pushwave-client 0.2.6 → 0.2.7

package/android/src/main/java/com/pushwaveclient/PushwaveAttestationModule.kt

@@ -16,11 +16,17 @@ class PushwaveAttestationModule(private val context: ReactApplicationContext) :
     override fun getName(): String = "PushwaveAttestation"
 
     @ReactMethod
-    fun getIntegrityToken(nonce: String, promise: Promise) {
+    fun getIntegrityToken(nonce: String, cloudProjectNumber: Double?, promise: Promise) {
         try {
+            if (cloudProjectNumber == null) {
+                promise.reject("PLAY_INTEGRITY_ERROR", "cloudProjectNumber is required")
+                return
+            }
+
             val manager: IntegrityManager = IntegrityManagerFactory.create(context)
             val request = IntegrityTokenRequest.builder()
                 .setNonce(nonce)
+                .setCloudProjectNumber(cloudProjectNumber.toLong())
                 .build()
 
             manager.requestIntegrityToken(request)

package/dist/attestation/getApplicationAttestation.js

@@ -5,8 +5,6 @@ const buffer_1 = require("buffer");
 const react_native_1 = require("react-native");
 const native_1 = require("./native");
 async function getApplicationAttestation(apiKey) {
-    if (!requiresAttestation(apiKey))
-        return { status: "skipped" };
     const { nonce, timestamp } = createNonce();
     try {
         if (react_native_1.Platform.OS === "android")
@@ -20,9 +18,6 @@ async function getApplicationAttestation(apiKey) {
     }
     return { status: "disabled", reason: "platform-unsupported" };
 }
-function requiresAttestation(apiKey) {
-    return apiKey.startsWith("pw_pub_");
-}
 function createNonce() {
     const timestamp = Date.now();
     const random = Math.random().toString(36).slice(2);

package/dist/attestation/native.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.getAndroidIntegrityToken = getAndroidIntegrityToken;
 exports.getDeviceCheckToken = getDeviceCheckToken;
 const react_native_1 = require("react-native");
+const pushwaveSettings_1 = require("../utils/pushwaveSettings");
 const MODULE_NAME = "PushwaveAttestation";
 const NativeAttestation = react_native_1.NativeModules?.[MODULE_NAME];
 function assertLinked() {
@@ -13,8 +14,10 @@ function assertLinked() {
 async function getAndroidIntegrityToken(nonce) {
     if (react_native_1.Platform.OS !== "android")
         return;
+    const pushwaveSettings = await (0, pushwaveSettings_1.getPushwaveSettings)();
+    const cloudProjectNumber = parseCloudProjectNumber(pushwaveSettings);
     assertLinked();
-    return NativeAttestation.getIntegrityToken(nonce);
+    return NativeAttestation.getIntegrityToken(nonce, cloudProjectNumber);
 }
 async function getDeviceCheckToken(nonce) {
     if (react_native_1.Platform.OS !== "ios")
@@ -22,3 +25,12 @@ async function getDeviceCheckToken(nonce) {
     assertLinked();
     return NativeAttestation.getDeviceCheckToken(nonce);
 }
+function parseCloudProjectNumber(pushwaveSettings) {
+    const projectNumber = typeof pushwaveSettings?.cloudProjectNumber === "string"
+        ? Number(pushwaveSettings.cloudProjectNumber)
+        : pushwaveSettings?.cloudProjectNumber;
+    if (typeof projectNumber !== "number" || !Number.isFinite(projectNumber)) {
+        throw new Error("Google Cloud Project Number missing.");
+    }
+    return projectNumber;
+}

package/dist/register/registerPushWave.js

@@ -8,6 +8,7 @@ const pwLogger_1 = require("../utils/pwLogger");
 const apiKeyCheck_1 = require("../utils/apiKeyCheck");
 const index_1 = require("../attestation/index");
 async function registerPushWave({ apiKey }) {
+    const OS = react_native_1.Platform.OS;
     if ((0, apiKeyCheck_1.isSecretKey)(apiKey)) {
         const warn = `\x1b[0m You are using your SECRET API key in a client environment. This key must NEVER be embedded in a mobile app.`;
         pwLogger_1.PWLogger.warn(warn);
@@ -24,16 +25,16 @@ async function registerPushWave({ apiKey }) {
     const appAttestation = await (0, index_1.getApplicationAttestation)(apiKey);
     if (appAttestation.status === "disabled")
         pwLogger_1.PWLogger.warn(`(${react_native_1.Platform.OS}) could not get attestation: ${appAttestation.reason}`);
-    const path = "/v1/expo-tokens";
+    const path = "expo-tokens";
     const options = {
         apiKey: apiKey,
         expoToken: expoToken,
-        platform: react_native_1.Platform.OS,
+        platform: OS,
         appAttestation: appAttestation,
         environment: __DEV__ ? "development" : "production"
     };
     try {
-        const res = await (0, fetch_1.fetchApi)(path, options);
+        const res = await (0, fetch_1.fetchApiPost)(path, options);
         return {
             success: true,
             message: res.message,

