ios-app-review-plugin 1.0.0

package/tests/analyzers/ui-ux.test.ts

@@ -0,0 +1,357 @@
+import * as fs from 'fs/promises';
+import * as os from 'os';
+import * as path from 'path';
+import { UIUXAnalyzer } from '../../src/analyzers/ui-ux.js';
+import type { XcodeProject, XcodeTarget } from '../../src/types/index.js';
+
+jest.mock('../../src/parsers/plist', () => ({
+  parsePlist: jest.fn(),
+}));
+
+const mockParsePlist = jest.requireMock('../../src/parsers/plist').parsePlist as jest.Mock;
+
+describe('UIUXAnalyzer', () => {
+  let analyzer: UIUXAnalyzer;
+  let tempDir: string;
+
+  beforeAll(async () => {
+    tempDir = await fs.mkdtemp(path.join(os.tmpdir(), 'uiux-test-'));
+  });
+
+  afterAll(async () => {
+    await fs.rm(tempDir, { recursive: true, force: true });
+  });
+
+  beforeEach(() => {
+    analyzer = new UIUXAnalyzer();
+    jest.clearAllMocks();
+  });
+
+  function makeProject(overrides?: Partial<XcodeTarget>): XcodeProject {
+    return {
+      path: '/test/TestApp.xcodeproj',
+      name: 'TestApp',
+      targets: [
+        {
+          name: 'TestApp',
+          type: 'application',
+          bundleIdentifier: 'com.test.app',
+          infoPlistPath: path.join(tempDir, 'Info.plist'),
+          sourceFiles: [],
+          ...overrides,
+        },
+      ],
+      configurations: ['Debug', 'Release'],
+    };
+  }
+
+  describe('launch screen checks', () => {
+    it('should pass when UILaunchStoryboardName is set', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-launch-screen')).toBe(false);
+    });
+
+    it('should detect missing launch screen', async () => {
+      mockParsePlist.mockResolvedValue({});
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-launch-screen')).toBe(true);
+      expect(result.issues.find((i) => i.id === 'uiux-no-launch-screen')?.severity).toBe('error');
+    });
+
+    it('should pass when LaunchScreen.storyboard file exists', async () => {
+      mockParsePlist.mockResolvedValue({});
+
+      const launchDir = path.join(tempDir, 'LaunchScreenDir');
+      await fs.mkdir(launchDir, { recursive: true });
+      await fs.writeFile(path.join(launchDir, 'LaunchScreen.storyboard'), '<xml></xml>');
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: launchDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-launch-screen')).toBe(false);
+
+      await fs.rm(launchDir, { recursive: true, force: true });
+    });
+  });
+
+  describe('app icon checks', () => {
+    it('should detect missing app icon asset catalog', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-app-icon')).toBe(true);
+    });
+
+    it('should detect missing 1024x1024 App Store icon', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const iconDir = path.join(tempDir, 'IconCheck', 'Assets.xcassets', 'AppIcon.appiconset');
+      await fs.mkdir(iconDir, { recursive: true });
+      await fs.writeFile(
+        path.join(iconDir, 'Contents.json'),
+        JSON.stringify({
+          images: [
+            { size: '60x60', scale: '2x', filename: 'icon-120.png', idiom: 'iphone' },
+          ],
+        })
+      );
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: path.join(tempDir, 'IconCheck'),
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-missing-appstore-icon')).toBe(true);
+
+      await fs.rm(path.join(tempDir, 'IconCheck'), { recursive: true, force: true });
+    });
+
+    it('should pass when 1024x1024 icon exists', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const iconDir = path.join(tempDir, 'IconPass', 'Assets.xcassets', 'AppIcon.appiconset');
+      await fs.mkdir(iconDir, { recursive: true });
+      await fs.writeFile(
+        path.join(iconDir, 'Contents.json'),
+        JSON.stringify({
+          images: [
+            { size: '1024x1024', scale: '1x', filename: 'appstore-icon.png', idiom: 'ios-marketing' },
+            { size: '60x60', scale: '2x', filename: 'icon-120.png', idiom: 'iphone' },
+            { size: '60x60', scale: '3x', filename: 'icon-180.png', idiom: 'iphone' },
+          ],
+        })
+      );
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: path.join(tempDir, 'IconPass'),
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-missing-appstore-icon')).toBe(false);
+
+      await fs.rm(path.join(tempDir, 'IconPass'), { recursive: true, force: true });
+    });
+  });
+
+  describe('iPad support checks', () => {
+    it('should detect missing iPad orientations', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+        UIDeviceFamily: [1, 2],
+        'UISupportedInterfaceOrientations~ipad': [
+          'UIInterfaceOrientationPortrait',
+          'UIInterfaceOrientationLandscapeLeft',
+        ],
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-ipad-missing-orientations')).toBe(true);
+    });
+
+    it('should pass when all iPad orientations are present', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+        UIDeviceFamily: [1, 2],
+        'UISupportedInterfaceOrientations~ipad': [
+          'UIInterfaceOrientationPortrait',
+          'UIInterfaceOrientationPortraitUpsideDown',
+          'UIInterfaceOrientationLandscapeLeft',
+          'UIInterfaceOrientationLandscapeRight',
