From 7a1ebc80fd474b7de83266326b68b55cba2d6f82 Mon Sep 17 00:00:00 2001 From: George Bafaloukas Date: Thu, 1 Sep 2022 16:50:50 +0100 Subject: [PATCH 01/10] WIP updating the securedKey algorithm with newer suggested variant in a non-breaking way --- FRCore/FRCore/Keychain/SecuredKey.swift | 26 ++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/FRCore/FRCore/Keychain/SecuredKey.swift b/FRCore/FRCore/Keychain/SecuredKey.swift index 315a2166..ebcaa9c2 100644 --- a/FRCore/FRCore/Keychain/SecuredKey.swift +++ b/FRCore/FRCore/Keychain/SecuredKey.swift @@ -22,7 +22,7 @@ public struct SecuredKey { /// Public Key of SecuredKey fileprivate var publicKey: SecKey /// Algorithm to be used for encryption/decryption using SecuredKey - fileprivate let algorithm: SecKeyAlgorithm = .eciesEncryptionCofactorX963SHA256AESGCM + fileprivate let oldAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorX963SHA256AESGCM//.eciesEncryptionCofactorVariableIVX963SHA256AESGCM /// Validates whether SecuredKey using Secure Enclave is available on the device or not public static func isAvailable() -> Bool { @@ -161,15 +161,15 @@ public struct SecuredKey { /// Encrypts Data object using SecuredKey object /// - Parameter data: Encrypted Data object - public func encrypt(data: Data) -> Data? { + public func encrypt(data: Data, secAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorVariableIVX963SHA256AESGCM) -> Data? { - guard SecKeyIsAlgorithmSupported(publicKey, .encrypt, algorithm) else { - Log.e("\(algorithm) is not supported on the device.") + guard SecKeyIsAlgorithmSupported(publicKey, .encrypt, secAlgorithm) else { + Log.e("\(oldAlgorithm) is not supported on the device.") return nil } var error: Unmanaged? - let encryptedData = SecKeyCreateEncryptedData(publicKey, algorithm, data as CFData, &error) as Data? + let encryptedData = SecKeyCreateEncryptedData(publicKey, secAlgorithm, data as CFData, &error) as Data? if let error = error { Log.e("Failed to encrypt data: \(error)") } @@ -180,17 +180,25 @@ public struct SecuredKey { /// Decrypts Data object using SecuredKey object /// - Parameter data: Decrypted Data object - public func decrypt(data: Data) -> Data? { + public func decrypt(data: Data, secAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorVariableIVX963SHA256AESGCM) -> Data? { - guard SecKeyIsAlgorithmSupported(privateKey, .decrypt, algorithm) else { - Log.e("\(algorithm) is not supported on the device.") + guard SecKeyIsAlgorithmSupported(privateKey, .decrypt, secAlgorithm) else { + Log.e("\(oldAlgorithm) is not supported on the device.") return nil } var error: Unmanaged? - let decryptedData = SecKeyCreateDecryptedData(privateKey, algorithm, data as CFData, &error) as Data? + let decryptedData = SecKeyCreateDecryptedData(privateKey, secAlgorithm, data as CFData, &error) as Data? if let error = error { Log.e("Failed to decrypt data: \(error)") + var decryptError: Unmanaged? + let decryptedData = SecKeyCreateDecryptedData(privateKey, oldAlgorithm, data as CFData, &decryptError) as Data? + if let decryptError = decryptError { + Log.e("Failed to decrypt data: \(decryptError)") + } else { + return decryptedData + } + } return decryptedData } From 82bccf51f52f110768f6c376bfacd0aaa52e85f3 Mon Sep 17 00:00:00 2001 From: Chris Lee Date: Thu, 13 Oct 2022 15:49:16 +0100 Subject: [PATCH 02/10] Update links for new docs layout. --- README.md | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 4868f1e8..9b092638 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ ยท Docs

-
+

The ForgeRock iOS SDK enables you to quickly integrate the [ForgeRock Identity Platform](https://www.forgerock.com/digital-identity-and-access-management-platform) into your iOS apps. @@ -28,7 +28,7 @@ Use the SDKs to leverage _[Intelligent Authentication](https://www.forgerock.com * ForgeRock Identity Platform * Access Management (AM) 6.5.2+ -* iOS 12 and above +* iOS 12 and above * Xcode * Swift 5.x or Objective-C * CocoaPods or Swift Package Manager (optional) @@ -45,7 +45,7 @@ Use the following pods in your `Podfile` to install FR iOS SDK module(s) if you pod 'FRAuth' // Authentication module for Access Manager pod 'FRUI' // UI SDK demonstrates FRAuth SDK functionalities pod 'FRProximity' // Add-on for FRAuth's Device Profile feature related to location, and BLE -pod 'FRAutheneticator' // Authenticator module that generates HOTP, TOTP, and Push registration/authentication +pod 'FRAuthenticator' // Authenticator module that generates HOTP, TOTP, and Push registration/authentication pod 'FRGoogleSignIn' // Social Login module for Google Sign In pod 'FRFacebookSignIn' // Social Login module for Facebook Login ``` @@ -53,7 +53,7 @@ pod 'FRFacebookSignIn' // Social Login module for Facebook Login ### Swift Package Manager > * The ForgeRock iOS SDK is available via Swift Package Manager from 3.0.0 and above. Any older versions (2.2.0 and below) are only available via Cocoapods. > * `FRGoogleSignIn` module is currently not available in Swift Package Manager; use Cocoapods instead to integrate `FRGoogleSignIn` module. - + 1. In Xcode menus, `File` -> `Swift Packages` -> `Add Package Dependencies...` 2. Select the project to integrate the ForgeRock iOS SDK 3. Enter the url of the repo: `https://github.com/ForgeRock/forgerock-ios-sdk` @@ -66,7 +66,9 @@ pod 'FRFacebookSignIn' // Social Login module for Facebook Login To try out the ForgeRock iOS SDK sample, perform these steps: -1. Setup an Access Management (AM) instance, as described in the [documentation](https://sdks.forgerock.com/ios/01_prepare-am/). +1. Setup Access Management (AM) as described in the documentation: + - [Self-managed AM server](https://backstage.forgerock.com/docs/sdks/latest/serverconfiguration/onpremise/index.html) + - [Identity Cloud tenant](https://backstage.forgerock.com/docs/sdks/latest/serverconfiguration/cloud/index.html) 2. Clone this repo: ``` git clone https://github.com/ForgeRock/forgerock-ios-sdk.git @@ -84,9 +86,9 @@ ForgeRock provides these samples to help demonstrate SDK functionality: - **Swift Sample - `/FRExample/`** - This sample Swift app demonstrates authenticating to an AM instance, both with and without the `FRUser` automatic user interface. - - Other features include: + This sample Swift app demonstrates authenticating to an AM instance, both with and without the `FRUser` automatic user interface. + + Other features include: - OAuth 2.0 access tokens - Logout @@ -94,23 +96,23 @@ ForgeRock provides these samples to help demonstrate SDK functionality: - Get the current user's details - Jailbreak detection - Configure your AM instance settings in the `/FRexampleObjC/FRexampleObjC/Configs/FRAuthConfig.plist` file to use this sample application. + Configure your AM instance settings in the `/FRexampleObjC/FRexampleObjC/Configs/FRAuthConfig.plist` file to use this sample application. - **Objective-C Sample - `/FRexampleObjC/`** - This sample Objective-C app demonstrates authenticating to an AM instance, both with and without the `FRUser` automatic user interface. - - Other features include: + This sample Objective-C app demonstrates authenticating to an AM instance, both with and without the `FRUser` automatic user interface. + + Other features include: - Logout - Collecting device information - Get the current user's details - Jailbreak detection - Configure your AM instance settings in the `/FRExample/FRExample/Configs/FRAuthConfig.plist` file to use this sample application. - + Configure your AM instance settings in the `/FRExample/FRExample/Configs/FRAuthConfig.plist` file to