[email protected]

## [5.0.0-pre.3] - 2024-08-21

### Added
- Apple - Updated to [StoreKit 2](https://developer.apple.com/storekit/).
  - All features previously in StoreKit 1 are still supported.
  - New features from StoreKit 2 will be supported in a later release.
  - StoreKit 1 is no longer supported and iOS devices will require iOS 15.0 or later.
  - Added support for AppAccountToken, allowing associating purchases with an app-specific account identifier. It can be set using `SetAppAccountToken(Guid token)` on the StoreExtendedService (e.g., `IAppleStoreExtendedService.SetAppAccountToken`), and it is also exposed in the IAppleOrderInfo interface for better integration with order details. For more details, see [AppAccountToken documentation](https://developer.apple.com/documentation/storekit/transaction/appaccounttoken).
- Apple - Updated PrivacyInfo.xcprivacy to reflect that IAP no longer uses required reason API.

### Changed
- Apple - CrossPlatformValidator is no longer used for receipt validation for Apple since StoreKit2 does it.
- Apple - Receipt obfuscation for Apple has been removed.
- Apple - `Product.appleProductIsRestored` is now obsolete since it's no longer used with StoreKit2.

### Fixed
- Fixed Non-Consumables being treated as Consumables (introduced by Unity IAP 5.0.0-pre.1)

CHANGELOG.md

@@ -1,5 +1,23 @@
 # Changelog
 
+## [5.0.0-pre.3] - 2024-08-21
+
+### Added
+- Apple - Updated to [StoreKit 2](https://developer.apple.com/storekit/).
+  - All features previously in StoreKit 1 are still supported.
+  - New features from StoreKit 2 will be supported in a later release.
+  - StoreKit 1 is no longer supported and iOS devices will require iOS 15.0 or later.
+  - Added support for AppAccountToken, allowing associating purchases with an app-specific account identifier. It can be set using `SetAppAccountToken(Guid token)` on the StoreExtendedService (e.g., `IAppleStoreExtendedService.SetAppAccountToken`), and it is also exposed in the IAppleOrderInfo interface for better integration with order details. For more details, see [AppAccountToken documentation](https://developer.apple.com/documentation/storekit/transaction/appaccounttoken).
+- Apple - Updated PrivacyInfo.xcprivacy to reflect that IAP no longer uses required reason API.
+
+### Changed
+- Apple - CrossPlatformValidator is no longer used for receipt validation for Apple since StoreKit2 does it.
+- Apple - Receipt obfuscation for Apple has been removed.
+- Apple - `Product.appleProductIsRestored` is now obsolete since it's no longer used with StoreKit2.
+
+### Fixed
+- Fixed Non-Consumables being treated as Consumables (introduced by Unity IAP 5.0.0-pre.1)
+
 ## [5.0.0-pre.1] - 2024-07-26
 In-app purchasing 5.0.0 is a major overhaul of this package.
 Consult the `Coded IAP 5.0.0 Sample` for a complete example of how to use this new version.
@@ -17,7 +35,6 @@ Consult the `Coded IAP 5.0.0 Sample` for a complete example of how to use this n
 ### Fixed:
 - Apple - Fixed `SubscriptionPeriodUnit` to return the correct values: Week = 1, Month = 2 (previously Month = 1, Week = 2)
 - Apple - Fixed isFamilyShareable on tvOS to be only available on supported versions (14.0 and above).
-- Apple - Error codes when a purchase fails now always returns the code from Apple instead of defaulting to `SKErrorUnknown`.
 
 ### Changed
 - IAP logs are prefixed with `InAppPurchasing`.

Documentation~/UnityIAPValidatingReceipts.md

@@ -2,11 +2,11 @@
 
 If the content that the user is purchasing already exists on the device, the application simply needs to make a decision about whether to unlock it.
 
-Unity IAP provides tools to help you hide unpurchased content and to validate and parse receipts through Google Play and Apple stores.
+Unity IAP provides tools to help you hide unpurchased content and to validate and parse receipts through Google Play.
 
