Skip to content

Made Configuration.EntitlementVerificationMode.enforced unavailable#2329

Merged
NachoSoto merged 3 commits into
mainfrom
nacho/sdk-2924-hide-enforced-mode-for-sdk-security-ios
Mar 13, 2023
Merged

Made Configuration.EntitlementVerificationMode.enforced unavailable#2329
NachoSoto merged 3 commits into
mainfrom
nacho/sdk-2924-hide-enforced-mode-for-sdk-security-ios

Conversation

@NachoSoto

@NachoSoto NachoSoto commented Mar 7, 2023

Copy link
Copy Markdown
Contributor

Depends on #2326 and #2328.

This allows us to keep all the code, except users won't be able to configure the SDK with this option.
Note that Signing.ResponseVerificationMode.enforced is available, so we can still test all that behavior, including from integration tests.

@NachoSoto NachoSoto requested a review from a team March 7, 2023 17:40
@NachoSoto NachoSoto force-pushed the signature-folders branch from 663bbb2 to abc8637 Compare March 7, 2023 17:52
@NachoSoto NachoSoto force-pushed the nacho/sdk-2924-hide-enforced-mode-for-sdk-security-ios branch from 371046a to e82ba1c Compare March 7, 2023 18:19
@codecov

codecov Bot commented Mar 7, 2023
edited
Loading

Copy link
Copy Markdown

Codecov Report

Merging #2329 (e82ba1c) into signature-folders (abc8637) will decrease coverage by 0.05%.
The diff coverage is 100.00%.

❗ Current head e82ba1c differs from pull request most recent head e12ea90. Consider uploading reports for the commit e12ea90 to get more accurate results

@@                  Coverage Diff                  @@
##           signature-folders    #2329      +/-   ##
=====================================================
- Coverage              86.52%   86.48%   -0.05%     
=====================================================
  Files                    188      188              
  Lines                  12751    12754       +3     
=====================================================
- Hits                   11033    11030       -3     
- Misses                  1718     1724       +6
Impacted Files Coverage Δ
Sources/Purchasing/Configuration.swift 78.94% <ø> (ø)
Sources/Networking/InternalAPI.swift 98.24% <100.00%> (ø)
Sources/Security/Signing.swift 89.13% <100.00%> (+0.36%) ⬆️
...rces/Purchasing/StoreKit1/ProductsFetcherSK1.swift 90.96% <0.00%> (-3.39%) ⬇️
Sources/Error Handling/ErrorUtils.swift 84.74% <0.00%> (-1.13%) ⬇️
Sources/Logging/Strings/PurchaseStrings.swift 88.65% <0.00%> (+0.51%) ⬆️
...chasing/StoreKitAbstractions/SK1StoreProduct.swift 98.07% <0.00%> (+5.76%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

tonidero
tonidero approved these changes Mar 8, 2023
View reviewed changes
Comment thread Tests/TestingApps/PurchaseTesterSwiftUI/Shared/Extensions/Extensions.swift Outdated
Base automatically changed from signature-folders to main March 13, 2023 18:25
@NachoSoto NachoSoto force-pushed the nacho/sdk-2924-hide-enforced-mode-for-sdk-security-ios branch from e12ea90 to 9760d8f Compare March 13, 2023 18:32
@NachoSoto NachoSoto enabled auto-merge (squash) March 13, 2023 18:33
@NachoSoto NachoSoto merged commit 3af5fba into main Mar 13, 2023
@NachoSoto NachoSoto deleted the nacho/sdk-2924-hide-enforced-mode-for-sdk-security-ios branch March 13, 2023 18:42
@RCGitBot RCGitBot mentioned this pull request May 3, 2023
Closed
This was referenced May 12, 2023
Closed
Merged
NachoSoto added a commit that referenced this pull request May 16, 2023
@NachoSoto @RCGitBot
Release/4.19.0 (#2491)
ce53ff4 
### New Features
* New `ErrorCode.signatureVerificationFailed` which will be used for an
upcoming feature

