`PurchasesDiagnostics`: added step to verify signature verification by NachoSoto · Pull Request #2267 · RevenueCat/purchases-ios

NachoSoto · 2023-02-06T20:38:51Z

⚠️ 🎉 This also changes integration tests to use EntitlementVerificationLevel.enforced so that integration tests fail if signatures are invalid.

Depends on:

Marking this as feature because it contains a new error in PurchasesDiagnostics.Error

codecov · 2023-02-07T21:20:24Z

Codecov Report

Merging #2267 (c18c2e0) into main (61501dd) will increase coverage by 0.10%.
The diff coverage is 91.37%.

@@            Coverage Diff             @@
##             main    #2267      +/-   ##
==========================================
+ Coverage   86.28%   86.38%   +0.10%     
==========================================
  Files         187      187              
  Lines       12479    12517      +38     
==========================================
+ Hits        10767    10813      +46     
+ Misses       1712     1704       -8

Impacted Files	Coverage Δ
Sources/Networking/Backend.swift	`91.25% <0.00%> (ø)`
Sources/Networking/HTTPClient/HTTPClient.swift	`98.01% <ø> (ø)`
Sources/Purchasing/Purchases/Purchases.swift	`75.14% <0.00%> (ø)`
Sources/Support/PurchasesDiagnostics.swift	`92.04% <92.85%> (+0.04%)`	⬆️
Sources/Error Handling/ErrorUtils.swift	`85.87% <100.00%> (+1.17%)`	⬆️
Sources/Networking/HTTPClient/HTTPRequest.swift	`100.00% <100.00%> (ø)`
Sources/Networking/InternalAPI.swift	`100.00% <100.00%> (ø)`
Sources/Logging/Strings/PurchaseStrings.swift	`87.95% <0.00%> (-0.53%)`	⬇️
... and 2 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

… signing

…ionResult` (#2277) Fixes [CSDK-629]. Depends on #2274 and #2267. Entitlement verification is accomplished by preventing MiTM attacks between the SDK and the RevenueCat server. With verification enabled, the SDK ensures that the response created by the server was not modified by a third-party, and the entitlements received are exactly what was sent. Entitlements are only verified if enabled using `Configuration.Builder.with(entitlementVerificationMode:)`, which is disabled by default. ### Changes: - Added new `VerificationResult`, which replaces `HTTPResponseVerificationResult` - Renamed `Configuration.EntitlementVerificationLevel` to `Configuration.EntitlementVerificationMode` - `Configuration.with(entitlementVerificationMode:)` is now `public` - Added `CustomerInfo.entitlementVerification` - Added `EntitlementInfos.verification` and `EntitlementInfo.verification` - Added tests to cover serialization of these new values - `CustomerInfoResponseHandler` copies the `ValidationResult` to `CustomerInfo` (all operations that fetch `CustomerInfo` use this) - Renamed "validation" to "verification" everywhere for consistency - Finalized documentation ### TODO: - [x] Figure out whether to use a separate type from `HTTPResponseValidationResult` or rename that one - [x] Figure out final API type and property names - [x] Add tests for `CustomerInfo.copy(with:)` - [x] Ensure validation result is encoded and decoded (for caching) - [x] Add missing snapshots [CSDK-629]: https://revenuecats.atlassian.net/browse/CSDK-629?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

