feat(GiniBankSDK): Add unit tests and integration tests from `GiniBan…

…kAPILibraryPinningExample` project PP-194
gini · Jan 8, 2025 · 0f79f10 · 0f79f10
1 parent 22807fe
commit 0f79f10
Show file tree

Hide file tree

Showing 6 changed files with 290 additions and 3 deletions.
diff --git a/BankSDK/GiniBankSDKPinningExample/GiniBankSDKPinningExample.xcodeproj/project.pbxproj b/BankSDK/GiniBankSDKPinningExample/GiniBankSDKPinningExample.xcodeproj/project.pbxproj
@@ -12,6 +12,9 @@
 		28D1B45A2D2E9A14002EE0DA /* AlbumsPickerViewControllerTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4552D2E9A14002EE0DA /* AlbumsPickerViewControllerTests.swift */; };
 		28D1B45B2D2E9A14002EE0DA /* AlbumsPickerViewControllerDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4562D2E9A14002EE0DA /* AlbumsPickerViewControllerDelegateTests.swift */; };
 		28D1B45C2D2E9A14002EE0DA /* GalleryCoordinatorDelegateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4572D2E9A14002EE0DA /* GalleryCoordinatorDelegateTests.swift */; };
+		28D1B4682D2EDAD3002EE0DA /* GiniBankAPILibraryPinningTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4642D2EDAD3002EE0DA /* GiniBankAPILibraryPinningTests.swift */; };
+		28D1B4692D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4652D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationTests.swift */; };
+		28D1B46B2D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 28D1B4672D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift */; };
 		4C84B5DD264ED55100853F33 /* Credentials.plist in Resources */ = {isa = PBXBuildFile; fileRef = 4C84B5DC264ED55100853F33 /* Credentials.plist */; };
 		834735F52940E88F00C3B5F3 /* CustomAnalysisError.swift in Sources */ = {isa = PBXBuildFile; fileRef = 834735F42940E88F00C3B5F3 /* CustomAnalysisError.swift */; };
 		F4083ED72735B0CB004DDD3B /* LocalizableCustomName.strings in Resources */ = {isa = PBXBuildFile; fileRef = F4083ED92735B0CB004DDD3B /* LocalizableCustomName.strings */; };
@@ -84,6 +87,9 @@
 		28D1B4552D2E9A14002EE0DA /* AlbumsPickerViewControllerTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AlbumsPickerViewControllerTests.swift; sourceTree = "<group>"; };
 		28D1B4562D2E9A14002EE0DA /* AlbumsPickerViewControllerDelegateTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = AlbumsPickerViewControllerDelegateTests.swift; sourceTree = "<group>"; };
 		28D1B4572D2E9A14002EE0DA /* GalleryCoordinatorDelegateTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GalleryCoordinatorDelegateTests.swift; sourceTree = "<group>"; };
+		28D1B4642D2EDAD3002EE0DA /* GiniBankAPILibraryPinningTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GiniBankAPILibraryPinningTests.swift; sourceTree = "<group>"; };
+		28D1B4652D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GiniBankAPILibraryPinningIntegrationTests.swift; sourceTree = "<group>"; };
+		28D1B4672D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift; sourceTree = "<group>"; };
