Merge branch 'feature/JWTImrovements' into JWT_Improvement_Part2

# Conflicts:
#	swift-sdk.xcodeproj/project.pbxproj
#	swift-sdk/Internal/AuthManager.swift
#	swift-sdk/Internal/RequestProcessorUtil.swift
#	swift-sdk/IterableAuthManagerProtocol.swift
#	tests/common/MockAuthManager.swift

Author: “Akshay

CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [6.5.3]
+### Changed
+- Deprecated support for iOS 10 and iOS 11.
+
 ## [6.5.2]
 ### Fixed
 - The Privacy Manifest has been relocated to the resources folder within the SDK. This adjustment facilitates the inclusion of the SDK's privacy manifest in the generation process.

Gemfile.lock

@@ -281,6 +281,7 @@ GEM
 
 PLATFORMS
   arm64-darwin-21
+  arm64-darwin-22
   x86_64-darwin-20
 
 DEPENDENCIES

Iterable-iOS-AppExtensions.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
   s.name         = "Iterable-iOS-AppExtensions"
   s.module_name  = "IterableAppExtensions"
-  s.version      = "6.5.2"
+  s.version      = "6.5.3"
   s.summary      = "App Extensions for Iterable SDK"
 
   s.description  = <<-DESC

Iterable-iOS-SDK.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
   s.name         = "Iterable-iOS-SDK"
   s.module_name  = "IterableSDK"
-  s.version      = "6.5.2"
+  s.version      = "6.5.3"
   s.summary      = "Iterable's official SDK for iOS"
 
   s.description  = <<-DESC

swift-sdk.xcodeproj/project.pbxproj

@@ -401,6 +401,7 @@
 		ACFF42B02465B4AE00FDF10D /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = ACFF42AF2465B4AE00FDF10D /* AppDelegate.swift */; };
 		BA2BB8192BADD5A500EA0229 /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = BA2BB8182BADD5A500EA0229 /* PrivacyInfo.xcprivacy */; };
 		BA2BB81A2BADD5A500EA0229 /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = BA2BB8182BADD5A500EA0229 /* PrivacyInfo.xcprivacy */; };
+		E9003E012BF4DF15004AB45B /* RetryPolicy.swift in Sources */ = {isa = PBXBuildFile; fileRef = E9003E002BF4DF15004AB45B /* RetryPolicy.swift */; };
 		E9BF47962B46D5DC0033DB69 /* IterableEmbeddedView.swift in Sources */ = {isa = PBXBuildFile; fileRef = E9BF47952B46D5DC0033DB69 /* IterableEmbeddedView.swift */; };
 		E9BF47982B46DEB30033DB69 /* IterableEmbeddedView.xib in Resources */ = {isa = PBXBuildFile; fileRef = E9BF47972B46DEB30033DB69 /* IterableEmbeddedView.xib */; };
 		E9FF7FD12BFCBD90000409ED /* AuthFailure.swift in Sources */ = {isa = PBXBuildFile; fileRef = E9FF7FD02BFCBD90000409ED /* AuthFailure.swift */; };
@@ -807,6 +808,7 @@
 		ACFF42AE24656ECF00FDF10D /* ui-tests-app.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "ui-tests-app.entitlements"; sourceTree = "<group>"; };
 		ACFF42AF2465B4AE00FDF10D /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
 		BA2BB8182BADD5A500EA0229 /* PrivacyInfo.xcprivacy */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = PrivacyInfo.xcprivacy; sourceTree = "<group>"; };
+		E9003E002BF4DF15004AB45B /* RetryPolicy.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RetryPolicy.swift; sourceTree = "<group>"; };
 		E9BF47952B46D5DC0033DB69 /* IterableEmbeddedView.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = IterableEmbeddedView.swift; sourceTree = "<group>"; };
 		E9BF47972B46DEB30033DB69 /* IterableEmbeddedView.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = IterableEmbeddedView.xib; sourceTree = "<group>"; };
 		E9FF7FD02BFCBD90000409ED /* AuthFailure.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AuthFailure.swift; sourceTree = "<group>"; };
@@ -1069,6 +1071,7 @@
 				AC78F0E6253D7F09006378A5 /* IterablePushNotificationMetadata.swift */,
 				E9FF7FD02BFCBD90000409ED /* AuthFailure.swift */,
 				E9FF7FD22BFCBDB9000409ED /* AuthFailureReason.swift */,
+				E9003E002BF4DF15004AB45B /* RetryPolicy.swift */,
 			);
 			path = "swift-sdk";
 			sourceTree = "<group>";
@@ -2095,6 +2098,7 @@
 				AC72A0D220CF4D12004D7997 /* IterableUtil.swift in Sources */,
 				AC32E16821DD55B900BD4F83 /* OrderedDictionary.swift in Sources */,
 				ACF406232507BC72005FD775 /* NetworkMonitor.swift in Sources */,
+				E9003E012BF4DF15004AB45B /* RetryPolicy.swift in Sources */,
 				AC1712892416AEF400F2BB0E /* WebViewProtocol.swift in Sources */,
 				AC3C10F9213F46A900A9B839 /* IterableLogging.swift in Sources */,
 				55DD207F26A0D83800773CC7 /* IterableAuthManagerProtocol.swift in Sources */,