use this sample application. + - **Authenticator App Sample - `/FRAuthenticatorExample/`** - This Authenticator sample app demonstrates HMAC-based, and Time-based One-time Password, and Push Registration and Authentication with ForgeRock's Access Manager. + This Authenticator sample app demonstrates HMAC-based, and Time-based One-time Password, and Push Registration and Authentication with ForgeRock's Access Manager. @@ -118,9 +120,9 @@ ForgeRock provides these samples to help demonstrate SDK functionality: ## Documentation -Documentation for the SDKs is provided at ****, and includes topics such as: +Documentation for the SDKs is provided on **[BackStage](https://backstage.forgerock.com/docs/sdks/latest/whatsnew/)**, and includes topics such as: -* Introducting the SDK Features +* Introducing SDK features * Preparing AM for use with the SDKS * API Reference documentation @@ -134,9 +136,9 @@ If you encounter any issues, be sure to check our **[Troubleshooting](https://ba Support tickets can be raised whenever you need our assistance; here are some examples of when it is appropriate to open a ticket (but not limited to): * Suspected bugs or problems with ForgeRock software. -* Requests for assistance - please look at the **[Documentation](https://sdks.forgerock.com)** and **[Knowledge Base](https://backstage.forgerock.com/knowledge/kb/home/g32324668)** first. +* Requests for assistance - please look at the **[Documentation](https://backstage.forgerock.com/docs/sdks/latest/whatsnew/)** and **[Knowledge Base](https://backstage.forgerock.com/knowledge/kb/home/g32324668)** first. -You can raise a ticket using **[BackStage](https://backstage.forgerock.com/support/tickets)**, our customer support portal that provides one stop access to ForgeRock services. +You can raise a ticket using **[BackStage](https://backstage.forgerock.com/support/tickets)**, our customer support portal that provides one stop access to ForgeRock services. BackStage shows all currently open support tickets and allows you to raise a new one by clicking **New Ticket**. @@ -164,6 +166,6 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file --- -© Copyright 2020 ForgeRock AS. All Rights Reserved +© Copyright 2022 ForgeRock AS. All Rights Reserved [forgerock-logo]: https://www.forgerock.com/themes/custom/forgerock/images/fr-logo-horz-color.svg "ForgeRock Logo" From 9614e5d697ed5dd008fc5f1efbcf2a7e8fd2b3e9 Mon Sep 17 00:00:00 2001 From: George Bafaloukas Date: Mon, 17 Oct 2022 15:55:09 +0100 Subject: [PATCH 03/10] Updated SecuredKey tests --- FRCore/FRCore/Keychain/SecuredKey.swift | 4 +- .../FRCore/Util/SecuredKeyTests.swift | 47 +++++++++++++------ 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/FRCore/FRCore/Keychain/SecuredKey.swift b/FRCore/FRCore/Keychain/SecuredKey.swift index ebcaa9c2..950f8636 100644 --- a/FRCore/FRCore/Keychain/SecuredKey.swift +++ b/FRCore/FRCore/Keychain/SecuredKey.swift @@ -22,7 +22,7 @@ public struct SecuredKey { /// Public Key of SecuredKey fileprivate var publicKey: SecKey /// Algorithm to be used for encryption/decryption using SecuredKey - fileprivate let oldAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorX963SHA256AESGCM//.eciesEncryptionCofactorVariableIVX963SHA256AESGCM + fileprivate let oldAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorX963SHA256AESGCM /// Validates whether SecuredKey using Secure Enclave is available on the device or not public static func isAvailable() -> Bool { @@ -190,7 +190,7 @@ public struct SecuredKey { var error: Unmanaged? let decryptedData = SecKeyCreateDecryptedData(privateKey, secAlgorithm, data as CFData, &error) as Data? if let error = error { - Log.e("Failed to decrypt data: \(error)") + Log.e("Failed to decrypt data - attempting Legacy Algorithm: \(error)") var decryptError: Unmanaged? let decryptedData = SecKeyCreateDecryptedData(privateKey, oldAlgorithm, data as CFData, &decryptError) as Data? if let decryptError = decryptError { diff --git a/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift b/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift index 26ffb57e..58335f2c 100644 --- a/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift +++ b/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift @@ -36,8 +36,7 @@ class SecuredKeyTests: FRBaseTestCase { let testString = "decrypted_text_for_testing".data(using: .utf8)! let encryptedUsingSecuredKey = key1?.encrypt(data: testString) - - let decryptedStringData = self.decrypt(data: encryptedUsingSecuredKey!, privateKey: privateKey, algorithm: .eciesEncryptionCofactorX963SHA256AESGCM) + let decryptedStringData = key1?.decrypt(data: encryptedUsingSecuredKey!) XCTAssertNotNil(decryptedStringData) let decryptedString = String(decoding: decryptedStringData!, as: UTF8.self) XCTAssertEqual(decryptedString, "decrypted_text_for_testing") @@ -63,19 +62,37 @@ class SecuredKeyTests: FRBaseTestCase { SecuredKey.deleteKey(applicationTag: applicationTag2) } + func test_04_test_decrypt_with_legacy_algorithm_default() { + + let key = SecuredKey(applicationTag: applicationTag1)! + let testString = "testing" + + let encrypted = key.encrypt(data: testString.data(using: .utf8)!, secAlgorithm: .eciesEncryptionCofactorX963SHA256AESGCM)! + let decrypted = key.decrypt(data: encrypted)! + + let decryptedString = String(decoding: decrypted, as: UTF8.self) + + XCTAssertNotNil(decryptedString) + XCTAssertEqual(decryptedString, testString) + + SecuredKey.deleteKey(applicationTag: applicationTag1) + SecuredKey.deleteKey(applicationTag: applicationTag2) + } - public func decrypt(data: Data, privateKey: SecKey, algorithm: SecKeyAlgorithm) -> Data? { - - guard SecKeyIsAlgorithmSupported(privateKey, .decrypt, algorithm) else { - XCTFail("\(algorithm) is not supported on the device.") - return nil - } - - var error: Unmanaged? - let decryptedData = SecKeyCreateDecryptedData(privateKey, algorithm, data as CFData, &error) as Data? - if let error = error { - XCTFail("Failed to decrypt data: \(error)") - } - return decryptedData + func test_05_test_decrypt_with_legacy_algorithm_manual() { + + let key = SecuredKey(applicationTag: applicationTag1)! + let testString = "testing" + + let encrypted = key.encrypt(data: testString.data(using: .utf8)!, secAlgorithm: .eciesEncryptionCofactorX963SHA256AESGCM)! + let decrypted = key.decrypt(data: encrypted, secAlgorithm: .eciesEncryptionCofactorX963SHA256AESGCM)! + + let decryptedString = String(decoding: decrypted, as: UTF8.self) + + XCTAssertNotNil(decryptedString) + XCTAssertEqual(decryptedString, testString) + + SecuredKey.deleteKey(applicationTag: applicationTag1) + SecuredKey.deleteKey(applicationTag: applicationTag2) } } From 14b0292aff6c445068b233dbd764dc70f8de23ff Mon Sep 17 00:00:00 2001 From: George Bafaloukas Date: Fri, 21 Oct 2022 12:49:46 +0100 Subject: [PATCH 04/10] Updates on the logs based on the PR Comments --- FRCore/FRCore/Keychain/SecuredKey.swift | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/FRCore/FRCore/Keychain/SecuredKey.swift b/FRCore/FRCore/Keychain/SecuredKey.swift index 950f8636..5a92dcf2 100644 --- a/FRCore/FRCore/Keychain/SecuredKey.swift +++ b/FRCore/FRCore/Keychain/SecuredKey.swift @@ -164,7 +164,7 @@ public struct SecuredKey { public func encrypt(data: Data, secAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorVariableIVX963SHA256AESGCM) -> Data? { guard SecKeyIsAlgorithmSupported(publicKey, .encrypt, secAlgorithm) else { - Log.e("\(oldAlgorithm) is not supported on the device.") + Log.e("\(secAlgorithm) is not supported on the device.") return nil } @@ -183,7 +183,7 @@ public struct SecuredKey { public func decrypt(data: Data, secAlgorithm: SecKeyAlgorithm = .eciesEncryptionCofactorVariableIVX963SHA256AESGCM) -> Data? { guard SecKeyIsAlgorithmSupported(privateKey, .decrypt, secAlgorithm) else { - Log.e("\(oldAlgorithm) is not supported on the device.") + Log.e("\(secAlgorithm) is not supported on the device.") return nil } From 804f8e5daf3131c299637a4ae82802999248d2a0 Mon Sep 17 00:00:00 2001 From: George Bafaloukas Date: Tue, 25 Oct 2022 10:33:22 +0100 Subject: [PATCH 05/10] Updated Copyrights --- FRCore/FRCore/Keychain/SecuredKey.swift | 2 +- FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/FRCore/FRCore/Keychain/SecuredKey.swift b/FRCore/FRCore/Keychain/SecuredKey.swift index 5a92dcf2..cf48aee7 100644 --- a/FRCore/FRCore/Keychain/SecuredKey.swift +++ b/FRCore/FRCore/Keychain/SecuredKey.swift @@ -2,7 +2,7 @@ // SecuredKey.swift // FRCore // -// Copyright (c) 2020 - 2021 ForgeRock. All rights reserved. +// Copyright (c) 2020 - 2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. diff --git a/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift b/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift index 58335f2c..58d6c8a3 100644 --- a/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift +++ b/FRCore/FRCoreTests/FRCore/Util/SecuredKeyTests.swift @@ -2,7 +2,7 @@ // SecuredKeyTests.swift // FRCoreTests // -// Copyright (c) 2020 ForgeRock. All rights reserved. +// Copyright (c) 2020 - 2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. From affece8c91f86a8876dab21fbc188eb56232f69f Mon Sep 17 00:00:00 2001 From: Vahan Harutyunyan Date: Mon, 24 Oct 2022 13:46:22 -0400 Subject: [PATCH 06/10] Fix failing tests (cherry picked from commit 8be38a100081f649758c42a6c4dd7924077654c2) --- .../FRAuthSwiftTests/FRAuth/Cookie/CookieTests.swift | 4 ++-- .../FRAuth/Cookie/CookieValidationTests.swift | 4 ++-- FRTestHost/FRTestHost/FRAuthConfigPKHash.plist | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieTests.swift b/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieTests.swift index d8fcf514..83586bba 100644 --- a/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieTests.swift +++ b/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieTests.swift @@ -2,7 +2,7 @@ // CookieTests.swift // FRAuthTests // -// Copyright (c) 2020 ForgeRock. All rights reserved. +// Copyright (c) 2020-2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. @@ -219,7 +219,7 @@ class CookieTests: FRAuthBaseTest { self.performLogin() let url = URL(string: "https://openam.example.com")! - let setCookie: [String: String] = ["Set-Cookie":"iPlanetDirectoryPro=token; Expires=Wed, 21 Oct 2022 01:00:00 GMT; Domain=openam.example.com"] + let setCookie: [String: String] = ["Set-Cookie":"iPlanetDirectoryPro=token; Expires=Wed, 21 Oct 2032 01:00:00 GMT; Domain=openam.example.com"] let cookies = HTTPCookie.cookies(withResponseHeaderFields: setCookie, for: url) guard let cookie = cookies.first, let frAuth = FRAuth.shared else { diff --git a/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieValidationTests.swift b/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieValidationTests.swift index 6013614e..6990c084 100644 --- a/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieValidationTests.swift +++ b/FRAuth/FRAuthTests/FRAuthSwiftTests/FRAuth/Cookie/CookieValidationTests.swift @@ -2,7 +2,7 @@ // CookieValidationTests.swift // FRAuthTests // -// Copyright (c) 2020 ForgeRock. All rights reserved. +// Copyright (c) 2020-2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. @@ -202,7 +202,7 @@ class CookieValidationTests: FRAuthBaseTest { func test_10_cookie_is_expired_validation_not_expired() { - let setCookie: [String: String] = ["Set-Cookie":"iPlanetDirectoryPro=token; Expires=Wed, 21 Oct 2022 01:00:00 GMT; Domain=openam.example.com"] + let setCookie: [String: String] = ["Set-Cookie":"iPlanetDirectoryPro=token; Expires=Wed, 21 Oct 2032 01:00:00 GMT; Domain=openam.example.com"] let cookies = HTTPCookie.cookies(withResponseHeaderFields: setCookie, for: URL(string: "https://openam.example.com")!) guard let cookie = cookies.first else { XCTFail("Failed to parse Cookies from response header") diff --git a/FRTestHost/FRTestHost/FRAuthConfigPKHash.plist b/FRTestHost/FRTestHost/FRAuthConfigPKHash.plist index 35c65955..c218f298 100644 --- a/FRTestHost/FRTestHost/FRAuthConfigPKHash.plist +++ b/FRTestHost/FRTestHost/FRAuthConfigPKHash.plist @@ -26,7 +26,7 @@ signUp forgerock_ssl_pinning_public_key_hashes - +KSzREQbAh9gqYLLGpfCG+cAy7Px3/Qmk/e8Egwyd7o= + 9uiEUVtJyf/LAciFcfkWlBcrPor9uZGmteP3x9sBGiQ= From b03a962751ee08f2286d06ed0f0baf0042b92aee Mon Sep 17 00:00:00 2001 From: jey Date: Wed, 26 Oct 2022 17:55:24 -0500 Subject: [PATCH 07/10] Remove Expired Logic from SDK --- .../Model/Notification/PushNotification.swift | 9 +--- .../E2ETests/FRAClient/FRAClientTests.swift | 13 +---- .../UnitTests/Model/NotificationTests.swift | 47 +++---------------- .../UnitTests/Push/FRAPushHandlerTests.swift | 1 - .../PushNotificationAuthenticationTests.swift | 40 ---------------- .../project.pbxproj | 14 ++++-- .../Cell/NotificationTableViewCell.swift | 3 -- .../NotificationRequestViewController.swift | 4 +- 8 files changed, 21 insertions(+), 110 deletions(-) diff --git a/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift b/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift index 49e3624e..d7fe9fd9 100644 --- a/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift +++ b/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift @@ -57,14 +57,7 @@ public class PushNotification: NSObject, NSSecureCoding, Codable { /// Boolean property indicating whether or not current Notification is still pending for approval public var isPending: Bool { get { - return self.pending && !self.isExpired - } - } - - /// Boolean property indicating whether or not current Notification is expired - public var isExpired: Bool { - get { - return pending && ((Date().timeIntervalSince1970 - (self.timeAdded.timeIntervalSince1970 + self.ttl)) > 0) + return self.pending } } diff --git a/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift b/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift index 1226b486..501d333c 100644 --- a/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift @@ -264,7 +264,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -286,7 +285,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) - XCTAssertEqual(notification?.isExpired, false) + XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -316,7 +315,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -338,7 +336,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, true) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -369,7 +366,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -391,7 +387,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -491,7 +486,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) ex = self.expectation(description: "PushNotification.accept - #1") @@ -511,7 +505,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -541,7 +534,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) ex = self.expectation(description: "PushNotification.accept - #2") @@ -561,7 +553,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, true) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -592,7 +583,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) ex = self.expectation(description: "PushNotification.accept - #2") @@ -612,7 +602,6 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) - XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift index 4509141d..1c8e32b5 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift @@ -159,10 +159,8 @@ class NotificationTests: FRABaseTests { } } - - func test_07_notification_is_pending_without_interval() { + func test_07_1_notification_is_pending_with_interval() { do { - payload.removeValue(forKey: "i") let notification = try PushNotification(messageId: messageId, payload: payload) XCTAssertTrue(notification.isPending) XCTAssertFalse(notification.isDenied) @@ -173,11 +171,11 @@ class NotificationTests: FRABaseTests { } } - - func test_07_1_notification_is_pending_with_interval() { + func test_07_notification_is_pending_without_interval() { do { + payload.removeValue(forKey: "i") let notification = try PushNotification(messageId: messageId, payload: payload) - XCTAssertFalse(notification.isPending) + XCTAssertTrue(notification.isPending) XCTAssertFalse(notification.isDenied) XCTAssertFalse(notification.isApproved) } @@ -187,6 +185,8 @@ class NotificationTests: FRABaseTests { } + + func test_08_notification_is_approved() { do { let notification = try PushNotification(messageId: messageId, payload: payload) @@ -195,7 +195,6 @@ class NotificationTests: FRABaseTests { XCTAssertTrue(notification.isApproved) XCTAssertFalse(notification.isDenied) XCTAssertFalse(notification.isPending) - XCTAssertFalse(notification.isExpired) } catch { XCTFail("Failed with unexpected error: \(error.localizedDescription)") @@ -211,45 +210,13 @@ class NotificationTests: FRABaseTests { XCTAssertTrue(notification.isDenied) XCTAssertFalse(notification.isPending) XCTAssertFalse(notification.isApproved) - XCTAssertFalse(notification.isExpired) } catch { XCTFail("Failed with unexpected error: \(error.localizedDescription)") } } - - func test_09_notification_is_expired_without_interval() { - do { - payload.removeValue(forKey: "i") - let notification = try PushNotification(messageId: messageId, payload: payload) - XCTAssertFalse(notification.isExpired) - let calendar = Calendar.current - let past = calendar.date(byAdding: .minute, value: -5, to: Date()) - notification.timeAdded = past! - XCTAssertTrue(notification.isExpired) - } - catch { - XCTFail("Failed with unexpected error: \(error.localizedDescription)") - } - } - - - func test_09_1_notification_is_expired_with_interval() { - do { - let notification = try PushNotification(messageId: messageId, payload: payload) - XCTAssertTrue(notification.isExpired) - let calendar = Calendar.current - let past = calendar.date(byAdding: .minute, value: -5, to: Date()) - notification.timeAdded = past! - XCTAssertTrue(notification.isExpired) - } - catch { - XCTFail("Failed with unexpected error: \(error.localizedDescription)") - } - } - - + func test_10_notification_archive_obj() { do { let notification = try PushNotification(messageId: messageId, payload: payload) diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift index 77f8e8fc..7d918bd3 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift @@ -74,7 +74,6 @@ class FRAPushHandlerTests: FRABaseTests { XCTAssertEqual(notification.loadBalanceKey, "amlbcookie=01") XCTAssertEqual(notification.ttl, 120.0) XCTAssertTrue(notification.isPending) - XCTAssertFalse(notification.isExpired) XCTAssertFalse(notification.isApproved) XCTAssertFalse(notification.isDenied) } diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift index ce405b67..35d495a9 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift @@ -290,46 +290,6 @@ class PushNotificationAuthenticationTests: FRABaseTests { } } - - func test_07_push_notification_expired() { - let qrCode = URL(string: "pushauth://push/forgerock:pushdemouser1?a=aHR0cDovL29wZW5hbS5leGFtcGxlLmNvbTo4MDgxL29wZW5hbS9qc29uL3B1c2gvc25zL21lc3NhZ2U_X2FjdGlvbj1hdXRoZW50aWNhdGU&b=519387&r=aHR0cDovL29wZW5hbS5leGFtcGxlLmNvbTo4MDgxL29wZW5hbS9qc29uL3B1c2gvc25zL21lc3NhZ2U_X2FjdGlvbj1yZWdpc3Rlcg&s=O9JHEGfOsaZqc5JT0DHM5hYFA8jofohw5vAP0EpG4JU&c=75OQ3FXmzV99TPf0ihevFfB0s43XsxQ747sY6BopgME&l=YW1sYmNvb2tpZT0wMQ&m=REGISTER:fe6311ab-013e-4599-9c0e-4c4e2525199b1588721418483&issuer=Rm9yZ2VSb2NrU2FuZGJveA")! - - do { - let parser = try PushQRCodeParser(url: qrCode) - let mechanism = PushMechanism(issuer: parser.issuer, accountName: parser.label, secret: parser.secret, authEndpoint: parser.authenticationEndpoint, regEndpoint: parser.registrationEndpoint, messageId: parser.messageId, challenge: parser.challenge, loadBalancer: parser.loadBalancer) - mechanism.mechanismUUID = "32E28B44-153C-4BDE-9FDB-38069BC23D9C" - FRAClient.storage.setMechanism(mechanism: mechanism) - - let messageId = "AUTHENTICATE:8af40ee6-8fa0-4bdd-949c-1dd29d5e55931588721432364" - var notificationPayload: [String: String] = [:] - notificationPayload["c"] = "6ggPLysKJ6wSwBsQFtPclHQKebpOTMNwHP53kZxIGE4=" - notificationPayload["t"] = "10" - notificationPayload["u"] = "32E28B44-153C-4BDE-9FDB-38069BC23D9C" - notificationPayload["l"] = "YW1sYmNvb2tpZT0wMQ==" - - let notification = try PushNotification(messageId: messageId, payload: notificationPayload) - sleep(15) - let ex = self.expectation(description: "PushNotification Authentication: 1st attempt") - notification.accept(onSuccess: { - XCTFail("Push authentication is expected failed for expired status, but somehow passed") - ex.fulfill() - }) { (error) in - switch error { - case PushNotificationError.notificationInvalidStatus: - break - default: - XCTFail("Push authentication is expected to failed with PushNotificationError.notificationInvalidStatus for expired status, but failed with different reason: \(error.localizedDescription)") - break - } - ex.fulfill() - } - waitForExpectations(timeout: 60, handler: nil) - } - catch { - XCTFail("Push authentication failed to prepare auth request") - } - } - func test_08_push_authentication_accept_successful_type_challenge() { diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj index f9cec8a8..a3e11f50 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj @@ -507,17 +507,20 @@ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = FRAuthenticatorExample/FRAuthenticatorExample.entitlements; CODE_SIGN_IDENTITY = "Apple Development"; - CODE_SIGN_STYLE = Automatic; + "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = "iPhone Developer"; + CODE_SIGN_STYLE = Manual; DEVELOPMENT_TEAM = ""; + "DEVELOPMENT_TEAM[sdk=iphoneos*]" = 9QSE66762D; INFOPLIST_FILE = FRAuthenticatorExample/Info.plist; IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.authenticator.sample; + PRODUCT_BUNDLE_IDENTIFIER = com.acme.authenticator; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; + "PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "ACME Authenticator (Development)"; SWIFT_VERSION = 5.0; TARGETED_DEVICE_FAMILY = 1; }; @@ -529,17 +532,20 @@ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = FRAuthenticatorExample/FRAuthenticatorExample.entitlements; CODE_SIGN_IDENTITY = "Apple Development"; - CODE_SIGN_STYLE = Automatic; + "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = "iPhone Developer"; + CODE_SIGN_STYLE = Manual; DEVELOPMENT_TEAM = ""; + "DEVELOPMENT_TEAM[sdk=iphoneos*]" = 9QSE66762D; INFOPLIST_FILE = FRAuthenticatorExample/Info.plist; IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.authenticator.sample; + PRODUCT_BUNDLE_IDENTIFIER = com.acme.authenticator; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; + "PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "ACME Authenticator (Development)"; SWIFT_VERSION = 5.0; TARGETED_DEVICE_FAMILY = 1; }; diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift index 4cae2175..553f5981 