Configuration: added (internal for now) API to load public key#2215
Conversation
8f1bc1a to
51a2635
Compare
|
🤔 my thinking is that it would be useful for this to exist for testing purposes, but a customer would never need to override, right? What alternatives could we explore that don't modify the public API? |
|
Yeah when I did this I didn't have full context. |
51a2635 to
a4b1e3f
Compare
Configuration: added ability to set a public keyConfiguration: added (internal for now) API to load public key
|
This should be ready now, without any new |
a4b1e3f to
2ea4a17
Compare
|
Hold on, I think we need to change the key loading code since it appears we're using a different type of key. |
213b677 to
7c520aa
Compare
tonidero
left a comment
There was a problem hiding this comment.
A couple small things but looking good!
|
|
||
| var publicKey: Signing.PublicKey? { | ||
| return self.systemInfo.responseVerificationLevel.publicKey | ||
| } |
There was a problem hiding this comment.
I guess this will be used in future tests?
There was a problem hiding this comment.
Oh I moved these tests somewhere else, but let me add another one for Purchases.Configuration that uses this too.
I moved them out on a refactor and also when I made this internal, but they're still useful for when we make it public.
| // everything in those classes will still be called by XCTest, and it will cause errors. | ||
| enum AvailabilityChecks { | ||
|
|
||
| static func iOS12APIAvailableOrSkipTest() throws { |
There was a problem hiding this comment.
Also unused, but maybe you plan to use it for future tests?
There was a problem hiding this comment.
Oh not anymore, since this feature is iOS 13 only, I'll remove it!
| operationDispatcher: OperationDispatcher = .default, | ||
| bundle: Bundle = .main, | ||
| storeKit2Setting: StoreKit2Setting = .default, | ||
| responseVerificationLevel: Signing.ResponseVerificationLevel = .disabled, |
There was a problem hiding this comment.
Yes!! Great catch.
| private(set) var networkTimeout = Configuration.networkTimeoutDefault | ||
| private(set) var storeKit1Timeout = Configuration.storeKitRequestTimeoutDefault | ||
| private(set) var platformInfo: Purchases.PlatformInfo? | ||
| private(set) var responseVerificationLevel: Signing.ResponseVerificationLevel = .disabled |
There was a problem hiding this comment.
Same here, should this be .default?
There was a problem hiding this comment.
Another good catch 👍🏻
415c083 to
4431f76
Compare
**This is an automatic release.** ### Dependency Updates * Bump fastlane-plugin-revenuecat_internal from `738f255` to `9255366` (#2264) via dependabot[bot] (@dependabot[bot]) * Update `Gemfile.lock` (#2254) via Cesar de la Vega (@vegaro) ### Other Changes * `HTTPClient`: added support for sending `X-Nonce` (#2214) via NachoSoto (@NachoSoto) * `Configuration`: added (`internal` for now) API to load public key (#2215) via NachoSoto (@NachoSoto) * Replaced `Any` uses for workaround with `Box` (#2250) via NachoSoto (@NachoSoto) * `HTTPClientTests`: fixed failing test with missing assertions (#2262) via NachoSoto (@NachoSoto) * `HTTPClientTests`: refactored tests to use `waitUntil` (#2257) via NachoSoto (@NachoSoto) * PurchaseTester: Add Receipt Inspector UI (#2249) via Andy Boedo (@aboedo) * Adds dependabot (#2259) via Cesar de la Vega (@vegaro) * `StoreKit1WrapperTests`: avoid using `Bool.random` to fix flaky code coverage (#2258) via NachoSoto (@NachoSoto) * `IntroEligibilityCalculator`: changed logic to handle products with no subscription group (#2247) via NachoSoto (@NachoSoto)
…2267)⚠️ 🎉 This also changes integration tests to use `EntitlementVerificationLevel.enforced` so that integration tests fail if signatures are invalid. #### Depends on: - https://github.com/RevenueCat/khepri/pull/5191 - https://github.com/RevenueCat/khepri/pull/5204 - #2214 - #2215 - #2216 - #2272 _Marking this as `feat`ure because it contains a new error in `PurchasesDiagnostics.Error`_
Fixes CSDK-632.
Changes:
Signingto encapsulate new signing logic and typesSigning.CertificateandSigning.PublicKeyoverSecurityC typesConfiguration.EntitlementVerificationLevelandSigning.ResponseVerificationLevel(the logic for the name difference is that publicly this is used to validate entitlements, but the internal implementation works for any response).Signing.loadPublicKeyinternal(for now)Configuration.with(entitlementVerificationLevel:)SystemInfo.responseVerificationLevelwith the loaded key, if enabledFor a future PR:
Configuration.with(entitlementVerificationLevel:)publicConfiguration.EntitlementVerificationLevelpublicAPITesters