I can’t find an equivalent of window.Twitch.ext.bits.isBitsEnabled in the API, e.g. server-side, outside of the extension. This seems odd as validating purchase receipts is only meaningful if I know whether a receipt was expected in the first place.
Scenario is this. Seems the obvious use-case.
Server supplies extension with a list of actions and their SKUs
On the user actioning one, server is informed.
If bits are enabled, all is straightforward – expect a receipt, validate the receipt on the trusted server with our twitch secret.
I think where my use-case is different from the intended path is the config is done in desktop app, not the extensions page. In the extensions page you know whether bits are enabled so you know whether skus can be set or not.
(Though perhaps I wasn’t clear – the problem is knowing whether to expect a JWT back or not)
Its up to you then to figure out how you want or not want to support the usage of “free items” in your extension over bits exchanged for items. How you protect that is up to you to determine.
Knowing if bits is enabled or not doesn’t matter since, in theory, you could allow a channel to have free and bits exchanged items at the same time regardless of the setting.
Additionally a Desktop app cannot validate JWT’s or create JWT’s to talk to the config service anyway as you would be leaking your extension client secret.
That is unless your Desktop app connects to a server and the server handles the security and data relay.
In fact I can’t think of a way for a desktop app to recieve bits transaction JWT’s without a relay server. And that server can handle the necassary security.
You could also send the isBitsEnabled flag with your transactionRecipet JWT when you POST it to yoru server after a transactionComplete occurs.
As trn JWT’s only exist if bits are enabled.
But then you just have to figure out how you want to support free items or not.
I guess a you’d store the product list on your server, and the streamer can enable/disable the free item and you cross reference that list
I think we’ve established with no API for isBitsEnabled, it’s impossible by Twitch design if you set the skus outside of the extension config page. Because isBitsEnabled is a dynamic property in the extension, and there is no way to get a trusted answer for it outside the extension. The answer is simply to train the user not to set paid transactions in the desktop app if they’re not going to work in their use of the extension. Probably aided by checking whether the user is affiliate status or not, which is at least part of the ‘isBitsEnabled’ result.