Feat/integrate smile security module

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Release Notes
 
+## Unreleased
+
+* Changes the `retry` flag to be a boolean instead of a string for prepUpload requests. This is a breaking change for stored offline jobs, where the job is written using an older sdk version and then submission is attempted using this version
+
 ## 10.5.1
 
 ### Fixed

Example/Podfile.lock

@@ -15,7 +15,9 @@ PODS:
   - SmileID (10.5.1):
     - FingerprintJS
     - lottie-ios (~> 4.5.0)
+    - SmileIDSecurity (~> 1.0.1)
     - ZIPFoundation (~> 0.9)
+  - SmileIDSecurity (1.0.1)
   - SwiftLint (0.58.2)
   - ZIPFoundation (0.9.19)
 
@@ -33,6 +35,7 @@ SPEC REPOS:
     - lottie-ios
     - netfox
     - Sentry
+    - SmileIDSecurity
     - SwiftLint
     - ZIPFoundation
 
@@ -51,7 +54,8 @@ SPEC CHECKSUMS:
   lottie-ios: 248b380fa1b97d18e792c37d90da7ab2aa0d6562
   netfox: 9d5cc727fe7576c4c7688a2504618a156b7d44b7
   Sentry: 1ca8405451040482877dcd344dfa3ef80b646631
-  SmileID: 7f9c9db916d4c3997fcafb8b811afec30e88c751
+  SmileID: 8c9228f3dcdad070af6cd3e6eae6a5aae1e8ccb2
+  SmileIDSecurity: b847101f7d7b86c1c453fb1b045146dfcbc5183d
   SwiftLint: 365bcd9ffc83d0deb874e833556d82549919d6cd
   ZIPFoundation: b8c29ea7ae353b309bc810586181fd073cb3312c
 

Package.swift

@@ -15,15 +15,17 @@ let package = Package(
     dependencies: [
         .package(url: "https://github.com/weichsel/ZIPFoundation.git", .upToNextMajor(from: "0.9.0")),
         .package(url: "https://github.com/airbnb/lottie-spm", from: "4.5.0"),
-        .package(url: "https://github.com/fingerprintjs/fingerprintjs-ios", from: "1.5.0")
+        .package(url: "https://github.com/fingerprintjs/fingerprintjs-ios", from: "1.5.0"),
+        .package(url: "https://github.com/smileidentity/smile-id-security", from: "1.0.1")
     ],
     targets: [
         .target(
             name: "SmileID",
             dependencies: [
                 .product(name: "ZIPFoundation", package: "ZIPFoundation"),
                 .product(name: "FingerprintJS", package: "fingerprintjs-ios"),
-                .product(name: "Lottie", package: "lottie-spm")
+                .product(name: "Lottie", package: "lottie-spm"),
+                .product(name: "SmileIDSecurity", package: "smile-id-security")
             ],
             path: "Sources/SmileID",
             resources: [.process("Resources")]

SmileID.podspec

@@ -10,6 +10,7 @@ Pod::Spec.new do |s|
   s.dependency 'ZIPFoundation', '~> 0.9'
   s.dependency 'FingerprintJS'
   s.dependency 'lottie-ios', '~> 4.5.0'
+  s.dependency 'SmileIDSecurity', '~> 1.0.1'
   s.swift_version = '5.5'
   s.source_files = 'Sources/SmileID/Classes/**/*'
   s.resource_bundles = {

