Implement iOS AppCheck providers (#1114)

Adds AppAttest, DeviceCheck, and DebugProvider. Adds an integration test to verify that the debug provider produces a token.

Author: AlmostMatt

app_check/CMakeLists.txt

@@ -45,6 +45,8 @@ set(android_SRCS
 set(ios_SRCS
   src/ios/app_check_ios.mm
   src/ios/app_check_ios.h
+  src/ios/util_ios.mm
+  src/ios/util_ios.h
   # Supported providers
   src/ios/app_attest_provider_ios.mm
   src/ios/debug_provider_ios.mm

app_check/integration_test/integration_test.xcodeproj/xcshareddata/xcschemes/integration_test.xcscheme

@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+   LastUpgradeVersion = "1320"
+   version = "1.3">
+   <BuildAction
+      parallelizeBuildables = "YES"
+      buildImplicitDependencies = "YES">
+      <BuildActionEntries>
+         <BuildActionEntry
+            buildForTesting = "YES"
+            buildForRunning = "YES"
+            buildForProfiling = "YES"
+            buildForArchiving = "YES"
+            buildForAnalyzing = "YES">
+            <BuildableReference
+               BuildableIdentifier = "primary"
+               BlueprintIdentifier = "529226D11C85F68000C89379"
+               BuildableName = "integration_test.app"
+               BlueprintName = "integration_test"
+               ReferencedContainer = "container:integration_test.xcodeproj">
+            </BuildableReference>
+         </BuildActionEntry>
+      </BuildActionEntries>
+   </BuildAction>
+   <TestAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      shouldUseLaunchSchemeArgsEnv = "YES">
+      <Testables>
+      </Testables>
+   </TestAction>
+   <LaunchAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      launchStyle = "0"
+      useCustomWorkingDirectory = "NO"
+      ignoresPersistentStateOnLaunch = "NO"
+      debugDocumentVersioning = "YES"
+      debugServiceExtension = "internal"
+      allowLocationSimulation = "YES">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "529226D11C85F68000C89379"
+            BuildableName = "integration_test.app"
+            BlueprintName = "integration_test"
+            ReferencedContainer = "container:integration_test.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+      <EnvironmentVariables>
+         <EnvironmentVariable
+            key = "FIRAAppCheckDebugToken"
+            value = "REPLACE_WITH_APP_CHECK_TOKEN"
+            isEnabled = "YES">
+         </EnvironmentVariable>
+      </EnvironmentVariables>
+   </LaunchAction>
+   <ProfileAction
+      buildConfiguration = "Release"
+      shouldUseLaunchSchemeArgsEnv = "YES"
+      savedToolIdentifier = ""
+      useCustomWorkingDirectory = "NO"
+      debugDocumentVersioning = "YES">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "529226D11C85F68000C89379"
+            BuildableName = "integration_test.app"
+            BlueprintName = "integration_test"
+            ReferencedContainer = "container:integration_test.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+   </ProfileAction>
+   <AnalyzeAction
+      buildConfiguration = "Debug">
+   </AnalyzeAction>
+   <ArchiveAction
+      buildConfiguration = "Release"
+      revealArchiveInOrganizer = "YES">
+   </ArchiveAction>
+</Scheme>

app_check/integration_test/integration_test.xcodeproj/xcshareddata/xcschemes/integration_test_tvos.xcscheme

@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+   LastUpgradeVersion = "1320"
+   version = "1.3">
+   <BuildAction
+      parallelizeBuildables = "YES"
+      buildImplicitDependencies = "YES">
+      <BuildActionEntries>
+         <BuildActionEntry
+            buildForTesting = "YES"
+            buildForRunning = "YES"
+            buildForProfiling = "YES"
+            buildForArchiving = "YES"
+            buildForAnalyzing = "YES">
+            <BuildableReference
+               BuildableIdentifier = "primary"
+               BlueprintIdentifier = "9F2ABA25267A4720001A35CE"
+               BuildableName = "integration_test_tvos.app"
+               BlueprintName = "integration_test_tvos"
+               ReferencedContainer = "container:integration_test.xcodeproj">
+            </BuildableReference>
+         </BuildActionEntry>
+      </BuildActionEntries>
+   </BuildAction>
+   <TestAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      shouldUseLaunchSchemeArgsEnv = "YES">
+      <Testables>
+      </Testables>
+   </TestAction>
+   <LaunchAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      launchStyle = "0"
+      useCustomWorkingDirectory = "NO"
+      ignoresPersistentStateOnLaunch = "NO"
+      debugDocumentVersioning = "YES"
+      debugServiceExtension = "internal"
+      allowLocationSimulation = "YES">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "9F2ABA25267A4720001A35CE"
+            BuildableName = "integration_test_tvos.app"
+            BlueprintName = "integration_test_tvos"
+            ReferencedContainer = "container:integration_test.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+      <EnvironmentVariables>
+         <EnvironmentVariable
+            key = "FIRAAppCheckDebugToken"
+            value = "REPLACE_WITH_APP_CHECK_TOKEN"
+            isEnabled = "YES">
+         </EnvironmentVariable>
+      </EnvironmentVariables>
+   </LaunchAction>
+   <ProfileAction
+      buildConfiguration = "Release"
+      shouldUseLaunchSchemeArgsEnv = "YES"
+      savedToolIdentifier = ""
+      useCustomWorkingDirectory = "NO"
+      debugDocumentVersioning = "YES">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "9F2ABA25267A4720001A35CE"
+            BuildableName = "integration_test_tvos.app"
+            BlueprintName = "integration_test_tvos"
+            ReferencedContainer = "container:integration_test.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+   </ProfileAction>
+   <AnalyzeAction
+      buildConfiguration = "Debug">
+   </AnalyzeAction>
+   <ArchiveAction
+      buildConfiguration = "Release"
+      revealArchiveInOrganizer = "YES">
+   </ArchiveAction>
+</Scheme>

