PHPackages                             kartina-tv/store-receipt-validator - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation &amp; Sanitization](/categories/validation)
4. /
5. kartina-tv/store-receipt-validator

ActiveLibrary[Validation &amp; Sanitization](/categories/validation)

kartina-tv/store-receipt-validator
==================================

PHP receipt validator for Apple iTunes, Google Play, Amazon App Store and Windows Store

2.1.0(6y ago)010.8k↓32.7%Apache-2.0PHPPHP ^7.1

Since Aug 8Pushed 6y ago1 watchersCompare

[ Source](https://github.com/KartinaTV/store-receipt-validator)[ Packagist](https://packagist.org/packages/kartina-tv/store-receipt-validator)[ Docs](https://github.com/KartinaTV/store-receipt-validator)[ RSS](/packages/kartina-tv-store-receipt-validator/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (5)Versions (27)Used By (0)

store-receipt-validator
=======================

[](#store-receipt-validator)

[![Build Status](https://camo.githubusercontent.com/262a51d81d9c654df41f1e163c0a52c4583f3201abd90f0791d36c00db3089f8/68747470733a2f2f7472617669732d63692e6f72672f4b617274696e6154562f73746f72652d726563656970742d76616c696461746f722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/KartinaTV/store-receipt-validator.svg?branch=master)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/d089619534e3f33d96afd2ef5840086e7bb038dcd7834f85ec2f851147e964e4/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f4b617274696e6154562f73746f72652d726563656970742d76616c696461746f722f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/KartinaTV/store-receipt-validator/badges/quality-score.png?b=master)

PHP library that can be used to validate Amazon Store, Google Play, iTunes and Windows Store in app purchase receipts.

Requirements
------------

[](#requirements)

- PHP &gt;= 7.1

Getting Started
---------------

[](#getting-started)

The easiest way to work with this package is when it's installed as a Composer package inside your project. Composer isn't strictly required, but makes life a lot easier.

If you're not familiar with Composer, please see .

1. Add iap-validator to your application's composer.json.

    ```
     {
         ...
         "require": {
             "kartina-tv/store-receipt-validator": "2.*"
         },
         ...
     }

    ```
2. Run `php composer install`.
3. If you haven't already, add the Composer autoload to your project's initialization file. (example)

    ```
     require 'vendor/autoload.php';

    ```

Quick Example
-------------

[](#quick-example)

