Google-internal core components of Firebase App Check.
Home Page: https://firebase.google.com/docs/app-check
License: Apache License 2.0
This library is for internal Google use only. It contains core components of FirebaseAppCheck,
from the firebase-ios-sdk project, for use in
other Google SDKs. External developers should integrate directly with the
Firebase App Check SDK.
See Contributing for more information about contributing to the App Check Core SDK.
The contents of this repository is licensed under the Apache License, version 2.0.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Calls to token(forcingRefresh:) with forcingRefresh: true may return a cached token if a call is already in progress where forcingRefresh: false. This may be as simple as adding || forcingRefresh to if (self.ongoingRetrieveOrRefreshTokenPromise == nil) (see below) but needs testing.
app-check/AppCheckCore/Sources/Core/GACAppCheck.m
Lines 138 to 153 in 5746b2d
Note: this issue isn't new (already exists in FirebaseAppCheck 10.17.0) but the code has moved to this repo.
GoogleSignIn-iOS uses AppCheckCore to provide Firebase AppCheck tokens during the sign in flow to provide app authenticity signal. To help developers onboard and understand how to configure their apps to use AppCheck, we provide a sample app and example unit tests to model good practices when reading sensitive AppCheck information (e.g., the web API key). Unfortunately, the tests fail when running in a CI environment (interestingly, they pass locally).
From an example workflow, the failure is: -[FBLPromise HTTPResponse]: unrecognized selector sent to instance.
2023-12-11 20:56:09.612997+0000 AppAttestExample[3626:16038] -[FBLPromise HTTPResponse]: unrecognized selector sent to instance 0x600000b2b120
2023-12-11 20:56:09.686759+0000 AppAttestExample[3626:16038] *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[FBLPromise HTTPResponse]: unrecognized selector sent to instance 0x600000b2b120'
*** First throw call stack:
(
0 CoreFoundation 0x0000000112d168ab __exceptionPreprocess + 242
1 libobjc.A.dylib 0x00000001101f3ba3 objc_exception_throw + 48
2 CoreFoundation 0x0000000112d25ab8 +[NSObject(NSObject) instanceMethodSignatureForSelector:] + 0
3 CoreFoundation 0x0000000112d1ad71 ___forwarding___ + 1431
4 CoreFoundation 0x0000000112d1d068 _CF_forwarding_prep_0 + 120
5 AppAttestExample 0x000000010fab45f1 -[GACAppCheckAPIService validateHTTPResponseStatusCode:] + 81
6 AppAttestExample 0x000000010fab37a5 __78-[GACAppCheckAPIService sendRequestWithURL:HTTPMethod:body:additionalHeaders:]_block_invoke.14 + 69
7 AppAttestExample 0x000000010fad0785 __56-[FBLPromise chainOnQueue:chainedFulfill:chainedReject:]_block_invoke.67 + 85
8 AppAttestExample 0x000000010fad003a __44-[FBLPromise observeOnQueue:fulfill:reject:]_block_invoke_2 + 106
9 libdispatch.dylib 0x00000001177ce7fb _dispatch_call_block_and_release + 12
10 libdispatch.dylib 0x00000001177cfa3a _dispatch_client_callout + 8
11 libdispatch.dylib 0x00000001177df3d7 _dispatch_main_queue_drain + 1509
12 libdispatch.dylib 0x00000001177dede4 _dispatch_main_queue_callback_4CF + 31
13 CoreFoundation 0x0000000112c75b1f __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 9
14 CoreFoundation 0x0000000112c70436 __CFRunLoopRun + 2482
15 CoreFoundation 0x0000000112c6f6a7 CFRunLoopRunSpecific + 560
16 XCTestCore 0x00000001466d55b1 -[XCTWaiter waitForExpectations:timeout:enforceOrder:] + 886
17 XCTestCore 0x00000001466a48f6 -[XCTFuture _waitForFulfillment] + 716
18 XCTestCore 0x00000001466a5cce -[XCTFuture value] + 32
19 XCTestCore 0x00000001466ca01d -[XCTestDriver _prepareTestConfigurationAndIDESession] + 677
20 XCTestCore 0x00000001466c9d48 -[XCTestDriver run] + 23
21 XCTestCore 0x000000014669daa9 _XCTestMain + 125
22 libXCTestBundleInject.dylib 0x000000010fe8e9b5 __copy_helper_block_e8_32s + 0
23 CoreFoundation 0x0000000112c75dd9 __CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__ + 12
24 CoreFoundation 0x0000000112c75592 __CFRunLoopDoBlocks + 406
25 CoreFoundation 0x0000000112c6fe15 __CFRunLoopRun + 913
26 CoreFoundation 0x0000000112c6f6a7 CFRunLoopRunSpecific + 560
27 GraphicsServices 0x000000011a36b28a GSEventRunModal + 139
28 UIKitCore 0x000000012511fad3 -[UIApplication _run] + 994
29 UIKitCore 0x00000001251249ef UIApplicationMain + 123
30 SwiftUI 0x00000001147e7667 __swift_memcpy93_8 + 11936
31 SwiftUI 0x00000001147e7514 __swift_memcpy93_8 + 11597
32 SwiftUI 0x0000000113e4b7e9 __swift_memcpy195_8 + 12255
33 AppAttestExample 0x000000010fa71e23 $s16AppAttestExample0abcA0V5$mainyyFZ + 35
34 AppAttestExample 0x000000010fa72019 main + 9
35 dyld 0x000000010ff4e2bf start_sim + 10
36 ??? 0x0000000115d1552e 0x0 + 4661007662
)
No crash during CI.
Seems like AppCheckCore is somehow passing a FBLPromise to -[GACAppCheckAPIService validateHTTPResponseStatusCode:], which would lead to HTTPResponse being called on a FBLPromise and an unrecognized selector exception.
Apple recently released a Describing use of required reason API , which should include a privacy manifest by spring 2024. Since this SDK is using UserDefaults, I think this SDK will need the Privacy Manifest file, so I create an issue.
Add error codes to differentiate failures occurring in:
generateKeyWithCompletionHandler:attestKey:clientDataHash:completionHandler:generateAssertion:clientDataHash:completionHandler:These are currently reported as GACAppCheckErrorCodeUnknown.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.