### Bugfixes
* `Purchases.deinit`: don't reset `Purchases.proxyURL` (#2346) via
NachoSoto (@NachoSoto)

<details>
<summary><b>Other Changes</b></summary>

* Introduced `Configuration.EntitlementVerificationMode` and
`VerificationResult` (#2277) via NachoSoto (@NachoSoto)
* `PurchasesDiagnostics`: added step to verify signature verification
(#2267) via NachoSoto (@NachoSoto)
* `HTTPClient`: added signature validation and introduced
`ErrorCode.signatureVerificationFailed` (#2272) via NachoSoto
(@NachoSoto)
* `ETagManager`: don't use ETags if response verification failed (#2347)
via NachoSoto (@NachoSoto)
* `Integration Tests`: removed `@preconcurrency import` (#2464) via
NachoSoto (@NachoSoto)
* Clean up: moved `ReceiptParserTests-Info.plist` out of root (#2460)
via NachoSoto (@NachoSoto)
* Update `CHANGELOG` (#2461) via NachoSoto (@NachoSoto)
* Update `SwiftSnapshotTesting` (#2453) via NachoSoto (@NachoSoto)
* Fixed docs (#2432) via Kaunteya Suryawanshi (@kaunteya)
* Remove unnecessary line break (#2435) via Andy Boedo (@aboedo)
* `ProductEntitlementMapping`: enabled entitlement mapping fetching
(#2425) via NachoSoto (@NachoSoto)
* `BackendPostReceiptDataTests`: increased timeout to fix flaky test
(#2426) via NachoSoto (@NachoSoto)
* Updated requirements to drop Xcode 13.x support (#2419) via NachoSoto
(@NachoSoto)
* `Integration Tests`: fixed flaky errors when loading offerings (#2420)
via NachoSoto (@NachoSoto)
* `PurchaseTester`: fixed compilation for `internal` entitlement
verification (#2417) via NachoSoto (@NachoSoto)
* `ETagManager`/`HTTPClient`: sending new `X-RC-Last-Refresh-Time`
header (#2373) via NachoSoto (@NachoSoto)
* `ETagManager`: don't send validation time if not present (#2490) via
NachoSoto (@NachoSoto)
* SwiftUI Sample Project: Refactor Package terms method to a computed
property (#2405) via Joseph Kokenge (@JOyo246)
* Clean up v3 load shedder integration tests (#2402) via Andy Boedo
(@aboedo)
* Fix iOS 12 compilation (#2394) via NachoSoto (@NachoSoto)
* Added new `VerificationResult.verifiedOnDevice` (#2379) via NachoSoto
(@NachoSoto)
* `PurchaseTester`: fix memory leaks (#2392) via Keita Watanabe
(@kitwtnb)
* Integration tests: add scheduled job (#2389) via Andy Boedo (@aboedo)
* Add lane for running iOS v3 load shedder integration tests (#2388) via
Andy Boedo (@aboedo)
* iOS v3 load shedder integration tests (#2387) via Andy Boedo (@aboedo)
* `Offline Entitlements`: created `LoadShedderIntegrationTests` (#2362)
via NachoSoto (@NachoSoto)
* Purchases.configure: log warning if attempting to use a static
appUserID (#2385) via Mark Villacampa (@MarkVillacampa)
* `SubscriberAttributesManagerIntegrationTests`: fixed flaky failures
(#2381) via NachoSoto (@NachoSoto)
* `@DefaultDecodable.Now`: fixed flaky test (#2374) via NachoSoto
(@NachoSoto)
* `PurchaseTesterSwiftUI`: fixed iOS compilation (#2376) via NachoSoto
(@NachoSoto)
* `SubscriberAttributesManagerIntegrationTests`: fixed potential race
condition (#2380) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: create `CustomerInfo` from offline
entitlements (#2358) via NachoSoto (@NachoSoto)
* Added `@DefaultDecodable.Now` (#2372) via NachoSoto (@NachoSoto)
* `HTTPClient`: debug log when performing redirects (#2371) via
NachoSoto (@NachoSoto)
* `HTTPClient`: new flag to force server errors (#2370) via NachoSoto
(@NachoSoto)
* `OfferingsManager`: fixed Xcode 13.x build (#2369) via NachoSoto
(@NachoSoto)
* `Offline Entitlements`: store `ProductEntitlementMapping` in cache
(#2355) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: added support for fetching
