Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add InternalDangerousSettings.forceSignatureFailures #2635

Merged
merged 1 commit into from
Jun 13, 2023
Merged

Add InternalDangerousSettings.forceSignatureFailures #2635

merged 1 commit into from
Jun 13, 2023

Conversation

NachoSoto
Copy link
Contributor

@NachoSoto NachoSoto commented Jun 13, 2023
edited
Loading

Similar to #2486. This will be used for SDK-3181.

- WARN: ⚠️ Returning fake signature verification failure for 'GET /v1/subscribers/$RCAnonymousID:fc0508bea4a74a41bfc9a69db30d925f'
- ERROR: 😿‼️ Request failed signature verification. Request to /v1/subscribers/$RCAnonymousID%3Afc0508bea4a74a41bfc9a69db30d925f failed verification

@NachoSoto NachoSoto added the test label Jun 13, 2023
@NachoSoto NachoSoto requested a review from a team June 13, 2023 16:02
@NachoSoto NachoSoto force-pushed the force-signature-failures branch 2 times, most recently from 9bfd048 to a2fb052 Compare June 13, 2023 17:27
@codecov
Copy link

codecov bot commented Jun 13, 2023
edited
Loading

Codecov Report

Merging #2635 (75b3c76) into main (5ec9d36) will increase coverage by 0.02%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #2635      +/-   ##
==========================================
+ Coverage   86.43%   86.46%   +0.02%     
==========================================
  Files         206      207       +1     
  Lines       14480    14497      +17     
==========================================
+ Hits        12516    12535      +19     
+ Misses       1964     1962       -2
Impacted Files Coverage Δ
Sources/Logging/Strings/NetworkStrings.swift 100.00% <100.00%> (ø)
Sources/Misc/DangerousSettings.swift 100.00% <100.00%> (ø)
Sources/Networking/HTTPClient/HTTPClient.swift 98.39% <100.00%> (+0.04%) ⬆️
Sources/Security/FakeSigning.swift 100.00% <100.00%> (ø)

... and 5 files with indirect coverage changes

@NachoSoto NachoSoto force-pushed the force-signature-failures branch 3 times, most recently from a54de6e to 33bbcf9 Compare June 13, 2023 18:18
@NachoSoto NachoSoto mentioned this pull request Jun 13, 2023
Merged
@NachoSoto
Copy link
Contributor Author

NachoSoto commented Jun 13, 2023
edited
Loading

@tonidero I changed the implementation quite a bit here (it wasn't quite right, but I only noticed when writing the integration tests).

@NachoSoto
Add InternalDangerousSettings.forceSignatureFailures
75b3c76 
Similar to #2486. This will be used for SDK-3181.
@NachoSoto NachoSoto merged commit 06b0f3d into main Jun 13, 2023
@NachoSoto NachoSoto deleted the force-signature-failures branch June 13, 2023 20:43
NachoSoto added a commit that referenced this pull request Jun 13, 2023
@NachoSoto
copy(with: VerificationResult): optimization to avoid copies
f78fba4 
I noticed this could be improved while working on #2635.
@tonidero
Copy link
Contributor

Took a look at the new implementation, looks good!

@RCGitBot RCGitBot mentioned this pull request Jun 21, 2023
Merged
NachoSoto pushed a commit that referenced this pull request Jun 22, 2023
@RCGitBot
[AUTOMATIC] Release/4.22.1 (#2684)
16f3437 
**This is an automatic release.**

