Inline the iab_verifier

2025-10-03 09:49:32 +02:00 · 2022-03-28 02:00:00 +02:00 · 2022-03-28 02:00:00 +02:00 · d778df9df0
commit d778df9df0
parent 2ab23ea811
4 changed files with 52 additions and 39 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -16,7 +16,6 @@
        "email-addresses": "^3.1.0",
        "express": "^4.17.1",
        "http-errors": "^1.8.0",
        "iab_verifier": "^0.1.2",
        "lodash": "^4.17.21",
        "mariadb": "^2.5.2",
        "nodemailer": "^6.7.2",
@ -1217,12 +1216,6 @@
        "node": ">= 8"
      }
    },
    "node_modules/crypto": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/crypto/-/crypto-1.0.1.tgz",
      "integrity": "sha512-VxBKmeNcqQdiUQUW2Tzq0t377b54N2bMtXO/qiLa+6eRRmmC4qT3D4OnTGoT/U6O9aklQ/jTwbOtRMTTY8G0Ig==",
      "deprecated": "This package is no longer supported. It's now a built-in Node module. If you've depended on crypto, you should switch to the one that's built-in."
    },
    "node_modules/cuint": {
      "version": "0.2.2",
      "resolved": "https://registry.npmjs.org/cuint/-/cuint-0.2.2.tgz",
@ -2150,17 +2143,6 @@
        "node": ">= 0.6"
      }
    },
    "node_modules/iab_verifier": {
      "version": "0.1.2",
      "resolved": "https://registry.npmjs.org/iab_verifier/-/iab_verifier-0.1.2.tgz",
      "integrity": "sha1-2t5VDuOJu96FaLL0ynHV0RFQCV4=",
      "dependencies": {
        "crypto": "*"
      },
      "engines": {
        "node": ">= 0.10.0"
      }
    },
    "node_modules/iconv-lite": {
      "version": "0.4.24",
      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
@ -6344,11 +6326,6 @@
        "which": "^2.0.1"
      }
    },
    "crypto": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/crypto/-/crypto-1.0.1.tgz",
      "integrity": "sha512-VxBKmeNcqQdiUQUW2Tzq0t377b54N2bMtXO/qiLa+6eRRmmC4qT3D4OnTGoT/U6O9aklQ/jTwbOtRMTTY8G0Ig=="
    },
    "cuint": {
      "version": "0.2.2",
      "resolved": "https://registry.npmjs.org/cuint/-/cuint-0.2.2.tgz",
@ -7079,14 +7056,6 @@
        "toidentifier": "1.0.1"
      }
    },
    "iab_verifier": {
      "version": "0.1.2",
      "resolved": "https://registry.npmjs.org/iab_verifier/-/iab_verifier-0.1.2.tgz",
      "integrity": "sha1-2t5VDuOJu96FaLL0ynHV0RFQCV4=",
      "requires": {
        "crypto": "*"
      }
    },
    "iconv-lite": {
      "version": "0.4.24",
      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
--- a/package.json
+++ b/package.json
@ -55,7 +55,6 @@
    "email-addresses": "^3.1.0",
    "express": "^4.17.1",
    "http-errors": "^1.8.0",
    "iab_verifier": "^0.1.2",
    "lodash": "^4.17.21",
    "mariadb": "^2.5.2",
    "nodemailer": "^6.7.2",
--- a/src/function/purchase/iab_verifierr.ts
+++ b/src/function/purchase/iab_verifierr.ts
@ -0,0 +1,48 @@
 /*
 * The MIT License
 *
 * Copyright (c) Paul Crawford
 * Copyright (c) 2020 Jonas Lochmann
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
 import { createPublicKey, createVerify, KeyObject } from 'crypto'
 const ALGORITHM = 'RSA-SHA1'
 export class IABVerifier {
  private readonly publicKey: KeyObject
  constructor(publicKeyString: string) {
    this.publicKey = createPublicKey({
      key: Buffer.from(publicKeyString, 'base64'),
      format: 'der',
      type: 'spki'
    })
  }
  verifyReceipt(signedData: string, signature: string) {
      const verifier = createVerify(ALGORITHM)
      verifier.update(signedData)
      return verifier.verify(this.publicKey, signature, 'base64')
  }
 }
--- a/src/function/purchase/verification.ts
+++ b/src/function/purchase/verification.ts
@ -15,21 +15,18 @@
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
-const IABVerifier: new (publicKey: string) => {
+import { IABVerifier } from './iab_verifierr'
  verifyReceipt: (data: string, signature: string) => boolean
  // eslint-disable-next-line @typescript-eslint/no-var-requires
 } = require('iab_verifier')
 export const googlePlayPublicKey = process.env.GOOGLE_PLAY_PUBLIC_KEY || ''
-const verifier = new IABVerifier(googlePlayPublicKey)
+const verifier = googlePlayPublicKey !== '' ? new IABVerifier(googlePlayPublicKey) : null
-export const areGooglePlayPaymentsPossible = !!googlePlayPublicKey
+export const areGooglePlayPaymentsPossible = !!verifier
 export const isGooglePlayPurchaseSignatureValid = ({ receipt, signature }: {
  receipt: string
  signature: string
 }) => {
-  if (googlePlayPublicKey) {
+  if (verifier) {
    return verifier.verifyReceipt(receipt, signature)
  } else {
    return false