@NachoSoto

### New Features * New `ErrorCode.signatureVerificationFailed` which will be used for an upcoming feature ### Bugfixes * `Purchases.deinit`: don't reset `Purchases.proxyURL` (#2346) via NachoSoto (@NachoSoto) <details> <summary><b>Other Changes</b></summary> * Introduced `Configuration.EntitlementVerificationMode` and `VerificationResult` (#2277) via NachoSoto (@NachoSoto) * `PurchasesDiagnostics`: added step to verify signature verification (#2267) via NachoSoto (@NachoSoto) * `HTTPClient`: added signature validation and introduced `ErrorCode.signatureVerificationFailed` (#2272) via NachoSoto (@NachoSoto) * `ETagManager`: don't use ETags if response verification failed (#2347) via NachoSoto (@NachoSoto) * `Integration Tests`: removed `@preconcurrency import` (#2464) via NachoSoto (@NachoSoto) * Clean up: moved `ReceiptParserTests-Info.plist` out of root (#2460) via NachoSoto (@NachoSoto) * Update `CHANGELOG` (#2461) via NachoSoto (@NachoSoto) * Update `SwiftSnapshotTesting` (#2453) via NachoSoto (@NachoSoto) * Fixed docs (#2432) via Kaunteya Suryawanshi (@kaunteya) * Remove unnecessary line break (#2435) via Andy Boedo (@aboedo) * `ProductEntitlementMapping`: enabled entitlement mapping fetching (#2425) via NachoSoto (@NachoSoto) * `BackendPostReceiptDataTests`: increased timeout to fix flaky test (#2426) via NachoSoto (@NachoSoto) * Updated requirements to drop Xcode 13.x support (#2419) via NachoSoto (@NachoSoto) * `Integration Tests`: fixed flaky errors when loading offerings (#2420) via NachoSoto (@NachoSoto) * `PurchaseTester`: fixed compilation for `internal` entitlement verification (#2417) via NachoSoto (@NachoSoto) * `ETagManager`/`HTTPClient`: sending new `X-RC-Last-Refresh-Time` header (#2373) via NachoSoto (@NachoSoto) * `ETagManager`: don't send validation time if not present (#2490) via NachoSoto (@NachoSoto) * SwiftUI Sample Project: Refactor Package terms method to a computed property (#2405) via Joseph Kokenge (@JOyo246) * Clean up v3 load shedder integration tests (#2402) via Andy Boedo (@aboedo) * Fix iOS 12 compilation (#2394) via NachoSoto (@NachoSoto) * Added new `VerificationResult.verifiedOnDevice` (#2379) via NachoSoto (@NachoSoto) * `PurchaseTester`: fix memory leaks (#2392) via Keita Watanabe (@kitwtnb) * Integration tests: add scheduled job (#2389) via Andy Boedo (@aboedo) * Add lane for running iOS v3 load shedder integration tests (#2388) via Andy Boedo (@aboedo) * iOS v3 load shedder integration tests (#2387) via Andy Boedo (@aboedo) * `Offline Entitlements`: created `LoadShedderIntegrationTests` (#2362) via NachoSoto (@NachoSoto) * Purchases.configure: log warning if attempting to use a static appUserID (#2385) via Mark Villacampa (@MarkVillacampa) * `SubscriberAttributesManagerIntegrationTests`: fixed flaky failures (#2381) via NachoSoto (@NachoSoto) * `@DefaultDecodable.Now`: fixed flaky test (#2374) via NachoSoto (@NachoSoto) * `PurchaseTesterSwiftUI`: fixed iOS compilation (#2376) via NachoSoto (@NachoSoto) * `SubscriberAttributesManagerIntegrationTests`: fixed potential race condition (#2380) via NachoSoto (@NachoSoto) * `Offline Entitlements`: create `CustomerInfo` from offline entitlements (#2358) via NachoSoto (@NachoSoto) * Added `@DefaultDecodable.Now` (#2372) via NachoSoto (@NachoSoto) * `HTTPClient`: debug log when performing redirects (#2371) via NachoSoto (@NachoSoto) * `HTTPClient`: new flag to force server errors (#2370) via NachoSoto (@NachoSoto) * `OfferingsManager`: fixed Xcode 13.x build (#2369) via NachoSoto (@NachoSoto) * `Offline Entitlements`: store `ProductEntitlementMapping` in cache (#2355) via NachoSoto (@NachoSoto) * `Offline Entitlements`: added support for fetching `ProductEntitlementMappingResponse` in `OfflineEntitlementsAPI` (#2353) via NachoSoto (@NachoSoto) * `Offline Entitlements`: created `ProductEntitlementMapping` (#2365) via NachoSoto (@NachoSoto) * Implemented `NetworkError.isServerDown` (#2367) via NachoSoto (@NachoSoto) * `ETagManager`: added test for 304 responses with no etag (#2360) via NachoSoto (@NachoSoto) * `TestLogHandler`: increased default capacity (#2357) via NachoSoto (@NachoSoto) * `OfferingsManager`: moved log to common method to remove hardcoded string (#2363) via NachoSoto (@NachoSoto) * `Offline Entitlements`: created `ProductEntitlementMappingResponse` (#2351) via NachoSoto (@NachoSoto) * `HTTPClient`: added test for 2xx response for request with etag (#2361) via NachoSoto (@NachoSoto) * `PurchaseTesterSwiftUI` improvements (#2345) via NachoSoto (@NachoSoto) * `ConfigureStrings`: fixed double-space typo (#2344) via NachoSoto (@NachoSoto) * `ETagManagerTests`: fixed tests on iOS 12 (#2349) via NachoSoto (@NachoSoto) * `DeviceCache`: simplified constructor (#2354) via NachoSoto (@NachoSoto) * `Trusted Entitlements`: changed all APIs to `internal` (#2350) via NachoSoto (@NachoSoto) * `VerificationResult.notRequested`: removed caching reference (#2337) via NachoSoto (@NachoSoto) * Finished signature verification `HTTPClient` tests (#2333) via NachoSoto (@NachoSoto) * `Configuration.Builder.with(entitlementVerificationMode:)`: improved documentation (#2334) via NachoSoto (@NachoSoto) * `ETagManager`: don't ignore failed etags with `Signing.VerificationMode.informational` (#2331) via NachoSoto (@NachoSoto) * `IdentityManager`: clear `ETagManager` and `DeviceCache` if verification is enabled but cached `CustomerInfo` is not (#2330) via NachoSoto (@NachoSoto) * Made `Configuration.EntitlementVerificationMode.enforced` unavailable (#2329) via NachoSoto (@NachoSoto) * Refactor: reorganized files in new Security and Misc folders (#2326) via NachoSoto (@NachoSoto) * `CustomerInfo`: use same grace period logic for active subscriptions (#2327) via NachoSoto (@NachoSoto) * `HTTPClient`: don't verify 4xx/5xx responses (#2322) via NachoSoto (@NachoSoto) * `EntitlementInfo`: request date is not optional (#2325) via NachoSoto (@NachoSoto) * `CustomerInfo`: removed `entitlementVerification` (#2320) via NachoSoto (@NachoSoto) * Renamed `VerificationResult.notVerified` to `.notRequested` (#2321) via NachoSoto (@NachoSoto) * `EntitlementInfo`: add a grace period limit to outdated entitlements (#2288) via NachoSoto (@NachoSoto) * Update `CustomerInfo.requestDate` from 304 responses (#2310) via NachoSoto (@NachoSoto) * `Signing`: added request time & eTag to signature verification (#2309) via NachoSoto (@NachoSoto) * `HTTPClient`: changed header search to be case-insensitive (#2308) via NachoSoto (@NachoSoto) * `HTTPClient`: automatically add `nonce` based on `HTTPRequest.Path` (#2286) via NachoSoto (@NachoSoto) * `PurchaseTester`: added ability to reload `CustomerInfo` with a custom `CacheFetchPolicy` (#2312) via NachoSoto (@NachoSoto) * Fix issue where underlying error information for product fetch errors was not printed in log. (#2281) via Chris Vasselli (@chrisvasselli) * `PurchaseTester`: added ability to set `Configuration.EntitlementVerificationMode` (#2290) via NachoSoto (@NachoSoto) * SwiftUI: Paywall View should respond to changes on the UserView model (#2297) via ConfusedVorlon (@ConfusedVorlon) * Deprecate `usesStoreKit2IfAvailable` (#2293) via Andy Boedo (@aboedo) * `Signing`: updated to use production public key (#2274) via NachoSoto (@NachoSoto) </details> --------- Co-authored-by: RCGitBot <dev+RCGitBot@revenuecat.com>