`ProductEntitlementMappingResponse` in `OfflineEntitlementsAPI` (#2353)
via NachoSoto (@NachoSoto)
* `Offline Entitlements`: created `ProductEntitlementMapping` (#2365)
via NachoSoto (@NachoSoto)
* Implemented `NetworkError.isServerDown` (#2367) via NachoSoto
(@NachoSoto)
* `ETagManager`: added test for 304 responses with no etag (#2360) via
NachoSoto (@NachoSoto)
* `TestLogHandler`: increased default capacity (#2357) via NachoSoto
(@NachoSoto)
* `OfferingsManager`: moved log to common method to remove hardcoded
string (#2363) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: created `ProductEntitlementMappingResponse`
(#2351) via NachoSoto (@NachoSoto)
* `HTTPClient`: added test for 2xx response for request with etag
(#2361) via NachoSoto (@NachoSoto)
* `PurchaseTesterSwiftUI` improvements (#2345) via NachoSoto
(@NachoSoto)
* `ConfigureStrings`: fixed double-space typo (#2344) via NachoSoto
(@NachoSoto)
* `ETagManagerTests`: fixed tests on iOS 12 (#2349) via NachoSoto
(@NachoSoto)
* `DeviceCache`: simplified constructor (#2354) via NachoSoto
(@NachoSoto)
* `Trusted Entitlements`: changed all APIs to `internal` (#2350) via
NachoSoto (@NachoSoto)
* `VerificationResult.notRequested`: removed caching reference (#2337)
via NachoSoto (@NachoSoto)
* Finished signature verification `HTTPClient` tests (#2333) via
NachoSoto (@NachoSoto)
* `Configuration.Builder.with(entitlementVerificationMode:)`: improved
documentation (#2334) via NachoSoto (@NachoSoto)
* `ETagManager`: don't ignore failed etags with
`Signing.VerificationMode.informational` (#2331) via NachoSoto
(@NachoSoto)
* `IdentityManager`: clear `ETagManager` and `DeviceCache` if
verification is enabled but cached `CustomerInfo` is not (#2330) via
NachoSoto (@NachoSoto)
* Made `Configuration.EntitlementVerificationMode.enforced` unavailable
(#2329) via NachoSoto (@NachoSoto)
* Refactor: reorganized files in new Security and Misc folders (#2326)
via NachoSoto (@NachoSoto)
* `CustomerInfo`: use same grace period logic for active subscriptions
(#2327) via NachoSoto (@NachoSoto)
* `HTTPClient`: don't verify 4xx/5xx responses (#2322) via NachoSoto
(@NachoSoto)
* `EntitlementInfo`: request date is not optional (#2325) via NachoSoto
(@NachoSoto)
* `CustomerInfo`: removed `entitlementVerification` (#2320) via
NachoSoto (@NachoSoto)
* Renamed `VerificationResult.notVerified` to `.notRequested` (#2321)
via NachoSoto (@NachoSoto)
* `EntitlementInfo`: add a grace period limit to outdated entitlements
(#2288) via NachoSoto (@NachoSoto)
* Update `CustomerInfo.requestDate` from 304 responses (#2310) via
NachoSoto (@NachoSoto)
* `Signing`: added request time & eTag to signature verification (#2309)
via NachoSoto (@NachoSoto)
* `HTTPClient`: changed header search to be case-insensitive (#2308) via
NachoSoto (@NachoSoto)
* `HTTPClient`: automatically add `nonce` based on `HTTPRequest.Path`
(#2286) via NachoSoto (@NachoSoto)
* `PurchaseTester`: added ability to reload `CustomerInfo` with a custom
`CacheFetchPolicy` (#2312) via NachoSoto (@NachoSoto)
* Fix issue where underlying error information for product fetch errors
was not printed in log. (#2281) via Chris Vasselli (@chrisvasselli)
* `PurchaseTester`: added ability to set
`Configuration.EntitlementVerificationMode` (#2290) via NachoSoto
(@NachoSoto)
* SwiftUI: Paywall View should respond to changes on the UserView model
(#2297) via ConfusedVorlon (@ConfusedVorlon)
* Deprecate `usesStoreKit2IfAvailable` (#2293) via Andy Boedo (@aboedo)
* `Signing`: updated to use production public key (#2274) via NachoSoto
(@NachoSoto)
</details>

