Skip to content

Instantly share code, notes, and snippets.

behe / app_store_server_notifications_v2_validation.livemd
Created February 14, 2022 07:39
Apple App Store Server Notifications v2 validation
View app_store_server_notifications_v2_validation.livemd

Apple App Store Server Notifications v2 validation


I recently had to upgrade our backend's handling of App Store Server Notifications to the new v2 version. The old version had pretty basic security by only having a supplied password in the response that you verified with what you had configured it to be in App Store Connect. The new version on the other hand is now in JWS (JSON Web Signature) signed with an Apple X.509 certificate chain. Since it was not straight forward to figure out how to verify this certificate chain and signature I wanted to write down how I was able to do it in Elixir:

The following steps are needed to verify the notifications:

behe / gc_count.exs
Last active November 11, 2016 09:38 — forked from samuell/gc_count.exs
View gc_count.exs
defmodule ATGCCount do
def count(sequence), do: cnt(String.to_char_list(sequence),0,0)
def cnt([65|t],at,gc), do: cnt(t,at+1,gc)
def cnt([84|t],at,gc), do: cnt(t,at+1,gc)
def cnt([71|t],at,gc), do: cnt(t,at,gc+1)
def cnt([67|t],at,gc), do: cnt(t,at,gc+1)
def cnt([62|_],at,gc), do: {at,gc}
def cnt([],at,gc), do: {at,gc}
# def cnt(_,0,0), do: {0,0}
def cnt([_|t], at, gc), do: cnt(t,at,gc)
behe / fizzbuzz.exs
Last active August 29, 2015 14:05
FizzBuzz in Elixir
View fizzbuzz.exs
defmodule FizzBuzz do
def up_to(n) do
|> Enum.to_list
|> Enum.join " "
behe / gist:2145979
Created March 21, 2012 10:14
Reload .rvmrc after git checkout
View gist:2145979
# Put this is your .profile, .bashrc or similar to automatically reload your .rvmrc after git checkouts
git() { command git "$@" ; if [[ "$@" == *checkout* ]]; then [[ -s .rvmrc ]] && . .rvmrc; fi }