swift-sdk/Constants.swift

@@ -15,6 +15,7 @@ enum Const {
 
     static let deepLinkRegex = "/a/[a-zA-Z0-9]+"
     static let href = "href"
+    static let exponentialFactor = 2.0
 
     enum Http {
         static let GET = "GET"
@@ -286,6 +287,8 @@ enum JsonValue {
     enum Code {
         static let badApiKey = "BadApiKey"
         static let invalidJwtPayload = "InvalidJwtPayload"
+        static let badAuthorizationHeader = "BadAuthorizationHeader"
+        static let jwtUserIdentifiersMismatched = "JwtUserIdentifiersMismatched"
     }
 }
 

swift-sdk/Internal/AuthManager.swift

@@ -6,12 +6,14 @@ import Foundation
 
 class AuthManager: IterableAuthManagerProtocol {
     init(delegate: IterableAuthDelegate?,
+         authRetryPolicy: RetryPolicy,
          expirationRefreshPeriod: TimeInterval,
          localStorage: LocalStorageProtocol,
          dateProvider: DateProviderProtocol) {
         ITBInfo()
 
         self.delegate = delegate
+        self.authRetryPolicy = authRetryPolicy
         self.localStorage = localStorage
         self.dateProvider = dateProvider
         self.expirationRefreshPeriod = expirationRefreshPeriod
@@ -35,26 +37,44 @@ class AuthManager: IterableAuthManagerProtocol {
         hasFailedPriorAuth = false
     }
 
-    func requestNewAuthToken(hasFailedPriorAuth: Bool = false, onSuccess: AuthTokenRetrievalHandler? = nil) {
+    func requestNewAuthToken(hasFailedPriorAuth: Bool = false,
+                             onSuccess: AuthTokenRetrievalHandler? = nil,
+                             shouldIgnoreRetryPolicy: Bool) {
         ITBInfo()
 
-        guard !pendingAuth else {
-            return
-        }
-        
-        guard !self.hasFailedPriorAuth || !hasFailedPriorAuth else {
+        if shouldPauseRetry(shouldIgnoreRetryPolicy) || pendingAuth || hasFailedAuth(hasFailedPriorAuth) {
             return
         }
 
         self.hasFailedPriorAuth = hasFailedPriorAuth
-        
         pendingAuth = true
 
+        if shouldUseLastValidToken(shouldIgnoreRetryPolicy) {
+            // if some JWT retry had valid token it will not fetch the auth token again from developer function
+            onAuthTokenReceived(retrievedAuthToken: authToken, onSuccess: onSuccess)
+            return
+        }
+        
         delegate?.onAuthTokenRequested { [weak self] retrievedAuthToken in
+            self?.pendingAuth = false
+            self?.retryCount+=1
             self?.onAuthTokenReceived(retrievedAuthToken: retrievedAuthToken, onSuccess: onSuccess)
         }
     }
 
+    private func hasFailedAuth(_ hasFailedPriorAuth: Bool) -> Bool {
+        return self.hasFailedPriorAuth && hasFailedPriorAuth
+    }
+    
+    private func shouldPauseRetry(_ shouldIgnoreRetryPolicy: Bool) -> Bool {
+        return (!shouldIgnoreRetryPolicy && pauseAuthRetry) ||
+               (retryCount >= authRetryPolicy.maxRetry && !shouldIgnoreRetryPolicy)
+    }
+    
+    private func shouldUseLastValidToken(_ shouldIgnoreRetryPolicy: Bool) -> Bool {
+        return isLastAuthTokenValid && !shouldIgnoreRetryPolicy
+    }
+    
     func setNewToken(_ newToken: String) {
         ITBInfo()
 
@@ -69,6 +89,7 @@ class AuthManager: IterableAuthManagerProtocol {
         storeAuthToken()
 
         clearRefreshTimer()
+        isLastAuthTokenValid = false
     }
 
     // MARK: - Private/Internal
@@ -79,11 +100,39 @@ class AuthManager: IterableAuthManagerProtocol {
     private var pendingAuth: Bool = false
     private var hasFailedPriorAuth: Bool = false
 
