-
Notifications
You must be signed in to change notification settings - Fork 31
/
promotional_offer.py
42 lines (36 loc) · 2.07 KB
/
promotional_offer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Copyright (c) 2023 Apple Inc. Licensed under MIT License.
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.hashes import SHA256
from cryptography.hazmat.primitives.asymmetric.ec import ECDSA, EllipticCurvePrivateKey
import uuid
import base64
class PromotionalOfferSignatureCreator:
_signing_key: EllipticCurvePrivateKey
_key_id: str
_bundle_id: str
def __init__(self, signing_key: bytes, key_id: str, bundle_id: str):
self._signing_key = serialization.load_pem_private_key(signing_key, password=None, backend=default_backend())
self._key_id = key_id
self._bundle_id = bundle_id
def create_signature(self, product_identifier: str, subscription_offer_id: str, application_username: str, nonce: uuid.UUID, timestamp: int):
"""
Return the Base64 encoded signature
https://developer.apple.com/documentation/storekit/in-app_purchase/original_api_for_in-app_purchase/subscriptions_and_offers/generating_a_signature_for_promotional_offers
:param product_identifier: The subscription product identifier
:param subscription_offer_id: The subscription discount identifier
:param application_username: An optional string value that you define; may be an empty string
:param nonce: A one-time UUID value that your server generates. Generate a new nonce for every signature.
:param timestamp: A timestamp your server generates in UNIX time format, in milliseconds. The timestamp keeps the offer active for 24 hours.
:return: The Base64 encoded signature
"""
payload = self._bundle_id + '\u2063' + \
self._key_id + '\u2063' + \
product_identifier + '\u2063' + \
subscription_offer_id + '\u2063' + \
application_username.lower() + '\u2063'+ \
str(nonce).lower() + '\u2063' + \
str(timestamp)
return base64.b64encode(self._signing_key.sign(
payload.encode('utf-8'), ECDSA(SHA256())
)).decode('utf-8')