From 8febb8e2f68e0ce6802d559a378e71a2865a63c0 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Tue, 25 Jul 2023 16:52:03 -0700 Subject: [PATCH 01/18] Update GSI and sample app deps to new app check --- Package.swift | 2 +- Samples/Swift/AppAttestExample/Podfile | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/Package.swift b/Package.swift index 7b4c4ab0..f0ab218a 100644 --- a/Package.swift +++ b/Package.swift @@ -48,7 +48,7 @@ let package = Package( .package( name: "Firebase", url: "https://github.com/firebase/firebase-ios-sdk.git", - "10.0.0" ..< "11.0.0"), + .branch("app-check-core"), .package( name: "GTMAppAuth", url: "https://github.com/google/GTMAppAuth.git", diff --git a/Samples/Swift/AppAttestExample/Podfile b/Samples/Swift/AppAttestExample/Podfile index a99c529f..def77737 100644 --- a/Samples/Swift/AppAttestExample/Podfile +++ b/Samples/Swift/AppAttestExample/Podfile @@ -6,7 +6,4 @@ use_frameworks! :linkage => :static target 'AppAttestExample' do platform :ios, '14.0' - - pod 'FirebaseCore', '~> 10.0' - pod 'FirebaseAppCheck', '~> 10.0' end From 0001bc5e8d5cbf4da5c2d38b62c0c17760a7452a Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 26 Jul 2023 15:01:39 -0700 Subject: [PATCH 02/18] Fix SPM package dep on app-check-core --- Package.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Package.swift b/Package.swift index f0ab218a..6a3bb162 100644 --- a/Package.swift +++ b/Package.swift @@ -48,7 +48,7 @@ let package = Package( .package( name: "Firebase", url: "https://github.com/firebase/firebase-ios-sdk.git", - .branch("app-check-core"), + .branch("app-check-core")), .package( name: "GTMAppAuth", url: "https://github.com/google/GTMAppAuth.git", From f844db31ac7d42e46630fa55844755ff04643357 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 26 Jul 2023 17:51:05 -0700 Subject: [PATCH 03/18] First pass at integrating with AppCheckCore --- .../GIDAppCheck/API/GIDAppCheckProvider.h | 59 ------------------- .../Fake/GIDAppCheckProviderFake.h} | 16 +++-- .../Fake/GIDAppCheckProviderFake.m} | 20 +++---- .../GIDAppCheck/Implementations/GIDAppCheck.h | 31 +++++++++- .../GIDAppCheck/Implementations/GIDAppCheck.m | 55 ++++++++++++----- .../API/GIDAppCheckTokenFetcher.h | 37 ------------ .../FIRAppCheck+GIDAppCheckTokenFetcher.h | 29 --------- GoogleSignIn/Sources/GIDSignIn.m | 17 +++--- GoogleSignIn/Sources/GIDSignIn_Private.h | 4 +- .../Sources/Public/GoogleSignIn/GIDSignIn.h | 1 - GoogleSignIn/Tests/Unit/GIDAppCheckTest.m | 52 ++++++++-------- GoogleSignIn/Tests/Unit/GIDSignInTest.m | 33 +++++------ Package.swift | 4 +- 13 files changed, 140 insertions(+), 218 deletions(-) delete mode 100644 GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h rename GoogleSignIn/Sources/{GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h => GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h} (71%) rename GoogleSignIn/Sources/{GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.m => GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m} (62%) delete mode 100644 GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h delete mode 100644 GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/FIRAppCheck+GIDAppCheckTokenFetcher.h diff --git a/GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h b/GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h deleted file mode 100644 index 7f934ec7..00000000 --- a/GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#import - -NS_ASSUME_NONNULL_BEGIN - -#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@protocol GIDAppCheckTokenFetcher; -@class FIRAppCheckToken; - -/// Interface providing the API for both pre-warming `GIDSignIn` to use Firebase App Check and -/// fetching the App Check token. -NS_AVAILABLE_IOS(14) -@protocol GIDAppCheckProvider - -/// Creates the instance of this App Check wrapper class. -/// -/// @param tokenFetcher The instance performing the Firebase App Check token requests. If `provider` -/// is nil, then we default to `FIRAppCheck`. -/// @param userDefaults The instance of `NSUserDefaults` that `GIDAppCheck` will use to store its -/// preparation status. If nil, `GIDAppCheck` will use `-[NSUserDefaults standardUserDefaults]`. -- (instancetype)initWithAppCheckTokenFetcher:(nullable id)tokenFetcher - userDefaults:(nullable NSUserDefaults *)userDefaults; - -/// Prewarms the library for App Check by asking Firebase App Check to generate the App Attest key -/// id and perform the initial attestation process (if needed). -/// -/// @param completion A `nullable` callback with a `nullable` `NSError` if preparation fails. -- (void)prepareForAppCheckWithCompletion:(nullable void (^)(NSError * _Nullable error))completion; - -/// Fetches the limited use Firebase token. -/// -/// @param completion A `nullable` callback with the `FIRAppCheckToken` if present, or an `NSError` -/// otherwise. -- (void)getLimitedUseTokenWithCompletion:(nullable void (^)(FIRAppCheckToken * _Nullable token, - NSError * _Nullable error))completion; - -/// Whether or not the App Attest key ID created and the attestation object has been fetched. -- (BOOL)isPrepared; - -@end - -#endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST - -NS_ASSUME_NONNULL_END diff --git a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h similarity index 71% rename from GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h rename to GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h index ad994a92..f902270d 100644 --- a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h @@ -16,26 +16,24 @@ #import #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h" - -@class FIRAppCheckToken; +@import AppCheckCore; NS_ASSUME_NONNULL_BEGIN -extern NSUInteger const kGIDAppCheckTokenFetcherTokenError; +extern NSUInteger const kGIDAppCheckProviderFakeError; NS_CLASS_AVAILABLE_IOS(14) -@interface GIDAppCheckTokenFetcherFake : NSObject +@interface GIDAppCheckProviderFake : NSObject /// Creates an instance with the provided app check token and error. /// /// This protocol is mainly used for testing purposes so that the token fetching from Firebase App /// Check can be faked. -/// @param token The `FIRAppCheckToken` to pass into the completion called from -/// `limitedUseTokenWithCompletion:`. +/// @param token The `GACAppCheckToken` instance to pass into the completion called from +/// `getTokenWithCompletion:`. /// @param error The `NSError` to pass into the completion called from -/// `limitedUseTokenWithCompletion:`. -- (instancetype)initWithAppCheckToken:(nullable FIRAppCheckToken *)token +/// `getTokenWithCompletion:`. +- (instancetype)initWithAppCheckToken:(nullable GACAppCheckToken *)token error:(nullable NSError *)error; @end diff --git a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m similarity index 62% rename from GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.m rename to GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m index 20719a9e..f7c26295 100644 --- a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m @@ -15,22 +15,20 @@ #import #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h" +#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" -@import FirebaseAppCheck; +NSUInteger const kGIDAppCheckProviderFakeError = 1; -NSUInteger const kGIDAppCheckTokenFetcherTokenError = 1; +@interface GIDAppCheckProviderFake () -@interface GIDAppCheckTokenFetcherFake () - -@property(nonatomic, strong, nullable) FIRAppCheckToken *token; +@property(nonatomic, strong, nullable) id token; @property(nonatomic, strong, nullable) NSError *error; @end -@implementation GIDAppCheckTokenFetcherFake +@implementation GIDAppCheckProviderFake -- (instancetype)initWithAppCheckToken:(nullable FIRAppCheckToken *)token +- (instancetype)initWithAppCheckToken:(nullable id)token error:(nullable NSError *)error { if (self = [super init]) { _token = token; @@ -39,10 +37,10 @@ - (instancetype)initWithAppCheckToken:(nullable FIRAppCheckToken *)token return self; } -- (void)limitedUseTokenWithCompletion:(void (^)(FIRAppCheckToken * _Nullable, - NSError * _Nullable))completion { +- (void)getTokenWithCompletion:(nonnull void (^)(GACAppCheckToken * _Nullable, + NSError * _Nullable))handler { dispatch_async(dispatch_get_main_queue(), ^{ - completion(self.token, self.error); + handler(self.token, self.error); }); } diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h index 96d63ea2..f9fc02dd 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h @@ -18,19 +18,44 @@ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST +@import AppCheckCore; #import -#import "GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h" NS_ASSUME_NONNULL_BEGIN -@class FIRAppCheckToken; extern NSString *const kGIDAppCheckPreparedKey; NS_CLASS_AVAILABLE_IOS(14) -@interface GIDAppCheck : NSObject +@interface GIDAppCheck : NSObject - (instancetype)init NS_UNAVAILABLE; +/// Creates the instance of this App Check wrapper class. +/// +/// @param appCheckProvider The instance performing the Firebase App Check token requests. If `nil`, +/// then a default implementation will be used. +/// @param userDefaults The instance of `NSUserDefaults` that `GIDAppCheck` will use to store its +/// preparation status. If nil, `GIDAppCheck` will use `-[NSUserDefaults standardUserDefaults]`. +- (instancetype)initWithAppCheckProvider:(nullable id)appCheckProvider + userDefaults:(nullable NSUserDefaults *)userDefaults; + +/// Prewarms the library for App Check by asking Firebase App Check to generate the App Attest key +/// id and perform the initial attestation process (if needed). +/// +/// @param completion A `nullable` callback with a `nullable` `NSError` if preparation fails. +- (void)prepareForAppCheckWithCompletion:(nullable void (^)(NSError * _Nullable error))completion; + +/// Fetches the limited use Firebase token. +/// +/// @param completion A `nullable` callback with the `FIRAppCheckToken` if present, or an `NSError` +/// otherwise. +- (void)getLimitedUseTokenWithCompletion: + (nullable void (^)(id _Nullable token, + NSError * _Nullable error))completion; + +/// Whether or not the App Attest key ID created and the attestation object has been fetched. +- (BOOL)isPrepared; + @end NS_ASSUME_NONNULL_END diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index 1b7a8095..65c0991a 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -14,24 +14,26 @@ * limitations under the License. */ +#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST +@import AppCheckCore; + #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" -#import "GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h" -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/FIRAppCheck+GIDAppCheckTokenFetcher.h" #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" - -@import FirebaseAppCheck; - -#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST +#import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h" NSErrorDomain const kGIDAppCheckErrorDomain = @"com.google.GIDAppCheck"; NSString *const kGIDAppCheckPreparedKey = @"com.google.GIDAppCheckPreparedKey"; +static NSString *const kConfigClientIDKey = @"GIDClientID"; +static NSString *const kGSIAppAttestServiceName = @"GoogleSignIn-iOS"; +static NSString *const kGSIAppAttestResourceNameFormat = @"oauthClients/%@"; +static NSString *const kGSIAppAttestBaseURL = @"https://firebaseappcheck.googleapis.com/v1beta"; typedef void (^GIDAppCheckPrepareCompletion)(NSError * _Nullable); -typedef void (^GIDAppCheckTokenCompletion)(FIRAppCheckToken * _Nullable, NSError * _Nullable); +typedef void (^GIDAppCheckTokenCompletion)(id _Nullable, NSError * _Nullable); @interface GIDAppCheck () -@property(nonatomic, strong) id tokenFetcher; +@property(nonatomic, strong) GACAppCheck *appCheck; @property(nonatomic, strong) dispatch_queue_t workerQueue; @property(nonatomic, strong) NSUserDefaults *userDefaults; @property(atomic, strong) NSMutableArray *prepareCompletions; @@ -41,10 +43,18 @@ @interface GIDAppCheck () @implementation GIDAppCheck -- (instancetype)initWithAppCheckTokenFetcher:(nullable id)tokenFetcher - userDefaults:(nullable NSUserDefaults *)userDefaults { +- (instancetype)initWithAppCheckProvider:(nullable id)appCheckProvider + userDefaults:(nullable NSUserDefaults *)userDefaults { if (self = [super init]) { - _tokenFetcher = tokenFetcher ?: [FIRAppCheck appCheck]; + id provider = appCheckProvider ?: [GIDAppCheck standardAppCheckProvider]; + + _appCheck = [[GACAppCheck alloc] initWithServiceName:kConfigClientIDKey + resourceName:[GIDAppCheck appAttestResourceName] + appCheckProvider:provider + settings:[[GACAppCheckSettings alloc] init] + tokenDelegate:nil + keychainAccessGroup:nil]; + _userDefaults = userDefaults ?: [NSUserDefaults standardUserDefaults]; _workerQueue = dispatch_queue_create("com.google.googlesignin.GIDAppCheckWorkerQueue", nil); _prepareCompletions = [NSMutableArray array]; @@ -89,8 +99,8 @@ - (void)prepareForAppCheckWithCompletion:(nullable GIDAppCheckPrepareCompletion) return; } - [self.tokenFetcher limitedUseTokenWithCompletion:^(FIRAppCheckToken * _Nullable token, - NSError * _Nullable error) { + [self.appCheck getLimitedUseTokenWithCompletion:^(id _Nullable token, + NSError * _Nullable error) { NSError * __block maybeError = error; @synchronized (self) { if (!token && !error) { @@ -118,8 +128,8 @@ - (void)prepareForAppCheckWithCompletion:(nullable GIDAppCheckPrepareCompletion) - (void)getLimitedUseTokenWithCompletion:(nullable GIDAppCheckTokenCompletion)completion { dispatch_async(self.workerQueue, ^{ - [self.tokenFetcher limitedUseTokenWithCompletion:^(FIRAppCheckToken * _Nullable token, - NSError * _Nullable error) { + [self.appCheck getLimitedUseTokenWithCompletion:^(id _Nullable token, + NSError * _Nullable error) { if (token) { [self.userDefaults setBool:YES forKey:kGIDAppCheckPreparedKey]; } @@ -130,6 +140,21 @@ - (void)getLimitedUseTokenWithCompletion:(nullable GIDAppCheckTokenCompletion)co }); } ++ (NSString *)appAttestResourceName { + NSString *clientID = [NSBundle.mainBundle objectForInfoDictionaryKey:kConfigClientIDKey]; + return [NSString stringWithFormat:kGSIAppAttestResourceNameFormat, clientID]; +} + ++ (id)standardAppCheckProvider { + return [[GACAppAttestProvider alloc] initWithServiceName:kGSIAppAttestServiceName + resourceName:[GIDAppCheck appAttestResourceName] + baseURL:kGSIAppAttestBaseURL + APIKey:nil + keychainAccessGroup:nil + limitedUse:YES + requestHooks:nil]; +} + @end #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST diff --git a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h b/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h deleted file mode 100644 index 57af940e..00000000 --- a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -NS_ASSUME_NONNULL_BEGIN - -@class FIRAppCheckToken; - -#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST - -NS_AVAILABLE_IOS(14) -@protocol GIDAppCheckTokenFetcher - -/// Get the limited use `FIRAppCheckToken`. -/// -/// @param completion A block that passes back the `FIRAppCheckToken` upon success or an error in -/// the case of any failure. -- (void)limitedUseTokenWithCompletion:(nullable void (^)(FIRAppCheckToken * _Nullable token, - NSError * _Nullable error))completion; - -@end - -#endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST - -NS_ASSUME_NONNULL_END diff --git a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/FIRAppCheck+GIDAppCheckTokenFetcher.h b/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/FIRAppCheck+GIDAppCheckTokenFetcher.h deleted file mode 100644 index 0ec82aeb..00000000 --- a/GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/FIRAppCheck+GIDAppCheckTokenFetcher.