Skip to content

Trusted Entitlements: re-enable public API#2621

Merged
NachoSoto merged 3 commits into
mainfrom
re-enable-verification
Jul 11, 2023
Merged

Trusted Entitlements: re-enable public API#2621
NachoSoto merged 3 commits into
mainfrom
re-enable-verification

Conversation

@NachoSoto

@NachoSoto NachoSoto commented Jun 11, 2023

Copy link
Copy Markdown
Contributor

This is reverting #2350 and #2417

@NachoSoto NachoSoto added the pr:feat A new feature label Jun 11, 2023
@NachoSoto NachoSoto requested a review from a team June 11, 2023 16:52
@NachoSoto NachoSoto force-pushed the re-enable-verification branch from 367da2d to 509e3a9 Compare June 11, 2023 18:28
@NachoSoto NachoSoto changed the title [WIP] Introduced Entitlement Vericication [WIP] Introduced Entitlement Verification Jun 11, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 157cb14 to f056004 Compare June 13, 2023 00:03
@NachoSoto NachoSoto changed the title [WIP] Introduced Entitlement Verification [WIP] Re-enable Entitlement Verification public API Jun 13, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from f8592f5 to a36c254 Compare June 13, 2023 20:22
@codecov

codecov Bot commented Jun 13, 2023
edited
Loading

Copy link
Copy Markdown

Codecov Report

Merging #2621 (a587d67) into main (14e5906) will increase coverage by 0.18%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #2621      +/-   ##
==========================================
+ Coverage   86.30%   86.49%   +0.18%     
==========================================
  Files         214      214              
  Lines       15376    15376              
==========================================
+ Hits        13271    13299      +28     
+ Misses       2105     2077      -28
Impacted Files Coverage Δ
Sources/Purchasing/Configuration.swift 81.00% <100.00%> (ø)
Sources/Purchasing/EntitlementInfo.swift 80.64% <100.00%> (ø)
Sources/Purchasing/EntitlementInfos.swift 60.31% <100.00%> (ø)
Sources/Security/VerificationResult.swift 100.00% <100.00%> (ø)

... and 3 files with indirect coverage changes

@NachoSoto NachoSoto changed the title [WIP] Re-enable Entitlement Verification public API [WIP] Trusted Entitlements: re-enable public API Jun 26, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 813db34 to 7db168a Compare June 27, 2023 20:29
@NachoSoto NachoSoto mentioned this pull request Jun 27, 2023
Merged
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 249d5fe to ea3f6d7 Compare July 6, 2023 17:00
@NachoSoto NachoSoto force-pushed the re-enable-verification branch from ea3f6d7 to bc21a0e Compare July 7, 2023 04:25
@NachoSoto NachoSoto changed the title [WIP] Trusted Entitlements: re-enable public API Trusted Entitlements: re-enable public API Jul 7, 2023
@NachoSoto NachoSoto changed the base branch from main to nacho/signing-no-api-key July 7, 2023 04:35
@NachoSoto NachoSoto marked this pull request as ready for review July 7, 2023 04:36
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 2 times, most recently from 3a28743 to 68f6db7 Compare July 7, 2023 04:43
Base automatically changed from nacho/signing-no-api-key to main July 7, 2023 15:23
tonidero
tonidero reviewed Jul 10, 2023
View reviewed changes

@tonidero tonidero left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just a comment about the enforced mode

Comment thread Sources/Purchasing/Configuration.swift
Comment thread Tests/TestingApps/PurchaseTesterSwiftUI/Shared/Extensions/Extensions.swift Outdated
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 2 times, most recently from 0207281 to e5141e2 Compare July 10, 2023 14:13
@NachoSoto NachoSoto force-pushed the re-enable-verification branch from e5141e2 to a587d67 Compare July 10, 2023 14:15
@NachoSoto

NachoSoto commented Jul 10, 2023

Copy link
Copy Markdown
Contributor Author

Holding off until we verify #2744 is all green.

@NachoSoto NachoSoto merged commit 1cab844 into main Jul 11, 2023
@NachoSoto NachoSoto deleted the re-enable-verification branch July 11, 2023 14:34
This was referenced Jul 11, 2023
Closed
Merged
NachoSoto added a commit that referenced this pull request Jul 11, 2023
@RCGitBot @NachoSoto
[AUTOMATIC] Release/4.25.0 (#2789)
a5b1620 
**This is an automatic release.**

### New Features
* `Trusted Entitlements`: (#2621) via NachoSoto (@NachoSoto)

This new feature prevents MitM attacks between the SDK and the
RevenueCat server.
With verification enabled, the SDK ensures that the response created by
the server was not modified by a third-party, and the entitlements
received are exactly what was sent.
This is 100% opt-in. `EntitlementInfos` have a new `VerificationResult`
property, which will indicate the validity of the responses when this
feature is enabled.

```swift
let purchases = Purchases.configure(
  with: Configuration
    .builder(withAPIKey: "")
    .with(entitlementVerificationMode: .informational)
)
let customerInfo = try await purchases.customerInfo()
if !customerInfo.entitlements.verification.isVerified {
  print("Entitlements could not be verified")
}
```

You can learn more from [the
documentation](https://www.revenuecat.com/docs/trusted-entitlements).

### Other Changes
* `TrustedEntitlements`: new `VerificationResult.isVerified` (#2788) via
NachoSoto (@NachoSoto)
* `Refactor`: extracted `Collection.subscript(safe:)` (#2779) via
NachoSoto (@NachoSoto)
* `Trusted Entitlements`: added link to docs in
`ErrorCode.signatureVerificationFailed` (#2783) via NachoSoto
(@NachoSoto)
* `Trusted Entitlements`: improved documentation (#2782) via NachoSoto
(@NachoSoto)
* `Tests`: fixed flaky failure with asynchronous check (#2777) via
NachoSoto (@NachoSoto)
* `Integration Tests`: re-enable signature verification tests (#2744)
via NachoSoto (@NachoSoto)
* `CI`: remove `Jazzy` (#2775) via NachoSoto (@NachoSoto)
* `Signing`: inject `ClockType` to ensure hardcoded signatures don't
fail when intermediate key expires (#2771) via NachoSoto (@NachoSoto)

---------

Co-authored-by: NachoSoto <ignaciosoto90@gmail.com>
tonidero added a commit to RevenueCat/purchases-hybrid-common that referenced this pull request Nov 17, 2023
@NachoSoto @tonidero
Trusted Entitlements: add support for setting VerificationMode (#451
cc5b19a 
)

Depends on RevenueCat/purchases-ios#2621 and
RevenueCat/purchases-android#1105.

---------

Co-authored-by: Toni Rico <antonio.rico.diez@revenuecat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonidero tonidero tonidero approved these changes

Assignees

No one assigned

Labels

pr:feat A new feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NachoSoto @tonidero