chenwenyi
/
firebase-ios-sdk


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454
							/*
 * Copyright 2020 Google LLC
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#import <XCTest/XCTest.h>

#import <OCMock/OCMock.h>
#import "FBLPromise+Testing.h"

#import <GoogleUtilities/GULURLSessionDataResponse.h>
#import <GoogleUtilities/NSURLSession+GULPromises.h>

#import "AppCheckCore/Sources/Core/APIService/GACAppCheckAPIService.h"
#import "AppCheckCore/Sources/Core/Errors/GACAppCheckErrorUtil.h"
#import "AppCheckCore/Sources/Public/AppCheckCore/GACAppCheckErrors.h"
#import "AppCheckCore/Sources/Public/AppCheckCore/GACAppCheckToken.h"

#import "AppCheckCore/Tests/Unit/Utils/GACFixtureLoader.h"
#import "AppCheckCore/Tests/Utils/Date/GACDateTestUtils.h"
#import "AppCheckCore/Tests/Utils/URLSession/GACURLSessionOCMockStub.h"

#import "FirebaseCore/Extension/FirebaseCoreInternal.h"

static NSString *const kAPIKeyHeaderKey = @"X-Goog-Api-Key";
static NSString *const kAPIKeyHeaderValue = @"Test-API-Key";
static NSString *const kBundleIDHeaderKey = @"X-Ios-Bundle-Identifier";
static NSString *const kTestHeaderKey = @"X-test-header";
static NSString *const kTestHeaderValue = @"TEST_HEADER_VALUE";

#pragma mark - GACAppCheckAPIServiceTests

@interface GACAppCheckAPIServiceTests : XCTestCase

@property(nonatomic) GACAppCheckAPIService *APIService;

@property(nonatomic) id mockURLSession;

@property(nonatomic) NSMutableDictionary<NSString *, NSString *> *expectedHTTPHeaderFields;

@end

@implementation GACAppCheckAPIServiceTests

- (void)setUp {
  [super setUp];

  self.mockURLSession = OCMStrictClassMock([NSURLSession class]);

  self.expectedHTTPHeaderFields = [NSMutableDictionary
      dictionaryWithDictionary:@{kBundleIDHeaderKey : [[NSBundle mainBundle] bundleIdentifier]}];

  self.APIService = [[GACAppCheckAPIService alloc] initWithURLSession:self.mockURLSession
                                                              baseURL:nil
                                                               APIKey:nil
                                                         requestHooks:nil];
}

- (void)tearDown {
  [super tearDown];

  self.APIService = nil;
  [self.mockURLSession stopMocking];
  self.mockURLSession = nil;
}

#pragma mark - Init

- (void)testInitDefaultBaseURL {
  GACAppCheckAPIService *APIService =
      [[GACAppCheckAPIService alloc] initWithURLSession:self.mockURLSession
                                                baseURL:nil
                                                 APIKey:nil
                                           requestHooks:nil];

  XCTAssertNotNil(APIService);
  XCTAssertEqualObjects(APIService.baseURL, @"https://firebaseappcheck.googleapis.com/v1");
}

- (void)testInitCustomBaseURL {
  NSString *customBaseURL = @"https://custom.example.com/v1beta";

  GACAppCheckAPIService *APIService =
      [[GACAppCheckAPIService alloc] initWithURLSession:self.mockURLSession
                                                baseURL:customBaseURL
                                                 APIKey:nil
                                           requestHooks:nil];

  XCTAssertNotNil(APIService);
  XCTAssertEqualObjects(APIService.baseURL, customBaseURL);
}

#pragma mark - Send Requests

- (void)testDataRequestNetworkError {
  NSURL *URL = [NSURL URLWithString:@"https://some.url.com"];
  NSDictionary *additionalHeaders = @{@"header1" : @"value1"};
  NSData *requestBody = [@"Request body" dataUsingEncoding:NSUTF8StringEncoding];

  // 1. Stub URL session.
  NSError *networkError = [NSError errorWithDomain:self.name code:-1 userInfo:nil];

  [self stubURLSessionDataTaskPromiseWithResponse:nil
                                             body:nil
                                            error:networkError
                                   URLSessionMock:self.mockURLSession
                           requestValidationBlock:nil];

  // 2. Send request.
  __auto_type requestPromise = [self.APIService sendRequestWithURL:URL
                                                        HTTPMethod:@"POST"
                                                              body:requestBody
                                                 additionalHeaders:additionalHeaders];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(requestPromise.isRejected);
  XCTAssertNotNil(requestPromise.error);
  XCTAssertEqualObjects(requestPromise.error.domain, GACAppCheckErrorDomain);
  XCTAssertEqual(requestPromise.error.code, GACAppCheckErrorCodeServerUnreachable);
  XCTAssertEqualObjects(requestPromise.error.userInfo[NSUnderlyingErrorKey], networkError);