 ## Obfuscating encryption keys
 
-Receipt validation is performed using known encryption keys. For your application, this is an encrypted Google Play public key, and/or Apple's certificates.
+Receipt validation is performed using known encryption keys. For your application, this is an encrypted Google Play public key.
 
 If a user can replace these, they can defeat your receipt validation checks, so it is important to make it difficult for a user to easily find and modify these keys.
 
@@ -17,22 +17,20 @@ Unity IAP provides a tool that can help you obfuscate your encryption keys withi
 * For more recent versions: In the Project Settings for In-App Purchasing, under Receipt Obfuscator. Note that if you have followed the steps in the [Google Public Key Guide](GooglePublicKey.md) entered your Google Play public key in the dashboard, this text field may already be populated with it.
 ![The Obfuscator setting](images/IAPObfuscatorServiceSettings.png)
 
-This window encodes Apple's root certificate, [StoreKit Test certificate](https://developer.apple.com/documentation/Xcode/setting-up-storekit-testing-in-xcode) (which are bundled with Unity IAP) and your Google Play public key (copied by you from the application's [Google Play Developer Console's Services & APIs](https://developer.android.com/google/play/licensing/setting-up.html) page) into different C# classes: __AppleTangle__, __AppleStoreKitTestTangle__, and __GooglePlayTangle__. These are added to your project for use in the next section.
-
-Note that you do not have to provide a Google Play public key if you are only targeting Apple's stores, and vice versa.
+This window encodes your Google Play public key (copied by you from the application's [Google Play Developer Console's Services & APIs](https://developer.android.com/google/play/licensing/setting-up.html) page) into a C# class: __GooglePlayTangle__. This is added to your project for use in the next section.
 
 ## Validating receipts
 
-Use the `CrossPlatformValidator` class for validation across both Google Play and Apple stores.
+Use the `CrossPlatformValidator` class for validation across both Google Play.
 
-You must supply this class with either your Google Play public key or one of Apple's certificates, or both if you wish to validate across both platforms. Note that you cannot supply both Apple root and ["StoreKit Test"](https://developer.apple.com/documentation/Xcode/setting-up-storekit-testing-in-xcode)(*) certificates, and instead should pass only one, choosing that with a run-time or build-time switch.
+You must supply this class with your Google Play public key.
 
 The `CrossPlatformValidator` performs two checks:
 
 * Receipt authenticity is checked via signature validation.
 * The application bundle identifier on the receipt is compared to the one in your application. An **InvalidBundleId** exception is thrown if they do not match.
 
-Note that the validator only validates receipts generated on Google Play and Apple platforms. Receipts generated on any other platform, including fakes generated in the Editor, throw an __IAPSecurityException__.
+Note that the validator only validates receipts generated on Google Play platform. Receipts generated on any other platform, including fakes generated in the Editor, throw an __IAPSecurityException__.
 
 Be sure that your `CrossPlatformValidator` object has been created in time for processing your purchases. Note that during the initialization of Unity IAP, it is possible that pending purchases from previous sessions may be fetched from the store and processed. If you are using a persistent object of this type, create it before initializing Unity IAP.
 
@@ -43,16 +41,15 @@ public PurchaseProcessingResult ProcessPurchase (PurchaseEventArgs e)
 {
     bool validPurchase = true; // Presume valid for platforms with no R.V.
 