### iTunes

[](#itunes)

```

use ReceiptValidator\iTunes\Validator as iTunesValidator;

$validator = new iTunesValidator(iTunesValidator::ENDPOINT_PRODUCTION);

$receiptBase64Data = 'ewoJInNpZ25hdHVyZSIgPSAiQXBNVUJDODZBbHpOaWtWNVl0clpBTWlKUWJLOEVkZVhrNjNrV0JBWHpsQzhkWEd1anE0N1puSVlLb0ZFMW9OL0ZTOGNYbEZmcDlZWHQ5aU1CZEwyNTBsUlJtaU5HYnloaXRyeVlWQVFvcmkzMlc5YVIwVDhML2FZVkJkZlcrT3kvUXlQWkVtb05LeGhudDJXTlNVRG9VaFo4Wis0cFA3MHBlNWtVUWxiZElWaEFBQURWekNDQTFNd2dnSTdvQU1DQVFJQ0NHVVVrVTNaV0FTMU1BMEdDU3FHU0liM0RRRUJCUVVBTUg4eEN6QUpCZ05WQkFZVEFsVlRNUk13RVFZRFZRUUtEQXBCY0hCc1pTQkpibU11TVNZd0pBWURWUVFMREIxQmNIQnNaU0JEWlhKMGFXWnBZMkYwYVc5dUlFRjFkR2h2Y21sMGVURXpNREVHQTFVRUF3d3FRWEJ3YkdVZ2FWUjFibVZ6SUZOMGIzSmxJRU5sY25ScFptbGpZWFJwYjI0Z1FYVjBhRzl5YVhSNU1CNFhEVEE1TURZeE5USXlNRFUxTmxvWERURTBNRFl4TkRJeU1EVTFObG93WkRFak1DRUdBMVVFQXd3YVVIVnlZMmhoYzJWU1pXTmxhWEIwUTJWeWRHbG1hV05oZEdVeEd6QVpCZ05WQkFzTUVrRndjR3hsSUdsVWRXNWxjeUJUZEc5eVpURVRNQkVHQTFVRUNnd0tRWEJ3YkdVZ1NXNWpMakVMTUFrR0ExVUVCaE1DVlZNd2daOHdEUVlKS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNclJqRjJjdDRJclNkaVRDaGFJMGc4cHd2L2NtSHM4cC9Sd1YvcnQvOTFYS1ZoTmw0WElCaW1LalFRTmZnSHNEczZ5anUrK0RyS0pFN3VLc3BoTWRkS1lmRkU1ckdYc0FkQkVqQndSSXhleFRldngzSExFRkdBdDFtb0t4NTA5ZGh4dGlJZERnSnYyWWFWczQ5QjB1SnZOZHk2U01xTk5MSHNETHpEUzlvWkhBZ01CQUFHamNqQndNQXdHQTFVZEV3RUIvd1FDTUFBd0h3WURWUjBqQkJnd0ZvQVVOaDNvNHAyQzBnRVl0VEpyRHRkREM1RllRem93RGdZRFZSMFBBUUgvQkFRREFnZUFNQjBHQTFVZERnUVdCQlNwZzRQeUdVakZQaEpYQ0JUTXphTittVjhrOVRBUUJnb3Foa2lHOTJOa0JnVUJCQUlGQURBTkJna3Foa2lHOXcwQkFRVUZBQU9DQVFFQUVhU2JQanRtTjRDL0lCM1FFcEszMlJ4YWNDRFhkVlhBZVZSZVM1RmFaeGMrdDg4cFFQOTNCaUF4dmRXLzNlVFNNR1k1RmJlQVlMM2V0cVA1Z204d3JGb2pYMGlreVZSU3RRKy9BUTBLRWp0cUIwN2tMczlRVWU4Y3pSOFVHZmRNMUV1bVYvVWd2RGQ0TndOWXhMUU1nNFdUUWZna1FRVnk4R1had1ZIZ2JFL1VDNlk3MDUzcEdYQms1MU5QTTN3b3hoZDNnU1JMdlhqK2xvSHNTdGNURXFlOXBCRHBtRzUrc2s0dHcrR0szR01lRU41LytlMVFUOW5wL0tsMW5qK2FCdzdDMHhzeTBiRm5hQWQxY1NTNnhkb3J5L0NVdk02Z3RLc21uT09kcVRlc2JwMGJzOHNuNldxczBDOWRnY3hSSHVPTVoydG04bnBMVW03YXJnT1N6UT09IjsKCSJwdXJjaGFzZS1pbmZvIiA9ICJld29KSW05eWFXZHBibUZzTFhCMWNtTm9ZWE5sTFdSaGRHVXRjSE4wSWlBOUlDSXlNREV5TFRBMExUTXdJREE0T2pBMU9qVTFJRUZ0WlhKcFkyRXZURzl6WDBGdVoyVnNaWE1pT3dvSkltOXlhV2RwYm1Gc0xYUnlZVzV6WVdOMGFXOXVMV2xrSWlBOUlDSXhNREF3TURBd01EUTJNVGM0T0RFM0lqc0tDU0ppZG5KeklpQTlJQ0l5TURFeU1EUXlOeUk3Q2draWRISmhibk5oWTNScGIyNHRhV1FpSUQwZ0lqRXdNREF3TURBd05EWXhOemc0TVRjaU93b0pJbkYxWVc1MGFYUjVJaUE5SUNJeElqc0tDU0p2Y21sbmFXNWhiQzF3ZFhKamFHRnpaUzFrWVhSbExXMXpJaUE5SUNJeE16TTFOems0TXpVMU9EWTRJanNLQ1NKd2NtOWtkV04wTFdsa0lpQTlJQ0pqYjIwdWJXbHVaRzF2WW1Gd2NDNWtiM2R1Ykc5aFpDSTdDZ2tpYVhSbGJTMXBaQ0lnUFNBaU5USXhNVEk1T0RFeUlqc0tDU0ppYVdRaUlEMGdJbU52YlM1dGFXNWtiVzlpWVhCd0xrMXBibVJOYjJJaU93b0pJbkIxY21Ob1lYTmxMV1JoZEdVdGJYTWlJRDBnSWpFek16VTNPVGd6TlRVNE5qZ2lPd29KSW5CMWNtTm9ZWE5sTFdSaGRHVWlJRDBnSWpJd01USXRNRFF0TXpBZ01UVTZNRFU2TlRVZ1JYUmpMMGROVkNJN0Nna2ljSFZ5WTJoaGMyVXRaR0YwWlMxd2MzUWlJRDBnSWpJd01USXRNRFF0TXpBZ01EZzZNRFU2TlRVZ1FXMWxjbWxqWVM5TWIzTmZRVzVuWld4bGN5STdDZ2tpYjNKcFoybHVZV3d0Y0hWeVkyaGhjMlV0WkdGMFpTSWdQU0FpTWpBeE1pMHdOQzB6TUNBeE5Ub3dOVG8xTlNCRmRHTXZSMDFVSWpzS2ZRPT0iOwoJImVudmlyb25tZW50IiA9ICJTYW5kYm94IjsKCSJwb2QiID0gIjEwMCI7Cgkic2lnbmluZy1zdGF0dXMiID0gIjAiOwp9';

try {
  $response = $validator->setReceiptData($receiptBase64Data)->validate();
} catch (Exception $e) {
  echo 'got error = ' . $e->getMessage() . PHP_EOL;
}

if ($response->isValid()) {
  echo 'Receipt is valid.' . PHP_EOL;
  echo 'Receipt data = ' . print_r($response->getReceipt()) . PHP_EOL;
} else {
  echo 'Receipt is not valid.' . PHP_EOL;
  echo 'Receipt result code = ' . $response->getResultCode() . PHP_EOL;
}