+        ],
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-ipad-missing-orientations')).toBe(false);
+    });
+
+    it('should not check iPad orientations for iPhone-only apps', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+        UIDeviceFamily: [1],
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: tempDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-ipad-missing-orientations')).toBe(false);
+    });
+  });
+
+  describe('placeholder text checks', () => {
+    it('should detect placeholder text in storyboards', async () => {
+      const storyDir = path.join(tempDir, 'PlaceholderDir');
+      await fs.mkdir(storyDir, { recursive: true });
+      await fs.writeFile(
+        path.join(storyDir, 'Main.storyboard'),
+        `<?xml version="1.0" encoding="UTF-8"?>
+<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB">
+    <label text="Lorem ipsum dolor sit amet" id="abc-123"/>
+    <label text="Label" id="def-456"/>
+</document>`
+      );
+
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: storyDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-placeholder-text')).toBe(true);
+
+      await fs.rm(storyDir, { recursive: true, force: true });
+    });
+
+    it('should not flag storyboards with real content', async () => {
+      const storyDir = path.join(tempDir, 'RealContentDir');
+      await fs.mkdir(storyDir, { recursive: true });
+      await fs.writeFile(
+        path.join(storyDir, 'Main.storyboard'),
+        `<?xml version="1.0" encoding="UTF-8"?>
+<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB">
+    <label text="Welcome to My App" id="abc-123"/>
+    <button title="Get Started" id="def-456"/>
+</document>`
+      );
+
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: storyDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-placeholder-text')).toBe(false);
+
+      await fs.rm(storyDir, { recursive: true, force: true });
+    });
+  });
+
+  describe('accessibility checks', () => {
+    it('should warn when images are used without accessibility labels', async () => {
+      const srcDir = path.join(tempDir, 'AccessibilityDir');
+      await fs.mkdir(srcDir, { recursive: true });
+      await fs.writeFile(
+        path.join(srcDir, 'ViewController.swift'),
+        `import UIKit
+
+class ViewController: UIViewController {
+    let imageView = UIImageView(image: UIImage(named: "photo"))
+    let icon = UIImage(named: "icon")
+}
+`
+      );
+
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: srcDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-accessibility-labels')).toBe(true);
+
+      await fs.rm(srcDir, { recursive: true, force: true });
+    });
+
+    it('should not warn when accessibility labels are present', async () => {
+      const srcDir = path.join(tempDir, 'AccessibleDir');
+      await fs.mkdir(srcDir, { recursive: true });
+      await fs.writeFile(
+        path.join(srcDir, 'ViewController.swift'),
+        `import UIKit
+
+class ViewController: UIViewController {
+    let imageView = UIImageView(image: UIImage(named: "photo"))
+
+    func setup() {
+        imageView.accessibilityLabel = "User photo"
+    }
+}
+`
+      );
+
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: srcDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-accessibility-labels')).toBe(false);
+
+      await fs.rm(srcDir, { recursive: true, force: true });
+    });
+
+    it('should note when hardcoded fonts are used without Dynamic Type', async () => {
+      const srcDir = path.join(tempDir, 'FontDir');
+      await fs.mkdir(srcDir, { recursive: true });
+      await fs.writeFile(
+        path.join(srcDir, 'ViewController.swift'),
+        `import UIKit
+
+class ViewController: UIViewController {
+    let label = UILabel()
+
+    func setup() {
+        label.font = UIFont.systemFont(ofSize: 16)
+    }
+}
+`
+      );
+
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.analyze(makeProject(), {
+        basePath: srcDir,
+      });
+
+      expect(result.issues.some((i) => i.id === 'uiux-no-dynamic-type')).toBe(true);
+
+      await fs.rm(srcDir, { recursive: true, force: true });
+    });
+  });
+
+  describe('validateProject', () => {
+    it('should work with direct project path', async () => {
+      mockParsePlist.mockResolvedValue({
+        UILaunchStoryboardName: 'LaunchScreen',
+      });
+
+      const result = await analyzer.validateProject(tempDir);
+      expect(result.analyzer).toBe('UI/UX Compliance');
+    });
+  });
+});

package/tests/asc/auth.test.ts

@@ -0,0 +1,189 @@
+import * as crypto from 'crypto';
+import * as fs from 'fs/promises';
+import * as os from 'os';
+import * as path from 'path';
+import { getToken, clearTokenCache, hasCredentials } from '../../src/asc/auth';
+
+// Store original env vars
+const originalEnv = { ...process.env };
+
+// Generate a test EC P-256 key pair
+function generateTestKeyPair(): { privateKey: string; publicKey: string } {
+  const keyPair = crypto.generateKeyPairSync('ec', {
+    namedCurve: 'P-256',
+    publicKeyEncoding: { type: 'spki', format: 'pem' },
+    privateKeyEncoding: { type: 'pkcs8', format: 'pem' },