-    // Unity IAP's validation logic is only included on these platforms.
-#if UNITY_ANDROID || UNITY_IOS || UNITY_STANDALONE_OSX
+    // Unity IAP's validation logic is only included on Android.
+#if UNITY_ANDROID
     // Prepare the validator with the secrets we prepared in the Editor
     // obfuscation window.
     var validator = new CrossPlatformValidator(GooglePlayTangle.Data(),
-        AppleTangle.Data(), Application.identifier);
+        Application.identifier);
 
     try {
         // On Google Play, result has a single product ID.
-        // On Apple stores, receipts contain multiple products.
         var result = validator.Validate(e.purchasedProduct.receipt);
         // For informational purposes, we list the receipt(s)
         Debug.Log("Receipt is valid. Contents:");
@@ -76,56 +73,13 @@ public PurchaseProcessingResult ProcessPurchase (PurchaseEventArgs e)
 
 ````
 
-### Choose an Apple certificate: Apple Root or StoreKit Test
-
-(*)  Unity IAP supports receipt validation of purchases made with the StoreKit Test store simulation.
-
-Apple's Xcode 12 offers the ["StoreKit Test"](https://developer.apple.com/documentation/Xcode/setting-up-storekit-testing-in-xcode) suite of features for developers to more conveniently test IAP, without the need to use an Apple App Store Connect Sandbox configuration.
-
-Use the `AppleStoreKitTestTangle` class in place of the usual `AppleTangle` class, when constructing the `CrossPlatformValidator` for receipt validation. Note that both tangle classes are generated by the **Receipt Validation Obfuscator**.
-
-````
-public PurchaseProcessingResult ProcessPurchase (PurchaseEventArgs e)
-{
-    bool validPurchase = true;
-
-#if UNITY_ANDROID || UNITY_IOS || UNITY_STANDALONE_OSX
-    // Choose one Apple certificate. NOTE AppleStoreKitTestTangle requires
-    // the active Xcode Scheme set to use a StoreKit Configuration file.
-    // Here we use a symbol, defined either in code or Project Settings >
-    // Player > Scripting Define Symbols, to choose which Apple IAP system
-    // we intend to test with in Xcode, next.
-
-#if !DEBUG_STOREKIT_TEST
-    var validator = new CrossPlatformValidator(GooglePlayTangle.Data(),
-        AppleTangle.Data(), Application.identifier);
-#else
-    var validator = new CrossPlatformValidator(GooglePlayTangle.Data(),
-        AppleStoreKitTestTangle.Data(), Application.identifier);
-#endif
-
-    try {
-        validator.Validate(e.purchasedProduct.receipt);
-    } catch (IAPSecurityException) {
-        validPurchase = false;
-    }
-#endif
-
-    if (validPurchase) { }
-
-    return PurchaseProcessingResult.Complete;
-}
-
-````
-
-
 ### Deep validation
 
 It is important you check not just that the receipt is valid, but also what information it contains. A common technique by users attempting to access content without purchase is to supply receipts from other products or applications. These receipts are genuine and do pass validation, so you should make decisions based on the product IDs parsed by the __CrossPlatformValidator__.
 
 ## Store-specific details
 
-Different stores have different fields in their purchase receipts. To access store-specific fields, `IPurchaseReceipt` can be downcast to two different subtypes: `GooglePlayReceipt` and `AppleInAppPurchaseReceipt`.
+Different stores have different fields in their purchase receipts. To access store-specific fields, `IPurchaseReceipt` can be downcast to: `GooglePlayReceipt`.
 
