Prepare release 1.8

PowerAuth2.podspec

@@ -23,8 +23,8 @@ Pod::Spec.new do |s|
         :submodules => true
     }
 
-    s.ios.deployment_target  = '11.0'
-    s.tvos.deployment_target = '11.0'
+    s.ios.deployment_target  = '12.0'
+    s.tvos.deployment_target = '12.0'
 
     # XCFramework  build    
     s.prepare_command = <<-CMD

PowerAuthCore.podspec

@@ -22,8 +22,8 @@ Pod::Spec.new do |s|
         :submodules => true
     }
 
-    s.ios.deployment_target  = '11.0'
-    s.tvos.deployment_target = '11.0'
+    s.ios.deployment_target  = '12.0'
+    s.tvos.deployment_target = '12.0'
 
     # XCFramework  build    
     s.prepare_command = <<-CMD

docs/Migration-from-1.7-to-1.8.md

@@ -49,9 +49,16 @@ Legacy PowerAuth configuration:
   - `commitActivationWithAuthentication()` is now `persistActivationWithAuthentication()`
   - All variants of `commitActivationWithPassword()` are now `persistActivationWithPassword()`
   - All variants of `commitActivation()` are now `persistActivation()`
+  - All variants of `authenticateUsingBiometry()` are now using new `IAuthenticateWithBiometryListener` interface returning `PowerAuthAuthentication` in success.
 
 - The `ICommitActivationWithBiometryListener` is now deprecated and you can use `IPersistActivationWithBiometryListener` as a replacement.
 
+- The `PowerAuthAuthentication` object is now immutable object.
+
+- `PowerAuthErrorCodes` now contains the following new error codes:
+  - `TIME_SYNCHRONIZATION` indicating a problem with the time synchronization.
+  - `BIOMETRY_NOT_ENROLLED` indicating that device has no enrolled biometry.
+
 - The biometry-related methods in `PowerAuthSDK` are no longer annotated as `@RequiresApi(api = Build.VERSION_CODES.M)`. This change may lead to a several dead code branches in your code if you still support devices older than Android 6.0.
 
 - Removed all interfaces deprecated in release `1.7.x`
@@ -142,10 +149,14 @@ Visit [Synchronized Time](https://developers.wultra.com/components/powerauth-mob
   - `.commitWithPasswordAndBiometry(password:)` is now `.persistithPasswordAndBiometry(password:)`
   - `.commitWithPasswordAndBiometry(password:customBiometryKey:customPossessionKey:)` is now `.persistWithPasswordAndBiometry(password:customBiometryKey:customPossessionKey:)`
 
+- The `PowerAuthAuthentication` object is now immutable and no longer implements `NSCopying` protocol.
+
 - `PowerAuthErrorCode` now contains new `.timeSynchronization` case indicating a problem with the time synchronization.
 
 - Removed all interfaces deprecated in release `1.7.x`
 
+- Minimum deployment target updated to iOS 12 and tvOS 12
+
 ### Other changes
 
 #### Synchronized time
@@ -203,10 +214,42 @@ Visit [Synchronized Time](https://developers.wultra.com/components/powerauth-mob
 
 ### API changes
 
-- TBA
+- `PowerAuthConfiguration` - class now supports only the simplified configuration.
+  - Use new object constructor with all required parameters:
+    ```swift
+    let config = PowerAuthConfiguration(
+        instanceId: "your-instance-id",
+        baseEndpointUrl: "https://api.wultra.com/enrollment-server",
+        configuration: "ARDDj6EB6iA...H9bMk8Ju3K1wmjbA=="
+    )
+    ```
+  - Removed `applicationKey`, `applicationSecret`, `masterServerPublicKey`, `disableAutomaticProtocolUpgrade` properties.
+
+- The `PowerAuthAuthentication` object is now immutable object and no longer implement `NSCopying` protocol.
+
+- Removed all interfaces deprecated in release `1.7.x` 
+
+- Minimum deployment target updated to iOS 12 and tvOS 12.
 