 		4C84B5DC264ED55100853F33 /* Credentials.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Credentials.plist; sourceTree = "<group>"; };
 		4C84B5DE2653FFF000853F33 /* Example Swift.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Example Swift.entitlements"; sourceTree = "<group>"; };
 		834735F42940E88F00C3B5F3 /* CustomAnalysisError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomAnalysisError.swift; sourceTree = "<group>"; };
@@ -173,6 +179,16 @@
 /* End PBXFrameworksBuildPhase section */
 
 /* Begin PBXGroup section */
+		28D1B4632D2EDA97002EE0DA /* BankAPILibraryPinning */ = {
+			isa = PBXGroup;
+			children = (
+				28D1B4652D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationTests.swift */,
+				28D1B4672D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift */,
+				28D1B4642D2EDAD3002EE0DA /* GiniBankAPILibraryPinningTests.swift */,
+			);
+			path = BankAPILibraryPinning;
+			sourceTree = "<group>";
+		};
 		F439C210273555B60010D77D /* Packages */ = {
 			isa = PBXGroup;
 			children = (
@@ -306,6 +322,7 @@
 		F4CBE3402821878C00B28220 /* Tests */ = {
 			isa = PBXGroup;
 			children = (
+				28D1B4632D2EDA97002EE0DA /* BankAPILibraryPinning */,
 				28D1B4562D2E9A14002EE0DA /* AlbumsPickerViewControllerDelegateTests.swift */,
 				28D1B4552D2E9A14002EE0DA /* AlbumsPickerViewControllerTests.swift */,
 				28D1B4572D2E9A14002EE0DA /* GalleryCoordinatorDelegateTests.swift */,
@@ -525,7 +542,10 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				28D1B46B2D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift in Sources */,
+				28D1B4692D2EDAD3002EE0DA /* GiniBankAPILibraryPinningIntegrationTests.swift in Sources */,
 				F4CBE3562821878C00B28220 /* SettingsViewControllerTests.swift in Sources */,
+				28D1B4682D2EDAD3002EE0DA /* GiniBankAPILibraryPinningTests.swift in Sources */,
 				F4CBE34D2821878C00B28220 /* TransferSummaryIntegrationTest.swift in Sources */,
 				28D1B45A2D2E9A14002EE0DA /* AlbumsPickerViewControllerTests.swift in Sources */,
 				28D1B4592D2E9A14002EE0DA /* GalleryManagerTests.swift in Sources */,

diff --git a/...inningExample/Tests/BankAPILibraryPinning/GiniBankAPILibraryPinningIntegrationTests.swift b/...inningExample/Tests/BankAPILibraryPinning/GiniBankAPILibraryPinningIntegrationTests.swift
@@ -0,0 +1,124 @@
+//
+//  GiniBankAPILibraryPinningIntegrationTests.swift
+//
+//  Copyright © 2024 Gini GmbH. All rights reserved.
+//
+
+import XCTest
+@testable import GiniBankAPILibrary
+@testable import TrustKit
+
+class GiniBankAPILibraryPinningIntegrationTests: XCTestCase {
+
+    // When running from Xcode: update these environment variables in the scheme.
+    // Make sure not to commit the credentials if the scheme is shared!
+    let clientId = ProcessInfo.processInfo.environment["CLIENT_ID"]!
+    let clientSecret = ProcessInfo.processInfo.environment["CLIENT_SECRET"]!
+    let paymentRequestID = "a6466506-acf1-4896-94c8-9b398d4e0ee1"
+    var giniBankAPILib: GiniBankAPI!
+    var documentService: DefaultDocumentService!