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -@import FirebaseAppCheck; -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/API/GIDAppCheckTokenFetcher.h" - -NS_ASSUME_NONNULL_BEGIN - -#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST - -@interface FIRAppCheck (FIRAppCheck_GIDAppCheckTokenFetcher) -@end - -#endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST - -NS_ASSUME_NONNULL_END diff --git a/GoogleSignIn/Sources/GIDSignIn.m b/GoogleSignIn/Sources/GIDSignIn.m index 25080d1c..521af046 100644 --- a/GoogleSignIn/Sources/GIDSignIn.m +++ b/GoogleSignIn/Sources/GIDSignIn.m @@ -28,10 +28,9 @@ #import "GoogleSignIn/Sources/GIDScopes.h" #import "GoogleSignIn/Sources/GIDSignInCallbackSchemes.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import "FirebaseAppCheck/FIRAppCheckToken.h" +@import AppCheckCore; #import "GoogleSignIn/Sources/GIDAppCheck/UI/GIDActivityIndicatorViewController.h" #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" -#import "GoogleSignIn/Sources/GIDAppCheck/API/GIDAppCheckProvider.h" #import "GoogleSignIn/Sources/GIDAuthStateMigration.h" #import "GoogleSignIn/Sources/GIDEMMErrorHandler.h" #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST @@ -170,7 +169,7 @@ @implementation GIDSignIn { // represent a sign in continuation. GIDSignInInternalOptions *_currentOptions; #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST - id _appCheck API_AVAILABLE(ios(14)); + GIDAppCheck *_appCheck API_AVAILABLE(ios(14)); #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST // AppAuth configuration object. OIDServiceConfiguration *_appAuthConfiguration; @@ -460,10 +459,10 @@ + (GIDSignIn *)sharedInstance { [[GTMKeychainStore alloc] initWithItemName:kGTMAppAuthKeychainName]; #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST if (@available(iOS 14.0, *)) { - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:nil - userDefaults:nil]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:nil + userDefaults:nil]; sharedInstance = [[self alloc] initWithKeychainStore:keychainStore - appCheckProvider:appCheck]; + appCheck:appCheck]; } #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST if (!sharedInstance) { @@ -531,10 +530,10 @@ - (instancetype)initWithKeychainStore:(GTMKeychainStore *)keychainStore { #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST - (instancetype)initWithKeychainStore:(GTMKeychainStore *)keychainStore - appCheckProvider:(id)appCheckProvider { + appCheck:(GIDAppCheck *)appCheck { self = [self initWithKeychainStore:keychainStore]; if (self) { - _appCheck = appCheckProvider; + _appCheck = appCheck; } return self; } @@ -646,7 +645,7 @@ - (void)authorizationRequestWithOptions:(GIDSignInInternalOptions *)options comp dispatch_time_t halfSecond = dispatch_time(DISPATCH_TIME_NOW, NSEC_PER_MSEC / 2); dispatch_after(halfSecond, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{ [self->_appCheck getLimitedUseTokenWithCompletion: - ^(FIRAppCheckToken * _Nullable token, NSError * _Nullable error) { + ^(id _Nullable token, NSError * _Nullable error) { if (token) { additionalParameters[kClientAssertionTypeParameter] = kClientAssertionTypeParameterValue; diff --git a/GoogleSignIn/Sources/GIDSignIn_Private.h b/GoogleSignIn/Sources/GIDSignIn_Private.h index 7210ecd8..4072a4a0 100644 --- a/GoogleSignIn/Sources/GIDSignIn_Private.h +++ b/GoogleSignIn/Sources/GIDSignIn_Private.h @@ -29,7 +29,7 @@ NS_ASSUME_NONNULL_BEGIN @class GIDGoogleUser; @class GIDSignInInternalOptions; @class GTMKeychainStore; -@protocol GIDAppCheckProvider; +@class GIDAppCheck; /// Represents a completion block that takes a `GIDSignInResult` on success or an error if the /// operation was unsuccessful. @@ -51,7 +51,7 @@ typedef void (^GIDDisconnectCompletion)(NSError *_Nullable error); #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST /// Private initializer taking a `GTMKeychainStore` and `GIDAppCheckProvider`. - (instancetype)initWithKeychainStore:(GTMKeychainStore *)keychainStore - appCheckProvider:(id)appCheckProvider + appCheck:(GIDAppCheck *)appCheck API_AVAILABLE(ios(14)); #endif // TARGET_OS_IOS || !TARGET_OS_MACCATALYST diff --git a/GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h b/GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h index 7bc0014a..e6bd3407 100644 --- a/GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h +++ b/GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h @@ -26,7 +26,6 @@ @class GIDConfiguration; @class GIDGoogleUser; @class GIDSignInResult; -@protocol GIDAppCheckProvider; NS_ASSUME_NONNULL_BEGIN diff --git a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m index f4e49d26..af853c32 100644 --- a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m +++ b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m @@ -17,9 +17,9 @@ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST #import -#import "FirebaseAppCheck/FIRAppCheckToken.h" +@import AppCheckCore; #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h" +#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" static NSUInteger const timeout = 1; @@ -49,14 +49,15 @@ - (void)testGetLimitedUseTokenFailure { XCTestExpectation *tokenFailExpectation = [self expectationWithDescription:@"App check token fail"]; NSError *expectedError = [NSError errorWithDomain:kGIDAppCheckErrorDomain - code:kGIDAppCheckTokenFetcherTokenError + code:kGIDAppCheckProviderFakeError userInfo:nil]; - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:nil error:expectedError]; - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:self.userDefaults]; - [appCheck getLimitedUseTokenWithCompletion:^(FIRAppCheckToken * _Nullable token, + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:nil error:expectedError]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:self.userDefaults]; + + [appCheck getLimitedUseTokenWithCompletion:^(id _Nullable token, NSError * _Nullable error) { XCTAssertNil(token); XCTAssertEqualObjects(expectedError, error); @@ -70,13 +71,14 @@ - (void)testIsPreparedError { XCTestExpectation *notAlreadyPreparedExpectation = [self expectationWithDescription:@"App check not already prepared error"]; - FIRAppCheckToken *expectedToken = [[FIRAppCheckToken alloc] initWithToken:@"foo" + GACAppCheckToken *expectedToken = [[GACAppCheckToken alloc] initWithToken:@"foo" expirationDate:[NSDate distantFuture]]; // It doesn't matter what we pass for the error since we will check `isPrepared` and make one - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:expectedToken error:nil]; - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:self.userDefaults]; + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:expectedToken error:nil]; + + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:self.userDefaults]; [appCheck prepareForAppCheckWithCompletion:^(NSError * _Nullable error) { XCTAssertNil(error); @@ -88,6 +90,7 @@ - (void)testIsPreparedError { XCTestExpectation *alreadyPreparedExpectation = [self expectationWithDescription:@"App check already prepared error"]; + // Should be no error since multiple calls to prepare should be fine. [appCheck prepareForAppCheckWithCompletion:^(NSError * _Nullable error) { XCTAssertNil(error); [alreadyPreparedExpectation fulfill]; @@ -101,13 +104,14 @@ - (void)testIsPreparedError { - (void)testGetLimitedUseTokenSucceeds { XCTestExpectation *prepareExpectation = [self expectationWithDescription:@"Prepare for App Check expectation"]; - FIRAppCheckToken *expectedToken = [[FIRAppCheckToken alloc] initWithToken:@"foo" + + GACAppCheckToken *expectedToken = [[GACAppCheckToken alloc] initWithToken:@"foo" expirationDate:[NSDate distantFuture]]; - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:expectedToken error:nil]; - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:self.userDefaults]; + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:expectedToken error:nil]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:self.userDefaults]; [appCheck