SmileID.xcodeproj/project.pbxproj

@@ -4000,6 +4000,7 @@
 				1E4A02382BF4EB9D00167633 /* Lottie in Frameworks */,
 				6277E7512C65153700AC87FB /* ZIPFoundation in Frameworks */,
 				1E9825A32C9B4AF2009F2CA6 /* FingerprintJS in Frameworks */,
+				6672CF0B2D88877E005DF7A6 /* SmileIDSecurity in Frameworks */,
 				1E9825A52C9B4AF2009F2CA6 /* SystemControl in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
@@ -7990,6 +7991,7 @@
 				6277E7502C65153700AC87FB /* ZIPFoundation */,
 				1E9825A22C9B4AF2009F2CA6 /* FingerprintJS */,
 				1E9825A42C9B4AF2009F2CA6 /* SystemControl */,
+				6672CF0A2D88877E005DF7A6 /* SmileIDSecurity */,
 			);
 			productName = SmileID;
 			productReference = 1EEFC2382B583F1A00B8A934 /* libSmileID.a */;
@@ -8032,6 +8034,7 @@
 				1E6857C92BF39CDD0019B515 /* XCRemoteSwiftPackageReference "lottie-spm" */,
 				6277E74D2C65119600AC87FB /* XCRemoteSwiftPackageReference "ZIPFoundation" */,
 				1E98259D2C9B478C009F2CA6 /* XCRemoteSwiftPackageReference "fingerprintjs-ios" */,
+				6672CF092D88877E005DF7A6 /* XCRemoteSwiftPackageReference "smile-id-security" */,
 			);
 			productRefGroup = 1EEFC21B2B583CFB00B8A934 /* Products */;
 			projectDirPath = "";
@@ -8747,6 +8750,14 @@
 				minimumVersion = 0.9.19;
 			};
 		};
+		6672CF092D88877E005DF7A6 /* XCRemoteSwiftPackageReference "smile-id-security" */ = {
+			isa = XCRemoteSwiftPackageReference;
+			repositoryURL = "https://github.com/smileidentity/smile-id-security";
+			requirement = {
+				branch = main;
+				kind = branch;
+			};
+		};
 /* End XCRemoteSwiftPackageReference section */
 
 /* Begin XCSwiftPackageProductDependency section */
@@ -8790,6 +8801,11 @@
 			package = 6277E74D2C65119600AC87FB /* XCRemoteSwiftPackageReference "ZIPFoundation" */;
 			productName = ZIPFoundation;
 		};
+		6672CF0A2D88877E005DF7A6 /* SmileIDSecurity */ = {
+			isa = XCSwiftPackageProductDependency;
+			package = 6672CF092D88877E005DF7A6 /* XCRemoteSwiftPackageReference "smile-id-security" */;
+			productName = SmileIDSecurity;
+		};
 /* End XCSwiftPackageProductDependency section */
 	};
 	rootObject = 1EEFC2112B583CFB00B8A934 /* Project object */;

SmileID.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved

@@ -1,5 +1,5 @@
 {
-  "originHash" : "b4a832f8609e6d8fe26567f801eacf41b54111a27551c5d2a949decba83d8b82",
+  "originHash" : "60ccf1f3bdb356f89e96f70a8531c34eebffe2363a31000c069923d65f56f54d",
   "pins" : [
     {
       "identity" : "fingerprintjs-ios",
@@ -19,6 +19,15 @@
         "version" : "4.4.3"
       }
     },
+    {
+      "identity" : "smile-id-security",
+      "kind" : "remoteSourceControl",
+      "location" : "https://github.com/smileidentity/smile-id-security",
+      "state" : {
+        "branch" : "main",
+        "revision" : "77c8d918c2e21e88a6f87504785429d8015aa0fc"
+      }
+    },
     {
       "identity" : "zipfoundation",
       "kind" : "remoteSourceControl",

Sources/SmileID/Classes/BiometricKYC/OrchestratedBiometricKycViewModel.swift

@@ -63,8 +63,7 @@ class OrchestratedBiometricKycViewModel: ObservableObject {
     func onFinished(delegate: BiometricKycResultDelegate) {
         if let selfieFile = selfieFile,
            let livenessFiles = livenessFiles,
-           let selfiePath = getRelativePath(from: selfieFile)
-        {
+           let selfiePath = getRelativePath(from: selfieFile) {
             delegate.didSucceed(
                 selfieImage: selfiePath,
                 livenessImages: livenessFiles.compactMap { getRelativePath(from: $0) },
@@ -143,6 +142,11 @@ class OrchestratedBiometricKycViewModel: ObservableObject {
         if let livenessFiles {
             allFiles.append(contentsOf: livenessFiles)
         }
+        do {
+            if let securityInfoJson = try LocalStorage.addSecurityInfo(jobId: jobId, files: allFiles) {
+                allFiles.append(contentsOf: [securityInfoJson])
+            }
+        } catch { /* in case we can't add the security info the backend will deal with the enrollment */ }
         return try LocalStorage.zipFiles(at: allFiles)
     }
 
