-
Notifications
You must be signed in to change notification settings - Fork 262
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JWT] App startup #1473
base: internal_dump_method
Are you sure you want to change the base?
[JWT] App startup #1473
Conversation
0ba7ad5
to
039479d
Compare
6fe9b03
to
4827f36
Compare
186c65d
to
35677bc
Compare
4827f36
to
a012272
Compare
* Add text fields and buttons for testing * Use staging * remove app clips * Make Client more verbose with headers
For debugging
* Make OSUserJwtConfig object to handle auth status etc * User manager owns an instance of the JWT Config
* Add `OSUD_USE_IDENTITY_VERIFICATION` flag to OneSignalCommonDefines
public updateUserJwt method
* User request instances already have a `prepareForExecution()` method that indicates if this request can be sent yet. For example, does the onesignal ID exist to make this request. * Use this existing method to check for auth and block sending this request if auth is required but invalid, or auth is unknown, etc. * OSRequestFetchUser will have onesignalId as a property, regardless of JWT on or off. The aliasLabel and aliasId pair is already expected to be onesignal ID, so make it explicit. * Keeping the onesignal ID can be used to know if the user has actually been created on the server and to check for the post-create cool-off period. The request will be translated to use the onesignal ID or the external ID based on JWT on/off. Requests Updated: * OSRequestCreateUser * OSRequestFetchUser * OSRequestAddAliases * OSRequestRemoveAlias * OSRequestUpdateProperties Requests Not Allowed with Identity Verification: * OSRequestFetchIdentityBySubscription * OSRequestIdentifyUser
* Identity Model Store Listener will ignore it so no Deltas will be enqueued
* As a refresher, the Identity Model Repo holds all Identity Models present during an app run, which can include past users that have pending updates, while the Identity Model Store contains only the current user's Identity Model. * Let the OSIdentityModelRepo be the listener for changes to JWT token updates, and it needs to pass on that information to the User Manager who manages the JWT Config and fires other listeners of token changes.
Updates to: * OSPropertyOperationExecutor * OSIdentityOperationExecutor * OSUserExecutor Updates to OSSubscriptionOperationExecutor is still to be done.
* Refactor from a static shared instance to a instance managed by User Manager * Operation Repo does not flush while Identity Verification is unknown * Currently it is not going to process Deltas based on JWT. Executors will.
a012272
to
a0baad8
Compare
35677bc
to
039479d
Compare
/// Needs `onesignal_id` without JWT on or `external_id` with valid JWT to send this request | ||
func prepareForExecution(newRecordsState: OSNewRecordsState) -> Bool { | ||
if let onesignalId = identityModel.onesignalId, | ||
newRecordsState.canAccess(onesignalId), | ||
let appId = OneSignalConfigManager.getAppId() | ||
{ | ||
self.addJWTHeader(identityModel: identityModel) | ||
self.path = "apps/\(appId)/users/by/\(OS_ONESIGNAL_ID)/\(onesignalId)/identity" | ||
return true | ||
} else { | ||
let alias = getAlias(identityModel: identityModel) | ||
guard | ||
let onesignalId = identityModel.onesignalId, | ||
newRecordsState.canAccess(onesignalId), | ||
let aliasIdToUse = alias.id, | ||
let appId = OneSignalConfigManager.getAppId(), | ||
addJWTHeaderIsValid(identityModel: identityModel) | ||
else { | ||
return false | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consider removing the repetition, OSUserRequest can be a class instead of protocol or there can be another helper that prepare calls
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
discussed changes to the requests to not duplicate code in prepareForExecution
Updated: tested player model migration and seems to work as well. |
* Set most things to not require auth / JWT off.
* Multiple requests are making the same user-related requirement checks. * Put this into a helper function. * Since each request sets its own path at execution time with an appropriate app ID and alias, the app ID and alias are two separate checks.
Badge tests still flaky: |
Description
One Line Summary
Handles basic-level app startup for Identity Verification - on new install and minor migrations on upgrades.
Details
Internal JWT Config management and listeners
OSUserJwtConfig
object to handle auth required status, etc.print()
s to help debug, these will be removed eventually.Request objects updated to consider JWT
prepareForExecution()
method that indicates if this request can be sent yet. For example, does the onesignal ID exist to make this request.What has been tested in this PR
[OneSignal updateUserJwt:"externalUserId" withToken:"token"]
What is not included in this PR
Motivation
Support Identity Verification
Testing
Unit testing
🚧 WIP
Manual Testing
How to Test:
com.onesignal.example.staging
. Update the app ID to either168...
to test Identity Verification off, and013...
to test Identity Verification on. This is documented somewhere and please reach out for the keys and IDs.New install - Identity Verification is off - no login is called
New install - Identity Verification is ON - then login is called
Upgrade from main - Identity Verification is ON
main
, turn off connection, do a new install and call:[OneSignal updateUserJwt:@"nanaug23a" withToken:@"validToken"]
for the external ID that was logged into.Upgrade from player model - Identity Verification is ON
This is the test process I did:
player-model-main
, do a new install and I did not set external ID.OSRequestFetchIdentityBySubscription
that was previously generated is dropped.Affected code checklist
Checklist
Overview
Testing
Final pass
This change is