  OCMVerifyAll(self.mockURLSession);
}

- (void)testDataRequestNot2xxHTTPStatusCode {
  NSURL *URL = [NSURL URLWithString:@"https://some.url.com"];
  NSData *requestBody = [@"Request body" dataUsingEncoding:NSUTF8StringEncoding];
  NSString *responseBodyString = @"Token verification failed.";

  NSData *HTTPResponseBody = [responseBodyString dataUsingEncoding:NSUTF8StringEncoding];
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:300];
  [self stubURLSessionDataTaskPromiseWithResponse:HTTPResponse
                                             body:HTTPResponseBody
                                            error:nil
                                   URLSessionMock:self.mockURLSession
                           requestValidationBlock:nil];

  // 2. Send request.
  __auto_type requestPromise = [self.APIService sendRequestWithURL:URL
                                                        HTTPMethod:@"POST"
                                                              body:requestBody
                                                 additionalHeaders:nil];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(requestPromise.isRejected);
  XCTAssertNil(requestPromise.value);

  XCTAssertNotNil(requestPromise.error);
  XCTAssertEqualObjects(requestPromise.error.domain, GACAppCheckErrorDomain);
  XCTAssertEqual(requestPromise.error.code, GACAppCheckErrorCodeUnknown);

  // Expect response body and HTTP status code to be included in the error.
  NSString *failureReason = requestPromise.error.userInfo[NSLocalizedFailureReasonErrorKey];
  XCTAssertNotNil(failureReason);
  XCTAssertTrue([failureReason containsString:@"300"]);
  XCTAssertTrue([failureReason containsString:responseBodyString]);

  OCMVerifyAll(self.mockURLSession);
}

- (void)testDataRequestWithRequestHooks {
  NSURL *URL = [NSURL URLWithString:@"https://some.url.com"];
  NSString *HTTPMethod = @"POST";
  NSData *requestBody = [@"Request body" dataUsingEncoding:NSUTF8StringEncoding];
  NSTimeInterval requestTimeout = 5.0;
  [self.expectedHTTPHeaderFields setObject:kTestHeaderValue forKey:kTestHeaderKey];

  GACAppCheckAPIRequestHook headerRequestHook = ^(NSMutableURLRequest *request) {
    [request addValue:kTestHeaderValue forHTTPHeaderField:kTestHeaderKey];
  };
  GACAppCheckAPIRequestHook timeoutRequestHook = ^(NSMutableURLRequest *request) {
    request.timeoutInterval = requestTimeout;
  };
  GACAppCheckAPIRequestHook cellularAccessRequestHook = ^(NSMutableURLRequest *request) {
    request.allowsCellularAccess = NO;
  };

  self.APIService = [[GACAppCheckAPIService alloc]
      initWithURLSession:self.mockURLSession
                 baseURL:nil
                  APIKey:nil
            requestHooks:@[ headerRequestHook, timeoutRequestHook, cellularAccessRequestHook ]];

  // 1. Stub URL session.
  FIRRequestValidationBlock requestValidation = ^BOOL(NSURLRequest *request) {
    XCTAssertEqualObjects(request.URL, URL);
    XCTAssertEqualObjects(request.HTTPMethod, HTTPMethod);
    XCTAssertEqualObjects(request.HTTPBody, requestBody);

    XCTAssertEqualObjects(request.allHTTPHeaderFields, self.expectedHTTPHeaderFields);
    XCTAssertEqual(request.timeoutInterval, requestTimeout);
    XCTAssertEqual(request.allowsCellularAccess, NO);

    return YES;
  };

  NSData *HTTPResponseBody = [@"A response" dataUsingEncoding:NSUTF8StringEncoding];
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  [self stubURLSessionDataTaskPromiseWithResponse:HTTPResponse
                                             body:HTTPResponseBody
                                            error:nil
                                   URLSessionMock:self.mockURLSession
                           requestValidationBlock:requestValidation];

  // 2. Send request.
  __auto_type requestPromise = [self.APIService sendRequestWithURL:URL
                                                        HTTPMethod:HTTPMethod
                                                              body:requestBody
                                                 additionalHeaders:nil];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(requestPromise.isFulfilled);
  XCTAssertNil(requestPromise.error);

  XCTAssertEqualObjects(requestPromise.value.HTTPResponse, HTTPResponse);
  XCTAssertEqualObjects(requestPromise.value.HTTPBody, HTTPResponseBody);

