Bugfix/LI-97987 Swifter SDK Embeds Trojan CDN - Polyfill.io (Supply Chain Attack) (#389)

* LI-97987 Replace Swifter by envoy/Ambassador to address Trojan CDN - Polyfill.io

Author: grmeyer-hw-dev

CHANGELOG.md

@@ -1,10 +1,14 @@
 Changelog
 =========
-[1.0.2](https://github.com/hyperwallet/hyperwallet-ios-ui-sdk/releases/tag/1.0.0-beta21)
+[1.0.3](https://github.com/hyperwallet/hyperwallet-ios-ui-sdk/releases/tag/1.0.3)
+-------------------
+- Replace dependecy Swifter by Ambassador
+
+[1.0.2](https://github.com/hyperwallet/hyperwallet-ios-ui-sdk/releases/tag/1.0.2)
 -------------------
 - iOS 18 Navigation Bar Display Issue Resolved it
 
-[1.0.1](https://github.com/hyperwallet/hyperwallet-ios-ui-sdk/releases/tag/1.0.0-beta21)
+[1.0.1](https://github.com/hyperwallet/hyperwallet-ios-ui-sdk/releases/tag/1.0.1)
 -------------------
 - Automatically select the default currency code based on the country's configuration
 

Cartfile

@@ -0,0 +1,2 @@
+github "hyperwallet/hyperwallet-ios-sdk" "1.0.1"
+github "hyperwallet/hyperwallet-ios-insight" "1.0.0-beta08"

Cartfile

@@ -1,2 +1,3 @@
 github "JanGorman/Hippolyte" "1.4.1"
-github "httpswift/swifter" "1.5.0"
+github "envoy/Ambassador" ~> 4.0
+github "envoy/Embassy" ~> 4.0

Cartfile.private

@@ -1,4 +1,5 @@
-github "JanGorman/Hippolyte" "1.4.1"
-github "httpswift/swifter" "1.5.0"
-github "hyperwallet/hyperwallet-ios-insight" "1.0.0-beta08"
 github "hyperwallet/hyperwallet-ios-sdk" "1.0.1"
+github "hyperwallet/hyperwallet-ios-insight" "1.0.0-beta08"
+github "JanGorman/Hippolyte" "1.4.1"
+github "envoy/Ambassador" "v4.0.5"
+github "envoy/Embassy" "v4.1.6"

Cartfile.resolved

@@ -1,6 +1,6 @@
 Pod::Spec.new do |spec|
     spec.name                  = 'HyperwalletUISDK'
-    spec.version               = '1.0.2'
+    spec.version               = '1.0.3'
     spec.summary               = 'Hyperwallet UI SDK for iOS to integrate with Hyperwallet Platform'
     spec.homepage              = 'https://github.com/hyperwallet/hyperwallet-ios-ui-sdk'
     spec.license               = { :type => 'MIT', :file => 'LICENSE' }

HyperwalletUISDK.podspec

@@ -34,21 +34,21 @@ Adding one or more of these frameworks allows users to explore the particular fu
 ### Carthage
 Specify it in your Cartfile:
 ```ogdl
-github "hyperwallet/hyperwallet-ios-ui-sdk" "1.0.2"
+github "hyperwallet/hyperwallet-ios-ui-sdk" "1.0.3"
 ```
 Add desired modules using the `Linked Frameworks and Libraries` option to make them available in the app.
 Use `import <module-name>` to add the dependency within a file
 
 ### CocoaPods
 - Install a specific framework (install one or more frameworks based on your requirement)
 ```ruby
-pod "HyperwalletUISDK/TransferMethod", "1.0.2"
-pod "HyperwalletUISDK/Transfer", "1.0.2"
-pod "HyperwalletUISDK/Receipt", "1.0.2"
+pod "HyperwalletUISDK/TransferMethod", "1.0.3"
+pod "HyperwalletUISDK/Transfer", "1.0.3"
+pod "HyperwalletUISDK/Receipt", "1.0.3"
 ```
 - To install all available modules (TransferMethod, Transfer, Receipt)
 ```ruby
-pod 'HyperwalletUISDK', '~> 1.0.2'
+pod 'HyperwalletUISDK', '~> 1.0.3'
 ```
 Use `import HyperwalletUISDK` to add the dependency within a file.
 

