I’m trying to get DeviceCheck to work, where I keep getting this response from Apple’s server: 401 ‘Unable to verify authorization token’.
The device_token is being sent to my Python server over a base64 encoded string in another similar JSON payload. I’ve even tried cutting and pasting the base64 string from the logs directly to my server (very quickly) and nothing works. Any ideas what I might be doing wrong?
I’m slightly concerned perplexed that in the https://developer.apple.com/account/ios/authkey/, the generated key is not explicitly associated with my app other than being generated in my apple account.
def device_check_query(device_token):
data = {
‘device_token’: device_token.replace(“\\“, “”),
‘transaction_id’: str(uuid4()),
‘timestamp’: int(time.time() * 1000),
}
jw_token = get_jw_token()
headers = {‘Authorization’: ‘Bearer ’ + jw_token}
response = requests.post(QUERY_URL, json=data, headers=headers)
return response.content
def get_jw_token():
with open(KEY_FILE, ‘r’) as cert_file:
certificate = cert_file.read()
jw_token = jwt.encode(
{‘iss’: TEAM_ID}, certificate,
algorithm=‘ES256’,
headers={‘kid’: KEY_ID})
return jw_token