+    private var authRetryPolicy: RetryPolicy
+    private var retryCount: Int = 0
+    private var isLastAuthTokenValid: Bool = false
+    private var pauseAuthRetry: Bool = false
+    private var isTimerScheduled: Bool = false
+    
     private weak var delegate: IterableAuthDelegate?
     private let expirationRefreshPeriod: TimeInterval
     private var localStorage: LocalStorageProtocol
     private let dateProvider: DateProviderProtocol
 
+    func pauseAuthRetries(_ pauseAuthRetry: Bool) {
+        self.pauseAuthRetry = pauseAuthRetry
+        resetRetryCount()
+    }
+    
+    func setIsLastAuthTokenValid(_ isValid: Bool) {
+        isLastAuthTokenValid = isValid
+    }
+    
+    func getNextRetryInterval() -> Double {
+        var nextRetryInterval = Double(authRetryPolicy.retryInterval)
+        if authRetryPolicy.retryBackoff == .exponential {
+            nextRetryInterval = Double(nextRetryInterval) * pow(Const.exponentialFactor, Double(retryCount - 1))
+        }
+        
+        return nextRetryInterval
+    }
+    
+    private func resetRetryCount() {
+        retryCount = 0
+    }
+    
     private func storeAuthToken() {
         localStorage.authToken = authToken
     }
@@ -93,37 +142,34 @@ class AuthManager: IterableAuthManagerProtocol {
 
         authToken = localStorage.authToken
 
-        queueAuthTokenExpirationRefresh(authToken)
+        _ = queueAuthTokenExpirationRefresh(authToken)
     }
 
     private func onAuthTokenReceived(retrievedAuthToken: String?, onSuccess: AuthTokenRetrievalHandler? = nil) {
         ITBInfo()
 
         pendingAuth = false
 
-        guard retrievedAuthToken != nil else {
+        if retrievedAuthToken != nil {
+            let isRefreshQueued = queueAuthTokenExpirationRefresh(retrievedAuthToken, onSuccess: onSuccess)
+            if !isRefreshQueued {
+                onSuccess?(authToken)
+            }
+        } else {
             handleAuthFailure(failedAuthToken: nil, reason: .authTokenNull)
-            
-            /// by default, schedule a refresh for 10s
-            scheduleAuthTokenRefreshTimer(10)
-            
-            return
+            scheduleAuthTokenRefreshTimer(interval: getNextRetryInterval(), successCallback: onSuccess)
         }
 
         authToken = retrievedAuthToken
 
         storeAuthToken()
-        
-        queueAuthTokenExpirationRefresh(authToken)
-        
-        onSuccess?(authToken)
     }
 
     func handleAuthFailure(failedAuthToken: String?, reason: AuthFailureReason) {
         delegate?.onAuthFailure(AuthFailure(userKey: IterableUtil.getEmailOrUserId(), failedAuthToken: failedAuthToken, failedRequestTime: IterableUtil.secondsFromEpoch(for: dateProvider.currentDate), failureReason: reason))
     }
 
-    private func queueAuthTokenExpirationRefresh(_ authToken: String?) {
+    private func queueAuthTokenExpirationRefresh(_ authToken: String?, onSuccess: AuthTokenRetrievalHandler? = nil) -> Bool {
         ITBInfo()
 
         clearRefreshTimer()
@@ -132,32 +178,47 @@ class AuthManager: IterableAuthManagerProtocol {
             handleAuthFailure(failedAuthToken: authToken, reason: .authTokenPayloadInvalid)
 
             /// schedule a default timer of 10 seconds if we fall into this case
-            scheduleAuthTokenRefreshTimer(10)
+            scheduleAuthTokenRefreshTimer(interval: getNextRetryInterval(), successCallback: onSuccess)
 
-            return
+            return true
         }
 
         let timeIntervalToRefresh = TimeInterval(expirationDate) - dateProvider.currentDate.timeIntervalSince1970 - expirationRefreshPeriod
-        
-        scheduleAuthTokenRefreshTimer(timeIntervalToRefresh)
+        if timeIntervalToRefresh > 0 {
+            scheduleAuthTokenRefreshTimer(interval: timeIntervalToRefresh, isScheduledRefresh: true, successCallback: onSuccess)
+            return true
+        }
+        return false
     }
 