@@ -176,7 +180,7 @@ class OrchestratedBiometricKycViewModel: ObservableObject {
     }
 
     private func prepareForUpload(authResponse: AuthenticationResponse) async throws -> PrepUploadResponse {
-        let prepUploadRequest = PrepUploadRequest(
+        var prepUploadRequest = PrepUploadRequest(
             partnerParams: authResponse.partnerParams.copy(extras: extraPartnerParams),
             allowNewEnroll: allowNewEnroll,
             metadata: localMetadata.metadata.items,
@@ -193,8 +197,10 @@ class OrchestratedBiometricKycViewModel: ObservableObject {
             else {
                 throw error
             }
+            prepUploadRequest.retry = true
             return try await SmileID.api.prepUpload(
-                request: prepUploadRequest.copy(retry: "true"))
+                request: prepUploadRequest
+            )
         }
     }
 

Sources/SmileID/Classes/DocumentVerification/Model/OrchestratedDocumentVerificationViewModel.swift

@@ -179,6 +179,11 @@ class IOrchestratedDocumentVerificationViewModel<T, U: JobResult>: ObservableObj
                     livenessImages: livenessFiles
                 )
                 allFiles.append(info)
+                do {
+                    if let securityInfoJson = try LocalStorage.addSecurityInfo(jobId: jobId, files: allFiles) {
+                        allFiles.append(contentsOf: [securityInfoJson])
+                    }
+                } catch { /* in case we can't add the security info the backend will deal with the enrollment */ }
                 let zipData = try LocalStorage.zipFiles(at: allFiles)
                 self.savedFiles = DocumentCaptureResultStore(
                     allFiles: allFiles,
@@ -209,7 +214,7 @@ class IOrchestratedDocumentVerificationViewModel<T, U: JobResult>: ObservableObj
                     )
                 }
                 let authResponse = try await SmileID.api.authenticate(request: authRequest)
-                let prepUploadRequest = PrepUploadRequest(
+                var prepUploadRequest = PrepUploadRequest(
                     partnerParams: authResponse.partnerParams.copy(extras: self.extraPartnerParams),
                     allowNewEnroll: allowNewEnroll,
                     metadata: localMetadata.metadata.items,
@@ -224,8 +229,9 @@ class IOrchestratedDocumentVerificationViewModel<T, U: JobResult>: ObservableObj
                 } catch let error as SmileIDError {
                     switch error {
                     case .api("2215", _):
+                        prepUploadRequest.retry = true
                         prepUploadResponse = try await SmileID.api.prepUpload(
-                            request: prepUploadRequest.copy(retry: "true")
+                            request: prepUploadRequest
                         )
                     default:
                         throw error
@@ -346,9 +352,7 @@ extension IOrchestratedDocumentVerificationViewModel: SmartSelfieResultDelegate
 }
 
 // swiftlint:disable opening_brace
-class OrchestratedDocumentVerificationViewModel:
-    IOrchestratedDocumentVerificationViewModel<DocumentVerificationResultDelegate, DocumentVerificationJobResult>
-{
+class OrchestratedDocumentVerificationViewModel: IOrchestratedDocumentVerificationViewModel<DocumentVerificationResultDelegate, DocumentVerificationJobResult> {
     override func onFinished(delegate: DocumentVerificationResultDelegate) {
         if let savedFiles,
            let selfiePath = getRelativePath(from: selfieFile),
@@ -372,11 +376,7 @@ class OrchestratedDocumentVerificationViewModel:
 }
 
 // swiftlint:disable opening_brace
-class OrchestratedEnhancedDocumentVerificationViewModel:
-    IOrchestratedDocumentVerificationViewModel<
-        EnhancedDocumentVerificationResultDelegate, EnhancedDocumentVerificationJobResult
-    >
-{
+class OrchestratedEnhancedDocumentVerificationViewModel: IOrchestratedDocumentVerificationViewModel<EnhancedDocumentVerificationResultDelegate, EnhancedDocumentVerificationJobResult> {
     override func onFinished(delegate: EnhancedDocumentVerificationResultDelegate) {
         if let savedFiles,
            let selfiePath = getRelativePath(from: selfieFile),

Sources/SmileID/Classes/Helpers/LocalStorage.swift

@@ -1,5 +1,6 @@
 import Foundation
 import ZIPFoundation
+import SmileIDSecurity
 
 public class LocalStorage {
     private static let defaultFolderName = "SmileID"
@@ -133,6 +134,39 @@ public class LocalStorage {
         return try createSmileFile(to: jobId, name: "info.json", file: data)
     }
 