prepareForAppCheckWithCompletion:^(NSError * _Nullable error) { XCTAssertNil(error); @@ -122,7 +126,7 @@ - (void)testGetLimitedUseTokenSucceeds { XCTestExpectation *getLimitedUseTokenSucceedsExpectation = [self expectationWithDescription:@"getLimitedUseToken should succeed"]; - [appCheck getLimitedUseTokenWithCompletion:^(FIRAppCheckToken * _Nullable token, + [appCheck getLimitedUseTokenWithCompletion:^(id _Nullable token, NSError * _Nullable error) { XCTAssertNil(error); XCTAssertNotNil(token); @@ -142,13 +146,13 @@ - (void)testAsyncCompletions { XCTestExpectation *secondPrepareExpectation = [self expectationWithDescription:@"Second async prepare for App Check expectation"]; - FIRAppCheckToken *expectedToken = [[FIRAppCheckToken alloc] initWithToken:@"foo" + GACAppCheckToken *expectedToken = [[GACAppCheckToken alloc] initWithToken:@"foo" expirationDate:[NSDate distantFuture]]; - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:expectedToken error:nil]; - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:self.userDefaults]; + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:expectedToken error:nil]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:self.userDefaults]; dispatch_async(dispatch_get_main_queue(), ^{ [appCheck prepareForAppCheckWithCompletion:^(NSError * _Nullable error) { diff --git a/GoogleSignIn/Tests/Unit/GIDSignInTest.m b/GoogleSignIn/Tests/Unit/GIDSignInTest.m index a0777ddb..f7b3e1d6 100644 --- a/GoogleSignIn/Tests/Unit/GIDSignInTest.m +++ b/GoogleSignIn/Tests/Unit/GIDSignInTest.m @@ -34,9 +34,9 @@ #import "GoogleSignIn/Sources/GIDSignInPreferences.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import "FirebaseAppCheck/FIRAppCheckToken.h" +@import AppCheckCore; #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" -#import "GoogleSignIn/Sources/GIDAppCheckTokenFetcher/Implementations/GIDAppCheckTokenFetcherFake.h" +#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" #import "GoogleSignIn/Sources/GIDEMMErrorHandler.h" #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST @@ -389,23 +389,22 @@ - (void)testConfigureSucceeds { XCTestExpectation *configureSucceedsExpecation = [self expectationWithDescription:@"Configure succeeds expectation"]; - FIRAppCheckToken *token = [[FIRAppCheckToken alloc] initWithToken:@"foo" + GACAppCheckToken *token = [[GACAppCheckToken alloc] initWithToken:@"foo" expirationDate:[NSDate distantFuture]]; - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:token error:nil]; - GIDAppCheck *appCheckProvider = - [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:_testUserDefaults]; + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:token error:nil]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:_testUserDefaults]; GIDSignIn *signIn = [[GIDSignIn alloc] initWithKeychainStore:_keychainStore - appCheckProvider:appCheckProvider]; + appCheck:appCheck]; [signIn configureWithCompletion:^(NSError * _Nullable error) { XCTAssertNil(error); [configureSucceedsExpecation fulfill]; }]; [self waitForExpectations:@[configureSucceedsExpecation] timeout:1]; - XCTAssertTrue(appCheckProvider.isPrepared); + XCTAssertTrue(appCheck.isPrepared); } } @@ -414,14 +413,14 @@ - (void)testConfigureFailsNoTokenOrError { XCTestExpectation *configureFailsExpecation = [self expectationWithDescription:@"Configure fails expectation"]; - GIDAppCheckTokenFetcherFake *tokenFetcher = - [[GIDAppCheckTokenFetcherFake alloc] initWithAppCheckToken:nil error:nil]; - GIDAppCheck *appCheckProvider = - [[GIDAppCheck alloc] initWithAppCheckTokenFetcher:tokenFetcher - userDefaults:_testUserDefaults]; + GIDAppCheckProviderFake *fakeProvider = + [[GIDAppCheckProviderFake alloc] initWithAppCheckToken:nil error:nil]; + GIDAppCheck *appCheck = + [[GIDAppCheck alloc] initWithAppCheckProvider:fakeProvider + userDefaults:_testUserDefaults]; GIDSignIn *signIn = [[GIDSignIn alloc] initWithKeychainStore:_keychainStore - appCheckProvider:appCheckProvider]; + appCheck:appCheck]; // `configureWithCompletion:` should fail if neither a token or error is present [signIn configureWithCompletion:^(NSError * _Nullable error) { @@ -431,7 +430,7 @@ - (void)testConfigureFailsNoTokenOrError { }]; [self waitForExpectations:@[configureFailsExpecation] timeout:1]; - XCTAssertFalse(appCheckProvider.isPrepared); + XCTAssertFalse(appCheck.isPrepared); } } #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST diff --git a/Package.swift b/Package.swift index 6a3bb162..cea6fbb5 100644 --- a/Package.swift +++ b/Package.swift @@ -71,7 +71,7 @@ let package = Package( name: "GoogleSignIn", dependencies: [ .product(name: "AppAuth", package: "AppAuth"), - .product(name: "FirebaseAppCheck", package: "Firebase"), + .product(name: "AppCheckCore", package: "Firebase"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), ], @@ -108,7 +108,7 @@ let package = Package( "GoogleSignIn", "OCMock", .product(name: "AppAuth", package: "AppAuth"), - .product(name: "FirebaseAppCheck", package: "Firebase"), + .product(name: "AppCheckCore", package: "Firebase"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), .product(name: "GULMethodSwizzler", package: "GoogleUtilities"), From 743f1cd3080f056e797b1e9172dabdd9e5a9140b Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 26 Jul 2023 18:06:27 -0700 Subject: [PATCH 04/18] Use more granular imports for AppCheckCore --- .../Implementations/Fake/GIDAppCheckProviderFake.h | 4 +++- .../Sources/GIDAppCheck/Implementations/GIDAppCheck.h | 1 - .../Sources/GIDAppCheck/Implementations/GIDAppCheck.m | 3 ++- GoogleSignIn/Sources/GIDSignIn.m | 4 ++-- GoogleSignIn/Tests/Unit/GIDAppCheckTest.m | 2 +- GoogleSignIn/Tests/Unit/GIDSignInTest.m | 2 +- 6 files changed, 9 insertions(+), 7 deletions(-) diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h index f902270d..6484cf54 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h @@ -16,7 +16,9 @@ #import #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@import AppCheckCore; +#import + +@class GACAppCheckToken; NS_ASSUME_NONNULL_BEGIN diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h index f9fc02dd..705e8dc7 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h @@ -18,7 +18,6 @@ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@import AppCheckCore; #import NS_ASSUME_NONNULL_BEGIN diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index 65c0991a..eae301e3 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -15,7 +15,8 @@ */ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@import AppCheckCore; +#import +#import #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" diff --git a/GoogleSignIn/Sources/GIDSignIn.m b/GoogleSignIn/Sources/GIDSignIn.m index 521af046..f9c7f77a 100644 --- a/GoogleSignIn/Sources/GIDSignIn.m +++ b/GoogleSignIn/Sources/GIDSignIn.m @@ -28,9 +28,9 @@ #import "GoogleSignIn/Sources/GIDScopes.h" #import "GoogleSignIn/Sources/GIDSignInCallbackSchemes.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@import AppCheckCore; -#import "GoogleSignIn/Sources/GIDAppCheck/UI/GIDActivityIndicatorViewController.h" +#import #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" +#import "GoogleSignIn/Sources/GIDAppCheck/UI/GIDActivityIndicatorViewController.h" #import "GoogleSignIn/Sources/GIDAuthStateMigration.h" #import "GoogleSignIn/Sources/GIDEMMErrorHandler.h" #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST diff --git a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m index af853c32..2f63d67b 100644 --- a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m +++ b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m @@ -17,7 +17,7 @@ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST #import -@import AppCheckCore; +#import #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" diff --git a/GoogleSignIn/Tests/Unit/GIDSignInTest.m b/GoogleSignIn/Tests/Unit/GIDSignInTest.m index f7b3e1d6..400e09fb 100644 --- a/GoogleSignIn/Tests/Unit/GIDSignInTest.m +++ b/GoogleSignIn/Tests/Unit/GIDSignInTest.m @@ -34,7 +34,7 @@ #import "GoogleSignIn/Sources/GIDSignInPreferences.