+
+    override func setUp() {
+        let yourPublicPinningConfig = [
+            kTSKPinnedDomains: [
+                "pay-api.gini.net": [
+                    kTSKPublicKeyHashes: [
+                        // old *.gini.net public key
+                        "cNzbGowA+LNeQ681yMm8ulHxXiGojHE8qAjI+M7bIxU=",
+                        // new *.gini.net public key, active from around June 2020
+                        "zEVdOCzXU8euGVuMJYPr3DUU/d1CaKevtr0dW0XzZNo=",
+                    ]],
+                "user.gini.net": [
+                    kTSKPublicKeyHashes: [
+                        // old *.gini.net public key
+                        "cNzbGowA+LNeQ681yMm8ulHxXiGojHE8qAjI+M7bIxU=",
+                        // new *.gini.net public key, active from around June 2020
+                        "zEVdOCzXU8euGVuMJYPr3DUU/d1CaKevtr0dW0XzZNo=",
+                    ]],
+            ]] as [String: Any]
+        let client = Client(id: clientId, secret: clientSecret, domain: "pay-api-lib-example")
+        giniBankAPILib = GiniBankAPI.Builder(client: client, pinningConfig: yourPublicPinningConfig).build()
+        documentService = giniBankAPILib.documentService()
+    }
+
+    func testErrorLogging() {
+        let expect = expectation(description: "it logs the error event")
+
+        let errorEvent = ErrorEvent(deviceModel: UIDevice.current.model,
+                                    osName: UIDevice.current.systemName,
+                                    osVersion: UIDevice.current.systemVersion,
+                                    captureSdkVersion: "Not available",
+                                    apiLibVersion: Bundle(for: GiniBankAPI.self).infoDictionary?["CFBundleShortVersionString"] as? String ?? "Unknown",
+                                    description: "Error logging integration test",
+                                    documentId: nil,
+                                    originalRequestId: nil)
+
+        documentService.log(errorEvent: errorEvent) { result in
+            switch result {
+            case .success:
+                expect.fulfill()
+            case .failure(let error):
+                XCTFail(String(describing: error))
+            }
+        }
+
+        wait(for: [expect], timeout: 10)
+    }
+
+    func testBuildPaymentService() {
+        let paymentService = giniBankAPILib.paymentService()
+        XCTAssertEqual(paymentService.apiDomain.domainString, "pay-api.gini.net")
+    }
+
+    func testFetchPaymentRequest(){
+        let expect = expectation(description: "it fetches the payment request")
+
+        let paymentService = giniBankAPILib.paymentService()
+        paymentService.paymentRequest(id: paymentRequestID) { result in
+            switch result {
+            case .success(let request):
+                XCTAssertEqual(request.iban, "DE13760700120500154000")
+                expect.fulfill()
+            case .failure(let error):
+                XCTFail(String(describing: error))
+            }
+        }
+        wait(for: [expect], timeout: 10)
+    }
+
+    func testResolvePaymentRequest(){
+        let message = "You can't resolve the previously resolved payment request"
+        let expect = expectation(description: message)
+
+        let paymentService = giniBankAPILib.paymentService()
+        paymentService.resolvePaymentRequest(id: paymentRequestID, 
+                                             recipient: "Dr. med. Hackler",
+                                             iban: "DE13760700120500154000",
+                                             bic: "", amount: "335.50:EUR",
+                                             purpose: "ReNr AZ356789Z") { result in
+            switch result {
+                case .success(_):
+                    XCTFail(message)
+                case .failure(_):
+                    expect.fulfill()
+            }
+        }
+        wait(for: [expect], timeout: 10)
+    }
+
+    func testPayment(){
+        let expect = expectation(description: "it gets the payment")
+
+        let paymentService = giniBankAPILib.paymentService()
+        paymentService.payment(id: "a6466506-acf1-4896-94c8-9b398d4e0ee1") { result in
+            switch result {
+            case .success(let payment):
+                XCTAssertEqual(payment.iban, "DE13760700120500154000")
+                expect.fulfill()
+            case .failure(let error):
+                XCTFail(String(describing: error))
+            }
+        }
+        wait(for: [expect], timeout: 10)
+    }
+}
diff --git a/...ts/BankAPILibraryPinning/GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift b/...ts/BankAPILibraryPinning/GiniBankAPILibraryPinningIntegrationWrongCertificatesTests.swift
@@ -0,0 +1,63 @@
+//
+//  GiniBankAPILibraryPinningIntegrationTests.swift
+//
+//  Copyright © 2024 Gini GmbH. All rights reserved.
+//
+
+import XCTest
+@testable import GiniBankAPILibrary
+@testable import TrustKit
+
+class PinningWrongCertificatesIntegrationTests: XCTestCase {
+
+    // When running from Xcode: update these environment variables in the scheme.
+    // Make sure not to commit the credentials if the scheme is shared!