+  });
+  return keyPair;
+}
+
+describe('ASC Auth', () => {
+  let tempDir: string;
+  let testKeyPair: { privateKey: string; publicKey: string };
+
+  beforeAll(async () => {
+    tempDir = await fs.mkdtemp(path.join(os.tmpdir(), 'asc-auth-test-'));
+    testKeyPair = generateTestKeyPair();
+  });
+
+  afterAll(async () => {
+    await fs.rm(tempDir, { recursive: true, force: true });
+  });
+
+  beforeEach(() => {
+    // Clear cached credentials/token between tests
+    clearTokenCache();
+  });
+
+  afterEach(() => {
+    // Restore env vars
+    process.env = { ...originalEnv };
+    clearTokenCache();
+  });
+
+  describe('hasCredentials', () => {
+    it('should return false when no env vars are set', () => {
+      delete process.env['ASC_KEY_ID'];
+      delete process.env['ASC_ISSUER_ID'];
+      delete process.env['ASC_PRIVATE_KEY_PATH'];
+      delete process.env['ASC_PRIVATE_KEY'];
+
+      expect(hasCredentials()).toBe(false);
+    });
+
+    it('should return false when only some env vars are set', () => {
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      delete process.env['ASC_ISSUER_ID'];
+      delete process.env['ASC_PRIVATE_KEY_PATH'];
+      delete process.env['ASC_PRIVATE_KEY'];
+
+      expect(hasCredentials()).toBe(false);
+    });
+
+    it('should return true when all env vars are set with key path', () => {
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = '/path/to/key.p8';
+
+      expect(hasCredentials()).toBe(true);
+    });
+
+    it('should return true when using inline private key', () => {
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY'] = testKeyPair.privateKey;
+
+      expect(hasCredentials()).toBe(true);
+    });
+  });
+
+  describe('getToken', () => {
+    it('should generate a valid JWT token', async () => {
+      const keyPath = path.join(tempDir, 'test.p8');
+      await fs.writeFile(keyPath, testKeyPair.privateKey);
+
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = keyPath;
+
+      const token = await getToken();
+
+      // JWT should have 3 parts
+      const parts = token.split('.');
+      expect(parts).toHaveLength(3);
+
+      // Decode header
+      const header = JSON.parse(Buffer.from(parts[0]!, 'base64url').toString());
+      expect(header.alg).toBe('ES256');
+      expect(header.kid).toBe('test-key-id');
+      expect(header.typ).toBe('JWT');
+
+      // Decode payload
+      const payload = JSON.parse(Buffer.from(parts[1]!, 'base64url').toString());
+      expect(payload.iss).toBe('test-issuer-id');
+      expect(payload.aud).toBe('appstoreconnect-v1');
+      expect(payload.exp).toBeGreaterThan(payload.iat);
+    });
+
+    it('should cache tokens', async () => {
+      const keyPath = path.join(tempDir, 'test-cache.p8');
+      await fs.writeFile(keyPath, testKeyPair.privateKey);
+
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = keyPath;
+
+      const token1 = await getToken();
+      const token2 = await getToken();
+
+      // Same token should be returned (cached)
+      expect(token1).toBe(token2);
+    });
+
+    it('should throw when credentials are not configured', async () => {
+      delete process.env['ASC_KEY_ID'];
+      delete process.env['ASC_ISSUER_ID'];
+      delete process.env['ASC_PRIVATE_KEY_PATH'];
+      delete process.env['ASC_PRIVATE_KEY'];
+
+      await expect(getToken()).rejects.toThrow('credentials not configured');
+    });
+
+    it('should work with inline private key', async () => {
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY'] = testKeyPair.privateKey;
+
+      const token = await getToken();
+      expect(token.split('.')).toHaveLength(3);
+    });
+
+    it('should handle escaped newlines in inline key', async () => {
+      const escapedKey = testKeyPair.privateKey.replace(/\n/g, '\\n');
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY'] = escapedKey;
+
+      const token = await getToken();
+      expect(token.split('.')).toHaveLength(3);
+    });
+
+    it('should throw for invalid key file path', async () => {
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = '/nonexistent/key.p8';
+
+      await expect(getToken()).rejects.toThrow('Failed to read private key');
+    });
+
+    it('should throw for invalid key format', async () => {
+      const keyPath = path.join(tempDir, 'bad.p8');
+      await fs.writeFile(keyPath, 'not-a-valid-key');
+
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = keyPath;
+
+      await expect(getToken()).rejects.toThrow('Invalid private key format');
+    });
+  });
+
+  describe('clearTokenCache', () => {
+    it('should clear cached credentials and token', async () => {
+      const keyPath = path.join(tempDir, 'test-clear.p8');
+      await fs.writeFile(keyPath, testKeyPair.privateKey);
+
+      process.env['ASC_KEY_ID'] = 'test-key-id';
+      process.env['ASC_ISSUER_ID'] = 'test-issuer-id';
+      process.env['ASC_PRIVATE_KEY_PATH'] = keyPath;
+
+      const token1 = await getToken();
+      clearTokenCache();
+      const token2 = await getToken();
+
+      // Both tokens should be valid
+      expect(token1).toBeDefined();
+      expect(token2).toBeDefined();
+    });
+  });
+});