[MFA-2681] add Auth0TelemetryInfo to track app version usage via sdk (#120)

Author: andy317fe301f8c7

Guardian.xcodeproj/project.pbxproj

@@ -883,7 +883,7 @@
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
-				CLANG_WARN_STRICT_PROTOTYPES = YES;
+				CLANG_WARN_STRICT_PROTOTYPES = NO;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
 				CLANG_WARN_UNREACHABLE_CODE = YES;
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
@@ -942,7 +942,7 @@
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
-				CLANG_WARN_STRICT_PROTOTYPES = YES;
+				CLANG_WARN_STRICT_PROTOTYPES = NO;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
 				CLANG_WARN_UNREACHABLE_CODE = YES;
 				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;

Guardian/API/APIClient.swift

@@ -25,9 +25,11 @@ import Foundation
 struct APIClient: API {
 
     let baseUrl: URL
+    let telemetryInfo: Auth0TelemetryInfo?
 
-    init(baseUrl: URL) {
+    init(baseUrl: URL, telemetryInfo: Auth0TelemetryInfo? = nil) {
         self.baseUrl = baseUrl
+        self.telemetryInfo = telemetryInfo
     }
 
     func enroll(withTicket enrollmentTicket: String, identifier: String, name: String, notificationToken: String, verificationKey: VerificationKey) -> Request<Device, Enrollment> {
@@ -39,7 +41,7 @@ struct APIClient: API {
             }
 
             let device = Device(identifier: identifier, name: name, pushCredentials: PushCredentials(token: notificationToken), publicKey: jwk)
-            return Request.new(method: .post, url: url, headers: headers, body: device)
+            return Request.new(method: .post, url: url, headers: headers, body: device, telemetryInfo: self.telemetryInfo)
         }
         catch let error {
             return Request(method: .post, url: url, error: error)
@@ -49,11 +51,11 @@ struct APIClient: API {
     func resolve(transaction transactionToken: String, withChallengeResponse challengeResponse: String) -> Request<Transaction, NoContent> {
         let transaction = Transaction(challengeResponse: challengeResponse)
         let url = self.baseUrl.appendingPathComponent("api/resolve-transaction")
-        return Request.new(method: .post, url: url, headers: ["Authorization": "Bearer \(transactionToken)"], body: transaction)
+        return Request.new(method: .post, url: url, headers: ["Authorization": "Bearer \(transactionToken)"], body: transaction, telemetryInfo: self.telemetryInfo)
     }
 
     func device(forEnrollmentId id: String, token: String) -> DeviceAPI {
-        return DeviceAPIClient(baseUrl: baseUrl, id: id, token: token)
+        return DeviceAPIClient(baseUrl: baseUrl, id: id, token: token, telemetryInfo: self.telemetryInfo)
     }
 
     func device(forEnrollmentId enrollmentId: String, userId: String, signingKey: SigningKey) -> DeviceAPI {
@@ -68,7 +70,7 @@ struct APIClient: API {
         )
         let jwt = try? JWT(claimSet: claims, key: signingKey.secKey)
 
-        return DeviceAPIClient(baseUrl: baseUrl, id: enrollmentId, token: jwt?.string ?? "")
+        return DeviceAPIClient(baseUrl: baseUrl, id: enrollmentId, token: jwt?.string ?? "", telemetryInfo: self.telemetryInfo)
     }
 
 }

Guardian/API/DeviceAPIClient.swift

@@ -27,14 +27,16 @@ struct DeviceAPIClient: DeviceAPI {
 
     let url: URL
     let token: String
+    let telemetryInfo: Auth0TelemetryInfo?
 