@NachoSoto

### New Features * New `ErrorCode.signatureVerificationFailed` which will be used for an upcoming feature ### Bugfixes * `Purchases.deinit`: don't reset `Purchases.proxyURL` (RevenueCat#2346) via NachoSoto (@NachoSoto) <details> <summary><b>Other Changes</b></summary> * Introduced `Configuration.EntitlementVerificationMode` and `VerificationResult` (RevenueCat#2277) via NachoSoto (@NachoSoto) * `PurchasesDiagnostics`: added step to verify signature verification (RevenueCat#2267) via NachoSoto (@NachoSoto) * `HTTPClient`: added signature validation and introduced `ErrorCode.signatureVerificationFailed` (RevenueCat#2272) via NachoSoto (@NachoSoto) * `ETagManager`: don't use ETags if response verification failed (RevenueCat#2347) via NachoSoto (@NachoSoto) * `Integration Tests`: removed `@preconcurrency import` (RevenueCat#2464) via NachoSoto (@NachoSoto) * Clean up: moved `ReceiptParserTests-Info.plist` out of root (RevenueCat#2460) via NachoSoto (@NachoSoto) * Update `CHANGELOG` (RevenueCat#2461) via NachoSoto (@NachoSoto) * Update `SwiftSnapshotTesting` (RevenueCat#2453) via NachoSoto (@NachoSoto) * Fixed docs (RevenueCat#2432) via Kaunteya Suryawanshi (@kaunteya) * Remove unnecessary line break (RevenueCat#2435) via Andy Boedo (@aboedo) * `ProductEntitlementMapping`: enabled entitlement mapping fetching (RevenueCat#2425) via NachoSoto (@NachoSoto) * `BackendPostReceiptDataTests`: increased timeout to fix flaky test (RevenueCat#2426) via NachoSoto (@NachoSoto) * Updated requirements to drop Xcode 13.x support (RevenueCat#2419) via NachoSoto (@NachoSoto) * `Integration Tests`: fixed flaky errors when loading offerings (RevenueCat#2420) via NachoSoto (@NachoSoto) * `PurchaseTester`: fixed compilation for `internal` entitlement verification (RevenueCat#2417) via NachoSoto (@NachoSoto) * `ETagManager`/`HTTPClient`: sending new `X-RC-Last-Refresh-Time` header (RevenueCat#2373) via NachoSoto (@NachoSoto) * `ETagManager`: don't send validation time if not present (RevenueCat#2490) via NachoSoto (@NachoSoto) * SwiftUI Sample Project: Refactor Package terms method to a computed property (RevenueCat#2405) via Joseph Kokenge (@JOyo246) * Clean up v3 load shedder integration tests (RevenueCat#2402) via Andy Boedo (@aboedo) * Fix iOS 12 compilation (RevenueCat#2394) via NachoSoto (@NachoSoto) * Added new `VerificationResult.verifiedOnDevice` (RevenueCat#2379) via NachoSoto (@NachoSoto) * `PurchaseTester`: fix memory leaks (RevenueCat#2392) via Keita Watanabe (@kitwtnb) * Integration tests: add scheduled job (RevenueCat#2389) via Andy Boedo (@aboedo) * Add lane for running iOS v3 load shedder integration tests (RevenueCat#2388) via Andy Boedo (@aboedo) * iOS v3 load shedder integration tests (RevenueCat#2387) via Andy Boedo (@aboedo) * `Offline Entitlements`: created `LoadShedderIntegrationTests` (RevenueCat#2362) via NachoSoto (@NachoSoto) * Purchases.configure: log warning if attempting to use a static appUserID (RevenueCat#2385) via Mark Villacampa (@MarkVillacampa) * `SubscriberAttributesManagerIntegrationTests`: fixed flaky failures (RevenueCat#2381) via NachoSoto (@NachoSoto) * `@DefaultDecodable.Now`: fixed flaky test (RevenueCat#2374) via NachoSoto (@NachoSoto) * `PurchaseTesterSwiftUI`: fixed iOS compilation (RevenueCat#2376) via NachoSoto (@NachoSoto) * `SubscriberAttributesManagerIntegrationTests`: fixed potential race condition (RevenueCat#2380) via NachoSoto (@NachoSoto) * `Offline Entitlements`: create `CustomerInfo` from offline entitlements (RevenueCat#2358) via NachoSoto (@NachoSoto) * Added `@DefaultDecodable.Now` (RevenueCat#2372) via NachoSoto (@NachoSoto) * `HTTPClient`: debug log when performing redirects (RevenueCat#2371) via NachoSoto (@NachoSoto) * `HTTPClient`: new flag to force server errors (RevenueCat#2370) via NachoSoto (@NachoSoto) * `OfferingsManager`: fixed Xcode 13.x build (RevenueCat#2369) via NachoSoto (@NachoSoto) * `Offline Entitlements`: store `ProductEntitlementMapping` in cache (RevenueCat#2355) via NachoSoto (@NachoSoto) * `Offline