```

### Play Store

[](#play-store)

Create service account [Service Account flow](https://developers.google.com/identity/protocols/OAuth2ServiceAccount)and download credentials json file

Give it permission in Google Play Console for your Application

```
use ReceiptValidator\GooglePlay\Validator as PlayValidator;

putenv('GOOGLE_APPLICATION_CREDENTIALS=path/to/credentials.json');
$client = new \Google_Client();
$client->useApplicationDefaultCredentials();
$client->setScopes(Google_Service_AndroidPublisher::ANDROIDPUBLISHER);

$validator = new PlayValidator(new \Google_Service_AndroidPublisher($client));

try {
  $response = $validator->setPackageName('PACKAGE_NAME')
    ->setProductId('PRODUCT_ID')
    ->setPurchaseToken('PURCHASE_TOKEN')
    ->validate();
} catch (Exception $e){
  var_dump($e->getMessage());
  // example message: Error calling GET ....: (404) Product not found for this application.
}
// success

```

### Amazon App Store

[](#amazon-app-store)

```
use ReceiptValidator\Amazon\Validator as AmazonValidator;
use ReceiptValidator\Amazon\Response as ValidatorResponse;

$validator = new AmazonValidator;

$response = null;
try {
  $response = $validator
    ->setDeveloperSecret("DEVELOPER_SECRET")
    ->setReceiptId("RECEIPT_ID")
    ->setUserId("USER_ID")
    ->validate();

} catch (Exception $e) {
  echo 'got error = ' . $e->getMessage() . PHP_EOL;
}

if ($response->isValid()) {

  echo 'Receipt is valid.' . PHP_EOL;

  foreach ($response->getPurchases() as $purchase) {
    echo 'getProductId: ' . $purchase->getProductId() . PHP_EOL;

    if ($purchase->getPurchaseDate() != null) {
      echo 'getPurchaseDate: ' . $purchase->getPurchaseDate()->toIso8601String() . PHP_EOL;
    }
  }
} else {
  echo 'Receipt is not valid.' . PHP_EOL;
  echo 'Receipt result code = ' . $response->getResultCode() . PHP_EOL;
}

```

###  Health Score

35

—

LowBetter than 80% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity25

Limited adoption so far

Community17

Small or concentrated contributor base

Maturity68

Established project with proven stability

 Bus Factor1

Top contributor holds 66.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~70 days

Recently: every ~200 days

Total

26

Last Release

2544d ago

Major Versions

1.5.0 → 2.0.02017-03-21

PHP version history (5 changes)1.0.0PHP &gt;=5.4

1.1.1PHP &gt;=5.3

1.3.0PHP &gt;=5.5

1.5.0PHP &gt;=5.6

2.1.0PHP ^7.1

### Community

Maintainers

![](https://www.gravatar.com/avatar/045687ee8c6e25506cb63b6c5792f627ba56ea7fe79abd108326a2186a8fa7ef?d=identicon)[amyshko](/maintainers/amyshko)