-    init(baseUrl: URL, id: String, token: String) {
+    init(baseUrl: URL, id: String, token: String, telemetryInfo: Auth0TelemetryInfo? = nil) {
         self.url = baseUrl.appendingPathComponent(DeviceAPIClient.path).appendingPathComponent(id)
         self.token = token
+        self.telemetryInfo = telemetryInfo
     }
 
     func delete() -> Request<NoContent, NoContent> {
-        return Request.new(method: .delete, url: url, headers: ["Authorization": "Bearer \(token)"])
+        return Request.new(method: .delete, url: url, headers: ["Authorization": "Bearer \(token)"], telemetryInfo: self.telemetryInfo)
     }
 
     func update(localIdentifier identifier: String? = nil, name: String? = nil, notificationToken: String? = nil) -> Request<UpdatedDevice, UpdatedDevice> {
@@ -45,6 +47,6 @@ struct DeviceAPIClient: DeviceAPI {
             credentials = nil
         }
         let update = UpdatedDevice(identifier: identifier, name: name, pushCredentials: credentials)
-        return Request.new(method: .patch, url: url, headers: ["Authorization": "Bearer \(token)"], body: update)
+        return Request.new(method: .patch, url: url, headers: ["Authorization": "Bearer \(token)"], body: update, telemetryInfo: self.telemetryInfo)
     }
 }

Guardian/API/Models.swift

@@ -94,3 +94,12 @@ public struct UpdatedDevice: Codable {
     }
 }
 
+public struct Auth0TelemetryInfo: Codable, Equatable {
+    let appName: String
+    let appVersion: String
+    
+    public init(name: String, version: String) {
+        self.appName = name
+        self.appVersion = version
+    }
+}

Guardian/API/Request.swift

@@ -31,9 +31,9 @@ let errorBuilder = { (response: HTTPURLResponse, data: Data?) -> Swift.Error? in
 public struct Request<T: Encodable, E: Decodable>: Operation {
     let request: NetworkOperation<T, E>
 
-    static func new(method: HTTPMethod, url: URL, headers: [String: String] = [:], body: T? = nil) -> Request<T, E>{
+    static func new(method: HTTPMethod, url: URL, headers: [String: String] = [:], body: T? = nil, telemetryInfo: Auth0TelemetryInfo? = nil) -> Request<T, E>{
         do {
-            let request: NetworkOperation<T, E> = try NetworkOperation(method: method, url: url, headers: headers, body: body).mapError(transform: errorBuilder)
+            let request: NetworkOperation<T, E> = try NetworkOperation(method: method, url: url, headers: headers, body: body, telemetryInfo: telemetryInfo).mapError(transform: errorBuilder)
             return Request(request: request)
         } catch let error {
             return Request(method: method, url: url, error: error)

Guardian/Guardian.swift

@@ -30,13 +30,14 @@ import Foundation
  ```
 
  - parameter forDomain: domain or URL of your Guardian server
+ - parameter telemetryInfo:   information about the app, used for internal auth0 analitycs purposes
 
  - returns: an Guardian API client
 
  - seealso: Guardian.API
  */
-public func api(forDomain domain: String) -> API {
-    return api(url: url(from: domain)!)
+public func api(forDomain domain: String, telemetryInfo: Auth0TelemetryInfo? = nil) -> API {
+    return api(url: url(from: domain)!, telemetryInfo: telemetryInfo)
 }
 
 /**
@@ -47,13 +48,14 @@ public func api(forDomain domain: String) -> API {
  ```
 
  - parameter url:       URL of your Guardian server
+ - parameter telemetryInfo:   information about the app, used for internal auth0 analitycs purposes
 
  - returns: an Guardian API client
 
  - seealso: Guardian.API
  */
-public func api(url: URL) -> API {
-    return APIClient(baseUrl: url)
+public func api(url: URL, telemetryInfo: Auth0TelemetryInfo? = nil) -> API {
+    return APIClient(baseUrl: url, telemetryInfo: telemetryInfo)
 }
 
 /**
@@ -67,13 +69,14 @@ public func api(url: URL) -> API {
 
  - parameter forDomain:     domain or URL of your Guardian server
  - parameter device:        the enrolled device that will be used to handle authentication
+ - parameter telemetryInfo:       information about the app, used for internal auth0 analitycs purposes
 