---------

Co-authored-by: RCGitBot <dev+RCGitBot@revenuecat.com>
NachoSoto added a commit to NachoSoto/purchases-ios that referenced this pull request May 17, 2023
@NachoSoto @RCGitBot
Release/4.19.0 (RevenueCat#2491)
d5a4b10 
### New Features
* New `ErrorCode.signatureVerificationFailed` which will be used for an
upcoming feature

### Bugfixes
* `Purchases.deinit`: don't reset `Purchases.proxyURL` (RevenueCat#2346) via
NachoSoto (@NachoSoto)

<details>
<summary><b>Other Changes</b></summary>

* Introduced `Configuration.EntitlementVerificationMode` and
`VerificationResult` (RevenueCat#2277) via NachoSoto (@NachoSoto)
* `PurchasesDiagnostics`: added step to verify signature verification
(RevenueCat#2267) via NachoSoto (@NachoSoto)
* `HTTPClient`: added signature validation and introduced
`ErrorCode.signatureVerificationFailed` (RevenueCat#2272) via NachoSoto
(@NachoSoto)
* `ETagManager`: don't use ETags if response verification failed (RevenueCat#2347)
via NachoSoto (@NachoSoto)
* `Integration Tests`: removed `@preconcurrency import` (RevenueCat#2464) via
NachoSoto (@NachoSoto)
* Clean up: moved `ReceiptParserTests-Info.plist` out of root (RevenueCat#2460)
via NachoSoto (@NachoSoto)
* Update `CHANGELOG` (RevenueCat#2461) via NachoSoto (@NachoSoto)
* Update `SwiftSnapshotTesting` (RevenueCat#2453) via NachoSoto (@NachoSoto)
* Fixed docs (RevenueCat#2432) via Kaunteya Suryawanshi (@kaunteya)
* Remove unnecessary line break (RevenueCat#2435) via Andy Boedo (@aboedo)
* `ProductEntitlementMapping`: enabled entitlement mapping fetching
(RevenueCat#2425) via NachoSoto (@NachoSoto)
* `BackendPostReceiptDataTests`: increased timeout to fix flaky test
(RevenueCat#2426) via NachoSoto (@NachoSoto)
* Updated requirements to drop Xcode 13.x support (RevenueCat#2419) via NachoSoto
(@NachoSoto)
* `Integration Tests`: fixed flaky errors when loading offerings (RevenueCat#2420)
via NachoSoto (@NachoSoto)
* `PurchaseTester`: fixed compilation for `internal` entitlement
verification (RevenueCat#2417) via NachoSoto (@NachoSoto)
* `ETagManager`/`HTTPClient`: sending new `X-RC-Last-Refresh-Time`
header (RevenueCat#2373) via NachoSoto (@NachoSoto)
* `ETagManager`: don't send validation time if not present (RevenueCat#2490) via
NachoSoto (@NachoSoto)
* SwiftUI Sample Project: Refactor Package terms method to a computed
property (RevenueCat#2405) via Joseph Kokenge (@JOyo246)
* Clean up v3 load shedder integration tests (RevenueCat#2402) via Andy Boedo
(@aboedo)
* Fix iOS 12 compilation (RevenueCat#2394) via NachoSoto (@NachoSoto)
* Added new `VerificationResult.verifiedOnDevice` (RevenueCat#2379) via NachoSoto
(@NachoSoto)
* `PurchaseTester`: fix memory leaks (RevenueCat#2392) via Keita Watanabe
(@kitwtnb)
* Integration tests: add scheduled job (RevenueCat#2389) via Andy Boedo (@aboedo)
* Add lane for running iOS v3 load shedder integration tests (RevenueCat#2388) via
Andy Boedo (@aboedo)
* iOS v3 load shedder integration tests (RevenueCat#2387) via Andy Boedo (@aboedo)
* `Offline Entitlements`: created `LoadShedderIntegrationTests` (RevenueCat#2362)
via NachoSoto (@NachoSoto)
* Purchases.configure: log warning if attempting to use a static
appUserID (RevenueCat#2385) via Mark Villacampa (@MarkVillacampa)
* `SubscriberAttributesManagerIntegrationTests`: fixed flaky failures
(RevenueCat#2381) via NachoSoto (@NachoSoto)
* `@DefaultDecodable.Now`: fixed flaky test (RevenueCat#2374) via NachoSoto
(@NachoSoto)
* `PurchaseTesterSwiftUI`: fixed iOS compilation (RevenueCat#2376) via NachoSoto
(@NachoSoto)
* `SubscriberAttributesManagerIntegrationTests`: fixed potential race
condition (RevenueCat#2380) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: create `CustomerInfo` from offline
entitlements (RevenueCat#2358) via NachoSoto (@NachoSoto)
* Added `@DefaultDecodable.Now` (RevenueCat#2372) via NachoSoto (@NachoSoto)
* `HTTPClient`: debug log when performing redirects (RevenueCat#2371) via
NachoSoto (@NachoSoto)
* `HTTPClient`: new flag to force server errors (RevenueCat#2370) via NachoSoto
(@NachoSoto)
* `OfferingsManager`: fixed Xcode 13.x build (RevenueCat#2369) via NachoSoto
(@NachoSoto)
* `Offline Entitlements`: store `ProductEntitlementMapping` in cache
