import jwt from 'jsonwebtoken';
import { httpAction } from '../_generated/server';
export const proccessAppStoreNotifications = httpAction(async (ctx, req) => {
const {signedPayload, unified_receipt} = await req.json();
// Check for signedPayload (version 2 notifications)
if (signedPayload) {
console.log('signed Payload:', signedPayload);
// Load the public key from a secure location or environment variable
const publicKey = process.env.APPLE_PUBLIC_KEY;
if (!publicKey) {
throw new Error('Public key not configured');
}
try {
// Verify the JWS signedPayload using Apple's public key
const payload = jwt.verify(signedPayload, publicKey);
// Perform your business logic here, such as updating user subscriptions, etc.
return new Response('Subscription update handled in convex', { status: 200 });
} catch (error) {
console.error('Error verifying JWS:', error);
return new Response('Invalid signature', { status: 400 });
}
}
return new Response('Invalid notification format', { status: 400 });
});
import jwt from 'jsonwebtoken';
import { httpAction } from '../_generated/server';
export const proccessAppStoreNotifications = httpAction(async (ctx, req) => {
const {signedPayload, unified_receipt} = await req.json();
// Check for signedPayload (version 2 notifications)
if (signedPayload) {
console.log('signed Payload:', signedPayload);
// Load the public key from a secure location or environment variable
const publicKey = process.env.APPLE_PUBLIC_KEY;
if (!publicKey) {
throw new Error('Public key not configured');
}
try {
// Verify the JWS signedPayload using Apple's public key
const payload = jwt.verify(signedPayload, publicKey);
// Perform your business logic here, such as updating user subscriptions, etc.
return new Response('Subscription update handled in convex', { status: 200 });
} catch (error) {
console.error('Error verifying JWS:', error);
return new Response('Invalid signature', { status: 400 });
}
}
return new Response('Invalid notification format', { status: 400 });
});