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift @@ -36,9 +36,6 @@ class NotificationTableViewCell: BaseTableViewCell { else if notification.isApproved { self.iconImageView?.image = UIImage(named: "ApprovedIcon") } - else if notification.isExpired { - self.iconImageView?.image = UIImage(named: "DeniedIcon") - } else if notification.isDenied { self.iconImageView?.image = UIImage(named: "DeniedIcon") } diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift index 3f28f536..a759e456 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift @@ -61,14 +61,14 @@ class NotificationRequestViewController: BaseViewController { else if notification.isDenied { status = "had already been denied" } - else if notification.isExpired { + else if notification.isPending { status = "was expired" } let dateFormatter = DateFormatter() dateFormatter.dateFormat = "yyyy-MM-dd HH:mm:ss" let timestamp = dateFormatter.string(from: notification.timeAdded) - self.topDescriptionLabel.text = "This PushNotification \(status) \(notification.isExpired ? "" : "\n @ " + timestamp)" + self.topDescriptionLabel.text = "This PushNotification \(status) \("\n @ " + timestamp)" self.descriptionLabel.text = "This PushNotification \(status)." } else { From 69018ee2f17890610700617f1a37a8bca506ffbf Mon Sep 17 00:00:00 2001 From: Rodrigo Reis Date: Thu, 10 Nov 2022 13:28:00 -0800 Subject: [PATCH 08/10] Fixing expiration logic for PushNotification --- CHANGELOG.md | 6 ++ .../Model/Notification/PushNotification.swift | 7 +++ .../E2ETests/FRAClient/FRAClientTests.swift | 13 ++++- .../UnitTests/Model/NotificationTests.swift | 58 +++++++++++++++++-- .../UnitTests/Push/FRAPushHandlerTests.swift | 1 + .../PushNotificationAuthenticationTests.swift | 44 ++++++++++++++ .../project.pbxproj | 14 ++--- .../Cell/NotificationTableViewCell.swift | 3 + .../NotificationRequestViewController.swift | 4 +- 9 files changed, 131 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c1ccb711..993a3da6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +# Version 3.4.1 +## [3.4.1] +#### Changed +- Updated Legacy encryption algorithm for iOS SE [SDKS-1994] +- PushNotification Timeout should be validated by AM [SDKS-2164] + # Version 3.4.0 ## [3.4.0] #### Added diff --git a/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift b/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift index d7fe9fd9..a0f71aa7 100644 --- a/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift +++ b/FRAuthenticator/FRAuthenticator/Model/Notification/PushNotification.swift @@ -61,6 +61,13 @@ public class PushNotification: NSObject, NSSecureCoding, Codable { } } + /// Boolean property indicating whether or not current Notification is expired + public var isExpired: Bool { + get { + return ((Date().timeIntervalSince1970 - (self.timeAdded.timeIntervalSince1970 + self.ttl)) > 0) + } + } + /// Boolean property indicating whether or not current Notification is approved public var isApproved: Bool { get { diff --git a/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift b/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift index 501d333c..1226b486 100644 --- a/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/E2ETests/FRAClient/FRAClientTests.swift @@ -264,6 +264,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -285,7 +286,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) - + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -315,6 +316,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -336,6 +338,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, true) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -366,6 +369,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(pushMechanism?.pendingNotifications.count, 1) @@ -387,6 +391,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -486,6 +491,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) ex = self.expectation(description: "PushNotification.accept - #1") @@ -505,6 +511,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 1) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -534,6 +541,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) ex = self.expectation(description: "PushNotification.accept - #2") @@ -553,6 +561,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, true) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 2) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) @@ -583,6 +592,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, true) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, false) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) ex = self.expectation(description: "PushNotification.accept - #2") @@ -602,6 +612,7 @@ class FRAClientTests: FRABaseTests { XCTAssertEqual(notification?.isPending, false) XCTAssertEqual(notification?.isDenied, false) XCTAssertEqual(notification?.isApproved, true) + XCTAssertEqual(notification?.isExpired, false) XCTAssertEqual(pushMechanism?.notifications.count, 3) XCTAssertEqual(storageClient.defaultStorageClient.accountStorage.allItems()?.count, 1) diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift index 1c8e32b5..73ecd235 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Model/NotificationTests.swift @@ -159,8 +159,10 @@ class NotificationTests: FRABaseTests { } } - func test_07_1_notification_is_pending_with_interval() { + + func test_07_notification_is_pending_without_interval() { do { + payload.removeValue(forKey: "i") let notification = try PushNotification(messageId: messageId, payload: payload) XCTAssertTrue(notification.isPending) XCTAssertFalse(notification.isDenied) @@ -171,9 +173,9 @@ class NotificationTests: FRABaseTests { } } - func test_07_notification_is_pending_without_interval() { + + func test_07_1_notification_is_pending_with_interval() { do { - payload.removeValue(forKey: "i") let notification = try PushNotification(messageId: messageId, payload: payload) XCTAssertTrue(notification.isPending) XCTAssertFalse(notification.isDenied) @@ -185,8 +187,6 @@ class NotificationTests: FRABaseTests { } - - func test_08_notification_is_approved() { do { let notification = try PushNotification(messageId: messageId, payload: payload) @@ -195,6 +195,7 @@ class NotificationTests: FRABaseTests { XCTAssertTrue(notification.isApproved) XCTAssertFalse(notification.isDenied) XCTAssertFalse(notification.isPending) + XCTAssertTrue(notification.isExpired) } catch { XCTFail("Failed with unexpected error: \(error.localizedDescription)") @@ -210,13 +211,58 @@ class NotificationTests: FRABaseTests { XCTAssertTrue(notification.isDenied) XCTAssertFalse(notification.isPending) XCTAssertFalse(notification.isApproved) + XCTAssertTrue(notification.isExpired) + } + catch { + XCTFail("Failed with unexpected error: \(error.localizedDescription)") + } + } + + + func test_09_notification_is_expired_without_interval() { + do { + payload.removeValue(forKey: "i") + let notification = try PushNotification(messageId: messageId, payload: payload) + XCTAssertFalse(notification.isExpired) + let calendar = Calendar.current + let past = calendar.date(byAdding: .minute, value: -5, to: Date()) + notification.timeAdded = past! + XCTAssertTrue(notification.isExpired) + } + catch { + XCTFail("Failed with unexpected error: \(error.localizedDescription)") + } + } + + + func test_09_1_notification_is_expired_with_interval() { + do { + let notification = try PushNotification(messageId: messageId, payload: payload) + XCTAssertTrue(notification.isExpired) + let calendar = Calendar.current + let past = calendar.date(byAdding: .minute, value: -5, to: Date()) + notification.timeAdded = past! + XCTAssertTrue(notification.isExpired) + } + catch { + XCTFail("Failed with unexpected error: \(error.localizedDescription)") + } + } + + func test_09_2_notification_is_not_expired() { + do { + let notification = try PushNotification(messageId: messageId, payload: payload) + XCTAssertTrue(notification.isExpired) + let calendar = Calendar.current + let future = calendar.date(byAdding: .minute, value: 1, to: Date()) + notification.timeAdded = future! + XCTAssertFalse(notification.isExpired) } catch { XCTFail("Failed with unexpected error: \(error.localizedDescription)") } } - func test_10_notification_archive_obj() { do { let notification = try PushNotification(messageId: messageId, payload: payload) diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift index 7d918bd3..77f8e8fc 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/FRAPushHandlerTests.swift @@ -74,6 +74,7 @@ class FRAPushHandlerTests: FRABaseTests { XCTAssertEqual(notification.loadBalanceKey, "amlbcookie=01") XCTAssertEqual(notification.ttl, 120.0) XCTAssertTrue(notification.isPending) + XCTAssertFalse(notification.isExpired) XCTAssertFalse(notification.isApproved) XCTAssertFalse(notification.isDenied) } diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift index 35d495a9..43fc9f0a 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/Push/PushNotificationAuthenticationTests.swift @@ -9,6 +9,7 @@ // import XCTest +@testable import FRCore @testable import FRAuthenticator class PushNotificationAuthenticationTests: FRABaseTests { @@ -290,6 +291,49 @@ class PushNotificationAuthenticationTests: FRABaseTests { } } + + func test_07_push_notification_expired() { + + self.loadMockResponses(["AM_Push_Authentication_Fail"]) + + let qrCode = URL(string: "pushauth://push/forgerock:pushdemouser1?a=aHR0cDovL29wZW5hbS5leGFtcGxlLmNvbTo4MDgxL29wZW5hbS9qc29uL3B1c2gvc25zL21lc3NhZ2U_X2FjdGlvbj1hdXRoZW50aWNhdGU&b=519387&r=aHR0cDovL29wZW5hbS5leGFtcGxlLmNvbTo4MDgxL29wZW5hbS9qc29uL3B1c2gvc25zL21lc3NhZ2U_X2FjdGlvbj1yZWdpc3Rlcg&s=O9JHEGfOsaZqc5JT0DHM5hYFA8jofohw5vAP0EpG4JU&c=75OQ3FXmzV99TPf0ihevFfB0s43XsxQ747sY6BopgME&l=YW1sYmNvb2tpZT0wMQ&m=REGISTER:fe6311ab-013e-4599-9c0e-4c4e2525199b1588721418483&issuer=Rm9yZ2VSb2NrU2FuZGJveA")! + + do { + let parser = try PushQRCodeParser(url: qrCode) + let mechanism = PushMechanism(issuer: parser.issuer, accountName: parser.label, secret: parser.secret, authEndpoint: parser.authenticationEndpoint, regEndpoint: parser.registrationEndpoint, messageId: parser.messageId, challenge: parser.challenge, loadBalancer: parser.loadBalancer) + mechanism.mechanismUUID = "32E28B44-153C-4BDE-9FDB-38069BC23D9C" + FRAClient.storage.setMechanism(mechanism: mechanism) + + let messageId = "AUTHENTICATE:8af40ee6-8fa0-4bdd-949c-1dd29d5e55931588721432364" + var notificationPayload: [String: String] = [:] + notificationPayload["c"] = "6ggPLysKJ6wSwBsQFtPclHQKebpOTMNwHP53kZxIGE4=" + notificationPayload["t"] = "10" + notificationPayload["u"] = "32E28B44-153C-4BDE-9FDB-38069BC23D9C" + notificationPayload["l"] = "YW1sYmNvb2tpZT0wMQ==" + + let notification = try PushNotification(messageId: messageId, payload: notificationPayload) + sleep(15) + let ex = self.expectation(description: "PushNotification Authentication: 1st attempt") + notification.accept(onSuccess: { + XCTFail("Push authentication is expected failed for expired status, but somehow passed") + ex.fulfill() + }) { (error) in + switch error { + case NetworkError.apiRequestFailure(_, _, _): + break + default: + XCTFail("Push authentication is expected to failed for expired status, but failed with different reason: \(error.localizedDescription)") + break + } + ex.fulfill() + } + waitForExpectations(timeout: 60, handler: nil) + } + catch { + XCTFail("Push authentication failed to prepare auth request") + } + } + func test_08_push_authentication_accept_successful_type_challenge() { diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj index a3e11f50..f9cec8a8 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample.xcodeproj/project.pbxproj @@ -507,20 +507,17 @@ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = FRAuthenticatorExample/FRAuthenticatorExample.entitlements; CODE_SIGN_IDENTITY = "Apple Development"; - "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = "iPhone Developer"; - CODE_SIGN_STYLE = Manual; + CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = ""; - "DEVELOPMENT_TEAM[sdk=iphoneos*]" = 9QSE66762D; INFOPLIST_FILE = FRAuthenticatorExample/Info.plist; IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - PRODUCT_BUNDLE_IDENTIFIER = com.acme.authenticator; + PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.authenticator.sample; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; - "PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "ACME Authenticator (Development)"; SWIFT_VERSION = 5.0; TARGETED_DEVICE_FAMILY = 1; }; @@ -532,20 +529,17 @@ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CODE_SIGN_ENTITLEMENTS = FRAuthenticatorExample/FRAuthenticatorExample.entitlements; CODE_SIGN_IDENTITY = "Apple Development"; - "CODE_SIGN_IDENTITY[sdk=iphoneos*]" = "iPhone Developer"; - CODE_SIGN_STYLE = Manual; + CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = ""; - "DEVELOPMENT_TEAM[sdk=iphoneos*]" = 9QSE66762D; INFOPLIST_FILE = FRAuthenticatorExample/Info.plist; IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - PRODUCT_BUNDLE_IDENTIFIER = com.acme.authenticator; + PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.authenticator.sample; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; - "PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "ACME Authenticator (Development)"; SWIFT_VERSION = 5.0; TARGETED_DEVICE_FAMILY = 1; }; diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift index 553f5981..4cae2175 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Cell/NotificationTableViewCell.swift @@ -36,6 +36,9 @@ class NotificationTableViewCell: BaseTableViewCell { else if notification.isApproved { self.iconImageView?.image = UIImage(named: "ApprovedIcon") } + else if notification.isExpired { + self.iconImageView?.image = UIImage(named: "DeniedIcon") + } else if notification.isDenied { self.iconImageView?.image = UIImage(named: "DeniedIcon") } diff --git a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift index a759e456..3f28f536 100644 --- a/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift +++ b/SampleApps/FRAuthenticatorExample/FRAuthenticatorExample/Controller/NotificationRequestViewController.swift @@ -61,14 +61,14 @@ class NotificationRequestViewController: BaseViewController { else if notification.isDenied { status = "had already been denied" } - else if notification.isPending { + else if notification.isExpired { status = "was expired" } let dateFormatter = DateFormatter() dateFormatter.dateFormat = "yyyy-MM-dd HH:mm:ss" let timestamp = dateFormatter.string(from: notification.timeAdded) - self.topDescriptionLabel.text = "This PushNotification \(status) \("\n @ " + timestamp)" + self.topDescriptionLabel.text = "This PushNotification \(status) \(notification.isExpired ? "" : "\n @ " + timestamp)" self.descriptionLabel.text = "This PushNotification \(status)." } else { From d3ca78f304827e79ac913b15c336d6f6ee2d98d4 Mon Sep 17 00:00:00 2001 From: Rodrigo Reis Date: Thu, 10 Nov 2022 14:18:14 -0800 Subject: [PATCH 09/10] SDKS-2199 Authenticator SDK fails to decode some of the PUSH notification JWTs --- .../FRAuthenticator/JWT/FRCompactJWT.swift | 4 ++-- .../UnitTests/JWT/FRCompactJWTTests.swift | 19 ++++++++++++++++++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/FRAuthenticator/FRAuthenticator/JWT/FRCompactJWT.swift b/FRAuthenticator/FRAuthenticator/JWT/FRCompactJWT.swift index f3a85ed3..a50fc892 100644 --- a/FRAuthenticator/FRAuthenticator/JWT/FRCompactJWT.swift +++ b/FRAuthenticator/FRAuthenticator/JWT/FRCompactJWT.swift @@ -2,7 +2,7 @@ // FRCompactJWT.swift // FRAuthenticator // -// Copyright (c) 2020 ForgeRock. All rights reserved. +// Copyright (c) 2020-2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. @@ -117,7 +117,7 @@ struct FRCompactJWT { throw CryptoError.invalidJWT } var payloadStr = String(components[1]) - payloadStr = payloadStr.base64Pad() + payloadStr = payloadStr.urlSafeDecoding().base64Pad() guard let payloadData = Data(base64Encoded: payloadStr), let payload = try? JSONSerialization.jsonObject(with: payloadData, options: []) as? [String: Any] else { diff --git a/FRAuthenticator/FRAuthenticatorTests/UnitTests/JWT/FRCompactJWTTests.swift b/FRAuthenticator/FRAuthenticatorTests/UnitTests/JWT/FRCompactJWTTests.swift index 89945503..e22623c7 100644 --- a/FRAuthenticator/FRAuthenticatorTests/UnitTests/JWT/FRCompactJWTTests.swift +++ b/FRAuthenticator/FRAuthenticatorTests/UnitTests/JWT/FRCompactJWTTests.swift @@ -2,7 +2,7 @@ // FRCompactJWTTests.swift // FRAuthenticatorTests // -// Copyright (c) 2020 ForgeRock. All rights reserved. +// Copyright (c) 2020-2022 ForgeRock. All rights reserved. // // This software may be modified and distributed under the terms // of the MIT license. See the LICENSE file for details. @@ -193,4 +193,21 @@ class FRCompactJWTTests: FRABaseTests { XCTFail("JWT extracting payload with invalid payload segment failed with unexpected error: \(error.localizedDescription)") } } + + func test_10_extract_payload_with_extra_data() { + let jwt1 = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwIjoieyAgfSIsImMiOiJ2TGhoaW9FNTIxVlcyYmNsNUM2aktERGp1bXk3Um01d2NwVkpYQllUY2ZFPSIsInQiOiIyMCIsInUiOiI0NkQ2QkUzQi02NTEyLTQ4QTQtODY4Ni1DQUIxQTkxNTZCNDQiLCJpIjoiMTY2Nzk0MDI3NDk0MiIsImsiOiJjaGFsbGVuZ2UiLCJsIjoiWVcxc1ltTnZiMnRwWlQwd01RPT0iLCJtIjoiRGlkIHlvdSB0cnkgdG8gbG9naW4_IiwibiI6IjUwLDYyLDg5In0.GXCMwE1VJTC1zVzLfBcSeiGEfPiY5i13lrtf6Fpwz6w" + let jwt2 = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwIjoieyAgfSIsImMiOiJqK0NBWlhrUnlRdEdxdHljYmFMc3EwTWtjcFJZbU9SSzRhUzgyQWNlTWNrPSIsInQiOiIyMCIsInUiOiI0NkQ2QkUzQi02NTEyLTQ4QTQtODY4Ni1DQUIxQTkxNTZCNDQiLCJpIjoiMTY2Nzk0MTA5MTMwNiIsImsiOiJkZWZhdWx0IiwibCI6IllXMXNZbU52YjJ0cFpUMHdNUT09IiwibSI6IkRpZCB5b3UgdHJ5IHRvIGxvZ2luPyJ9.L2WjxnumzIgA9gpNN8p7onip0As5Rytb0RuOW8_sDWI" + + do { + let payload1 = try FRCompactJWT.extractPayload(jwt: jwt1) + let payload2 = try FRCompactJWT.extractPayload(jwt: jwt2) + + XCTAssertEqual(payload1.keys.count, 9) + XCTAssertEqual(payload2.keys.count, 8) + + } + catch { + XCTFail("Failed to extract JWT payload: \(error.localizedDescription)") + } + } } From 44d317d98178c0c7516efa4590c19b4a191311e7 Mon Sep 17 00:00:00 2001 From: Stoyan Petrov Date: Tue, 15 Nov 2022 13:42:29 -0800 Subject: [PATCH 10/10] ForgeRock iOS SDK 3.4.1 Release preparation --- CHANGELOG.md | 7 +++---- FRAuth.podspec | 4 ++-- FRAuth/FRAuth.xcodeproj/project.pbxproj | 4 ++-- FRAuthenticator.podspec | 4 ++-- FRAuthenticator/FRAuthenticator.xcodeproj/project.pbxproj | 4 ++-- FRCore.podspec | 2 +- FRCore/FRCore.xcodeproj/project.pbxproj | 4 ++-- FRCore/FRCore/Log/Log.swift | 2 +- FRFacebookSignIn.podspec | 4 ++-- .../FRFacebookSignIn.xcodeproj/project.pbxproj | 4 ++-- FRGoogleSignIn.podspec | 4 ++-- FRGoogleSignIn/FRGoogleSignIn.xcodeproj/project.pbxproj | 4 ++-- FRProximity.podspec | 4 ++-- FRProximity/FRProximity.xcodeproj/project.pbxproj | 4 ++-- FRUI.podspec | 4 ++-- FRUI/FRUI.xcodeproj/project.pbxproj | 4 ++-- 16 files changed, 31 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 993a3da6..fcd83c81 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,10 @@ # Version 3.4.1 ## [3.4.1] #### Changed -- Updated Legacy encryption algorithm for iOS SE [SDKS-1994] -- PushNotification Timeout should be validated by AM [SDKS-2164] +- Updated legacy encryption algorithm for iOS SE [SDKS-1994] +- Fixed an issue related to push notifications timeout [SDKS-2164] +- Fixed an unexpected error occurring during the decoding of some push notifications [SDKS-2199] -# Version 3.4.0 ## [3.4.0] #### Added - Dynamic SDK Configuration [SDKS-1760] @@ -14,7 +14,6 @@ - Fixed build errors on Xcode 14 [SDKS-2073] - Fixed bug where the `state` parameter value was not verified upon calling the `Authorize` endpoint [SDKS-2077] -# Version 3.3.2 ## [3.3.2] #### Added - Interface for log management [SDKS-1863] diff --git a/FRAuth.podspec b/FRAuth.podspec index 818d8295..80fa814b 100644 --- a/FRAuth.podspec +++ b/FRAuth.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRAuth' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock Auth SDK for iOS' s.description = <<-DESC FRAuth is a SDK that allows you easily and quickly develop an application with ForgeRock Platform or ForgeRock Identity Cloud. FRAuth SDK provides interfaces and functionalities of user authentication, registration, and identity and access management against ForgeRock solutions. @@ -29,5 +29,5 @@ Pod::Spec.new do |s| base_dir = "FRAuth/FRAuth" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' - s.ios.dependency 'FRCore', '~> 3.4.0' + s.ios.dependency 'FRCore', '~> 3.4.1' end diff --git a/FRAuth/FRAuth.xcodeproj/project.pbxproj b/FRAuth/FRAuth.xcodeproj/project.pbxproj index efba0828..7da466ef 100644 --- a/FRAuth/FRAuth.xcodeproj/project.pbxproj +++ b/FRAuth/FRAuth.xcodeproj/project.pbxproj @@ -2132,7 +2132,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; MODULEMAP_FILE = "${PROJECT_DIR}/FRAuth/SharedC/FRAuth.modulemap"; OTHER_CFLAGS = "-DXCODE_FRAMEWORK=1"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRAuth; @@ -2166,7 +2166,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; MODULEMAP_FILE = "${PROJECT_DIR}/FRAuth/SharedC/FRAuth.modulemap"; OTHER_CFLAGS = "-DXCODE_FRAMEWORK=1"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRAuth; diff --git a/FRAuthenticator.podspec b/FRAuthenticator.podspec index 6b32892c..9f799911 100644 --- a/FRAuthenticator.podspec +++ b/FRAuthenticator.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRAuthenticator' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock OTP/Push Authentication SDK for iOS' s.description = <<-DESC FRAuthenticator is a SDK that allows you easily and quickly develop an application with ForgeRock Platform for OATH and Push Authentication with AM. FRAuthenticator SDK provides interfaces and functionalities of HMAC-based OTP, Time-based OTP, Push Registration and Authentication with AM. @@ -29,5 +29,5 @@ Pod::Spec.new do |s| base_dir = "FRAuthenticator/FRAuthenticator" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' - s.ios.dependency 'FRCore', '~> 3.4.0' + s.ios.dependency 'FRCore', '~> 3.4.1' end diff --git a/FRAuthenticator/FRAuthenticator.xcodeproj/project.pbxproj b/FRAuthenticator/FRAuthenticator.xcodeproj/project.pbxproj index db3b8cd2..5987282d 100644 --- a/FRAuthenticator/FRAuthenticator.xcodeproj/project.pbxproj +++ b/FRAuthenticator/FRAuthenticator.xcodeproj/project.pbxproj @@ -1264,7 +1264,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; MODULEMAP_FILE = "${PROJECT_DIR}/FRAuthenticator/SharedC/FRAuthenticator.modulemap"; OTHER_CFLAGS = "-DXCODE_FRAMEWORK=1"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRAuthenticator; @@ -1293,7 +1293,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; MODULEMAP_FILE = "${PROJECT_DIR}/FRAuthenticator/SharedC/FRAuthenticator.modulemap"; OTHER_CFLAGS = "-DXCODE_FRAMEWORK=1"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRAuthenticator; diff --git a/FRCore.podspec b/FRCore.podspec index 9f4bd42e..5d93fecd 100644 --- a/FRCore.podspec +++ b/FRCore.