Skip to content

Trusted entitlements: Support API key and url in signature#1118

Merged
tonidero merged 3 commits into
new-trusted-entitlements-signature-formatfrom
toniricodiez/sdk-3214-trusted-entitlements-support-api-key-and-url-in-signature
Jul 4, 2023
Merged

Trusted entitlements: Support API key and url in signature#1118
tonidero merged 3 commits into
new-trusted-entitlements-signature-formatfrom
toniricodiez/sdk-3214-trusted-entitlements-support-api-key-and-url-in-signature

Conversation

@tonidero

@tonidero tonidero commented Jul 3, 2023

Copy link
Copy Markdown
Contributor

Description

This will support the newer form of signature that includes the API key and url

@codecov

codecov Bot commented Jul 3, 2023
edited
Loading

Copy link
Copy Markdown

Codecov Report

Merging #1118 (8c7be31) into new-trusted-entitlements-signature-format (089b669) will decrease coverage by 0.20%.
The diff coverage is 55.10%.

@@                              Coverage Diff                              @@
##           new-trusted-entitlements-signature-format    #1118      +/-   ##
=============================================================================
- Coverage                                      85.10%   84.91%   -0.20%     
=============================================================================
  Files                                            186      186              
  Lines                                           6574     6614      +40     
  Branches                                         935      947      +12     
=============================================================================
+ Hits                                            5595     5616      +21     
- Misses                                           603      622      +19     
  Partials                                         376      376
Impacted Files Coverage Δ
...at/purchases/common/verification/SigningManager.kt 74.41% <53.19%> (-19.06%) ⬇️
...java/com/revenuecat/purchases/common/HTTPClient.kt 90.00% <100.00%> (ø)
...otlin/com/revenuecat/purchases/PurchasesFactory.kt 87.11% <100.00%> (ø)

@tonidero tonidero changed the title Support API key and url in signature Trusted entitlements: Support API key and url in signature Jul 3, 2023
@tonidero tonidero marked this pull request as ready for review July 3, 2023 15:55
@tonidero tonidero requested a review from a team July 3, 2023 15:55
tonidero
tonidero commented Jul 3, 2023
View reviewed changes
Comment thread common/src/main/java/com/revenuecat/purchases/common/HTTPClient.kt
RCHTTPStatusCodes.isSuccessful(responseCode)
) {
verifyResponse(path, connection, payload, nonce)
verifyResponse(urlPathWithVersion, connection, payload, nonce)

@tonidero tonidero Jul 3, 2023

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was previously only used for logging, so it's fine to change it to include the api version (/v1)

vegaro
vegaro approved these changes Jul 3, 2023
View reviewed changes

@vegaro vegaro left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't followed that much the required change but code looks good to me 😊

Comment thread common/src/main/java/com/revenuecat/purchases/common/verification/SigningManager.kt Outdated
Uri.decode(urlPath).toByteArray() +
requestTime.toByteArray() +
(eTag?.toByteArray() ?: byteArrayOf()) +
(body?.toByteArray() ?: byteArrayOf())

@vegaro vegaro Jul 3, 2023

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was going to suggest extracting this into a private function but it might have too many parameters?

@tonidero tonidero Jul 4, 2023

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I wasn't in love this... In the end, I changed it to imitate what we do in iOS. Basically I created a new data holder for all this so we can move the creation of the signature to verify there. Still long, but provides a better abstraction IMO.

@tonidero tonidero merged commit 77e8fb3 into new-trusted-entitlements-signature-format Jul 4, 2023
@tonidero tonidero deleted the toniricodiez/sdk-3214-trusted-entitlements-support-api-key-and-url-in-signature branch July 4, 2023 07:49
@tonidero tonidero mentioned this pull request Jul 4, 2023
Merged
tonidero added a commit that referenced this pull request Jul 7, 2023
@tonidero
Trusted entitlements: Support API key and url in signature (#1118)
a859392 
### Description
This will support the newer form of signature that includes the API key
and url
tonidero added a commit that referenced this pull request Jul 7, 2023
@tonidero
Trusted entitlements: New trusted entitlements signature format (#1117)
e8a90a0 
### Description
Integration branch for the changes in trusted entitlements. Includes
changes from:
- #1111 
- #1114 
- #1118 
- #1119 
- #1124
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vegaro vegaro vegaro approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tonidero @vegaro