  OCMVerifyAll(self.mockURLSession);
}

- (void)testDataRequestWithAdditionalHeaders {
  NSURL *URL = [NSURL URLWithString:@"https://some.url.com"];
  NSString *HTTPMethod = @"POST";
  NSData *requestBody = [@"Request body" dataUsingEncoding:NSUTF8StringEncoding];
  NSDictionary<NSString *, NSString *> *additionalHeaders = @{kTestHeaderKey : kTestHeaderValue};
  [self.expectedHTTPHeaderFields addEntriesFromDictionary:additionalHeaders];

  // 1. Stub URL session.
  FIRRequestValidationBlock requestValidation = ^BOOL(NSURLRequest *request) {
    XCTAssertEqualObjects(request.URL, URL);
    XCTAssertEqualObjects(request.HTTPMethod, HTTPMethod);
    XCTAssertEqualObjects(request.HTTPBody, requestBody);

    XCTAssertEqualObjects(request.allHTTPHeaderFields, self.expectedHTTPHeaderFields);

    return YES;
  };

  NSData *HTTPResponseBody = [@"A response" dataUsingEncoding:NSUTF8StringEncoding];
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  [self stubURLSessionDataTaskPromiseWithResponse:HTTPResponse
                                             body:HTTPResponseBody
                                            error:nil
                                   URLSessionMock:self.mockURLSession
                           requestValidationBlock:requestValidation];

  // 2. Send request.
  __auto_type requestPromise = [self.APIService sendRequestWithURL:URL
                                                        HTTPMethod:HTTPMethod
                                                              body:requestBody
                                                 additionalHeaders:additionalHeaders];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(requestPromise.isFulfilled);
  XCTAssertNil(requestPromise.error);

  XCTAssertEqualObjects(requestPromise.value.HTTPResponse, HTTPResponse);
  XCTAssertEqualObjects(requestPromise.value.HTTPBody, HTTPResponseBody);

  OCMVerifyAll(self.mockURLSession);
}

- (void)testDataRequestWithAPIKey {
  NSURL *URL = [NSURL URLWithString:@"https://some.url.com"];
  NSString *HTTPMethod = @"POST";
  NSData *requestBody = [@"Request body" dataUsingEncoding:NSUTF8StringEncoding];
  [self.expectedHTTPHeaderFields setObject:kAPIKeyHeaderValue forKey:kAPIKeyHeaderKey];

  self.APIService = [[GACAppCheckAPIService alloc] initWithURLSession:self.mockURLSession
                                                              baseURL:nil
                                                               APIKey:kAPIKeyHeaderValue
                                                         requestHooks:nil];

  // 1. Stub URL session.
  FIRRequestValidationBlock requestValidation = ^BOOL(NSURLRequest *request) {
    XCTAssertEqualObjects(request.URL, URL);
    XCTAssertEqualObjects(request.HTTPMethod, HTTPMethod);
    XCTAssertEqualObjects(request.HTTPBody, requestBody);

    XCTAssertEqualObjects(request.allHTTPHeaderFields, self.expectedHTTPHeaderFields);

    return YES;
  };

  NSData *HTTPResponseBody = [@"A response" dataUsingEncoding:NSUTF8StringEncoding];
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  [self stubURLSessionDataTaskPromiseWithResponse:HTTPResponse
                                             body:HTTPResponseBody
                                            error:nil
                                   URLSessionMock:self.mockURLSession
                           requestValidationBlock:requestValidation];

  // 2. Send request.
  __auto_type requestPromise = [self.APIService sendRequestWithURL:URL
                                                        HTTPMethod:HTTPMethod
                                                              body:requestBody
                                                 additionalHeaders:nil];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(requestPromise.isFulfilled);
  XCTAssertNil(requestPromise.error);

  XCTAssertEqualObjects(requestPromise.value.HTTPResponse, HTTPResponse);
  XCTAssertEqualObjects(requestPromise.value.HTTPBody, HTTPResponseBody);

  OCMVerifyAll(self.mockURLSession);
}

#pragma mark - Token Exchange API response

- (void)testAppCheckTokenWithAPIResponseValidResponse {
  // 1. Prepare input parameters.
  NSData *responseBody =
      [GACFixtureLoader loadFixtureNamed:@"FACTokenExchangeResponseSuccess.json"];
  XCTAssertNotNil(responseBody);
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  GULURLSessionDataResponse *APIResponse =
      [[GULURLSessionDataResponse alloc] initWithResponse:HTTPResponse HTTPBody:responseBody];

  // 2. Expected result.
  NSString *expectedFACToken = @"valid_app_check_token";

  // 3. Parse API response.
  __auto_type tokenPromise = [self.APIService appCheckTokenWithAPIResponse:APIResponse];

  // 4. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(tokenPromise.isFulfilled);
  XCTAssertNil(tokenPromise.error);