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRCore' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock Core SDK for iOS' s.description = <<-DESC FRCore is a SDK that allows you to consume some of core functionalities and security features built for FRAuth SDK. diff --git a/FRCore/FRCore.xcodeproj/project.pbxproj b/FRCore/FRCore.xcodeproj/project.pbxproj index a39f5319..cd500af8 100644 --- a/FRCore/FRCore.xcodeproj/project.pbxproj +++ b/FRCore/FRCore.xcodeproj/project.pbxproj @@ -768,7 +768,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRCore; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; SKIP_INSTALL = YES; @@ -795,7 +795,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRCore; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; SKIP_INSTALL = YES; diff --git a/FRCore/FRCore/Log/Log.swift b/FRCore/FRCore/Log/Log.swift index 22b8289a..126bb819 100644 --- a/FRCore/FRCore/Log/Log.swift +++ b/FRCore/FRCore/Log/Log.swift @@ -129,7 +129,7 @@ public class Log: NSObject { // MARK: - Property /// Current SDK version. We hard code it here as currently there is no other way to get it dinamically when used with SPM - public static let sdkVersion = "3.4.0" + public static let sdkVersion = "3.4.1" /// Current LogLevel static var logLevel: LogLevel = .none /// Current Loggers to handle log entries diff --git a/FRFacebookSignIn.podspec b/FRFacebookSignIn.podspec index a711a514..bed4eb7b 100644 --- a/FRFacebookSignIn.podspec +++ b/FRFacebookSignIn.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRFacebookSignIn' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock Auth Facebook Sign-in SDK for iOS' s.description = <<-DESC FRFacebookSignIn is a SDK that allows a user to sign-in through Facebook. FRFacebookSignIn depends on FBSDKLoginKit, and uses Facebook's SDK to perform authorization following Facebook's protocol. @@ -29,6 +29,6 @@ Pod::Spec.new do |s| base_dir = "FRFacebookSignIn/FRFacebookSignIn" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' - s.ios.dependency 'FRAuth', '~> 3.4.0' + s.ios.dependency 'FRAuth', '~> 3.4.1' s.ios.dependency 'FBSDKLoginKit', '~> 9.1.0' end diff --git a/FRFacebookSignIn/FRFacebookSignIn.xcodeproj/project.pbxproj b/FRFacebookSignIn/FRFacebookSignIn.xcodeproj/project.pbxproj index 5485f5fe..0b82dd2e 100644 --- a/FRFacebookSignIn/FRFacebookSignIn.xcodeproj/project.pbxproj +++ b/FRFacebookSignIn/FRFacebookSignIn.xcodeproj/project.pbxproj @@ -440,7 +440,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRFacebookSignIn; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; SKIP_INSTALL = YES; @@ -467,7 +467,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRFacebookSignIn; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; SKIP_INSTALL = YES; diff --git a/FRGoogleSignIn.podspec b/FRGoogleSignIn.podspec index 2bf290a4..18af2b38 100644 --- a/FRGoogleSignIn.podspec +++ b/FRGoogleSignIn.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRGoogleSignIn' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock Auth Google Sign-in SDK for iOS' s.description = <<-DESC FRGoogleSignIn is a SDK that allows a user to sign-in through Google. FRGoogleSignIn depends on GoogleSignIn, and uses Google's SDK to perform authorization following Google's protocol. @@ -31,7 +31,7 @@ Pod::Spec.new do |s| base_dir = "FRGoogleSignIn/FRGoogleSignIn" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' - s.ios.dependency 'FRAuth', '~> 3.4.0' + s.ios.dependency 'FRAuth', '~> 3.4.1' s.ios.dependency 'GoogleSignIn', '~> 6.1.0' s.pod_target_xcconfig = { 'EXCLUDED_ARCHS[sdk=iphonesimulator*]' => 'arm64' } s.user_target_xcconfig = { 'EXCLUDED_ARCHS[sdk=iphonesimulator*]' => 'arm64' } diff --git a/FRGoogleSignIn/FRGoogleSignIn.xcodeproj/project.pbxproj b/FRGoogleSignIn/FRGoogleSignIn.xcodeproj/project.pbxproj index 5cf59795..9ac0f1b9 100644 --- a/FRGoogleSignIn/FRGoogleSignIn.xcodeproj/project.pbxproj +++ b/FRGoogleSignIn/FRGoogleSignIn.xcodeproj/project.pbxproj @@ -451,7 +451,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; OTHER_LDFLAGS = "-ObjC"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRGoogleSignIn; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; @@ -484,7 +484,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; ONLY_ACTIVE_ARCH = YES; OTHER_LDFLAGS = "-ObjC"; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRGoogleSignIn; diff --git a/FRProximity.podspec b/FRProximity.podspec index 9070f5fa..3c531a93 100644 --- a/FRProximity.podspec +++ b/FRProximity.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRProximity' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock Auth Proximity SDK for iOS' s.description = <<-DESC FRProximity is a SDK that allows you to additionally collect device information with FRDeviceCollector in FRAuth. FRProximity SDK leverages functionalities in iOS that requires user's consent. You must properly set privacy consent in the application's Info.plist. @@ -29,5 +29,5 @@ Pod::Spec.new do |s| base_dir = "FRProximity/FRProximity" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' - s.ios.dependency 'FRAuth', '~> 3.4.0' + s.ios.dependency 'FRAuth', '~> 3.4.1' end diff --git a/FRProximity/FRProximity.xcodeproj/project.pbxproj b/FRProximity/FRProximity.xcodeproj/project.pbxproj index 867cee8c..c04e6551 100644 --- a/FRProximity/FRProximity.xcodeproj/project.pbxproj +++ b/FRProximity/FRProximity.xcodeproj/project.pbxproj @@ -895,7 +895,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRProximity; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; PROVISIONING_PROFILE_SPECIFIER = ""; @@ -927,7 +927,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRProximity; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; PROVISIONING_PROFILE_SPECIFIER = ""; diff --git a/FRUI.podspec b/FRUI.podspec index 5e6c15fa..e77c1802 100644 --- a/FRUI.podspec +++ b/FRUI.podspec @@ -8,7 +8,7 @@ Pod::Spec.new do |s| s.name = 'FRUI' - s.version = '3.4.0' + s.version = '3.4.1' s.summary = 'ForgeRock UI SDK for FRAuth iOS' s.description = <<-DESC FRUI is a SDK that allows you easily and quickly develop an application with ForgeRock Platform or ForgeRock Identity Cloud, and FRAuth SDK with pre-built UI components. FRUI SDK demonstrates most of functionalities available in FRAuth SDK which includes user authentication, registration, and identity and access management against ForgeRock solutions. @@ -30,5 +30,5 @@ Pod::Spec.new do |s| base_dir = "FRUI/FRUI" s.source_files = base_dir + '/**/*.swift', base_dir + '/**/*.c', base_dir + '/**/*.h' s.resources = [base_dir + '/**/*.xib', base_dir + '/Assets/*'] - s.ios.dependency 'FRAuth', '~> 3.4.0' + s.ios.dependency 'FRAuth', '~> 3.4.1' end diff --git a/FRUI/FRUI.xcodeproj/project.pbxproj b/FRUI/FRUI.xcodeproj/project.pbxproj index 1461f54d..615dd9a2 100644 --- a/FRUI/FRUI.xcodeproj/project.pbxproj +++ b/FRUI/FRUI.xcodeproj/project.pbxproj @@ -684,7 +684,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRUI; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; PROVISIONING_PROFILE_SPECIFIER = ""; @@ -718,7 +718,7 @@ "@executable_path/Frameworks", "@loader_path/Frameworks", ); - MARKETING_VERSION = 3.4.0; + MARKETING_VERSION = 3.4.1; PRODUCT_BUNDLE_IDENTIFIER = com.forgerock.ios.FRUI; PRODUCT_NAME = "$(TARGET_NAME:c99extidentifier)"; PROVISIONING_PROFILE_SPECIFIER = "";