 ## watchOS
 
 ### API changes
 
-- TBA
+- `PowerAuthConfiguration` - class now supports only the simplified configuration.
+  - Use new object constructor with all required parameters:
+    ```swift
+    let config = PowerAuthConfiguration(
+        instanceId: "your-instance-id",
+        baseEndpointUrl: "https://api.wultra.com/enrollment-server",
+        configuration: "ARDDj6EB6iA...H9bMk8Ju3K1wmjbA=="
+    )
+    ```
+  - Removed `applicationKey`, `applicationSecret`, `masterServerPublicKey`, `disableAutomaticProtocolUpgrade` properties.
+
+- The `PowerAuthAuthentication` object is now immutable object and no longer implement `NSCopying` protocol.
+
+- Removed all interfaces deprecated in release `1.7.x`
+
+## Known Bugs
+
+The PowerAuth SDKs for iOS and tvOS App Extensions, as well as for watchOS, do not use time synchronized with the server for token-based authentication. To avoid any compatibility issues with the server, the authentication headers generated in your App Extension or on watchOS still use the older protocol version 3.1. This issue will be fixed in a future SDK update.

docs/Supported-Versions.md

@@ -2,8 +2,8 @@
 
 We currently support the following versions of mobile OS:
 
-- iOS 11.0
-- tvOS: 11.0
+- iOS 12.0
+- tvOS: 12.0
 - watchOS 4.0
 - macOS Catalyst: 10.15
 - Android 4.4 (API level 19)
@@ -14,7 +14,7 @@ We currently support the following versions of mobile OS:
 
 On iOS:
 
-- We offer the biometry support since iOS 9.0, the used biometric type depends on the particular device capabilities.
+- The used biometric type depends on the particular device capabilities.
 
 On Android:
 

proj-xcode/PowerAuth2.xcodeproj/project.pbxproj

@@ -3,7 +3,7 @@
 	archiveVersion = 1;
 	classes = {
 	};
-	objectVersion = 54;
+	objectVersion = 56;
 	objects = {
 
 /* Begin PBXBuildFile section */
@@ -1728,7 +1728,7 @@
 			attributes = {
 				BuildIndependentTargetsInParallel = YES;
 				LastSwiftUpdateCheck = 1320;
-				LastUpgradeCheck = 1430;
+				LastUpgradeCheck = 1500;
 				ORGANIZATIONNAME = "Wultra s.r.o.";
 				TargetAttributes = {
 					BF4DBCCC1CDF9CDE008F3A47 = {
@@ -1762,7 +1762,7 @@
 				};
 			};
 			buildConfigurationList = BF4DBB961CDF3130008F3A47 /* Build configuration list for PBXProject "PowerAuth2" */;
-			compatibilityVersion = "Xcode 12.0";
+			compatibilityVersion = "Xcode 14.0";
 			developmentRegion = en;
 			hasScannedForEncodings = 0;
 			knownRegions = (
@@ -2274,6 +2274,7 @@
 				DEBUG_INFORMATION_FORMAT = dwarf;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				ENABLE_TESTABILITY = YES;
+				ENABLE_USER_SCRIPT_SANDBOXING = YES;
 				GCC_C_LANGUAGE_STANDARD = c11;
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_NO_COMMON_BLOCKS = YES;
@@ -2293,14 +2294,14 @@
 					"$(PROJECT_DIR)/../cc7/include",
 					"$(PROJECT_DIR)/../cc7/openssl-lib/apple/include",
 				);
-				IPHONEOS_DEPLOYMENT_TARGET = 11.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 12.0;
 				LIBRARY_SEARCH_PATHS = "$(PROJECT_DIR)/../cc7/openssl-lib/apple";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
 				ONLY_ACTIVE_ARCH = YES;
 				PRODUCT_NAME = "${TARGET_NAME}";
 				SDKROOT = iphoneos;
 				SWIFT_VERSION = 5.0;
-				TVOS_DEPLOYMENT_TARGET = 11.0;
+				TVOS_DEPLOYMENT_TARGET = 12.0;
 				WATCHOS_DEPLOYMENT_TARGET = 2.0;
 			};
 			name = Debug;
@@ -2341,6 +2342,7 @@
 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
 				ENABLE_NS_ASSERTIONS = NO;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
+				ENABLE_USER_SCRIPT_SANDBOXING = YES;
 				GCC_C_LANGUAGE_STANDARD = c11;
 				GCC_NO_COMMON_BLOCKS = YES;
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
@@ -2354,14 +2356,14 @@
 					"$(PROJECT_DIR)/../cc7/include",
 					"$(PROJECT_DIR)/../cc7/openssl-lib/apple/include",
 				);
-				IPHONEOS_DEPLOYMENT_TARGET = 11.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 12.0;
 				LIBRARY_SEARCH_PATHS = "$(PROJECT_DIR)/../cc7/openssl-lib/apple";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
 				PRODUCT_NAME = "${TARGET_NAME}";
 				SDKROOT = iphoneos;
 				SWIFT_COMPILATION_MODE = wholemodule;
 				SWIFT_VERSION = 5.0;
-				TVOS_DEPLOYMENT_TARGET = 11.0;
+				TVOS_DEPLOYMENT_TARGET = 12.0;
 				VALIDATE_PRODUCT = YES;
 				WATCHOS_DEPLOYMENT_TARGET = 2.0;
 			};