+    let clientId = ProcessInfo.processInfo.environment["CLIENT_ID"]!
+    let clientSecret = ProcessInfo.processInfo.environment["CLIENT_SECRET"]!
+    let paymentRequestID = "a6466506-acf1-4896-94c8-9b398d4e0ee1"
+    var giniBankAPILib: GiniBankAPI!
+    var documentService: DefaultDocumentService!
+
+    override func setUp() {
+        let yourPublicPinningConfig = [
+            kTSKPinnedDomains: [
+                "pay-api.gini.net": [
+                    kTSKPublicKeyHashes: [
+                        // Wrong hashes
+                        "TQEtdMbmwFgYUifM4LDF+xgEtd0z69mPGmkp014d6ZY=",
+                        "rFjc3wG7lTZe43zeYTvPq8k4xdDEutCmIhI5dn4oCeE="
+                    ]],
+                "user.gini.net": [
+                    kTSKPublicKeyHashes: [
+                        // Wrong hashes
+                        "TQEtdMbmwFgYUifM4LDF+xgEtd0z69mPGmkp014d6ZY=",
+                        "rFjc3wG7lTZe43zeYTvPq8k4xdDEutCmIhI5dn4oCeE="
+                    ]],
+            ]] as [String: Any]
+        let client = Client(id: clientId, secret: clientSecret, domain: "pay-api-lib-example")
+        giniBankAPILib = GiniBankAPI.Builder(client: client, pinningConfig: yourPublicPinningConfig).build()
+        documentService = giniBankAPILib.documentService()
+    }
+
+
+    func testResolvePaymentRequestFails() {
+        let expect = expectation(description: "it fails to resolve the payment request due to wrong pinning certificates")
+
+        let paymentService = giniBankAPILib.paymentService()
+        paymentService.resolvePaymentRequest(id: paymentRequestID, 
+                                             recipient: "Dr. med. Hackler",
+                                             iban: "DE13760700120500154000",
+                                             bic: "",
+                                             amount: "335.50:EUR",
+                                             purpose: "ReNr AZ356789Z") { result in
+            switch result {
+            case .success(_):
+                XCTFail("resolving the payment request should have failed due to wrong pinning certificates")
+            case .failure(let error):
+                XCTAssertEqual(error, GiniBankAPILibrary.GiniError.noResponse)
+                expect.fulfill()
+            }
+        }
+        wait(for: [expect], timeout: 10)
+    }
+}
diff --git a/...iniBankSDKPinningExample/Tests/BankAPILibraryPinning/GiniBankAPILibraryPinningTests.swift b/...iniBankSDKPinningExample/Tests/BankAPILibraryPinning/GiniBankAPILibraryPinningTests.swift
@@ -0,0 +1,82 @@
+//
+//  GiniBankAPILibraryPinningTests.swift
+//
+//  Copyright © 2024 Gini GmbH. All rights reserved.