Entitlements`: added support for fetching `ProductEntitlementMappingResponse` in `OfflineEntitlementsAPI` (RevenueCat#2353) via NachoSoto (@NachoSoto) * `Offline Entitlements`: created `ProductEntitlementMapping` (RevenueCat#2365) via NachoSoto (@NachoSoto) * Implemented `NetworkError.isServerDown` (RevenueCat#2367) via NachoSoto (@NachoSoto) * `ETagManager`: added test for 304 responses with no etag (RevenueCat#2360) via NachoSoto (@NachoSoto) * `TestLogHandler`: increased default capacity (RevenueCat#2357) via NachoSoto (@NachoSoto) * `OfferingsManager`: moved log to common method to remove hardcoded string (RevenueCat#2363) via NachoSoto (@NachoSoto) * `Offline Entitlements`: created `ProductEntitlementMappingResponse` (RevenueCat#2351) via NachoSoto (@NachoSoto) * `HTTPClient`: added test for 2xx response for request with etag (RevenueCat#2361) via NachoSoto (@NachoSoto) * `PurchaseTesterSwiftUI` improvements (RevenueCat#2345) via NachoSoto (@NachoSoto) * `ConfigureStrings`: fixed double-space typo (RevenueCat#2344) via NachoSoto (@NachoSoto) * `ETagManagerTests`: fixed tests on iOS 12 (RevenueCat#2349) via NachoSoto (@NachoSoto) * `DeviceCache`: simplified constructor (RevenueCat#2354) via NachoSoto (@NachoSoto) * `Trusted Entitlements`: changed all APIs to `internal` (RevenueCat#2350) via NachoSoto (@NachoSoto) * `VerificationResult.notRequested`: removed caching reference (RevenueCat#2337) via NachoSoto (@NachoSoto) * Finished signature verification `HTTPClient` tests (RevenueCat#2333) via NachoSoto (@NachoSoto) * `Configuration.Builder.with(entitlementVerificationMode:)`: improved documentation (RevenueCat#2334) via NachoSoto (@NachoSoto) * `ETagManager`: don't ignore failed etags with `Signing.VerificationMode.informational` (RevenueCat#2331) via NachoSoto (@NachoSoto) * `IdentityManager`: clear `ETagManager` and `DeviceCache` if verification is enabled but cached `CustomerInfo` is not (RevenueCat#2330) via NachoSoto (@NachoSoto) * Made `Configuration.EntitlementVerificationMode.enforced` unavailable (RevenueCat#2329) via NachoSoto (@NachoSoto) * Refactor: reorganized files in new Security and Misc folders (RevenueCat#2326) via NachoSoto (@NachoSoto) * `CustomerInfo`: use same grace period logic for active subscriptions (RevenueCat#2327) via NachoSoto (@NachoSoto) * `HTTPClient`: don't verify 4xx/5xx responses (RevenueCat#2322) via NachoSoto (@NachoSoto) * `EntitlementInfo`: request date is not optional (RevenueCat#2325) via NachoSoto (@NachoSoto) * `CustomerInfo`: removed `entitlementVerification` (RevenueCat#2320) via NachoSoto (@NachoSoto) * Renamed `VerificationResult.notVerified` to `.notRequested` (RevenueCat#2321) via NachoSoto (@NachoSoto) * `EntitlementInfo`: add a grace period limit to outdated entitlements (RevenueCat#2288) via NachoSoto (@NachoSoto) * Update `CustomerInfo.requestDate` from 304 responses (RevenueCat#2310) via NachoSoto (@NachoSoto) * `Signing`: added request time & eTag to signature verification (RevenueCat#2309) via NachoSoto (@NachoSoto) * `HTTPClient`: changed header search to be case-insensitive (RevenueCat#2308) via NachoSoto (@NachoSoto) * `HTTPClient`: automatically add `nonce` based on `HTTPRequest.Path` (RevenueCat#2286) via NachoSoto (@NachoSoto) * `PurchaseTester`: added ability to reload `CustomerInfo` with a custom `CacheFetchPolicy` (RevenueCat#2312) via NachoSoto (@NachoSoto) * Fix issue where underlying error information for product fetch errors was not printed in log. (RevenueCat#2281) via Chris Vasselli (@chrisvasselli) * `PurchaseTester`: added ability to set `Configuration.EntitlementVerificationMode` (RevenueCat#2290) via NachoSoto (@NachoSoto) * SwiftUI: Paywall View should respond to changes on the UserView model (RevenueCat#2297) via ConfusedVorlon (@ConfusedVorlon) * Deprecate `usesStoreKit2IfAvailable` (RevenueCat#2293) via Andy Boedo (@aboedo) * `Signing`: updated to use production public key (RevenueCat#2274) via NachoSoto (@NachoSoto) </details> --------- Co-authored-by: RCGitBot <dev+RCGitBot@revenuecat.com>