  - returns: an `Authentication` instance
 
  - seealso: Guardian.Authentication
  */
-public func authentication(forDomain domain: String, device: AuthenticationDevice) -> Authentication {
-    let client = api(forDomain: domain)
+public func authentication(forDomain domain: String, device: AuthenticationDevice, telemetryInfo: Auth0TelemetryInfo? = nil) -> Authentication {
+    let client = api(forDomain: domain, telemetryInfo: telemetryInfo)
     return RSAAuthentication(api: client, device: device)
 }
 
@@ -89,14 +92,15 @@ public func authentication(forDomain domain: String, device: AuthenticationDevic
 
  - parameter url:           URL of your Guardian server
  - parameter device:        the enrolled device that will be used to handle authentication
+ - parameter telemetryInfo:       information about the app, used for internal auth0 analitycs purposes
 
 
  - returns: an `Authentication` instance
 
  - seealso: Guardian.Authentication
  */
-public func authentication(url: URL, device: AuthenticationDevice) -> Authentication {
-    let client = api(url: url)
+public func authentication(url: URL, device: AuthenticationDevice, telemetryInfo: Auth0TelemetryInfo? = nil) -> Authentication {
+    let client = api(url: url, telemetryInfo: telemetryInfo)
     return RSAAuthentication(api: client, device: device)
 }
 
@@ -153,11 +157,12 @@ public func authentication(url: URL, device: AuthenticationDevice) -> Authentica
  - parameter notificationToken: the APNS token of the device
  - parameter signingKey:        the signing key for Guardian AuthN responses
  - parameter verificationKey:        the verification key for Guardian AuthN responses
- 
+ - parameter telemetryInfo:           information about the app, used for internal auth0 analitycs purposes
+
  - returns: a request to create an enrollment
  */
-public func enroll(forDomain domain: String, usingUri uri: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey) -> EnrollRequest {
-    let client = api(forDomain: domain)
+public func enroll(forDomain domain: String, usingUri uri: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey, telemetryInfo: Auth0TelemetryInfo? = nil) -> EnrollRequest {
+    let client = api(forDomain: domain, telemetryInfo: telemetryInfo)
     return EnrollRequest(api: client, enrollmentUri: uri, notificationToken: notificationToken, verificationKey: verificationKey, signingKey: signingKey)
 }
 
@@ -214,11 +219,12 @@ public func enroll(forDomain domain: String, usingUri uri: String, notificationT
  - parameter notificationToken: the APNS token of the device
  - parameter signingKey:        the signing key for Guardian AuthN responses
  - parameter verificationKey:        the verification key for Guardian AuthN responses
+ - parameter telemetryInfo:           information about the app, used for internal auth0 analitycs purposes
 
  - returns: a request to create an enrollment
  */
-public func enroll(url: URL, usingUri uri: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey) -> EnrollRequest {
-    let client = api(url: url)
+public func enroll(url: URL, usingUri uri: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey, telemetryInfo: Auth0TelemetryInfo? = nil) -> EnrollRequest {
+    let client = api(url: url, telemetryInfo: telemetryInfo)
     return EnrollRequest(api: client, enrollmentUri: uri, notificationToken: notificationToken, verificationKey: verificationKey, signingKey: signingKey)
 }
 
@@ -275,11 +281,12 @@ public func enroll(url: URL, usingUri uri: String, notificationToken: String, si
  - parameter notificationToken: the APNS token of the device
  - parameter signingKey:        the signing key for Guardian AuthN responses
  - parameter verificationKey:        the verification key for Guardian AuthN responses
+ - parameter telemetryInfo:           information about the app, used for internal auth0 analitycs purposes
 