+//
+
+import XCTest
+@testable import GiniBankAPILibrary
+@testable import TrustKit
+
+final class GiniBankAPILibraryPinningTests: XCTestCase {
+    let client = Client(id: "", secret: "", domain: "")
+    let yourPublicPinningConfig = [
+        kTSKPinnedDomains: [
+            "pay-api.gini.net": [
+                kTSKPublicKeyHashes: [
+                    // old *.gini.net public key
+                    "cNzbGowA+LNeQ681yMm8ulHxXiGojHE8qAjI+M7bIxU=",
+                    // new *.gini.net public key, active from around June 2020
+                    "zEVdOCzXU8euGVuMJYPr3DUU/d1CaKevtr0dW0XzZNo=",
+                ]],
+            "user.gini.net": [
+                kTSKPublicKeyHashes: [
+                    // old *.gini.net public key
+                    "cNzbGowA+LNeQ681yMm8ulHxXiGojHE8qAjI+M7bIxU=",
+                    // new *.gini.net public key, active from around June 2020
+                    "zEVdOCzXU8euGVuMJYPr3DUU/d1CaKevtr0dW0XzZNo=",
+                ]],
+        ]] as [String: Any]
+
+    func testBuildWithCustomApiDomain() {
+        let giniBankAPILib = GiniBankAPI.Builder(client: client,
+                                                 api: .custom(domain: "custom-api.domain.com", tokenSource: nil),
+                                                 pinningConfig: yourPublicPinningConfig,
+                                                 logLevel: .none).build()
+
+        let documentService: DefaultDocumentService = giniBankAPILib.documentService()
+        XCTAssertEqual(documentService.apiDomain.domainString, "custom-api.domain.com")
+    }
+
+    func testBuildWithCustomUserDomain() {
+        let giniBankAPILib = GiniBankAPI.Builder(client: client,
+                                                 userApi: .custom(domain: "custom-user.domain.com"),
+                                                 pinningConfig: yourPublicPinningConfig,
+                                                 logLevel: .none).build()
+        let documentService: DefaultDocumentService = giniBankAPILib.documentService()
+        let sessionManager: SessionManager = documentService.sessionManager as! SessionManager
+        XCTAssertEqual(sessionManager.userDomain.domainString, "custom-user.domain.com")
+    }
+
+    func testBuildWithCustomApiAndUserDomain() {
+        let giniBankAPILib = GiniBankAPI.Builder(client: client,
+                                                 api: .custom(domain: "custom-api.domain.com", tokenSource: nil),
+                                                 userApi: .custom(domain: "custom-user.domain.com"),
+                                                 pinningConfig: yourPublicPinningConfig,
+                                                 logLevel: .none).build()
+        let documentService: DefaultDocumentService = giniBankAPILib.documentService()
+        XCTAssertEqual(documentService.apiDomain.domainString, "custom-api.domain.com")
+
+        let sessionManager: SessionManager = documentService.sessionManager as! SessionManager
+        XCTAssertEqual(sessionManager.userDomain.domainString, "custom-user.domain.com")
+    }
+
+    func testWithCustomApiDomainAndAlternativeTokenSource() {
+        let tokenSource = TokenSource()
+        let giniBankAPILib = GiniBankAPI.Builder(customApiDomain: "custom-api.domain.com",
+                                                 alternativeTokenSource: tokenSource,
+                                                 pinningConfig: yourPublicPinningConfig,
+                                                 logLevel: .none).build()
+
+        let documentService: DefaultDocumentService = giniBankAPILib.documentService()
+        XCTAssertEqual(documentService.apiDomain.domainString, "custom-api.domain.com")
+
+        let sessionManager: SessionManager = documentService.sessionManager as! SessionManager
+        XCTAssertNotNil(sessionManager.alternativeTokenSource)
+    }
+
+    private class TokenSource: AlternativeTokenSource {
+        func fetchToken(completion: @escaping (Result<Token, GiniError>) -> Void) {
+        }
+    }
+}
diff --git a/BankSDK/GiniBankSDKPinningExample/Tests/GalleryCoordinatorTests.swift b/BankSDK/GiniBankSDKPinningExample/Tests/GalleryCoordinatorTests.swift
@@ -2,7 +2,6 @@
 //  GalleryCoordinatorTests.swift
 //  Example_Tests
 //
-//  Created by Nadya Karaban on 25.08.21.
 //  Copyright © 2021 Gini GmbH. All rights reserved.
 //
 

diff --git a/BankSDK/GiniBankSDKPinningExample/Tests/TransferSummaryIntegrationTest.swift b/BankSDK/GiniBankSDKPinningExample/Tests/TransferSummaryIntegrationTest.swift
@@ -1,8 +1,7 @@
 //
 //  TransferSummaryIntegrationTest.swift
-//  GiniBankSDKExample
 //
-//  Created by Nadya Karaban on 06.04.22.
+//  Copyright © 2024 Gini GmbH. All rights reserved.
 //
 
 import XCTest