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_IntegrationTests_iOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_IntegrationTests_tvOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_TestHostApp_iOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_TestHostApp_tvOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_iOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2.xcodeproj/xcshareddata/xcschemes/PowerAuth2_tvOS.xcscheme

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1430"
+   LastUpgradeVersion = "1500"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"

proj-xcode/PowerAuth2/PowerAuthAuthentication.h

@@ -27,14 +27,10 @@
 @interface PowerAuthAuthentication : NSObject<NSCopying>
 
 /// Indicates if a possession factor should be used.
-///
-/// Modifying content of usePossession property is deprecated. Please use appropriate static method to create PowerAuthAuthentication instance.
-@property (nonatomic, assign) BOOL usePossession;
+@property (nonatomic, readonly, assign) BOOL usePossession;
 
 /// Indicates if a biometry factor should be used.
-///
-/// Modifying content of useBiometry property is deprecated. Please use appropriate static method to create PowerAuthAuthentication instance.
-@property (nonatomic, assign) BOOL useBiometry;
+@property (nonatomic, readonly, assign) BOOL useBiometry;
 
 /// Contains password safely stored in PowerAuthCorePassword object in case that knowledge factor is required in authentication.
 @property (nonatomic, readonly, strong, nullable) PowerAuthCorePassword * password;
@@ -43,22 +39,16 @@
 ///
 /// Use this value to give user a hint on what is biometric authentication used for in this specific authentication.
 /// For example, include a name of the account user uses to log in.
-///
-/// Modifying content of biometryPrompt property is deprecated. Please use appropriate static method to create PowerAuthAuthentication instance.
-@property (nonatomic, strong, nullable) NSString *biometryPrompt;
+@property (nonatomic, readonly, strong, nullable) NSString *biometryPrompt;
 
 /// Indicates if a biometry factor should be used. If both biometryContext and biometryPrompt properties are set, then the context will be applied.
 @property (nonatomic, strong, nullable, readonly) LAContext *biometryContext API_UNAVAILABLE(watchos, tvos);
 
 /// If 'usePossession' is set to YES, this value may specify possession key data. If no custom data is specified, default possession key is used.
-///
-/// Modifying content of overridenPossessionKey property is deprecated. Please use appropriate static method to create PowerAuthAuthentication instance.
-@property (nonatomic, strong, nullable) NSData *overridenPossessionKey;
+@property (nonatomic, strong, nullable, readonly) NSData *overridenPossessionKey;
 
 /// If 'useBiometry' is set to YES, this value may specify biometry key data. If no custom data is specified, default biometry key is used for the PowerAuthSDK instance, based on the keychain configuration and SDK instance configuration.
-///
-/// Modifying content of overridenBiometryKey property is deprecated. Please use appropriate static method to create PowerAuthAuthentication instance.
-@property (nonatomic, strong, nullable) NSData *overridenBiometryKey;
+@property (nonatomic, strong, nullable, readonly) NSData *overridenBiometryKey;
 