-    private func scheduleAuthTokenRefreshTimer(_ interval: TimeInterval) {
+    func scheduleAuthTokenRefreshTimer(interval: TimeInterval, isScheduledRefresh: Bool = false, successCallback: AuthTokenRetrievalHandler? = nil) {
         ITBInfo()
+        if shouldSkipTokenRefresh(isScheduledRefresh: isScheduledRefresh) {
+            // we only stop schedule token refresh if it is called from retry (in case of failure). The normal auth token refresh schedule would work
+            return
+        }
 
         expirationRefreshTimer = Timer.scheduledTimer(withTimeInterval: interval, repeats: false) { [weak self] _ in
+            self?.isTimerScheduled = false
             if self?.localStorage.email != nil || self?.localStorage.userId != nil {
-                self?.requestNewAuthToken(hasFailedPriorAuth: false)
+                self?.requestNewAuthToken(hasFailedPriorAuth: false, onSuccess: successCallback, shouldIgnoreRetryPolicy: isScheduledRefresh)
             } else {
                 ITBDebug("Email or userId is not available. Skipping token refresh")
             }
         }
+        
+        isTimerScheduled = true
+    }
+    
+    private func shouldSkipTokenRefresh(isScheduledRefresh: Bool) -> Bool {
+        return (pauseAuthRetry && !isScheduledRefresh) || isTimerScheduled
     }
 
     private func clearRefreshTimer() {
         ITBInfo()
 
         expirationRefreshTimer?.invalidate()
+        isTimerScheduled = false
         expirationRefreshTimer = nil
     }
 

swift-sdk/Internal/DependencyContainerProtocol.swift

@@ -51,6 +51,7 @@ extension DependencyContainerProtocol {
 
     func createAuthManager(config: IterableConfig) -> IterableAuthManagerProtocol {
         AuthManager(delegate: config.authDelegate,
+                    authRetryPolicy: config.retryPolicy,
                     expirationRefreshPeriod: config.expiringAuthTokenRefreshPeriod,
                     localStorage: localStorage,
                     dateProvider: dateProvider)

swift-sdk/Internal/InternalIterableAPI.swift

@@ -582,6 +582,7 @@ final class InternalIterableAPI: NSObject, PushTrackerProtocol, AuthProvider {
     private func onLogin(_ authToken: String? = nil) {
         ITBInfo()
 
+        self.authManager.pauseAuthRetries(false)
         if let authToken = authToken {
             self.authManager.setNewToken(authToken)
             completeUserLogin()
@@ -599,7 +600,7 @@ final class InternalIterableAPI: NSObject, PushTrackerProtocol, AuthProvider {
             if token != nil {
                 self?.completeUserLogin()
             }
-        })
+        }, shouldIgnoreRetryPolicy: true)
     }
 
     private func completeUserLogin() {

swift-sdk/Internal/OfflineRequestProcessor.swift

@@ -319,7 +319,7 @@ struct OfflineRequestProcessor: RequestProcessorProtocol {
         return RequestCreator(auth: authProvider.auth, deviceMetadata: deviceMetadata)
     }
 
-    private func sendIterableRequest(requestGenerator: (RequestCreator) -> Result<IterableRequest, IterableError>,
+    private func sendIterableRequest(requestGenerator: @escaping (RequestCreator) -> Result<IterableRequest, IterableError>,
                                      successHandler onSuccess: OnSuccessHandler?,
                                      failureHandler onFailure: OnFailureHandler?,
                                      identifier: String) -> Pending<SendRequestValue, SendRequestError> {
@@ -343,11 +343,25 @@ struct OfflineRequestProcessor: RequestProcessorProtocol {
             SendRequestError.from(error: error)
         }.flatMap { taskId -> Pending<SendRequestValue, SendRequestError> in
             let pendingTask = notificationListener.futureFromTask(withTaskId: taskId)
-            return RequestProcessorUtil.apply(successHandler: onSuccess,
+            let result = RequestProcessorUtil.apply(successHandler: onSuccess,
                                               andFailureHandler: onFailure,
                                               andAuthManager: authManager,
                                               toResult: pendingTask,
                                               withIdentifier: identifier)
+            result.onError { error in
+                if error.httpStatusCode == 401, RequestProcessorUtil.matchesJWTErrorCode(error.iterableCode) {
+                    authManager?.handleAuthFailure(failedAuthToken: authManager?.getAuthToken(), reason: RequestProcessorUtil.getMappedErrorCodeForMessage(error.reason ?? ""))
+                    authManager?.setIsLastAuthTokenValid(false)
+                    let retryInterval = authManager?.getNextRetryInterval() ?? 1
+                    DispatchQueue.main.async {
+                        authManager?.scheduleAuthTokenRefreshTimer(interval: retryInterval, isScheduledRefresh: false, successCallback: { _ in
+                            _ = sendIterableRequest(requestGenerator: requestGenerator, successHandler: onSuccess, failureHandler: onFailure, identifier: identifier)
+                        })
+                    }
+
+                }
+            }
+            return result
         }
     }