 ````
 var result = validator.Validate(e.purchasedProduct.receipt);
@@ -144,36 +98,5 @@ foreach (IPurchaseReceipt productReceipt in result) {
         Debug.Log(google.purchaseState);
         Debug.Log(google.purchaseToken);
     }
-
-    AppleInAppPurchaseReceipt apple = productReceipt as AppleInAppPurchaseReceipt;
-    if (null != apple) {
-        Debug.Log(apple.originalTransactionIdentifier);
-        Debug.Log(apple.subscriptionExpirationDate);
-        Debug.Log(apple.cancellationDate);
-        Debug.Log(apple.quantity);
-    }
 }
 ````
-
-## Parsing raw Apple receipts
-
-Use the `AppleValidator` class to extract detailed information about an Apple receipt. Note that this class only works with iOS App receipts from version 7.0 onwards, not Apple's deprecated transaction receipts.
-
-````
-#if UNITY_ANDROID || UNITY_IOS || UNITY_STANDALONE_OSX
-var builder = ConfigurationBuilder.Instance(StandardPurchasingModule.Instance());
-// Get a reference to IAppleConfiguration during IAP initialization.
-var appleConfig = builder.Configure<IAppleConfiguration>();
-var receiptData = System.Convert.FromBase64String(appleConfig.appReceipt);
-AppleReceipt receipt = new AppleValidator(AppleTangle.Data()).Validate(receiptData);
-
-Debug.Log(receipt.bundleID);
-Debug.Log(receipt.receiptCreationDate);
-foreach (AppleInAppPurchaseReceipt productReceipt in receipt.inAppPurchaseReceipts) {
-    Debug.Log(productReceipt.transactionIdentifier);
-    Debug.Log(productReceipt.productIdentifier);
-}
-#endif
-````
-
-The `AppleReceipt` type models Apple's ASN1 receipt format. See [Apple's documentation](https://developer.apple.com/library/ios/releasenotes/General/ValidateAppStoreReceipt/Chapters/ReceiptFields.html#/apple_ref/doc/uid/TP40010573-CH106-SW1) for an explanation of its fields.

Documentation~/UnityIAPiOSMAS.md

@@ -106,127 +106,6 @@ public class AppleSimulateAskToBuy : MonoBehaviour {
 
 When the purchase is approved or rejected, your store's normal `ProcessPurchase` or `OnPurchaseFailed` listener methods are invoked.
 
-### Transaction Receipts
-Sometimes consumable Ask to Buy purchases don't show up in the App Receipt, in which case you cannot validate them using that receipt. However, iOS provides a Transaction Receipt that contains all purchases, including Ask to Buy. Access the most recent Transaction Receipt string for a given `Product` using `IAppleExtensions`.
-
-**Note**: Transaction Receipts are not available for Mac builds. Requesting a Transaction Receipt on a Mac build results in an empty string.
-
-```
-using System;
-using UnityEngine;
-using UnityEngine.Purchasing;
-using UnityEngine.Purchasing.Extension;
-
-public class AskToBuy : MonoBehaviour, IDetailedStoreListener
-{
-    // Unity IAP objects
-    private IStoreController m_Controller;
-    private IAppleExtensions m_AppleExtensions;
-
-    public AskToBuy ()
-    {
-        var builder = ConfigurationBuilder.Instance (StandardPurchasingModule.Instance ());
-        builder.AddProduct ("100_gold_coins", ProductType.Consumable, new IDs {
-            { "100_gold_coins_google", GooglePlay.Name },
-            { "100_gold_coins_mac", MacAppStore.Name }
-        });
-
-        UnityPurchasing.Initialize (this, builder);
-    }
-
-    /// <summary>
-    /// This will be called when Unity IAP has finished initialising.
-    /// </summary>
-    public void OnInitialized (IStoreController controller, IExtensionProvider extensions)
-    {
-        m_Controller = controller;
-        m_AppleExtensions = extensions.GetExtension<IAppleExtensions> ();
-
-        // On Apple platforms we need to handle deferred purchases caused by Apple's Ask to Buy feature.
-        // On non-Apple platforms this will have no effect; OnDeferred will never be called.
-        m_AppleExtensions.RegisterPurchaseDeferredListener (OnDeferred);
-    }
-
-    /// <summary>
-    /// This will be called when a purchase completes.
-    /// </summary>
-    public PurchaseProcessingResult ProcessPurchase (PurchaseEventArgs e)
-    {