+    static func addSecurityInfo(
+        jobId: String,
+        files: [URL]
+    ) throws -> URL? {
+        do {
+            let timestamp = Date().toISO8601WithMilliseconds()
+            let mac = try SmileIDCryptoManager.shared.sign(
+                timestamp: timestamp,
+                files: files
+            )
+            let securityInfo = SecurityInfo(
+                timestamp: timestamp,
+                mac: mac
+            )
+            let securityInfoJson = try createSecurityInfoFile(
+                jobId: jobId,
+                securityInfo: securityInfo
+            )
+            return securityInfoJson
+        } catch {
+            print("Couldn't create security info. Continuing without it.")
+            return nil
+        }
+    }
+
+    private static func createSecurityInfoFile(
+        jobId: String,
+        securityInfo: SecurityInfo
+    ) throws -> URL {
+        let data = try jsonEncoder.encode(securityInfo)
+        return try createSmileFile(to: jobId, name: "security_info.json", file: data)
+    }
+
     static func getInfoJsonFile(
         jobId: String
     ) throws -> URL {

Sources/SmileID/Classes/Networking/Models/FailureReason.swift

@@ -1,6 +1,6 @@
 import Foundation
 
-public enum FailureReason: Encodable {
+public enum FailureReason: Codable {
     case mobileActiveLivenessTimeout
 
     private enum CodingKeys: String, CodingKey {

Sources/SmileID/Classes/Networking/Models/MultipartBody.swift

@@ -1,15 +1,22 @@
 import Foundation
 
-public struct MultipartBody: Encodable {
-    let key: String
-    let filename: String
+public struct MultipartBody: Codable {
     let data: Data
+    let filename: String
     let mimeType: String
 
-    public init?(withImage image: Data, forKey key: String, forName name: String) {
-        self.key = key
-        mimeType = "image/jpeg"
-        filename = name
-        data = image
+    public init?(
+        withImage image: Data,
+        forName name: String
+    ) {
+        self.data = image
+        self.filename = name
+        self.mimeType = "image/jpeg"
+    }
+
+    enum CodingKeys: String, CodingKey {
+        case data
+        case filename = "name"
+        case mimeType = "type"
     }
 }

Sources/SmileID/Classes/Networking/Models/PrepUpload.swift

@@ -12,7 +12,7 @@ public struct PrepUploadRequest: Codable {
     public var timestamp = Date().toISO8601WithMilliseconds()
     public var signature = ""
     public var useEnrolledImage = false
-    public var retry = "false" /// backend is broken needs these as strings
+    public var retry: Bool = false
 
     public init(
         partnerParams: PartnerParams,
@@ -25,7 +25,7 @@ public struct PrepUploadRequest: Codable {
         timestamp: String = Date().toISO8601WithMilliseconds(),
         signature: String = "",
         useEnrolledImage: Bool = false,
-        retry: String = "false"
+        retry: Bool = false
     ) {
         self.partnerParams = partnerParams
         self.callbackUrl = callbackUrl
@@ -53,22 +53,6 @@ public struct PrepUploadRequest: Codable {
         case retry
         case metadata
     }
-
-    public func copy(retry: String? = nil) -> PrepUploadRequest {
-        return PrepUploadRequest(
-            partnerParams: partnerParams,
-            callbackUrl: callbackUrl,
-            allowNewEnroll: allowNewEnroll,
-            partnerId: partnerId,
-            metadata: metadata,
-            sourceSdk: sourceSdk,
-            sourceSdkVersion: sourceSdkVersion,
-            timestamp: timestamp,
-            signature: signature,
-            useEnrolledImage: useEnrolledImage,
-            retry: retry ?? self.retry
-        )
-    }
 }
 
 public struct PrepUploadResponse: Codable {

Sources/SmileID/Classes/Networking/Models/SecurityInfo.swift

@@ -0,0 +1,19 @@
+import Foundation
+
+public struct SecurityInfo: Codable {
+    public var timestamp: String
+    public var mac: String
+
+    public init(
+        timestamp: String,
+        mac: String
+    ) {
+        self.timestamp = timestamp
+        self.mac = mac
+    }
+
+    enum CodingKeys: String, CodingKey {
+        case timestamp
+        case mac
+    }
+}