### Bugfixes
* `PurchasesOrchestrator`: update `CustomerInfoManager` cache after
processing transactions (#2676) via NachoSoto (@NachoSoto)
* `ErrorResponse`: drastically improved error messages, no more "unknown
error"s (#2660) via NachoSoto (@NachoSoto)
* `PaywallExtensions`: post purchases with `Offering` identifier (#2645)
via NachoSoto (@NachoSoto)
* Support `product_plan_identifier` for purchased subscriptions from
`Google Play` (#2654) via Josh Holtz (@joshdholtz)
### Performance Improvements
* `copy(with: VerificationResult)`: optimization to avoid copies (#2639)
via NachoSoto (@NachoSoto)
### Other Changes
* `ETagManager`: refactored e-tag creation and tests (#2671) via
NachoSoto (@NachoSoto)
* `getPromotionalOffer`: return `ErrorCode.ineligibleError` if receipt
is not found (#2678) via NachoSoto (@NachoSoto)
* `TimingUtil`: removed slow purchase logs (#2677) via NachoSoto
(@NachoSoto)
* `CI`: changed `Codecov` to `informational` (#2670) via NachoSoto
(@NachoSoto)
* `LoadShedderIntegrationTests`: verify requests are actually handled by
load shedder (#2663) via NachoSoto (@NachoSoto)
* `ETagManager.httpResultFromCacheOrBackend`: return response headers
(#2666) via NachoSoto (@NachoSoto)
* `Integration Tests`: added tests to verify 304 behavior (#2659) via
NachoSoto (@NachoSoto)
* `HTTPClient`: disable `URLSession` cache (#2668) via NachoSoto
(@NachoSoto)
* Documented `HTTPStatusCode.isSuccessfullySynced` (#2661) via NachoSoto
(@NachoSoto)
* `NetworkError.signatureVerificationFailed`: added status code to error
`userInfo` (#2657) via NachoSoto (@NachoSoto)
* `HTTPClient`: improved log for failed requests (#2669) via NachoSoto
(@NachoSoto)
* `ETagManager`: added new verbose logs (#2656) via NachoSoto
(@NachoSoto)
* `Signature Verification`: added test-only log for debugging invalid
signatures (#2658) via NachoSoto (@NachoSoto)
* Fixed `HTTPResponse.description` (#2664) via NachoSoto (@NachoSoto)
* Changed `Logger` to use `os_log` (#2608) via NachoSoto (@NachoSoto)
* `MainThreadMonitor`: increased threshold (#2662) via NachoSoto
(@NachoSoto)
* `debugRevenueCatOverlay`: display `receiptURL` (#2652) via NachoSoto
(@NachoSoto)
* `PurchaseTester`: added ability to display `debugRevenueCatOverlay`
(#2653) via NachoSoto (@NachoSoto)
* `debugRevenueCatOverlay`: ability to close on `macOS`/`Catalyst`
(#2649) via NachoSoto (@NachoSoto)
* `debugRevenueCatOverlay`: added support for `macOS` (#2648) via
NachoSoto (@NachoSoto)
* `LoadShedderIntegrationTests`: enable signature verification (#2655)
via NachoSoto (@NachoSoto)
* `ImageSnapshot`: fixed Xcode 15 compilation (#2651) via NachoSoto
(@NachoSoto)
* `OfferingsManager`: don't clear offerings cache timestamp when request
fails (#2359) via NachoSoto (@NachoSoto)
* `StoreKitObserverModeIntegrationTests`: added test for posting
renewals (#2590) via NachoSoto (@NachoSoto)
* Always initialize `StoreKit2TransactionListener` even on SK1 mode
(#2612) via NachoSoto (@NachoSoto)
* `ErrorUtils.missingReceiptFileError`: added receipt URL `userInfo`
context (#2650) via NachoSoto (@NachoSoto)
* Added `.xcprivacy` for Xcode 15 (#2619) via NachoSoto (@NachoSoto)
* `Trusted Entitlements`: added debug log with
`ResponseVerificationMode` (#2647) via NachoSoto (@NachoSoto)
* `debugRevenueCatOverlay`: simplified title (#2641) via NachoSoto
(@NachoSoto)
* Simplified `Purchases.updateAllCachesIfNeeded` (#2626) via NachoSoto
(@NachoSoto)
* `HTTPResponseTests`: fixed disabled test (#2643) via NachoSoto
(@NachoSoto)
* Add `InternalDangerousSettings.forceSignatureFailures` (#2635) via
NachoSoto (@NachoSoto)
* `IntegrationTests`: explicit `StoreKit 1` mode (#2636) via NachoSoto
(@NachoSoto)
* `Signing`: removed API for loading key from a file (#2638) via
NachoSoto (@NachoSoto)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tonidero tonidero tonidero approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NachoSoto @tonidero