC5TbGFzaFBva2VyLm5vc2VibGVlZCJ9.58Gr-6SuOER_AzTSdc0Lj_qvwxe0RqyAnOBW8uUiirmW-ocwENIhEkoCU5zs6z4HUqVR2MsOZFrdiR1hYvC5pQ' https://api.storekit-sandbox.itunes.apple.com/inApps/v1/notifications/test 
+# curl -X POST -v -H 'Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6IkpaQzlMNzZURFQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiI2OWE2ZGU4My0wMmYyLTQ3ZTMtZTA1My01YjhjN2MxMWE0ZDEiLCJpYXQiOjE3MDU0MDkxNjEsImV4cCI6MTcwNTQxMjcwMSwiYXVkIjoiYXBwc3RvcmVjb25uZWN0LXYxIiwiYmlkIjoic3RheC5TbGFzaFBva2VyLm5vc2VibGVlZCJ9.BYF6iaxsFE1bDO4U3K7PB-hkhkWcbZdIvfAlq8HZyPTyUPddEufTExPH8oKnaxoZrC-wfYJTL-eNwz-1z9IJ2A' https://api.storekit-sandbox.itunes.apple.com/inApps/v1/notifications/test  
 # Usage, after run this code by python3
 # get token from `client_secret.txt` and replace to [signed token]
 # Remember expired time maximum is 20 minutes