-        if (Application.platform == RuntimePlatform.IPhonePlayer ||
-            Application.platform == RuntimePlatform.tvOS) {
-            string transactionReceipt = m_AppleExtensions.GetTransactionReceiptForProduct (e.purchasedProduct);
-            Console.WriteLine (transactionReceipt);
-            // Send transaction receipt to server for validation
-        }
-        return PurchaseProcessingResult.Complete;
-    }
-
-    /// <summary>
-    /// Called when a purchase fails.
-    /// IStoreListener.OnPurchaseFailed is deprecated,
-    /// use IDetailedStoreListener.OnPurchaseFailed instead.
-    /// </summary>
-    public void OnPurchaseFailed (Product i, PurchaseFailureReason p)
-    {
-        Debug.Log ("OnPurchaseFailed for ProductID: " + item.definition.id);
-        Debug.Log ("PurchaseFailureReason: " + p);
-    }
-
-    /// <summary>
-    /// Called when a purchase fails.
-    /// </summary>
-    public void OnPurchaseFailed (Product i, PurchaseFailureDescription p)
-    {
-         Debug.Log ("OnPurchaseFailed for ProductID: " + item.definition.id);
-         Debug.Log ("PurchaseFailureReason: " + p.reason);
-         Debug.Log ("More Details: " + p.message;
-    }
-
-    /// <summary>
-    /// iOS Specific.
-    /// This is called as part of Apple's 'Ask to buy' functionality,
-    /// when a purchase is requested by a minor and referred to a parent
-    /// for approval.
-    ///
-    /// When the purchase is approved or rejected, the normal purchase events
-    /// will fire.
-    /// </summary>
-    /// <param name="item">Item.</param>
-    private void OnDeferred (Product item)
-    {
-        Debug.Log ("Purchase deferred: " + item.definition.id);
-    }
-}
-```
-
-Unlike App Receipts, you cannot validate Transaction Receipts locally. Instead, you must send the receipt string to a remote server for validation. If you already use a remote server to validate App Receipts, send Transaction Receipts to the same Apple endpoint, to receive a JSON response.
-
-Example JSON response:
-
-```
-{
-    "receipt": {
-        "original_purchase_date_pst": "2017-11-15 15:25:20 America/Los_Angeles",
-        "purchase_date_ms": "1510788320209",
-        "unique_identifier": "0ea7808637555b2c633eb07aa1cb0894c821a6f9",
-        "original_transaction_id": "1000000352597239",
-        "bvrs": "0",
-        "transaction_id": "1000000352597239",
-        "quantity": "1",
-        "unique_vendor_identifier": "01B57C2E-9E91-42FF-9B0D-4983175D6694",
-        "item_id": "1141751870",
-        "original_purchase_date": "2017-11-15 23:25:20 Etc/GMT",
-        "product_id": "100.gold.coins",
-        "purchase_date": "2017-11-15 23:25:20 Etc/GMT",
-        "is_trial_period": "false",
-        "purchase_date_pst": "2017-11-15 15:25:20 America/Los_Angeles",
-        "bid": "com.unity3d.unityiap.demo",
-        "original_purchase_date_ms": "1510788320209"
-    },
-    "status": 0
-}
-```
-
 ## Intercepting Apple promotional purchases
 Apple allows you to promote [in-game purchases](https://developer.apple.com/app-store/promoting-in-app-purchases/#:~:text=inside%20your%20app.-,Overview,approved%20and%20ready%20to%20promote.&text=When%20a%20user%20doesn't,to%20download%20the%20app%20first.) through your app’s product page. Unlike conventional in-app purchases, Apple promotional purchases initiate directly from the App Store on iOS and tvOS. The App Store then launches your app to complete the transaction, or prompts the user to download the app if it isn’t installed.
 

Editor/Obfuscation/Entity/TangleFileConsts.cs

@@ -6,8 +6,6 @@ class TangleFileConsts
         internal const string k_PrevOutputPath = "Assets/Plugins/UnityPurchasing/generated";
         internal const string k_BadOutputPath = "Assets/Resources/UnityPurchasing/generated";
 
-        internal const string k_AppleClassPrefix = "Apple";
-        internal const string k_AppleStoreKitTestClassPrefix = "AppleStoreKitTest";
         internal const string k_GooglePlayClassPrefix = "GooglePlay";
         internal const string k_ObfuscationClassSuffix = "Tangle.cs";
     }