![](https://www.gravatar.com/avatar/5d880ae3a2f9d8b69c32c30d59dcddfeecf35b27740dab021aa13e772473cc56?d=identicon)[sapfeer0k](/maintainers/sapfeer0k)

---

Top Contributors

[![aporat](https://avatars.githubusercontent.com/u/415576?v=4)](https://github.com/aporat "aporat (40 commits)")[![AlexeyKupershtokh](https://avatars.githubusercontent.com/u/499778?v=4)](https://github.com/AlexeyKupershtokh "AlexeyKupershtokh (8 commits)")[![grEvenX](https://avatars.githubusercontent.com/u/26375?v=4)](https://github.com/grEvenX "grEvenX (3 commits)")[![whs](https://avatars.githubusercontent.com/u/345483?v=4)](https://github.com/whs "whs (2 commits)")[![ferjul17](https://avatars.githubusercontent.com/u/1574473?v=4)](https://github.com/ferjul17 "ferjul17 (2 commits)")[![HermanBilous](https://avatars.githubusercontent.com/u/10484970?v=4)](https://github.com/HermanBilous "HermanBilous (1 commits)")[![lstrojny](https://avatars.githubusercontent.com/u/79707?v=4)](https://github.com/lstrojny "lstrojny (1 commits)")[![stokic](https://avatars.githubusercontent.com/u/2147162?v=4)](https://github.com/stokic "stokic (1 commits)")[![tehmaestro](https://avatars.githubusercontent.com/u/9526833?v=4)](https://github.com/tehmaestro "tehmaestro (1 commits)")[![amyshko](https://avatars.githubusercontent.com/u/5884182?v=4)](https://github.com/amyshko "amyshko (1 commits)")

---

Tags

amazongoogleitunespurchaseapplein appreceiptplay marketwindows store

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/kartina-tv-store-receipt-validator/health.svg)

```
[![Health](https://phpackages.com/badges/kartina-tv-store-receipt-validator/health.svg)](https://phpackages.com/packages/kartina-tv-store-receipt-validator)
```

###  Alternatives

[aporat/store-receipt-validator

PHP receipt validator for Apple App Store and Amazon Appstore

6503.9M9](/packages/aporat-store-receipt-validator)[readdle/app-store-receipt-verification

Pure PHP App Store receipt parsing/validation/verification without API calls to App Store API.

25201.4k](/packages/readdle-app-store-receipt-verification)[hwi/oauth-bundle

Support for authenticating users using both OAuth1.0a and OAuth2 in Symfony.

2.4k21.5M69](/packages/hwi-oauth-bundle)[readdle/app-store-server-api

Pure-PHP library that allows managing customer transactions using the App Store Server API and handling server-to-server notifications using the App Store Server Notifications V2

74373.5k1](/packages/readdle-app-store-server-api)[karser/karser-recaptcha3-bundle

Google ReCAPTCHA v3 for Symfony

1862.4M7](/packages/karser-karser-recaptcha3-bundle)[yanlongli/app-store-server-api

PHP client for App Store Server API. Manage your customers’ App Store transactions from your server.The App Store Server API is a REST API that you call from your server to request and provide information about your customers' in-app purchases. The App Store signs the transaction and subscription renewal information that this API returns using the JSON Web Signature (JWS) specification.App Store Server API is independent of the app’s installation status on the customer’s devices. The App Store server returns information based on the customer’s in-app purchase history regardless of whether the customer installed, removed, or reinstalled the app on their devices.To request transaction and subscription status information with this API, provide any original transaction identifier that belongs to the customer. The transaction history API responds with a complete list of transactions, 20 at a time, starting with the oldest first. The subscription status API returns the status for all of the customer’s subscriptions, organized by their subscription group identifier.Use the Send Consumption Information endpoint to send information to the App Store when customers request a refund for a consumable in-app purchase, after you receive the CONSUMPTION\_REQUEST App Store server notification. Your data helps inform refund decisions.

2532.0k](/packages/yanlongli-app-store-server-api)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)