app_check/integration_test/src/integration_test.cc

@@ -15,12 +15,16 @@
 #include <inttypes.h>
 
 #include <algorithm>
+#include <chrono>
 #include <cstdio>
 #include <cstdlib>
 #include <cstring>
 #include <ctime>
+#include <future>
 #include <map>
+#include <memory>
 #include <string>
+#include <thread>
 
 #include "app_framework.h"  // NOLINT
 #include "firebase/app.h"
@@ -61,6 +65,8 @@ using testing::Pair;
 using testing::UnorderedElementsAre;
 
 const char kIntegrationTestRootPath[] = "integration_test_data";
+const std::chrono::milliseconds kGetTokenTimeout =
+    std::chrono::milliseconds(5000);
 
 class FirebaseAppCheckTest : public FirebaseTest {
  public:
@@ -335,15 +341,57 @@ TEST_F(FirebaseAppCheckTest, TestSignIn) {
   EXPECT_NE(auth_->current_user(), nullptr);
 }
 
+TEST_F(FirebaseAppCheckTest, TestDebugProviderValidToken) {
+  firebase::app_check::DebugAppCheckProviderFactory* factory =
+      firebase::app_check::DebugAppCheckProviderFactory::GetInstance();
+#if FIREBASE_PLATFORM_IOS
+  ASSERT_NE(factory, nullptr);
+  InitializeApp();
+  firebase::app_check::AppCheckProvider* provider =
+      factory->CreateProvider(app_);
+  ASSERT_NE(provider, nullptr);
+  auto got_token_promise = std::make_shared<std::promise<void>>();
+  auto token_callback{
+      [&got_token_promise](firebase::app_check::AppCheckToken token,
+                           int error_code, const std::string& error_message) {
+        EXPECT_EQ(firebase::app_check::kAppCheckErrorNone, error_code);
+        EXPECT_EQ("", error_message);
+        EXPECT_NE(0, token.expire_time_millis);
+        EXPECT_NE("", token.token);
+        got_token_promise->set_value();
+      }};
+  provider->GetToken(token_callback);
+  auto got_token_future = got_token_promise->get_future();
+  ASSERT_EQ(std::future_status::ready,
+            got_token_future.wait_for(kGetTokenTimeout));
+#else
+  EXPECT_EQ(factory, nullptr);
+#endif
+}
+
 TEST_F(FirebaseAppCheckTest, TestAppAttestProvider) {
   firebase::app_check::AppAttestProviderFactory* factory =
       firebase::app_check::AppAttestProviderFactory::GetInstance();
 #if FIREBASE_PLATFORM_IOS
-  EXPECT_NE(factory, nullptr);
+  ASSERT_NE(factory, nullptr);
   InitializeApp();
   firebase::app_check::AppCheckProvider* provider =
       factory->CreateProvider(app_);
-  EXPECT_NE(provider, nullptr);
+  ASSERT_NE(provider, nullptr);
+  auto got_token_promise = std::make_shared<std::promise<void>>();
+  auto token_callback{
+      [&got_token_promise](firebase::app_check::AppCheckToken token,
+                           int error_code, const std::string& error_message) {
+        EXPECT_EQ(firebase::app_check::kAppCheckErrorUnsupportedProvider,
+                  error_code);
+        EXPECT_NE("", error_message);
+        EXPECT_EQ("", token.token);
+        got_token_promise->set_value();
+      }};
+  provider->GetToken(token_callback);
+  auto got_token_future = got_token_promise->get_future();
+  ASSERT_EQ(std::future_status::ready,
+            got_token_future.wait_for(kGetTokenTimeout));
 #else
   EXPECT_EQ(factory, nullptr);
 #endif
@@ -353,11 +401,24 @@ TEST_F(FirebaseAppCheckTest, TestDeviceCheckProvider) {
   firebase::app_check::DeviceCheckProviderFactory* factory =
       firebase::app_check::DeviceCheckProviderFactory::GetInstance();
 #if FIREBASE_PLATFORM_IOS
-  EXPECT_NE(factory, nullptr);
+  ASSERT_NE(factory, nullptr);
   InitializeApp();
   firebase::app_check::AppCheckProvider* provider =
       factory->CreateProvider(app_);