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -@import AppCheckCore; +#import #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" #import "GoogleSignIn/Sources/GIDEMMErrorHandler.h" From 250dc8c751cac106c326b535d0e702b63c43fc89 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Thu, 27 Jul 2023 13:48:05 -0700 Subject: [PATCH 05/18] Fix some app check imports for iOS --- .../GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m | 3 +-- GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h | 3 +++ GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m index f7c26295..b001c5c8 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m @@ -12,10 +12,9 @@ // See the License for the specific language governing permissions and // limitations under the License. -#import +#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h" NSUInteger const kGIDAppCheckProviderFakeError = 1; diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h index 705e8dc7..9625510c 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h @@ -22,6 +22,9 @@ NS_ASSUME_NONNULL_BEGIN +@protocol GACAppCheckProvider; +@protocol GACAppCheckTokenProtocol; + extern NSString *const kGIDAppCheckPreparedKey; NS_CLASS_AVAILABLE_IOS(14) diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index eae301e3..6f5ba852 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -14,6 +14,8 @@ * limitations under the License. */ +#import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" + #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST #import #import From 6db74a03974531f551f6a2ec963af4bf5ff0d6bd Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Thu, 27 Jul 2023 15:25:00 -0700 Subject: [PATCH 06/18] Fix imports for Cocoapods Also remove app attest provider used in sample app that is no longer needed. --- GoogleSignIn.podspec | 2 +- .../Fake/GIDAppCheckProviderFake.m | 2 ++ .../GIDAppCheck/Implementations/GIDAppCheck.m | 8 ++++++-- .../AppAttestExample.xcodeproj/project.pbxproj | 4 ---- .../AppAttestExample/AppAttestExampleApp.swift | 10 ---------- .../BirthdayAppCheckProviderFactory.swift | 18 +++++++++--------- Samples/Swift/AppAttestExample/Podfile | 1 + 7 files changed, 19 insertions(+), 26 deletions(-) diff --git a/GoogleSignIn.podspec b/GoogleSignIn.podspec index c4ac124c..78b315d0 100644 --- a/GoogleSignIn.podspec +++ b/GoogleSignIn.podspec @@ -33,7 +33,7 @@ The Google Sign-In SDK allows users to sign in with their Google account from th ] s.ios.framework = 'UIKit' s.osx.framework = 'AppKit' - s.dependency 'FirebaseAppCheck', '~> 10.0' + s.dependency 'AppCheckCore', '~> 10.13' s.dependency 'AppAuth', '~> 1.6' s.dependency 'GTMAppAuth', '~> 4.0' s.dependency 'GTMSessionFetcher/Core', '>= 1.1', '< 4.0' diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m index b001c5c8..8dc61095 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.m @@ -16,6 +16,8 @@ #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST +#import + NSUInteger const kGIDAppCheckProviderFakeError = 1; @interface GIDAppCheckProviderFake () diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index 6f5ba852..5d57d16d 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -17,8 +17,11 @@ #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST -#import + #import +#import +#import +#import #import "GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h" #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" @@ -32,7 +35,8 @@ static NSString *const kGSIAppAttestBaseURL = @"https://firebaseappcheck.googleapis.com/v1beta"; typedef void (^GIDAppCheckPrepareCompletion)(NSError * _Nullable); -typedef void (^GIDAppCheckTokenCompletion)(id _Nullable, NSError * _Nullable); +typedef void (^GIDAppCheckTokenCompletion)(id _Nullable, + NSError * _Nullable); @interface GIDAppCheck () diff --git a/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj b/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj index 344a6773..9240c11c 100644 --- a/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj +++ b/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj @@ -13,7 +13,6 @@ 73A464062A1C3B3400BA8528 /* ContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 73A464052A1C3B3400BA8528 /* ContentView.swift */; }; 73A4640B2A1C3B3500BA8528 /* Preview Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 73A4640A2A1C3B3500BA8528 /* Preview Assets.xcassets */; }; 73BC0EB22A57609D00C3DDE5 /* GoogleService-Info.plist in Resources */ = {isa = PBXBuildFile; fileRef = 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */; }; - 73BD4BB52A390CFE00A48E3C /* BirthdayAppCheckProviderFactory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 73BD4BB42A390CFE00A48E3C /* BirthdayAppCheckProviderFactory.swift */; }; /* End PBXBuildFile section */ /* Begin PBXFileReference section */ @@ -25,7 +24,6 @@ 73A464052A1C3B3400BA8528 /* ContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContentView.swift; sourceTree = ""; }; 73A4640A2A1C3B3500BA8528 /* Preview Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = "Preview Assets.xcassets"; sourceTree = ""; }; 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "GoogleService-Info.plist"; sourceTree = ""; }; - 73BD4BB42A390CFE00A48E3C /* BirthdayAppCheckProviderFactory.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BirthdayAppCheckProviderFactory.swift; sourceTree = ""; }; 7D9832F2FFAF408698660CA8 /* Pods-AppAttestExample.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-AppAttestExample.debug.xcconfig"; path = "Target Support Files/Pods-AppAttestExample/Pods-AppAttestExample.debug.xcconfig"; sourceTree = ""; }; 91F3A930BB86D9E0648046BC /* Pods_AppAttestExample.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_AppAttestExample.framework; sourceTree = BUILT_PRODUCTS_DIR; }; /* End PBXFileReference section */ @@ -74,7 +72,6 @@ children = ( 73443A232A55F56900A4932E /* AppAttestExample.entitlements */, 73A464032A1C3B3400BA8528 /* AppAttestExampleApp.swift */, - 73BD4BB42A390CFE00A48E3C /* BirthdayAppCheckProviderFactory.swift */, 73A464052A1C3B3400BA8528 /* ContentView.swift */, 738D5F722A26BC3B00A7F11B /* BirthdayLoader.swift */, 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */, @@ -215,7 +212,6 @@ files = ( 738D5F732A26BC3B00A7F11B /* BirthdayLoader.swift in Sources */, 73A464062A1C3B3400BA8528 /* ContentView.swift in Sources */, - 73BD4BB52A390CFE00A48E3C /* BirthdayAppCheckProviderFactory.swift in Sources */, 73A464042A1C3B3400BA8528 /* AppAttestExampleApp.swift in Sources */, ); runOnlyForDeploymentPostprocessing = 0; diff --git a/Samples/Swift/AppAttestExample/AppAttestExample/AppAttestExampleApp.swift b/Samples/Swift/AppAttestExample/AppAttestExample/AppAttestExampleApp.swift index cdaa5db2..a540b533 100644 --- a/Samples/Swift/AppAttestExample/AppAttestExample/AppAttestExampleApp.swift +++ b/Samples/Swift/AppAttestExample/AppAttestExample/AppAttestExampleApp.swift @@ -15,8 +15,6 @@ */ import SwiftUI -import FirebaseCore -import FirebaseAppCheck import GoogleSignIn class AppDelegate: NSObject, UIApplicationDelegate { @@ -24,14 +22,6 @@ class AppDelegate: NSObject, UIApplicationDelegate { _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey : Any]? = nil ) -> Bool { - #if targetEnvironment(simulator) - let debugProvider = AppCheckDebugProviderFactory() - AppCheck.setAppCheckProviderFactory(debugProvider) - #else - AppCheck.setAppCheckProviderFactory(BirthdayAppCheckProviderFactory()) - #endif - FirebaseApp.configure() - GIDSignIn.sharedInstance.configureWithCompletion { error in if let error { print("Error configuring `GIDSignIn` for Firebase App Check: \(error)") diff --git a/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift b/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift index baf501b0..b967718d 100644 --- a/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift +++ b/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift @@ -14,12 +14,12 @@ * limitations under the License. */ -import FirebaseCore -import FirebaseAppCheck - -class BirthdayAppCheckProviderFactory: NSObject, AppCheckProviderFactory { - func createProvider(with app: FirebaseApp) -> AppCheckProvider? { - return AppAttestProvider(app: app) - } -} - +//import FirebaseCore +//import FirebaseAppCheck +// +//class BirthdayAppCheckProviderFactory: NSObject, AppCheckProviderFactory { +// func createProvider(with app: FirebaseApp) -> AppCheckProvider? { +// return AppAttestProvider(app: app) +// } +//} +// diff --git a/Samples/Swift/AppAttestExample/Podfile b/Samples/Swift/AppAttestExample/Podfile index def77737..c1e91c8b 100644 --- a/Samples/Swift/AppAttestExample/Podfile +++ b/Samples/Swift/AppAttestExample/Podfile @@ -5,5 +5,6 @@ project 'AppAttestExample.xcodeproj' use_frameworks! :linkage => :static target 'AppAttestExample' do + pod 'AppCheckCore', :git => 'https://github.com/firebase/firebase-ios-sdk.git', :branch => 'app-check-core' platform :ios, '14.0' end From d36d7af27f20d8f6c74cee09731093c96cb37c43 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Fri, 28 Jul 2023 12:31:51 -0700 Subject: [PATCH 07/18] Update indentation --- GoogleSignIn/Sources/GIDSignIn.m | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/GoogleSignIn/Sources/GIDSignIn.m b/GoogleSignIn/Sources/GIDSignIn.m index f9c7f77a..59275bed 100644 --- a/GoogleSignIn/Sources/GIDSignIn.m +++ b/GoogleSignIn/Sources/GIDSignIn.m @@ -478,9 +478,9 @@ + (GIDSignIn *)sharedInstance { - (void)configureWithCompletion:(nullable void (^)(NSError * _Nullable))completion { @synchronized(self) { [_appCheck prepareForAppCheckWithCompletion:^(NSError * _Nullable error) { - if (completion) { - completion(error); - } + if (completion) { + completion(error); + } }]; } } From 2c129b65b432b7fa2afcf849bee94d911ec8757b Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Fri, 28 Jul 2023 12:38:25 -0700 Subject: [PATCH 08/18] Add Info.plist --- .../AppAttestExample/Info.plist | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 Samples/Swift/AppAttestExample/AppAttestExample/Info.plist diff --git a/Samples/Swift/AppAttestExample/AppAttestExample/Info.plist b/Samples/Swift/AppAttestExample/AppAttestExample/Info.plist new file mode 100644 index 00000000..b9179a51 --- /dev/null +++ b/Samples/Swift/AppAttestExample/AppAttestExample/Info.plist @@ -0,0 +1,21 @@ + + + + + CFBundleURLTypes + + + CFBundleTypeRole + Editor + CFBundleURLName + com.googleusercontent.apps.665845761721-a9g0c1k6buv131av6nnmburou5scd63h + CFBundleURLSchemes + + com.googleusercontent.apps.665845761721-a9g0c1k6buv131av6nnmburou5scd63h + + + + GIDClientID + 665845761721-a9g0c1k6buv131av6nnmburou5scd63h.apps.googleusercontent.com + + From ae903a78f47f31911efc2f94d67ae5ad7b1e3b50 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Fri, 28 Jul 2023 15:13:30 -0700 Subject: [PATCH 09/18] Remove reference to GoogleService-Info file in pbxproj --- .../AppAttestExample.xcodeproj/project.pbxproj | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj b/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj index 9240c11c..342a46fe 100644 --- a/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj +++ b/Samples/Swift/AppAttestExample/AppAttestExample.xcodeproj/project.pbxproj @@ -12,7 +12,6 @@ 73A464042A1C3B3400BA8528 /* AppAttestExampleApp.swift in Sources */ = {isa = PBXBuildFile; fileRef = 73A464032A1C3B3400BA8528 /* AppAttestExampleApp.swift */; }; 73A464062A1C3B3400BA8528 /* ContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 73A464052A1C3B3400BA8528 /* ContentView.swift */; }; 73A4640B2A1C3B3500BA8528 /* Preview Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 73A4640A2A1C3B3500BA8528 /* Preview Assets.xcassets */; }; - 73BC0EB22A57609D00C3DDE5 /* GoogleService-Info.plist in Resources */ = {isa = PBXBuildFile; fileRef = 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */; }; /* End PBXBuildFile section */ /* Begin PBXFileReference section */ @@ -23,7 +22,6 @@ 73A464032A1C3B3400BA8528 /* AppAttestExampleApp.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppAttestExampleApp.swift; sourceTree = ""; }; 73A464052A1C3B3400BA8528 /* ContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContentView.swift; sourceTree = ""; }; 73A4640A2A1C3B3500BA8528 /* Preview Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = "Preview Assets.xcassets"; sourceTree = ""; }; - 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "GoogleService-Info.plist"; sourceTree = ""; }; 7D9832F2FFAF408698660CA8 /* Pods-AppAttestExample.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-AppAttestExample.debug.xcconfig"; path = "Target Support Files/Pods-AppAttestExample/Pods-AppAttestExample.debug.xcconfig"; sourceTree = ""; }; 91F3A930BB86D9E0648046BC /* Pods_AppAttestExample.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_AppAttestExample.framework; sourceTree = BUILT_PRODUCTS_DIR; }; /* End PBXFileReference section */ @@ -74,7 +72,6 @@ 73A464032A1C3B3400BA8528 /* AppAttestExampleApp.swift */, 73A464052A1C3B3400BA8528 /* ContentView.swift */, 738D5F722A26BC3B00A7F11B /* BirthdayLoader.swift */, - 73BC0EB12A57609D00C3DDE5 /* GoogleService-Info.plist */, 73A464092A1C3B3500BA8528 /* Preview Content */, ); path = AppAttestExample; @@ -157,7 +154,6 @@ buildActionMask = 2147483647; files = ( 73A4640B2A1C3B3500BA8528 /* Preview Assets.xcassets in Resources */, - 73BC0EB22A57609D00C3DDE5 /* GoogleService-Info.plist in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; From 9146a8057248c9e4608e44d21633fef263a707fe Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Fri, 28 Jul 2023 16:19:54 -0700 Subject: [PATCH 10/18] Remove unnecessary app check provider factory --- .../BirthdayAppCheckProviderFactory.swift | 25 ------------------- 1 file changed, 25 deletions(-) delete mode 100644 Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift diff --git a/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift b/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift deleted file mode 100644 index b967718d..00000000 --- a/Samples/Swift/AppAttestExample/AppAttestExample/BirthdayAppCheckProviderFactory.swift +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -//import FirebaseCore -//import FirebaseAppCheck -// -//class BirthdayAppCheckProviderFactory: NSObject, AppCheckProviderFactory { -// func createProvider(with app: FirebaseApp) -> AppCheckProvider? { -// return AppAttestProvider(app: app) -// } -//} -// From 73683a14cd2bf809501465e54aa188574cc81103 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Tue, 1 Aug 2023 11:57:54 -0700 Subject: [PATCH 11/18] Update deps to use new app-check repo --- GoogleSignIn.podspec | 2 +- Package.swift | 9 ++++----- Samples/Swift/AppAttestExample/Podfile | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/GoogleSignIn.podspec b/GoogleSignIn.podspec index 78b315d0..46e1f1e8 100644 --- a/GoogleSignIn.podspec +++ b/GoogleSignIn.podspec @@ -33,7 +33,7 @@ The Google Sign-In SDK allows users to sign in with their Google account from th ] s.ios.framework = 'UIKit' s.osx.framework = 'AppKit' - s.dependency 'AppCheckCore', '~> 10.13' + s.dependency 'AppCheckCore', '~> 1.0' s.dependency 'AppAuth', '~> 1.6' s.dependency 'GTMAppAuth', '~> 4.0' s.dependency 'GTMSessionFetcher/Core', '>= 1.1', '< 4.0' diff --git a/Package.swift b/Package.swift index cea6fbb5..5f37817d 100644 --- a/Package.swift +++ b/Package.swift @@ -46,9 +46,8 @@ let package = Package( url: "https://github.com/openid/AppAuth-iOS.git", "1.6.0" ..