Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trusted Entitlements: re-enable public API #2621

Merged
merged 3 commits into from
Jul 11, 2023
Merged

Trusted Entitlements: re-enable public API #2621

merged 3 commits into from
Jul 11, 2023

Conversation

NachoSoto
Copy link
Contributor

This is reverting #2350 and #2417

@NachoSoto NachoSoto added the feat A new feature label Jun 11, 2023
@NachoSoto NachoSoto requested a review from a team June 11, 2023 16:52
@NachoSoto NachoSoto changed the title [WIP] Introduced Entitlement Vericication [WIP] Introduced Entitlement Verification Jun 11, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 157cb14 to f056004 Compare June 13, 2023 00:03
@NachoSoto NachoSoto changed the title [WIP] Introduced Entitlement Verification [WIP] Re-enable Entitlement Verification public API Jun 13, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from f8592f5 to a36c254 Compare June 13, 2023 20:22
@codecov
Copy link

codecov bot commented Jun 13, 2023
edited

Codecov Report

Merging #2621 (a587d67) into main (14e5906) will increase coverage by 0.18%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #2621      +/-   ##
==========================================
+ Coverage   86.30%   86.49%   +0.18%     
==========================================
  Files         214      214              
  Lines       15376    15376              
==========================================
+ Hits        13271    13299      +28     
+ Misses       2105     2077      -28
Impacted Files Coverage Δ
Sources/Purchasing/Configuration.swift 81.00% <100.00%> (ø)
Sources/Purchasing/EntitlementInfo.swift 80.64% <100.00%> (ø)
Sources/Purchasing/EntitlementInfos.swift 60.31% <100.00%> (ø)
Sources/Security/VerificationResult.swift 100.00% <100.00%> (ø)

... and 3 files with indirect coverage changes

@NachoSoto NachoSoto changed the title [WIP] Re-enable Entitlement Verification public API [WIP] Trusted Entitlements: re-enable public API Jun 26, 2023
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 813db34 to 7db168a Compare June 27, 2023 20:29
@NachoSoto NachoSoto mentioned this pull request Jun 27, 2023
Merged
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 3 times, most recently from 249d5fe to ea3f6d7 Compare July 6, 2023 17:00
@NachoSoto NachoSoto changed the title [WIP] Trusted Entitlements: re-enable public API Trusted Entitlements: re-enable public API Jul 7, 2023
@NachoSoto NachoSoto changed the base branch from main to nacho/signing-no-api-key July 7, 2023 04:35
@NachoSoto NachoSoto marked this pull request as ready for review July 7, 2023 04:36
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 2 times, most recently from 3a28743 to 68f6db7 Compare July 7, 2023 04:43
Base automatically changed from nacho/signing-no-api-key to main July 7, 2023 15:23
tonidero
tonidero reviewed Jul 10, 2023
View reviewed changes
Copy link
Contributor

@tonidero tonidero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just a comment about the enforced mode

Sources/Purchasing/Configuration.swift Outdated Show resolved Hide resolved
Tests/TestingApps/PurchaseTesterSwiftUI/Shared/Extensions/Extensions.swift Outdated Show resolved Hide resolved
@NachoSoto NachoSoto force-pushed the re-enable-verification branch 2 times, most recently from 0207281 to e5141e2 Compare July 10, 2023 14:13
@NachoSoto
Copy link
Contributor Author

Holding off until we verify #2744 is all green.

@NachoSoto NachoSoto merged commit 1cab844 into main Jul 11, 2023
14 checks passed
@NachoSoto NachoSoto deleted the re-enable-verification branch July 11, 2023 14:34
This was referenced Jul 11, 2023
Closed
Merged
NachoSoto added a commit that referenced this pull request Jul 11, 2023
@RCGitBot @NachoSoto
[AUTOMATIC] Release/4.25.0 (#2789)
a5b1620 
**This is an automatic release.**

### New Features
* `Trusted Entitlements`: (#2621) via NachoSoto (@NachoSoto)

This new feature prevents MitM attacks between the SDK and the
RevenueCat server.
With verification enabled, the SDK ensures that the response created by
the server was not modified by a third-party, and the entitlements
received are exactly what was sent.
This is 100% opt-in. `EntitlementInfos` have a new `VerificationResult`
property, which will indicate the validity of the responses when this
feature is enabled.

```swift
let purchases = Purchases.configure(
  with: Configuration
    .builder(withAPIKey: "")
    .with(entitlementVerificationMode: .informational)
)
let customerInfo = try await purchases.customerInfo()
if !customerInfo.entitlements.verification.isVerified {
  print("Entitlements could not be verified")
}
```

You can learn more from [the
documentation](https://www.revenuecat.com/docs/trusted-entitlements).

### Other Changes
* `TrustedEntitlements`: new `VerificationResult.isVerified` (#2788) via
NachoSoto (@NachoSoto)
* `Refactor`: extracted `Collection.subscript(safe:)` (#2779) via
NachoSoto (@NachoSoto)
* `Trusted Entitlements`: added link to docs in
`ErrorCode.signatureVerificationFailed` (#2783) via NachoSoto
(@NachoSoto)
* `Trusted Entitlements`: improved documentation (#2782) via NachoSoto
(@NachoSoto)
* `Tests`: fixed flaky failure with asynchronous check (#2777) via
NachoSoto (@NachoSoto)
* `Integration Tests`: re-enable signature verification tests (#2744)
via NachoSoto (@NachoSoto)
* `CI`: remove `Jazzy` (#2775) via NachoSoto (@NachoSoto)
* `Signing`: inject `ClockType` to ensure hardcoded signatures don't
fail when intermediate key expires (#2771) via NachoSoto (@NachoSoto)

---------

Co-authored-by: NachoSoto <ignaciosoto90@gmail.com>
tonidero added a commit to RevenueCat/purchases-hybrid-common that referenced this pull request Nov 17, 2023
@NachoSoto @tonidero
Trusted Entitlements: add support for setting VerificationMode (#451
cc5b19a 
)

Depends on RevenueCat/purchases-ios#2621 and
RevenueCat/purchases-android#1105.

---------

Co-authored-by: Toni Rico <antonio.rico.diez@revenuecat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tonidero tonidero tonidero approved these changes

Assignees
No one assigned
Labels
feat A new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@NachoSoto @tonidero