Somebody steered that I modify my iOS / backend buy verification from utilizing receipts to transactions because it’s the way in which to go in StoreKit 2.
So I applied it in my Node.JS backend.
Nonetheless, I’ve a problem the place this code (I substituted delicate information):
operate loadKeyFromP8File() {
const path="./SomeKey.p8";
return fs.readFileSync(path, 'utf8');
}
operate generateAppleJWT() {
const privateKey = loadKeyFromP8File();
const keyId = 'Some ID';
const issuerId = 'SomeIssuerID';
const payload = {
iss: issuerId,
aud: 'appstoreconnect-v1',
sub: 'some Bundle ID',
iat: Math.ground(Date.now() / 1000),
};
const token = jwt.signal(payload, privateKey, {
algorithm: 'ES256',
expiresIn: '5m',
issuer: issuerId,
header: {
alg: 'ES256',
child: keyId
}
});
return token;
}
Returns big trunk of errors associated to 401 error IF I take away issuerID both from Payload or Token. Nonetheless, if I duplicate issuerID such as you see within the code – I do not get 401, however solely this error:
Dangerous “choices.issuer” possibility. The payload already has an “iss” property.
Can I safely ignore it?
P.S: I am in sandbox setting, btw.