NachoSoto added pr:feat A new feature test labels Feb 6, 2023

NachoSoto requested a review from a team February 6, 2023 20:38

NachoSoto force-pushed the health-request-signed branch from 1245207 to 0ee69ac Compare February 6, 2023 22:35

NachoSoto force-pushed the http-client-request-uuid branch 2 times, most recently from 8a4075a to c95b581 Compare February 6, 2023 23:22

NachoSoto force-pushed the health-request-signed branch 3 times, most recently from 39fc73c to 757f54f Compare February 7, 2023 18:59

NachoSoto force-pushed the http-client-request-uuid branch from dfe3bd9 to 113cadd Compare February 7, 2023 21:10

NachoSoto force-pushed the health-request-signed branch from 757f54f to 1d73aa2 Compare February 7, 2023 21:10

NachoSoto mentioned this pull request Feb 7, 2023

[WIP] HTTPClient: added signature validation #2268

Merged

NachoSoto force-pushed the http-client-request-uuid branch from 113cadd to 5ab771e Compare February 8, 2023 16:54

NachoSoto changed the base branch from http-client-request-uuid to verify-signature February 8, 2023 17:07

NachoSoto force-pushed the verify-signature branch from a5076ce to 5abfc4f Compare February 8, 2023 17:08

NachoSoto force-pushed the health-request-signed branch 4 times, most recently from f28ee89 to c339a16 Compare February 8, 2023 20:20