  - returns: a request to create an enrollment
  */
-public func enroll(forDomain domain: String, usingTicket ticket: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey) -> EnrollRequest {
-    let client = api(forDomain: domain)
+public func enroll(forDomain domain: String, usingTicket ticket: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey, telemetryInfo: Auth0TelemetryInfo? = nil) -> EnrollRequest {
+    let client = api(forDomain: domain, telemetryInfo: telemetryInfo)
     return EnrollRequest(api: client, enrollmentTicket: ticket, notificationToken: notificationToken, verificationKey: verificationKey, signingKey: signingKey)
 }
 
@@ -337,11 +344,12 @@ public func enroll(forDomain domain: String, usingTicket ticket: String, notific
  - parameter notificationToken: the APNS token of the device
  - parameter signingKey:        the signing key for Guardian AuthN responses
  - parameter verificationKey:        the verification key for Guardian AuthN responses
+ - parameter telemetryInfo:           information about the app, used for internal auth0 analitycs purposes
 
  - returns: a request to create an enrollment
  */
-public func enroll(url: URL, usingTicket ticket: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey) -> EnrollRequest {
-    let client = api(url: url)
+public func enroll(url: URL, usingTicket ticket: String, notificationToken: String, signingKey: SigningKey, verificationKey: VerificationKey, telemetryInfo: Auth0TelemetryInfo? = nil) -> EnrollRequest {
+    let client = api(url: url, telemetryInfo: telemetryInfo)
     return EnrollRequest(api: client, enrollmentTicket: ticket, notificationToken: notificationToken, verificationKey: verificationKey, signingKey: signingKey)
 }
 

Guardian/Networking/ClientInfo.swift

@@ -29,15 +29,17 @@ private let infoEntryName = "CFBundleShortVersionString"
 struct ClientInfo: Codable, Equatable {
     let name: String
     let version: String
+    let env: Auth0TelemetryInfo?
 
-    init(name: String, version: String) {
+    init(name: String, version: String, telemetryInfo: Auth0TelemetryInfo? = nil) {
         self.name = name
         self.version = version
+        self.env = telemetryInfo
     }
 
-    init?(info: [String: Any]) {
+    init?(info: [String: Any], telemetryInfo: Auth0TelemetryInfo? = nil) {
         guard let version = info[infoEntryName] as? String else { return nil }
-        self.init(name: libraryName, version: version)
+        self.init(name: libraryName, version: version, telemetryInfo: telemetryInfo)
     }
 
     func asHeader() throws -> [String: String] {

Guardian/Networking/NetworkOperation.swift

@@ -39,11 +39,11 @@ public struct NetworkOperation<T: Encodable, E: Decodable>: Operation {
         self.error = error
     }
 
-    init(method: HTTPMethod, url: URL, headers: [String: String] = [:], body: T? = nil) throws {
+    init(method: HTTPMethod, url: URL, headers: [String: String] = [:], body: T? = nil, telemetryInfo: Auth0TelemetryInfo? = nil) throws {
         var request = URLRequest(url: url)
         request.httpMethod = method.rawValue.uppercased()
         headers
-            .merging(try defaultHeaders(hasBody: body != nil)) { old, _ in return old }
+            .merging(try defaultHeaders(hasBody: body != nil, telemetryInfo: telemetryInfo)) { old, _ in return old }
             .forEach { request.setValue($0.value, forHTTPHeaderField: $0.key) }
 
         if let body = body { // Fail if its 'GET'
@@ -200,9 +200,9 @@ private let privateSession: URLSession =  {
     return URLSession.init(configuration: config)
 }()
 
-func defaultHeaders(hasBody: Bool) throws -> [String: String] {
+func defaultHeaders(hasBody: Bool, telemetryInfo: Auth0TelemetryInfo? = nil) throws -> [String: String] {
     let info = Bundle(for: _BundleGrapple.classForCoder()).infoDictionary ?? [:]
-    let clientInfo = ClientInfo(info: info)
+    let clientInfo = ClientInfo(info: info, telemetryInfo: telemetryInfo)
     let telemetry = try clientInfo?.asHeader() ?? [:]
     let content = hasBody ? ["Content-Type": "application/json"] : [:]
     return telemetry.merging(content) { _, new in new }