-  EXPECT_NE(provider, nullptr);
+  ASSERT_NE(provider, nullptr);
+  auto got_token_promise = std::make_shared<std::promise<void>>();
+  auto token_callback{
+      [&got_token_promise](firebase::app_check::AppCheckToken token,
+                           int error_code, const std::string& error_message) {
+        EXPECT_EQ(firebase::app_check::kAppCheckErrorUnknown, error_code);
+        EXPECT_NE("", error_message);
+        EXPECT_EQ("", token.token);
+        got_token_promise->set_value();
+      }};
+  provider->GetToken(token_callback);
+  auto got_token_future = got_token_promise->get_future();
+  ASSERT_EQ(std::future_status::ready,
+            got_token_future.wait_for(kGetTokenTimeout));
 #else
   EXPECT_EQ(factory, nullptr);
 #endif
@@ -367,7 +428,7 @@ TEST_F(FirebaseAppCheckTest, TestPlayIntegrityProvider) {
   firebase::app_check::PlayIntegrityProviderFactory* factory =
       firebase::app_check::PlayIntegrityProviderFactory::GetInstance();
 #if FIREBASE_PLATFORM_ANDROID
-  EXPECT_NE(factory, nullptr);
+  ASSERT_NE(factory, nullptr);
   InitializeApp();
   firebase::app_check::AppCheckProvider* provider =
       factory->CreateProvider(app_);
@@ -381,7 +442,7 @@ TEST_F(FirebaseAppCheckTest, TestSafetyNetProvider) {
   firebase::app_check::SafetyNetProviderFactory* factory =
       firebase::app_check::SafetyNetProviderFactory::GetInstance();
 #if FIREBASE_PLATFORM_ANDROID
-  EXPECT_NE(factory, nullptr);
+  ASSERT_NE(factory, nullptr);
   InitializeApp();
   firebase::app_check::AppCheckProvider* provider =
       factory->CreateProvider(app_);

app_check/src/include/firebase/app_check/app_attest_provider.h

@@ -20,6 +20,10 @@
 namespace firebase {
 namespace app_check {
 
+namespace internal {
+class AppAttestProviderFactoryInternal;
+}
+
 /// Implementation of an {@link AppCheckProviderFactory} that builds
 /// AppAttestProviders. This is the default implementation.
 class AppAttestProviderFactory : public AppCheckProviderFactory {
@@ -37,6 +41,8 @@ class AppAttestProviderFactory : public AppCheckProviderFactory {
 
  private:
   AppAttestProviderFactory();
+
+  internal::AppAttestProviderFactoryInternal* internal_;
 };
 
 }  // namespace app_check

app_check/src/include/firebase/app_check/debug_provider.h

@@ -34,12 +34,12 @@ class DebugAppCheckProviderFactoryInternal;
 /// NOTE: Do not use the debug provider in applications used by real users.
 class DebugAppCheckProviderFactory : public AppCheckProviderFactory {
  public:
+  ~DebugAppCheckProviderFactory() override;
+
   /// Gets an instance of this class for installation into a
   /// firebase::app_check::AppCheck instance.
   static DebugAppCheckProviderFactory* GetInstance();
 
-  virtual ~DebugAppCheckProviderFactory();
-
   /// Gets the AppCheckProvider associated with the given
   /// {@link App} instance, or creates one if none
   /// already exists.

app_check/src/include/firebase/app_check/device_check_provider.h

@@ -20,6 +20,10 @@
 namespace firebase {
 namespace app_check {
 
+namespace internal {
+class DeviceCheckProviderFactoryInternal;
+}
+
 /// Implementation of an {@link AppCheckProviderFactory} that builds
 /// DeviceCheckProviders. This is the default implementation.
 class DeviceCheckProviderFactory : public AppCheckProviderFactory {
@@ -37,6 +41,8 @@ class DeviceCheckProviderFactory : public AppCheckProviderFactory {
 
  private:
   DeviceCheckProviderFactory();
+
+  internal::DeviceCheckProviderFactoryInternal* internal_;
 };
 
 }  // namespace app_check