Base automatically changed from verify-signature to main February 8, 2023 20:21

NachoSoto force-pushed the health-request-signed branch from c339a16 to 270e6b2 Compare February 8, 2023 20:28

NachoSoto changed the base branch from main to nacho/signature-integration February 8, 2023 20:28

NachoSoto force-pushed the health-request-signed branch from 270e6b2 to 9effe4b Compare February 8, 2023 20:29

NachoSoto mentioned this pull request Feb 8, 2023

HTTPClient: added signature validation and introduced ErrorCode.signatureVerificationFailed #2272

Merged

NachoSoto force-pushed the nacho/signature-integration branch 2 times, most recently from 7685cad to 131208e Compare February 8, 2023 21:51

NachoSoto force-pushed the health-request-signed branch 2 times, most recently from 70e3f11 to 487b84d Compare February 8, 2023 22:49

NachoSoto changed the title ~~[WIP] PurchasesDiagnostics: added signed request to verify response signing~~ [WIP] PurchasesDiagnostics: added step to verify signature verification Feb 8, 2023

NachoSoto removed the blocked label Feb 14, 2023

aboedo approved these changes Feb 15, 2023

View reviewed changes

NachoSoto force-pushed the nacho/signature-integration branch from a08492a to 7a62e5b Compare February 15, 2023 21:50

NachoSoto force-pushed the health-request-signed branch from 3377260 to 867114b Compare February 15, 2023 21:55

Base automatically changed from nacho/signature-integration to main February 16, 2023 11:07

NachoSoto force-pushed the health-request-signed branch from 867114b to f92837c Compare February 16, 2023 11:10

NachoSoto changed the base branch from main to nacho/testing-api-key February 16, 2023 11:11

NachoSoto force-pushed the health-request-signed branch from f92837c to b156aba Compare February 16, 2023 11:11

Base automatically changed from nacho/testing-api-key to main February 16, 2023 11:25

NachoSoto added 7 commits February 16, 2023 03:29

[WIP] PurchasesDiagnostics: added signed request to verify response…

7472a9d

… signing

HealthOperation fails with signatureVerification

7953e6d

Added PurchasesDiagnostics test

99589b4

Updated nonce

bbf1406

HealthOperation: confirm request was validated

6ea3ecb

No more throws

c2b1161

Fixed snapshots

10d3ad7

NachoSoto force-pushed the health-request-signed branch from b156aba to 10d3ad7 Compare February 16, 2023 11:29

NachoSoto enabled auto-merge (squash) February 16, 2023 11:29

NachoSoto mentioned this pull request Feb 16, 2023

Introduced Configuration.EntitlementVerificationMode and VerificationResult #2277

Merged

5 tasks

NachoSoto added 2 commits February 16, 2023 10:09

Added error description

feaa7b5

Use correct signature header name

c18c2e0

NachoSoto merged commit dbe93db into main Feb 16, 2023

NachoSoto deleted the health-request-signed branch February 16, 2023 17:27

NachoSoto mentioned this pull request Mar 14, 2023

Release/4.18.0-beta.1 #2335

Closed

RCGitBot mentioned this pull request May 3, 2023

[AUTOMATIC] Release/4.19.0 #2466

Closed

This was referenced May 12, 2023

Release/4.19 #2483

Closed

Release/4.19.0 #2491

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`PurchasesDiagnostics`: added step to verify signature verification#2267

`PurchasesDiagnostics`: added step to verify signature verification#2267
NachoSoto merged 9 commits into
mainfrom
health-request-signed

NachoSoto commented Feb 6, 2023 •

edited

Loading

Uh oh!

codecov Bot commented Feb 7, 2023 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

NachoSoto commented Feb 6, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Depends on:

Uh oh!

codecov Bot commented Feb 7, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

NachoSoto commented Feb 6, 2023 •

edited

Loading

codecov Bot commented Feb 7, 2023 •

edited

Loading