Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DBP: Integrate subscription account authentication to DBP #1995

Merged
merged 5 commits into from
Dec 21, 2023
Merged

DBP: Integrate subscription account authentication to DBP #1995

merged 5 commits into from
Dec 21, 2023

Conversation

jotaemepereira
Copy link
Collaborator

@jotaemepereira jotaemepereira commented Dec 20, 2023
edited
Loading

Task

https://app.asana.com/0/1204006570077678/1206163442459077/f

Description

  • Given a user with a subscription, when the user signs in to his account, then we store the auth token to use as bearer on requests to the dbp API.
  • Given an authenticated user, when the user taps the PIR tab on the more options menu, then no waitlist related dialog appears.

Steps to test

Test everything works as expected

  1. Create a sandbox test account on App Store Connect
  2. Go to App Store -> Settings, and sign-in with that account on the Sandbox Account section
  3. Change the baseUrl on EmailService and CaptchaService to point to staging (dbp-staging.duckduckgo.com)
  4. Run the Privacy Pro target
  5. Go to Debug -> Subscription -> Purchase Subscription from App Store
  6. Chose the yearly or monthly subscription
  7. The Personal Information Removal option should be available in the more options menu
  8. Tap it, and start the process (creating profile, etc)
  9. It is important to choose a profile with matches
  10. When the scanning process finishes go to Debug -> PIR -> Operations -> Visible webviews -> Run opt-out operations
  11. Then, check the email field on the web view is filled correctly

Test the default browser target

  1. Run the DuckDuckGo Privacy Browser target
  2. Tap on the PIR tab. It should prompt the waitlist dialog if not present there

jotaemepereira
jotaemepereira commented Dec 20, 2023
View reviewed changes
DuckDuckGo/DBP/DataBrokerProtectionSubscriptionEventHandler.swift
@objc private func handleAccountDidSignIn() {
guard let token = accountManager.token else {
Pixel.fire(.dataBrokerProtectionSubscriptionErrorWhenFetchingToken)
assertionFailure("[DBP Subscription] AccountManager signed in but token could not be retrieved")
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@samsymons I know this is unlikely, but I wonder if I should add a safeguard somewhere else for this to happen.

For example, fetching the token again before using it (if no token is present). What are your thoughts?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think in this case we're good since we're reacting to a sign in event. But, we can talk with Michał about it to be sure – I am of the opinion that we should only need to access the token, and the underlying subscription logic should ensure that we always get the latest.

@jotaemepereira jotaemepereira changed the title Juan/dbp/subscription auth DBP: Integrate subscription account authentication to DBP Dec 20, 2023
samsymons
samsymons reviewed Dec 21, 2023
View reviewed changes
DuckDuckGo/Application/AppDelegate.swift
@@ -73,6 +73,10 @@ final class AppDelegate: NSObject, NSApplicationDelegate, FileDownloadManagerDel
private var emailCancellables = Set<AnyCancellable>()
let bookmarksManager = LocalBookmarkManager.shared

#if DBP && SUBSCRIPTION
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 I've been adding some of these checks myself as a part of the remote messaging change. Once we enable these features in the App Store target, we should be good to remove the flags.

samsymons
samsymons reviewed Dec 21, 2023
View reviewed changes
DuckDuckGo/Statistics/PixelEvent.swift Outdated
Comment on lines 545 to 546
case .dataBrokerProtectionSubscriptionErrorWhenFetchingToken:
return "m_mac_dbp_subscription_error_when_fetching_token"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that this will need privacy triage, but we can probably just include it in a larger Privacy Pro integration privacy triage later, since this pixel isn't going out to any users (even internally) just yet.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense. I will leave a note on Asana so we do not forget.

samsymons
samsymons reviewed Dec 21, 2023
View reviewed changes
DuckDuckGo/DBP/DataBrokerProtectionSubscriptionEventHandler.swift Outdated

@objc private func handleAccountDidSignIn() {
guard let token = accountManager.token else {
Pixel.fire(.dataBrokerProtectionSubscriptionErrorWhenFetchingToken)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd consider renaming this pixel to something very specific, or adding an error parameter to the pixel that includes something like noAccountManagerTokenFound. Then we can add other error types in the future, if they become relevant.

Copy link
Collaborator Author

@jotaemepereira jotaemepereira Dec 21, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree. I will rename it to dataBrokerProtectionErrorWhenFetchingSubscriptionAuthTokenAfterSignIn

samsymons
samsymons approved these changes Dec 21, 2023
View reviewed changes
Copy link
Collaborator

@samsymons samsymons left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, worked as expected. I added a couple non-blocking comments here and there. Thanks!

@jotaemepereira jotaemepereira merged commit 187b319 into main Dec 21, 2023
14 checks passed
@jotaemepereira jotaemepereira deleted the juan/dbp/subscription-auth branch December 21, 2023 13:10
samsymons added a commit that referenced this pull request Dec 21, 2023
@samsymons
Merge branch 'main' into sam/add-netp-subscription-auth-support
02accd0 
# By Dominik Kapusta (41) and others
# Via Dominik Kapusta (9) and others
* main: (138 commits)
  Make sure when we set custom config url, we don't expect etag in return (#1994)
  Add PixelKit source parameter (#1989)
  Fix internal user toggling (#2000)
  Show alert and display warning icon in Sync Settings when data syncing is disabled (#1996)
  DBP: Integrate subscription account authentication to DBP (#1995)
  Improve bookmarks html reader (#1986)
  Add Sync feature flags (#1992)
  Add daily stats pixel (#1993)
  Do not reload DBP tab when switching to it (#1942)
  Fix: external application requests via redirect URLs shows wrong origin. (#1900)
  Update clean-app.sh to work on macOS Sonoma and include NetP containers (#1988)
  Fix: "SwiftLintPlugin" must be enabled before it can be used (#1987)
  Prevent VPN server list persistence failures (#1985)
  add test can remove data (#1980)
  Remove VPN upgrade card (#1983)
  Fix low-res VPN warning asset (#1984)
  DBP: Fix unreliable date tests (#1981)
  Add search retention pixel for NetP (#1964)
  Sabrina/sync e2e tests (#1959)
  swiftlint build plugin (#1318)
  ...

# Conflicts:
#	DuckDuckGo.xcodeproj/project.pbxproj
#	DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved
#	DuckDuckGo/Application/AppDelegate.swift
samsymons added a commit that referenced this pull request Dec 22, 2023
@samsymons
Merge branch 'main' into sam/data-broker-remote-messaging
8c8448e 
# By Dominik Kapusta (2) and others
# Via GitHub
* main:
  Make sure when we set custom config url, we don't expect etag in return (#1994)
  Add PixelKit source parameter (#1989)
  Fix internal user toggling (#2000)
  Show alert and display warning icon in Sync Settings when data syncing is disabled (#1996)
  DBP: Integrate subscription account authentication to DBP (#1995)
  Improve bookmarks html reader (#1986)
  Add Sync feature flags (#1992)
  Add daily stats pixel (#1993)
  Do not reload DBP tab when switching to it (#1942)
  Fix: external application requests via redirect URLs shows wrong origin. (#1900)

# Conflicts:
#	DuckDuckGo/Statistics/PixelEvent.swift
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samsymons samsymons samsymons approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jotaemepereira @samsymons