Merge pull request #16 from Web3Auth/fix_expired_session

fix: check msgData is not empty for authorizeSession before attempting decryption

Sources/SessionManager/SessionManager.swift

@@ -125,6 +125,10 @@ public class SessionManager {
                 guard let msgData = msgData else {
                     throw SessionManagerError.dataNotFound
                 }
+
+                if msgData.isEmpty {
+                    throw SessionManagerError.dataNotFound
+                }
 
                 let loginDetails = try decryptData(privKeyHex: sessionId, d: msgData)
                 return loginDetails

Tests/SessionManagerTests/SessionManagementTest.swift

@@ -77,4 +77,21 @@ final class SessionManagementTest: XCTestCase {
         SessionManager.saveSessionIdToStorage(created)
         try await session.invalidateSession()
     }
+
+    func test_session_expired_error() async throws {
+        var caughtCorrectError: Bool = false;
+        do {
+            let sessionId = try SessionManager.generateRandomSessionID();
+            let session = SessionManager(sessionTime: 1, sessionId: sessionId)
+            let (privKey, pubKey) = try generatePrivateandPublicKey()
+            let sfa = SFAModel(publicKey: pubKey, privateKey: privKey)
+            let created = try await session.createSession(data: sfa)
+            let _ = try await session.authorizeSession(origin: "origin")
+            sleep(2)
+            let _ = try await session.authorizeSession(origin: "origin")
+        } catch SessionManagerError.dataNotFound {
+            caughtCorrectError = true
+        }
+        XCTAssertTrue(caughtCorrectError)
+    }
 }

TorusSessionManager.podspec

@@ -1,6 +1,6 @@
 Pod::Spec.new do |spec|
   spec.name         = "TorusSessionManager"
-  spec.version      = "6.0.0"
+  spec.version      = "6.0.1"
   spec.platform      = :ios, "14.0"
   spec.summary      = "SessionManagement SDK"
   spec.homepage     = "https://github.com/Web3Auth"