GuardianTests/Networking/ClientInfoSpec.swift

@@ -60,9 +60,18 @@ class ClientInfoSpec: QuickSpec {
             }
 
             it("should have the correct header value") {
-                expect(try? clientInfo.asHeader().values).to(contain("eyJuYW1lIjoiR3VhcmRpYW4uc3dpZnQiLCJ2ZXJzaW9uIjoiMS4wLjAifQ"))
-            }
+                let decoder = JSONDecoder()
 
+                let value = try? clientInfo.asHeader().values.first
+                
+                expect(value).toNot(beNil())
+                
+                let data = Data(base64URLEncoded: value!!)
+                let decoded = try? decoder.decode(ClientInfo.self, from: data!)
+                
+                expect(decoded?.name).to(equal("Guardian.swift"))
+                expect(decoded?.version).to(equal("1.0.0"))
+            }
         }
     }
 }

GuardianTests/Networking/NetworkOperationSpec.swift

@@ -26,11 +26,12 @@ import Nimble
 
 let url = URL(string: "https://auth0.com")!
 class NetworkOperationSpec: QuickSpec {
-
     override class func spec() {
+        
+        let mockAuth0TelemetryInfo = Auth0TelemetryInfo(name: "Guardian", version: "1.2.3")
 
-        func new(method: HTTPMethod = .get, url: URL = url, headers: [String: String] = [:], body: [String: String]? = nil) -> NetworkOperation<[String: String], String> {
-            return try! NetworkOperation(method: method, url: url, headers: headers, body: body)
+        func new(method: HTTPMethod = .get, url: URL = url, headers: [String: String] = [:], body: [String: String]? = nil, telemetryInfo: Auth0TelemetryInfo? = mockAuth0TelemetryInfo) -> NetworkOperation<[String: String], String> {
+            return try! NetworkOperation(method: method, url: url, headers: headers, body: body, telemetryInfo: telemetryInfo)
         }
 
         var basicJSON: [String: String]!
@@ -87,11 +88,30 @@ class NetworkOperationSpec: QuickSpec {
                 expect(new(body: ["KEY": "VALUE"]).request.value(forHTTPHeaderField: key)).to(equal("application/json"))
             }
 
-            it("should have a request with telemetry header and client info") {
+            it("should have a request with telemetry header and client info [1]") {
+                expect({
+                        let key = "Auth0-Client"
+                        let version = Bundle.main.infoDictionary!["CFBundleShortVersionString"] as! String
+                        let expected = ClientInfo(name: "Guardian.swift", version: version)
+                        let decoder = JSONDecoder()
+                        guard let value = new(telemetryInfo: nil).request.value(forHTTPHeaderField: key) else {
+                            return .failed(reason: "missing auth0-client value")
+                        }
+                        guard let data = Data(base64URLEncoded: value), let actual = try? decoder.decode(ClientInfo.self, from: data) else {
+                            return .failed(reason: "invalid auth0-client value \(value)")
+                        }
+                        guard actual == expected else {
+                            return .failed(reason: "expected auth0-client with \(expected) but got \(actual)")
+                        }
+                        return .succeeded
+                }).to(succeed())
+            }
+            
+            it("should have a request with telemetry header and client info [2]") {
                 expect({
                     let key = "Auth0-Client"
                     let version = Bundle.main.infoDictionary!["CFBundleShortVersionString"] as! String
-                    let expected = ClientInfo(name: "Guardian.swift", version: version)
+                    let expected = ClientInfo(name: "Guardian.swift", version: version, telemetryInfo: mockAuth0TelemetryInfo)
                     let decoder = JSONDecoder()
                     guard let value = new().request.value(forHTTPHeaderField: key) else {
                         return .failed(reason: "missing auth0-client value")