(RevenueCat#2355) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: added support for fetching
`ProductEntitlementMappingResponse` in `OfflineEntitlementsAPI` (RevenueCat#2353)
via NachoSoto (@NachoSoto)
* `Offline Entitlements`: created `ProductEntitlementMapping` (RevenueCat#2365)
via NachoSoto (@NachoSoto)
* Implemented `NetworkError.isServerDown` (RevenueCat#2367) via NachoSoto
(@NachoSoto)
* `ETagManager`: added test for 304 responses with no etag (RevenueCat#2360) via
NachoSoto (@NachoSoto)
* `TestLogHandler`: increased default capacity (RevenueCat#2357) via NachoSoto
(@NachoSoto)
* `OfferingsManager`: moved log to common method to remove hardcoded
string (RevenueCat#2363) via NachoSoto (@NachoSoto)
* `Offline Entitlements`: created `ProductEntitlementMappingResponse`
(RevenueCat#2351) via NachoSoto (@NachoSoto)
* `HTTPClient`: added test for 2xx response for request with etag
(RevenueCat#2361) via NachoSoto (@NachoSoto)
* `PurchaseTesterSwiftUI` improvements (RevenueCat#2345) via NachoSoto
(@NachoSoto)
* `ConfigureStrings`: fixed double-space typo (RevenueCat#2344) via NachoSoto
(@NachoSoto)
* `ETagManagerTests`: fixed tests on iOS 12 (RevenueCat#2349) via NachoSoto
(@NachoSoto)
* `DeviceCache`: simplified constructor (RevenueCat#2354) via NachoSoto
(@NachoSoto)
* `Trusted Entitlements`: changed all APIs to `internal` (RevenueCat#2350) via
NachoSoto (@NachoSoto)
* `VerificationResult.notRequested`: removed caching reference (RevenueCat#2337)
via NachoSoto (@NachoSoto)
* Finished signature verification `HTTPClient` tests (RevenueCat#2333) via
NachoSoto (@NachoSoto)
* `Configuration.Builder.with(entitlementVerificationMode:)`: improved
documentation (RevenueCat#2334) via NachoSoto (@NachoSoto)
* `ETagManager`: don't ignore failed etags with
`Signing.VerificationMode.informational` (RevenueCat#2331) via NachoSoto
(@NachoSoto)
* `IdentityManager`: clear `ETagManager` and `DeviceCache` if
verification is enabled but cached `CustomerInfo` is not (RevenueCat#2330) via
NachoSoto (@NachoSoto)
* Made `Configuration.EntitlementVerificationMode.enforced` unavailable
(RevenueCat#2329) via NachoSoto (@NachoSoto)
* Refactor: reorganized files in new Security and Misc folders (RevenueCat#2326)
via NachoSoto (@NachoSoto)
* `CustomerInfo`: use same grace period logic for active subscriptions
(RevenueCat#2327) via NachoSoto (@NachoSoto)
* `HTTPClient`: don't verify 4xx/5xx responses (RevenueCat#2322) via NachoSoto
(@NachoSoto)
* `EntitlementInfo`: request date is not optional (RevenueCat#2325) via NachoSoto
(@NachoSoto)
* `CustomerInfo`: removed `entitlementVerification` (RevenueCat#2320) via
NachoSoto (@NachoSoto)
* Renamed `VerificationResult.notVerified` to `.notRequested` (RevenueCat#2321)
via NachoSoto (@NachoSoto)
* `EntitlementInfo`: add a grace period limit to outdated entitlements
(RevenueCat#2288) via NachoSoto (@NachoSoto)
* Update `CustomerInfo.requestDate` from 304 responses (RevenueCat#2310) via
NachoSoto (@NachoSoto)
* `Signing`: added request time & eTag to signature verification (RevenueCat#2309)
via NachoSoto (@NachoSoto)
* `HTTPClient`: changed header search to be case-insensitive (RevenueCat#2308) via
NachoSoto (@NachoSoto)
* `HTTPClient`: automatically add `nonce` based on `HTTPRequest.Path`
(RevenueCat#2286) via NachoSoto (@NachoSoto)
* `PurchaseTester`: added ability to reload `CustomerInfo` with a custom
`CacheFetchPolicy` (RevenueCat#2312) via NachoSoto (@NachoSoto)
* Fix issue where underlying error information for product fetch errors
was not printed in log. (RevenueCat#2281) via Chris Vasselli (@chrisvasselli)
* `PurchaseTester`: added ability to set
`Configuration.EntitlementVerificationMode` (RevenueCat#2290) via NachoSoto
(@NachoSoto)
* SwiftUI: Paywall View should respond to changes on the UserView model
(RevenueCat#2297) via ConfusedVorlon (@ConfusedVorlon)
* Deprecate `usesStoreKit2IfAvailable` (RevenueCat#2293) via Andy Boedo (@aboedo)
* `Signing`: updated to use production public key (RevenueCat#2274) via NachoSoto
(@NachoSoto)
</details>

---------

Co-authored-by: RCGitBot <dev+RCGitBot@revenuecat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonidero tonidero tonidero approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NachoSoto @tonidero