package/dist/utils/fetch.d.ts

@@ -1 +1,2 @@
-export declare function fetchApi<TResponse>(path: string, data: Record<string, any>): Promise<TResponse>;
+export declare function fetchApiPost<TResponse>(path: string, data?: Record<string, any>): Promise<TResponse>;
+export declare function fetchApiGet<TResponse>(path: string, params?: Record<string, string | number | boolean | undefined>): Promise<TResponse>;

package/dist/utils/fetch.js

@@ -1,8 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.fetchApi = fetchApi;
-const BASE_URL = "https://pushwave.luruk-hai.fr";
-async function fetchApi(path, data) {
+exports.fetchApiPost = fetchApiPost;
+exports.fetchApiGet = fetchApiGet;
+const BASE_URL = "https://pushwave.luruk-hai.fr/v1/";
+async function fetchApiPost(path, data = {}) {
     const url = BASE_URL + path;
     const res = await fetch(url, {
         method: "POST",
@@ -26,3 +27,29 @@ async function fetchApi(path, data) {
     }
     return json;
 }
+async function fetchApiGet(path, params) {
+    const search = params
+        ? new URLSearchParams(Object.entries(params).reduce((acc, [key, value]) => {
+            if (value === undefined)
+                return acc;
+            acc[key] = String(value);
+            return acc;
+        }, {})).toString()
+        : "";
+    const url = BASE_URL + path + (search ? `?${search}` : "");
+    const res = await fetch(url);
+    const text = await res.text();
+    let json = null;
+    try {
+        json = text ? JSON.parse(text) : null;
+    }
+    catch (err) {
+        // JSON empty/invalid
+    }
+    if (!res.ok) {
+        const apiError = (json?.error ?? json?.message ?? "");
+        const message = `(${res.status}) ${apiError}`.trim();
+        throw new Error(message);
+    }
+    return json;
+}

package/dist/utils/pushwaveSettings.d.ts

@@ -0,0 +1,5 @@
+export type PushwaveSettings = {
+    cloudProjectNumber?: string | number;
+    [key: string]: unknown;
+};
+export declare function getPushwaveSettings(): Promise<PushwaveSettings>;

package/dist/utils/pushwaveSettings.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getPushwaveSettings = getPushwaveSettings;
+const react_native_1 = require("react-native");
+const fetch_1 = require("./fetch");
+const pwLogger_1 = require("./pwLogger");
+const pushwaveSettingsPromise = (async () => {
+    try {
+        return await (0, fetch_1.fetchApiGet)("pushwave-config", { platform: react_native_1.Platform.OS });
+    }
+    catch (e) {
+        // log si besoin
+        pwLogger_1.PWLogger.warn(`Unable to load PushWave configuration: ${e}`);
+        return {};
+    }
+})();
+function getPushwaveSettings() {
+    return pushwaveSettingsPromise;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pushwave-client",
-  "version": "0.2.6",
+  "version": "0.2.7",
   "description": "PushWave Client, Expo Push Notifications SaaS SDK",
   "homepage": "https://github.com/luruk-hai/pushwave-client#readme",
   "bugs": {

package/src/attestation/getApplicationAttestation.ts

@@ -4,8 +4,6 @@ import { getAndroidIntegrityToken, getDeviceCheckToken } from "./native";
 import { ApplicationAttestation, AndroidAttestationPayload, DisabledAttestation, IosAttestationPayload } from "./index";
 
 export async function getApplicationAttestation(apiKey: string): Promise<ApplicationAttestation> {
-    if (!requiresAttestation(apiKey)) return { status: "skipped" };
-
     const { nonce, timestamp } = createNonce();
 
     try {
@@ -19,10 +17,6 @@ export async function getApplicationAttestation(apiKey: string): Promise<Applica
     return { status: "disabled", reason: "platform-unsupported" };
 }
 
-function requiresAttestation(apiKey: string) {
-    return apiKey.startsWith("pw_pub_");
-}
-
 function createNonce() {
     const timestamp = Date.now();
     const random = Math.random().toString(36).slice(2);

package/src/attestation/native.ts

@@ -1,4 +1,5 @@
 import { NativeModules, Platform } from "react-native";
+import { getPushwaveSettings, PushwaveSettings } from "../utils/pushwaveSettings";
 
 const MODULE_NAME = "PushwaveAttestation";
 const NativeAttestation = NativeModules?.[MODULE_NAME];
@@ -11,8 +12,13 @@ function assertLinked() {
 
 export async function getAndroidIntegrityToken(nonce: string): Promise<string | undefined> {
   if (Platform.OS !== "android") return;
+
+  const pushwaveSettings = await getPushwaveSettings();
+
+  const cloudProjectNumber = parseCloudProjectNumber(pushwaveSettings);
+
   assertLinked();
-  return NativeAttestation.getIntegrityToken(nonce);
+  return NativeAttestation.getIntegrityToken(nonce, cloudProjectNumber);
 }
 
