-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trusted entitlements: Do not use etags if cache version not requested and verification enabled #1114
Conversation
Codecov Report
@@ Coverage Diff @@
## toniricodiez/sdk-3200-verify-intermediate-signature-android-3 #1114 +/- ##
=================================================================================================
- Coverage 85.12% 85.11% -0.01%
=================================================================================================
Files 186 186
Lines 6568 6572 +4
Branches 932 934 +2
=================================================================================================
+ Hits 5591 5594 +3
Misses 603 603
- Partials 374 375 +1
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👏🏻
Yeah useful to add this logic here too as you said
return when (storedResult.httpResult.verificationResult) { | ||
VerificationResult.VERIFIED -> true | ||
VerificationResult.NOT_REQUESTED -> !verificationRequested | ||
// Should never happen since we don't store these verification results in the cache |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’ll add this comment too 👍🏻
private fun shouldStoreBackendResult(resultFromBackend: HTTPResult): Boolean { | ||
val responseCode = resultFromBackend.responseCode | ||
return responseCode != RCHTTPStatusCodes.NOT_MODIFIED && | ||
responseCode < RCHTTPStatusCodes.ERROR && | ||
resultFromBackend.verificationResult != VerificationResult.FAILED | ||
} | ||
|
||
private fun shouldUseETag(storedResult: HTTPResultWithETag, verificationRequested: Boolean): Boolean { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🙏🏻
089b669
into
new-trusted-entitlements-signature-format
… and verification enabled (#1114) ### Description Added additional checks to not use cached etags when cached result is NOT_REQUESTED and verification is enabled. This will be used for other signed requests aside from the customer info/post receipt/login endpoints.
… and verification enabled (#1114) ### Description Added additional checks to not use cached etags when cached result is NOT_REQUESTED and verification is enabled. This will be used for other signed requests aside from the customer info/post receipt/login endpoints.
Description
Added additional checks to not use cached etags when cached result is NOT_REQUESTED and verification is enabled. This will be used for other signed requests aside from the customer info/post receipt/login endpoints.