Ruben avatar image
Ruben asked

IAP SDK not responding in sandbox mode due to permission issue

IAP SDK version: 2.0.76

This issue is present in the version 3.0.3 of the AppStore SDK as well.

We have a problem with the IAP sandbox mode not responding at all after invoking PurchasingService.getUpdates(true)

After investigating, I found out that the issue is related to a permission required by the ResponseReceiver we have to declare in our AndroidManifest:

W/BroadcastQueue: Permission Denial: broadcasting Intent { flg=0x10 pkg=redacted (has extras) } from (pid=9055, uid=10287) requires due to receiver redacted/

This problem seems to have started out of nowhere, as we didn’t have this issue a couple of weeks back.

The documentation for this ResponseReceiver states the following:

      android:permission="" >
      <action android:name="" />

However, the official IAP samples contain a different AndroidManifest setup:

            android:permission="" />

This apparently works, but it doesn’t match Google’s official recommendations for secure BroadcastReceivers:

My guess is that it works because it's actually not protecting the Receiver at all.

So this leaves me with the following questions:

  1. Why is the IAP sample’s AndroidManifest configuration different than the official documentation?

  2. Is the BroadcastReceiver in the IAP sample really protecting against broadcasts sent from other apps? I’m not sure if the permission attribute inside the action block does anything

  3. Is there a way to disable sandbox in debug builds? Disabling sandbox mode using this command didn’t work: adb shell setprop none
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

0 Answers