HyperwalletUISDK.xcodeproj/project.pbxproj

@@ -45,8 +45,7 @@ class BaseTests: XCTestCase {
      }
 
     override func setUp() {
-        mockServer = HyperwalletMockWebServer()
-        mockServer.setUp()
+        mockServer = HyperwalletMockWebServer.shared
 
         mockServer.setupStub(url: "/rest/v3/users/usr-token/authentication-token",
                              filename: "AuthenticationTokenWalletModelResponse",
@@ -104,8 +103,4 @@ class BaseTests: XCTestCase {
     func clickBackButton() {
         app.navigationBars.buttons[Common.navBackButton].tap()
     }
-
-    override func tearDown() {
-        mockServer.tearDown()
-    }
 }

README.md

@@ -1,109 +1,88 @@
+import Ambassador
+import Embassy
 import Foundation
-import Swifter
 
 enum HTTPMethod {
     case get
     case post
     case put
 }
 
+// swiftlint:disable force_try
 final class HyperwalletMockWebServer {
-    private var server: HttpServer!
+    private var server: HTTPServer!
+    private var router: Router! = Router()
+    private var loop: EventLoop!
+    private var thread: Thread!
     let testBundle = Bundle(for: HyperwalletMockWebServer.self)
+    static let shared = HyperwalletMockWebServer(port: 8432)
 
-    func setUp() {
-        server = HttpServer()
-        do {
-            try server.start(8432)
-        } catch {
-            print("Error info: \(error)")
-        }
-    }
+    private init(port: Int) {
+        loop = try! SelectorEventLoop(selector: try! KqueueSelector())
+        router = Router()
+        server = DefaultHTTPServer(eventLoop: loop, port: port, app: router.app)
+
+        try! server.start()
 
-    func tearDown() {
-        if server.operating {
-            server.stop()
+        thread = Thread {
+            self.loop.runForever()
         }
-        server = nil
+        thread.start()
     }
-
-    func setupStub(url: String, filename: String, method: HTTPMethod) {
+    
+    func setupStub(url: String, filename: String, method: HTTPMethod, statusCode: Int = 200) {
         let filePath = testBundle.path(forResource: filename, ofType: "json")
         let fileUrl = URL(fileURLWithPath: filePath!)
+        
         do {
             let data = try Data(contentsOf: fileUrl, options: .uncached)
-            let json = dataToJSON(data: data)
-            let response: ((HttpRequest) -> HttpResponse) = { _ in
-                HttpResponse.ok(.json(json as AnyObject))
-            }
-
-            if method == .get {
-                server.GET[url] = response
-            } else if method == .put {
-                server.PUT[url] = response
-            } else {
-                server.POST[url] = response
+            guard let json = dataToJSON(data: data)
+            else { return }
+            
+            router[url] = JSONResponse(statusCode: statusCode) { _ -> Any in
+                return json
             }
         } catch {
             print("Error info: \(error)")
         }
     }
-
-    func setupStubError(url: String,
-                        filename: String,
-                        method: HTTPMethod,
-                        statusCode: Int = 400) {
+    
+    func setupStubError(url: String, filename: String, method: HTTPMethod, statusCode: Int = 400) {
         let filePath = testBundle.path(forResource: filename, ofType: "json")
         let fileUrl = URL(fileURLWithPath: filePath!)
         do {
             let data = try Data(contentsOf: fileUrl, options: .uncached)
-            let reasonPhrase = "Bad Request"
-            let headers = ["Content-Type": "application/json"]
-
-            let response: ((HttpRequest) -> HttpResponse) = { _ in
-                HttpResponse.raw(statusCode, reasonPhrase, headers, { writer in
-                    try writer.write(data)
-                })
-            }
-
-            if method == .get {
-                server.GET[url] = response
-            } else if method == .put {
-                server.PUT[url] = response
-            } else {
-                server.POST[url] = response
+            guard let json = dataToJSON(data: data)
+            else { return }
+            
+            router[url] = JSONResponse(statusCode: statusCode) { _ -> Any in
+                return json
             }
         } catch {
             print("Error info: \(error)")
         }
     }
-
+    
     func setUpEmptyResponse(url: String) {
-        let statusCode = 204
-        let headers = ["Content-Type": "application/json"]
-
-        let response: ((HttpRequest) -> HttpResponse) = { _ in
-            HttpResponse.raw(statusCode, "Empty", headers, nil)
+        router[url] = DataResponse(
+            statusCode: 204,
+            statusMessage: "No Content",
+            contentType: "application/json",
+            headers: []
+        ) { _, sendData in
+            sendData(Data())
         }
-
-        server.GET[url] = response
     }
+    
     func setupStubEmpty(url: String, statusCode: Int, method: HTTPMethod) {
-        let headers = ["Content-Type": "application/json"]
-
-        let response: ((HttpRequest) -> HttpResponse) = { _ in
-            HttpResponse.raw(statusCode, "Empty", headers, nil)
-        }
-
-        if method == .get {
-            server.GET[url] = response
-        } else if method == .put {
-            server.PUT[url] = response
-        } else {
-            server.POST[url] = response
-        }
+        router[url] = JSONResponse(statusCode: statusCode)
     }
-
+    
+    func shutDown() {
+        server.stop()
+        loop.stop()
+    }
+    
     func dataToJSON(data: Data) -> Any? {
         do {
             return try JSONSerialization.jsonObject(with: data, options: .mutableContainers)
@@ -113,3 +92,4 @@ final class HyperwalletMockWebServer {
         return nil
     }
 }
+// swiftlint:enable force_try