 export async function getDeviceCheckToken(nonce: string): Promise<string | undefined> {
@@ -20,3 +26,16 @@ export async function getDeviceCheckToken(nonce: string): Promise<string | undef
   assertLinked();
   return NativeAttestation.getDeviceCheckToken(nonce);
 }
+
+function parseCloudProjectNumber(pushwaveSettings: PushwaveSettings): number {
+  const projectNumber =
+    typeof pushwaveSettings?.cloudProjectNumber === "string"
+      ? Number(pushwaveSettings.cloudProjectNumber)
+      : pushwaveSettings?.cloudProjectNumber;
+
+  if (typeof projectNumber !== "number" || !Number.isFinite(projectNumber)) {
+    throw new Error("Google Cloud Project Number missing.");
+  }
+
+  return projectNumber;
+}

package/src/register/registerPushWave.ts

@@ -1,14 +1,16 @@
-import { fetchApi } from "../utils/fetch";
+import { fetchApiPost, fetchApiGet } from "../utils/fetch";
 import { getExpoToken } from "../utils/expoToken";
 import { Platform } from "react-native";
 import { PWLogger } from "../utils/pwLogger";
 import { isSecretKey } from "../utils/apiKeyCheck";
 import { RegisterPushWaveClient, RegisterPushWaveDTO, RegisterPushWaveResponse } from "./registerPushWave.dto";
 import { getApplicationAttestation } from "../attestation/index";
+import { platform } from "os";
 
 export async function registerPushWave(
     { apiKey }: RegisterPushWaveClient
 ): Promise<RegisterPushWaveResponse> {
+    const OS = Platform.OS;
 
     if (isSecretKey(apiKey)) {
         const warn = `\x1b[0m You are using your SECRET API key in a client environment. This key must NEVER be embedded in a mobile app.`;
@@ -34,18 +36,18 @@ export async function registerPushWave(
     if (appAttestation.status === "disabled")
         PWLogger.warn(`(${Platform.OS}) could not get attestation: ${appAttestation.reason}`);
 
-    const path = "/v1/expo-tokens"
+    const path = "expo-tokens"
 
     const options: RegisterPushWaveDTO = {
         apiKey: apiKey,
         expoToken: expoToken,
-        platform: Platform.OS,
+        platform: OS,
         appAttestation: appAttestation,
         environment: __DEV__ ? "development" : "production"
     }
 
     try {
-        const res: RegisterPushWaveResponse = await fetchApi(path, options)
+        const res: RegisterPushWaveResponse = await fetchApiPost(path, options)
 
         return {
             success: true,

package/src/utils/fetch.ts

@@ -1,8 +1,8 @@
-const BASE_URL = "https://pushwave.luruk-hai.fr";
+const BASE_URL = "https://pushwave.luruk-hai.fr/v1/";
 
-export async function fetchApi<TResponse>(
+export async function fetchApiPost<TResponse>(
   path: string,
-  data: Record<string, any>
+  data: Record<string, any> = {}
 ): Promise<TResponse> {
 
   const url = BASE_URL + path;
@@ -34,3 +34,41 @@ export async function fetchApi<TResponse>(
 
   return json as TResponse;
 }
+
+export async function fetchApiGet<TResponse>(
+  path: string,
+  params?: Record<string, string | number | boolean | undefined>
+): Promise<TResponse> {
+  const search = params
+    ? new URLSearchParams(
+      Object.entries(params).reduce<Record<string, string>>((acc, [key, value]) => {
+        if (value === undefined) return acc;
+        acc[key] = String(value);
+        return acc;
+      }, {})
+    ).toString()
+    : "";
+
+  const url = BASE_URL + path + (search ? `?${search}` : "");
+
+  const res = await fetch(url);
+
+  const text = await res.text();
+  let json: any = null;
+
+  try {
+    json = text ? JSON.parse(text) : null;
+  } catch (err) {
+    // JSON empty/invalid
+  }
+
+  if (!res.ok) {
+    const apiError = (json?.error ?? json?.message ?? "") as string;
+
+    const message = `(${res.status}) ${apiError}`.trim();
+
+    throw new Error(message);
+  }
+
+  return json as TResponse;
+}

package/src/utils/pushwaveSettings.ts

@@ -0,0 +1,22 @@
+import { Platform } from "react-native";
+import { fetchApiGet } from "./fetch";
+import { PWLogger } from "./pwLogger";
+
+export type PushwaveSettings = {
+    cloudProjectNumber?: string | number;
+    [key: string]: unknown;
+};
+
+const pushwaveSettingsPromise: Promise<PushwaveSettings> = (async () => {
+    try {
+        return await fetchApiGet("pushwave-config", { platform: Platform.OS });
+    } catch (e) {
+        // log si besoin
+        PWLogger.warn(`Unable to load PushWave configuration: ${e}`)
+        return {}
+    }
+})();
+
+export function getPushwaveSettings() {
+    return pushwaveSettingsPromise;
+}