  XCTAssertEqualObjects(tokenPromise.value.token, expectedFACToken);
  XCTAssertTrue([GACDateTestUtils isDate:tokenPromise.value.expirationDate
      approximatelyEqualCurrentPlusTimeInterval:1800
                                      precision:10]);
}

- (void)testAppCheckTokenWithAPIResponseInvalidFormat {
  // 1. Prepare input parameters.
  NSString *responseBodyString = @"Token verification failed.";
  NSData *responseBody = [responseBodyString dataUsingEncoding:NSUTF8StringEncoding];
  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  GULURLSessionDataResponse *APIResponse =
      [[GULURLSessionDataResponse alloc] initWithResponse:HTTPResponse HTTPBody:responseBody];

  // 2. Parse API response.
  __auto_type tokenPromise = [self.APIService appCheckTokenWithAPIResponse:APIResponse];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(tokenPromise.isRejected);
  XCTAssertNil(tokenPromise.value);

  XCTAssertNotNil(tokenPromise.error);
  XCTAssertEqualObjects(tokenPromise.error.domain, GACAppCheckErrorDomain);
  XCTAssertEqual(tokenPromise.error.code, GACAppCheckErrorCodeUnknown);

  // Expect response body and HTTP status code to be included in the error.
  NSString *failureReason = tokenPromise.error.userInfo[NSLocalizedFailureReasonErrorKey];
  XCTAssertEqualObjects(failureReason, @"JSON serialization error.");
}

- (void)testAppCheckTokenResponseMissingFields {
  [self assertMissingFieldErrorWithFixture:@"DeviceCheckResponseMissingToken.json"
                              missingField:@"token"];
  [self assertMissingFieldErrorWithFixture:@"DeviceCheckResponseMissingTimeToLive.json"
                              missingField:@"ttl"];
}

- (void)assertMissingFieldErrorWithFixture:(NSString *)fixtureName
                              missingField:(NSString *)fieldName {
  // 1. Parse API response.
  NSData *missingFiledBody = [GACFixtureLoader loadFixtureNamed:fixtureName];
  XCTAssertNotNil(missingFiledBody);

  NSHTTPURLResponse *HTTPResponse = [GACURLSessionOCMockStub HTTPResponseWithCode:200];
  GULURLSessionDataResponse *APIResponse =
      [[GULURLSessionDataResponse alloc] initWithResponse:HTTPResponse HTTPBody:missingFiledBody];

  // 2. Parse API response.
  __auto_type tokenPromise = [self.APIService appCheckTokenWithAPIResponse:APIResponse];

  // 3. Verify.
  XCTAssert(FBLWaitForPromisesWithTimeout(1));

  XCTAssertTrue(tokenPromise.isRejected);
  XCTAssertNil(tokenPromise.value);

  XCTAssertNotNil(tokenPromise.error);
  XCTAssertEqualObjects(tokenPromise.error.domain, GACAppCheckErrorDomain);
  XCTAssertEqual(tokenPromise.error.code, GACAppCheckErrorCodeUnknown);

  // Expect missing field name to be included in the error.
  NSString *failureReason = tokenPromise.error.userInfo[NSLocalizedFailureReasonErrorKey];
  NSString *fieldNameString = [NSString stringWithFormat:@"`%@`", fieldName];
  XCTAssertTrue([failureReason containsString:fieldNameString],
                @"Fixture `%@`: expected missing field %@ error not found", fixtureName,
                fieldNameString);
}

#pragma mark - Helpers

- (void)stubURLSessionDataTaskPromiseWithResponse:(NSHTTPURLResponse *)HTTPResponse
                                             body:(NSData *)body
                                            error:(NSError *)error
                                   URLSessionMock:(id)URLSessionMock
                           requestValidationBlock:
                               (FIRRequestValidationBlock)requestValidationBlock {
  // Validate request content.
  FIRRequestValidationBlock nonOptionalRequestValidationBlock =
      requestValidationBlock ?: ^BOOL(id request) {
        return YES;
      };

  id URLRequestValidationArg = [OCMArg checkWithBlock:nonOptionalRequestValidationBlock];

  // Result promise.
  FBLPromise<GULURLSessionDataResponse *> *result = [FBLPromise pendingPromise];
  if (error == nil) {
    GULURLSessionDataResponse *response =
        [[GULURLSessionDataResponse alloc] initWithResponse:HTTPResponse HTTPBody:body];
    [result fulfill:response];
  } else {
    [result reject:error];
  }

  // Stub the method.
  OCMExpect([URLSessionMock gul_dataTaskPromiseWithRequest:URLRequestValidationArg])
      .andReturn(result);
}

@end