 @end
 

proj-xcode/PowerAuth2/PowerAuthKeychain.m

@@ -285,31 +285,6 @@ static PowerAuthBiometricAuthenticationType _LABiometryTypeToPAType(LABiometryTy
     return PowerAuthBiometricAuthenticationType_TouchID;
 }
 
-// Distinguish between old, deprecated "TouchID" enums and new with "biometry" in name.
-//
-// This is required due to a different min-SDK requirements between iOS and Catalyst
-// builds. On "iOS", we target iOS 8+, so deprecated constants are still valid.
-// On opposite to that, the Catalyst build targets simulated iOS 13+, so the deprecated
-// constants causes a few warnings.
-//
-// The most important thing is that it's just a matter of constants that have the same
-// values for both, new and old definitions. Once we target iOS 11.2+, we can freely
-// remove this tweak.
-
-// 11.2+
-#if __IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_11_2
-    #define __LABiometryTypeNone                    LABiometryTypeNone
-#else
-    #define __LABiometryTypeNone                    LABiometryNone
-#endif
-// 11.3+
-#if __IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_11_3
-    #define __kSecAccessControlBiometryAny          kSecAccessControlBiometryAny
-    #define __kSecAccessControlBiometryCurrentSet   kSecAccessControlBiometryCurrentSet
-#else
-    #define __kSecAccessControlBiometryAny          kSecAccessControlTouchIDAny
-    #define __kSecAccessControlBiometryCurrentSet   kSecAccessControlTouchIDCurrentSet
-#endif
 
 /**
  Private function returns full information about biometric support on the system. The method internally
@@ -330,7 +305,7 @@ static PowerAuthBiometricAuthenticationInfo _getBiometryInfo(void)
         // In case of error we cannot evaluate, but the type of biometry can be determined.
         NSInteger code = [error.domain isEqualToString:LAErrorDomain] ? error.code : 0;
         LABiometryType bt = context.biometryType;
-        if (bt != __LABiometryTypeNone) {
+        if (bt != LABiometryTypeNone) {
             info.biometryType = _LABiometryTypeToPAType(bt);
             if (code == LAErrorBiometryLockout) {
                 info.currentStatus = PowerAuthBiometricAuthenticationStatus_Lockout;
@@ -354,11 +329,11 @@ static SecAccessControlCreateFlags _getBiometryAccessControlFlags(PowerAuthKeych
     if (access != PowerAuthKeychainItemAccess_None) {
         switch (access) {
             case PowerAuthKeychainItemAccess_AnyBiometricSet:
-                return __kSecAccessControlBiometryAny;
+                return kSecAccessControlBiometryAny;
             case PowerAuthKeychainItemAccess_AnyBiometricSetOrDevicePasscode:
-                return __kSecAccessControlBiometryAny | kSecAccessControlOr | kSecAccessControlDevicePasscode;
+                return kSecAccessControlBiometryAny | kSecAccessControlOr | kSecAccessControlDevicePasscode;
             case PowerAuthKeychainItemAccess_CurrentBiometricSet:
-                return __kSecAccessControlBiometryCurrentSet;
+                return kSecAccessControlBiometryCurrentSet;
             default:
                 break;
         }

proj-xcode/PowerAuth2/private/PA2PrivateTokenData.m

@@ -123,6 +123,8 @@ - (id) copyWithZone:(NSZone *)zone
         c->_name = _name;
         c->_identifier = _identifier;
         c->_secret = _secret;
+        c->_activationIdentifier = _activationIdentifier;
+        c->_authenticationFactors = _authenticationFactors;
     }
     return c;
 }

proj-xcode/PowerAuth2/private/PA2PrivateTokenKeychainStore.m

@@ -308,15 +308,6 @@ - (BOOL) canRequestForAccessToken
     }];
 }
 
-
-#pragma clang diagnostic push
-#pragma clang diagnostic ignored "-Wdeprecated-implementations"
-- (void) cancelTask:(id)task
-{
-    [PA2ConformsTo(task, PowerAuthOperationTask) cancel];
-}
-#pragma clang diagnostic pop
-
 #if PA2_HAS_CORE_MODULE == 1 || TARGET_OS_WATCH == 1
 //
 // Implementation available for PowerAuth2 & PowerAuth2ForWatch modules