Add toggle in the settings for cert exchange medium

Summary: This diff adds a toggle setting in wilde which will enable certificate exchange through www. Right now it just sends the information about which medium to be used for cert exchange to Flipper JS and its client side. But its implementation is not done yet. ### Flow for Wilde Whenever user changes the setting(or when user logs out) we set the state of exchange medium and accordingly set/reset authtoken. Note at no given point we remove already existing certificates. ### Context for OSS With this diff we introduce another way to do certificate exchange. Before this diff, we did certificate exchange by accessing the file system of app. But it turns out it's not possible to do that in applications signed by enterprise certs. Thus with this diff one can write their FlipperKitCertificateProvider and fetch the certificate from WWW. Reviewed By: jknoxville Differential Revision: D22896320 fbshipit-source-id: 55aef7028a62e71ba9c02f9f79acaab41d09c0c6
2020-08-12 04:42:26 -07:00
parent 4bb110f319
commit 293de19c2b
16 changed files with 215 additions and 16 deletions
--- a/iOS/FlipperKit/FlipperClient.h
+++ b/iOS/FlipperKit/FlipperClient.h
@@ -8,6 +8,7 @@
 #ifdef FB_SONARKIT_ENABLED

 #import <Foundation/Foundation.h>
+#import "FlipperKitCertificateProvider.h"
 #import "FlipperPlugin.h"
 #import "FlipperStateUpdateListener.h"

@@ -64,6 +65,16 @@ Subscribe a ViewController to state update change notifications
 */
 - (void)subscribeForUpdates:(id<FlipperStateUpdateListener>)controller;

+/**
+Sets the certificate provider responsible for obtaining certificates
+*/
+- (void)setCertificateProvider:(id<FlipperKitCertificateProvider>)provider;
+
+/**
+ Get the certificate provider of Flipper Client
+*/
+- (id<FlipperKitCertificateProvider>)getCertificateProvider;
+
 // initializers are disabled. You must use `+[FlipperClient sharedClient]`
 // instance.
 - (instancetype)init NS_UNAVAILABLE;
--- a/iOS/FlipperKit/FlipperClient.mm
+++ b/iOS/FlipperKit/FlipperClient.mm
@@ -8,15 +8,17 @@
 #if FB_SONARKIT_ENABLED

 #import "FlipperClient.h"
+#import <Flipper/FlipperCertificateProvider.h>
 #import <Flipper/FlipperClient.h>
 #import <UIKit/UIKit.h>
 #include <folly/io/async/EventBase.h>
 #include <folly/io/async/ScopedEventBaseThread.h>
+#include <memory>
 #import "FlipperClient+Testing.h"
 #import "FlipperCppWrapperPlugin.h"
+#import "FlipperKitCertificateProvider.h"
 #import "SKEnvironmentVariables.h"
 #include "SKStateUpdateCPPWrapper.h"
-
 #if !TARGET_OS_SIMULATOR
 #import <FKPortForwarding/FKPortForwardingServer.h>
 #endif
@@ -27,6 +29,7 @@ using WrapperPlugin = facebook::flipper::FlipperCppWrapperPlugin;
  facebook::flipper::FlipperClient* _cppClient;
  folly::ScopedEventBaseThread sonarThread;
  folly::ScopedEventBaseThread connectionThread;
+  id<FlipperKitCertificateProvider> _certProvider;
 #if !TARGET_OS_SIMULATOR
  FKPortForwardingServer* _secureServer;
  FKPortForwardingServer* _insecureServer;
@@ -46,7 +49,6 @@ using WrapperPlugin = facebook::flipper::FlipperCppWrapperPlugin;
  });
  return sharedClient;
 }
-
 - (instancetype)init {
  if (self = [super init]) {
    UIDevice* device = [UIDevice currentDevice];
@@ -57,9 +59,7 @@ using WrapperPlugin = facebook::flipper::FlipperCppWrapperPlugin;
    NSString* appId = [bundle bundleIdentifier];
    NSString* privateAppDirectory = NSSearchPathForDirectoriesInDomains(
        NSApplicationSupportDirectory, NSUserDomainMask, YES)[0];
-
    NSFileManager* manager = [NSFileManager defaultManager];
-
    if ([manager fileExistsAtPath:privateAppDirectory isDirectory:NULL] == NO &&
        ![manager createDirectoryAtPath:privateAppDirectory
            withIntermediateDirectories:YES
@@ -99,6 +99,19 @@ using WrapperPlugin = facebook::flipper::FlipperCppWrapperPlugin;
  return self;
 }

+- (void)setCertificateProvider:(id<FlipperKitCertificateProvider>)provider {
+  _certProvider = provider;
+  std::shared_ptr<facebook::flipper::FlipperCertificateProvider>* prov =
+      static_cast<
+          std::shared_ptr<facebook::flipper::FlipperCertificateProvider>*>(
+          [provider getCPPCertificateProvider]);
+  _cppClient->setCertificateProvider(*prov);
+}
+
+- (id<FlipperKitCertificateProvider>)getCertificateProvider {
+  return _certProvider;
+}
+
 - (void)refreshPlugins {
  _cppClient->refreshPlugins();
 }
--- a/iOS/FlipperKit/FlipperKitCertificateProvider.h
+++ b/iOS/FlipperKit/FlipperKitCertificateProvider.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+#ifdef FB_SONARKIT_ENABLED
+
+#import <Flipper/FlipperCertificateExchangeMedium.h>
+
+typedef enum FlipperCertificateExchangeMedium
+    FlipperKitCertificateExchangeMedium;
+/**
+Represents a CPP Certificate Provider to be used by FlipperClient
+*/
+@protocol FlipperKitCertificateProvider<NSObject>
+
+- (_Nonnull instancetype)initCPPCertificateProvider;
+
+- (void* _Nonnull)
+    getCPPCertificateProvider; // Returning it as void* as the file needs to
+                               // have no cpp for it to be compatible with
+                               // Swift. The pointer returned should point to
+                               // std::shared_ptr<FlipperCertificateProvider>
+- (void)setCertificateExchangeMedium:
+    (FlipperKitCertificateExchangeMedium)medium;
+
+@optional
+- (void)setAuthToken:(nullable NSString*)authToken;
+@end
+
+#endif