< "2.0.0"), .package( - name: "Firebase", - url: "https://github.com/firebase/firebase-ios-sdk.git", - .branch("app-check-core")), + name: "AppCheckCore", + url: "https://github.com/google/app-check.git", .package( name: "GTMAppAuth", url: "https://github.com/google/GTMAppAuth.git", @@ -71,7 +70,7 @@ let package = Package( name: "GoogleSignIn", dependencies: [ .product(name: "AppAuth", package: "AppAuth"), - .product(name: "AppCheckCore", package: "Firebase"), + .product(name: "AppCheckCore", package: "AppCheckCore"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), ], @@ -108,7 +107,7 @@ let package = Package( "GoogleSignIn", "OCMock", .product(name: "AppAuth", package: "AppAuth"), - .product(name: "AppCheckCore", package: "Firebase"), + .product(name: "AppCheckCore", package: "AppCheckCore"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), .product(name: "GULMethodSwizzler", package: "GoogleUtilities"), diff --git a/Samples/Swift/AppAttestExample/Podfile b/Samples/Swift/AppAttestExample/Podfile index c1e91c8b..93f3024b 100644 --- a/Samples/Swift/AppAttestExample/Podfile +++ b/Samples/Swift/AppAttestExample/Podfile @@ -5,6 +5,6 @@ project 'AppAttestExample.xcodeproj' use_frameworks! :linkage => :static target 'AppAttestExample' do - pod 'AppCheckCore', :git => 'https://github.com/firebase/firebase-ios-sdk.git', :branch => 'app-check-core' + pod 'AppCheckCore', :git => 'https://github.com/google/app-check.git' platform :ios, '14.0' end From 935c13caaf5f3a08458353cd279b7e9d64df61bf Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Tue, 1 Aug 2023 15:22:27 -0700 Subject: [PATCH 12/18] Use new AppCheckCore dependency and related github repo --- .github/workflows/unit_tests.yml | 1 + GoogleSignIn.podspec | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index d2ec3f52..f7cddc21 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -32,6 +32,7 @@ jobs: - name: Lint podspec using local source run: | pod lib lint ${{ matrix.podspec }} --verbose \ + --sources=https://github.com/firebase/SpecsDev.git,https://cdn.cocoapods.org/ \ ${{ matrix.includePodspecFlag }} ${{ matrix.flag }} spm-build-test: diff --git a/GoogleSignIn.podspec b/GoogleSignIn.podspec index 46e1f1e8..8dc255a9 100644 --- a/GoogleSignIn.podspec +++ b/GoogleSignIn.podspec @@ -33,7 +33,7 @@ The Google Sign-In SDK allows users to sign in with their Google account from th ] s.ios.framework = 'UIKit' s.osx.framework = 'AppKit' - s.dependency 'AppCheckCore', '~> 1.0' + s.dependency 'AppCheckCore', '~> 0.1.0-alpha' s.dependency 'AppAuth', '~> 1.6' s.dependency 'GTMAppAuth', '~> 4.0' s.dependency 'GTMSessionFetcher/Core', '>= 1.1', '< 4.0' From 36f6a9ca38bedbf67b9d8869b051bdff9548b868 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Tue, 1 Aug 2023 15:38:06 -0700 Subject: [PATCH 13/18] Update Podfile to use new AppCheckCore github tag --- Samples/Swift/AppAttestExample/Podfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Samples/Swift/AppAttestExample/Podfile b/Samples/Swift/AppAttestExample/Podfile index 93f3024b..2a5c41a5 100644 --- a/Samples/Swift/AppAttestExample/Podfile +++ b/Samples/Swift/AppAttestExample/Podfile @@ -5,6 +5,6 @@ project 'AppAttestExample.xcodeproj' use_frameworks! :linkage => :static target 'AppAttestExample' do - pod 'AppCheckCore', :git => 'https://github.com/google/app-check.git' + pod 'AppCheckCore', :git => 'https://github.com/google/app-check.git', :tag => 'CocoaPods-0.1.0-alpha.1' platform :ios, '14.0' end From 190c28ba97fa45e63421ea3f40c3766f3bf695e8 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Tue, 1 Aug 2023 15:53:34 -0700 Subject: [PATCH 14/18] Update AppCheckCore dependency to use tag in Package.swift --- Package.swift | 1 + 1 file changed, 1 insertion(+) diff --git a/Package.swift b/Package.swift index 5f37817d..970a612e 100644 --- a/Package.swift +++ b/Package.swift @@ -48,6 +48,7 @@ let package = Package( .package( name: "AppCheckCore", url: "https://github.com/google/app-check.git", + .branch("CocoaPods-0.1.0-alpha.1")), .package( name: "GTMAppAuth", url: "https://github.com/google/GTMAppAuth.git", From 737b1ea3b77c0c44bb76c2913f83a0ac0f980b9a Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 2 Aug 2023 10:56:47 -0700 Subject: [PATCH 15/18] Respond to review comments Standardize constant names to use kGID prefix; improve documentation; add an -init method to GIDAppCheck to allow callers use default values for NSUserDefaults and GACAppCheckProvider. --- .../Fake/GIDAppCheckProviderFake.h | 9 ++-- .../GIDAppCheck/Implementations/GIDAppCheck.h | 12 ++++-- .../GIDAppCheck/Implementations/GIDAppCheck.m | 42 ++++++++++++------- GoogleSignIn/Sources/GIDSignIn.m | 3 +- 4 files changed, 42 insertions(+), 24 deletions(-) diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h index 6484cf54..2f0d64b8 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/Fake/GIDAppCheckProviderFake.h @@ -27,14 +27,13 @@ extern NSUInteger const kGIDAppCheckProviderFakeError; NS_CLASS_AVAILABLE_IOS(14) @interface GIDAppCheckProviderFake : NSObject -/// Creates an instance with the provided app check token and error. +/// Creates an instance conforming to `GACAppCheckProvider` with the provided app check token and +/// error. /// -/// This protocol is mainly used for testing purposes so that the token fetching from Firebase App -/// Check can be faked. /// @param token The `GACAppCheckToken` instance to pass into the completion called from -/// `getTokenWithCompletion:`. +/// `getTokenWithCompletion:`. /// @param error The `NSError` to pass into the completion called from -/// `getTokenWithCompletion:`. +/// `getTokenWithCompletion:`. - (instancetype)initWithAppCheckToken:(nullable GACAppCheckToken *)token error:(nullable NSError *)error; diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h index 9625510c..68d0a44e 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.h @@ -30,7 +30,13 @@ extern NSString *const kGIDAppCheckPreparedKey; NS_CLASS_AVAILABLE_IOS(14) @interface GIDAppCheck : NSObject -- (instancetype)init NS_UNAVAILABLE; +/// Creates the instance of this App Check wrapper class. +/// +/// The instance is created using `+[NSUserDefaults standardUserDefaults]` and the standard App +/// Check provider. +/// +/// @SeeAlso The App Check provider is constructed with `+[GIDAppCheck standardAppCheckProvider]`. +- (instancetype)init; /// Creates the instance of this App Check wrapper class. /// @@ -38,8 +44,8 @@ NS_CLASS_AVAILABLE_IOS(14) /// then a default implementation will be used. /// @param userDefaults The instance of `NSUserDefaults` that `GIDAppCheck` will use to store its /// preparation status. If nil, `GIDAppCheck` will use `-[NSUserDefaults standardUserDefaults]`. -- (instancetype)initWithAppCheckProvider:(nullable id)appCheckProvider - userDefaults:(nullable NSUserDefaults *)userDefaults; +- (instancetype)initWithAppCheckProvider:(id)appCheckProvider + userDefaults:(NSUserDefaults *)userDefaults NS_DESIGNATED_INITIALIZER; /// Prewarms the library for App Check by asking Firebase App Check to generate the App Attest key /// id and perform the initial attestation process (if needed). diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index 5d57d16d..50d13f61 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -29,10 +29,10 @@ NSErrorDomain const kGIDAppCheckErrorDomain = @"com.google.GIDAppCheck"; NSString *const kGIDAppCheckPreparedKey = @"com.google.GIDAppCheckPreparedKey"; -static NSString *const kConfigClientIDKey = @"GIDClientID"; -static NSString *const kGSIAppAttestServiceName = @"GoogleSignIn-iOS"; -static NSString *const kGSIAppAttestResourceNameFormat = @"oauthClients/%@"; -static NSString *const kGSIAppAttestBaseURL = @"https://firebaseappcheck.googleapis.com/v1beta"; +static NSString *const kGIDConfigClientIDKey = @"GIDClientID"; +static NSString *const kGIDAppAttestServiceName = @"GoogleSignIn-iOS"; +static NSString *const kGIDAppAttestResourceNameFormat = @"oauthClients/%@"; +static NSString *const kGIDAppAttestBaseURL = @"https://firebaseappcheck.googleapis.com/v1beta"; typedef void (^GIDAppCheckPrepareCompletion)(NSError * _Nullable); typedef void (^GIDAppCheckTokenCompletion)(id _Nullable, @@ -50,19 +50,33 @@ @interface GIDAppCheck () @implementation GIDAppCheck -- (instancetype)initWithAppCheckProvider:(nullable id)appCheckProvider - userDefaults:(nullable NSUserDefaults *)userDefaults { +- (instancetype)init { if (self = [super init]) { - id provider = appCheckProvider ?: [GIDAppCheck standardAppCheckProvider]; + _appCheck = [[GACAppCheck alloc] initWithServiceName:kGIDConfigClientIDKey + resourceName:[GIDAppCheck appAttestResourceName] + appCheckProvider:[GIDAppCheck standardAppCheckProvider] + settings:[[GACAppCheckSettings alloc] init] + tokenDelegate:nil + keychainAccessGroup:nil]; - _appCheck = [[GACAppCheck alloc] initWithServiceName:kConfigClientIDKey + _userDefaults = [NSUserDefaults standardUserDefaults]; + _workerQueue = dispatch_queue_create("com.google.googlesignin.GIDAppCheckWorkerQueue", nil); + _prepareCompletions = [NSMutableArray array]; + _preparing = NO; + } +} + +- (instancetype)initWithAppCheckProvider:(id)appCheckProvider + userDefaults:(NSUserDefaults *)userDefaults { + if (self = [super init]) { + _appCheck = [[GACAppCheck alloc] initWithServiceName:kGIDConfigClientIDKey resourceName:[GIDAppCheck appAttestResourceName] - appCheckProvider:provider + appCheckProvider:appCheckProvider settings:[[GACAppCheckSettings alloc] init] tokenDelegate:nil keychainAccessGroup:nil]; - _userDefaults = userDefaults ?: [NSUserDefaults standardUserDefaults]; + _userDefaults = userDefaults; _workerQueue = dispatch_queue_create("com.google.googlesignin.GIDAppCheckWorkerQueue", nil); _prepareCompletions = [NSMutableArray array]; _preparing = NO; @@ -148,14 +162,14 @@ - (void)getLimitedUseTokenWithCompletion:(nullable GIDAppCheckTokenCompletion)co } + (NSString *)appAttestResourceName { - NSString *clientID = [NSBundle.mainBundle objectForInfoDictionaryKey:kConfigClientIDKey]; - return [NSString stringWithFormat:kGSIAppAttestResourceNameFormat, clientID]; + NSString *clientID = [NSBundle.mainBundle objectForInfoDictionaryKey:kGIDConfigClientIDKey]; + return [NSString stringWithFormat:kGIDAppAttestResourceNameFormat, clientID]; } + (id)standardAppCheckProvider { - return [[GACAppAttestProvider alloc] initWithServiceName:kGSIAppAttestServiceName + return [[GACAppAttestProvider alloc] initWithServiceName:kGIDAppAttestServiceName resourceName:[GIDAppCheck appAttestResourceName] - baseURL:kGSIAppAttestBaseURL + baseURL:kGIDAppAttestBaseURL APIKey:nil keychainAccessGroup:nil limitedUse:YES diff --git a/GoogleSignIn/Sources/GIDSignIn.m b/GoogleSignIn/Sources/GIDSignIn.m index 59275bed..d2ea2175 100644 --- a/GoogleSignIn/Sources/GIDSignIn.m +++ b/GoogleSignIn/Sources/GIDSignIn.m @@ -459,8 +459,7 @@ + (GIDSignIn *)sharedInstance { [[GTMKeychainStore alloc] initWithItemName:kGTMAppAuthKeychainName]; #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST if (@available(iOS 14.0, *)) { - GIDAppCheck *appCheck = [[GIDAppCheck alloc] initWithAppCheckProvider:nil - userDefaults:nil]; + GIDAppCheck *appCheck = [[GIDAppCheck alloc] init]; sharedInstance = [[self alloc] initWithKeychainStore:keychainStore appCheck:appCheck]; } From dfe567b44b03bf391bbf17a7076c822512d5e465 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 2 Aug 2023 12:14:51 -0700 Subject: [PATCH 16/18] Update Package.swift to use main branch of AppCheckCore AppCheckCore main branch updated to have its own Package.swift; also update convenience initializer on GIDAppCheck to call thru to designated initializer. --- .../GIDAppCheck/Implementations/GIDAppCheck.m | 16 +++------------- Package.swift | 2 +- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m index 50d13f61..3ef6e05b 100644 --- a/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m +++ b/GoogleSignIn/Sources/GIDAppCheck/Implementations/GIDAppCheck.m @@ -51,19 +51,9 @@ @interface GIDAppCheck () @implementation GIDAppCheck - (instancetype)init { - if (self = [super init]) { - _appCheck = [[GACAppCheck alloc] initWithServiceName:kGIDConfigClientIDKey - resourceName:[GIDAppCheck appAttestResourceName] - appCheckProvider:[GIDAppCheck standardAppCheckProvider] - settings:[[GACAppCheckSettings alloc] init] - tokenDelegate:nil - keychainAccessGroup:nil]; - - _userDefaults = [NSUserDefaults standardUserDefaults]; - _workerQueue = dispatch_queue_create("com.google.googlesignin.GIDAppCheckWorkerQueue", nil); - _prepareCompletions = [NSMutableArray array]; - _preparing = NO; - } + id provider = [GIDAppCheck standardAppCheckProvider]; + NSUserDefaults *userDefaults = [NSUserDefaults standardUserDefaults]; + return [self initWithAppCheckProvider:provider userDefaults:userDefaults]; } - (instancetype)initWithAppCheckProvider:(id)appCheckProvider diff --git a/Package.swift b/Package.swift index 970a612e..8ae26dc0 100644 --- a/Package.swift +++ b/Package.swift @@ -48,7 +48,7 @@ let package = Package( .package( name: "AppCheckCore", url: "https://github.com/google/app-check.git", - .branch("CocoaPods-0.1.0-alpha.1")), + .branch("main")), .package( name: "GTMAppAuth", url: "https://github.com/google/GTMAppAuth.git", From 51ce5804692febd21a5c2d612ef2cfb98847d649 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 2 Aug 2023 14:44:44 -0700 Subject: [PATCH 17/18] Update AppCheck package and product names in Package.swift --- Package.swift | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Package.swift b/Package.swift index 8ae26dc0..cd74c50d 100644 --- a/Package.swift +++ b/Package.swift @@ -46,7 +46,7 @@ let package = Package( url: "https://github.com/openid/AppAuth-iOS.git", "1.6.0" ..< "2.0.0"), .package( - name: "AppCheckCore", + name: "AppCheck", url: "https://github.com/google/app-check.git", .branch("main")), .package( @@ -71,7 +71,7 @@ let package = Package( name: "GoogleSignIn", dependencies: [ .product(name: "AppAuth", package: "AppAuth"), - .product(name: "AppCheckCore", package: "AppCheckCore"), + .product(name: "AppCheckCore", package: "AppCheck"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), ], @@ -108,7 +108,7 @@ let package = Package( "GoogleSignIn", "OCMock", .product(name: "AppAuth", package: "AppAuth"), - .product(name: "AppCheckCore", package: "AppCheckCore"), + .product(name: "AppCheckCore", package: "AppCheck"), .product(name: "GTMAppAuth", package: "GTMAppAuth"), .product(name: "GTMSessionFetcherCore", package: "GTMSessionFetcher"), .product(name: "GULMethodSwizzler", package: "GoogleUtilities"), From 003d5c4f984bd27b9f3660394b52622b7b390bf6 Mon Sep 17 00:00:00 2001 From: Matthew Mathias Date: Wed, 2 Aug 2023 15:17:00 -0700 Subject: [PATCH 18/18] Rename test suite name for NSUserDefaults used in GIDAppCheckTest --- GoogleSignIn/Tests/Unit/GIDAppCheckTest.m | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m index 2f63d67b..e84c9a84 100644 --- a/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m +++ b/GoogleSignIn/Tests/Unit/GIDAppCheckTest.m @@ -23,7 +23,7 @@ #import "GoogleSignIn/Sources/Public/GoogleSignIn/GIDAppCheckError.h" static NSUInteger const timeout = 1; -static NSString *const kUserDefaultsSuiteName = @"GIDAppCheckKeySuiteName"; +static NSString *const kUserDefaultsTestSuiteName = @"GIDAppCheckTestKeySuiteName"; NS_CLASS_AVAILABLE_IOS(14) @interface GIDAppCheckTest : XCTestCase @@ -36,13 +36,13 @@ @implementation GIDAppCheckTest - (void)setUp { [super setUp]; - _userDefaults = [[NSUserDefaults alloc] initWithSuiteName:kUserDefaultsSuiteName]; + _userDefaults = [[NSUserDefaults alloc] initWithSuiteName:kUserDefaultsTestSuiteName]; } - (void)tearDown { [super tearDown]; [self.userDefaults removeObjectForKey:kGIDAppCheckPreparedKey]; - [self.userDefaults removeSuiteNamed:kUserDefaultsSuiteName]; + [self.userDefaults removeSuiteNamed:kUserDefaultsTestSuiteName]; } - (void)testGetLimitedUseTokenFailure {