Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[spaceship] Support individual API key #21987

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
+48 −5
Open

[spaceship] Support individual API key #21987

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ec64352
Support individual API key
manicmaniac Apr 22, 2024
e563cda
Update description
manicmaniac Apr 22, 2024
69c3770
Make sure issuer_id is nil
manicmaniac Apr 23, 2024
1268fe4
Add spec to check token payload
manicmaniac Apr 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 2 additions & 1 deletion fastlane/lib/fastlane/actions/app_store_connect_api_key.rb
View file
Open in desktop
Expand Up @@ -56,7 +56,8 @@ def self.available_options
description: "The key ID"),
FastlaneCore::ConfigItem.new(key: :issuer_id,
env_name: "APP_STORE_CONNECT_API_KEY_ISSUER_ID",
description: "The issuer ID"),
description: "The issuer ID. It can be nil if the key is individual API key",
optional: true),
FastlaneCore::ConfigItem.new(key: :key_filepath,
env_name: "APP_STORE_CONNECT_API_KEY_KEY_FILEPATH",
description: "The path to the key p8 file",
Expand Down
9 changes: 7 additions & 2 deletions spaceship/lib/spaceship/connect_api/token.rb
View file
Open in desktop
Expand Up @@ -39,7 +39,6 @@ def self.from_json_file(filepath)

missing_keys = []
missing_keys << 'key_id' unless json.key?(:key_id)
missing_keys << 'issuer_id' unless json.key?(:issuer_id)
missing_keys << 'key' unless json.key?(:key)

unless missing_keys.empty?
Expand Down Expand Up @@ -99,12 +98,18 @@ def refresh!
}

payload = {
iss: issuer_id,
# Reduce the issued-at-time in case our time is slighly ahead of Apple's servers, which causes the token to be rejected.
iat: now.to_i - 60,
exp: @expiration.to_i,
aud: 'appstoreconnect-v1'
}
if issuer_id
payload[:iss] = issuer_id
else
# Consider the key as individual key.
# https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests#4313913
payload[:sub] = 'user'
end

@text = JWT.encode(payload, @key, 'ES256', header)
end
Expand Down
17 changes: 16 additions & 1 deletion spaceship/spec/connect_api/token_spec.rb
View file
Open in desktop
lucgrabowski marked this conversation as resolved.
Show resolved Hide resolved
Expand Up @@ -68,7 +68,7 @@
file.close
expect do
Spaceship::ConnectAPI::Token.from_json_file(file.path)
end.to raise_error("App Store Connect API key JSON is missing field(s): key_id, issuer_id, key")
end.to raise_error("App Store Connect API key JSON is missing field(s): key_id, key")
end

it 'raises error with missing key' do
Expand Down Expand Up @@ -151,6 +151,21 @@
expect(token.duration).to eq(200)
expect(token.in_house).to eq(true)
end

it "without issuer_id" do
expect(File).to receive(:binread).with('/path/to/file').and_return(private_key)
token = Spaceship::ConnectAPI::Token.create(
key_id: "key_id",
filepath: "/path/to/file",
duration: 200,
in_house: true
)

expect(token.key_id).to eq('key_id')
lucgrabowski marked this conversation as resolved.
Show resolved Hide resolved
expect(token.text).not_to(be_nil)
expect(token.duration).to eq(200)
expect(token.in_house).to eq(true)
end
end

describe 'with environment variables' do
Expand Down