Validate and Hash CTID (#531)

* Hash CTID and userId

* Fix ctid when anonymous

* Add tests

* Use userId hash for anonymousLoginUserId

Author: nzagorchev

LeanplumSDK/LeanplumSDK/ClassesSwift/Migration/Wrapper/CTWrapper.swift

@@ -21,6 +21,8 @@ class CTWrapper: Wrapper {
         static let iOSTransactionIdentifierParam = "iOSTransactionIdentifier"
         static let iOSReceiptDataParam = "iOSReceiptData"
         static let iOSSandboxParam = "iOSSandbox"
+        
+        static let DevicesUserProperty = "devices"
     }
 
     // MARK: Initialization
@@ -67,6 +69,8 @@ class CTWrapper: Wrapper {
                     """)
             cleverTapInstance?.onUserLogin(identityManager.profile,
                                            withCleverTapID: identityManager.cleverTapID)
+            
+            setDevicesProperty()
         }
         triggerInstanceCallback()
     }
@@ -196,6 +200,8 @@ class CTWrapper: Wrapper {
                 and CleverTapID:  \(cleverTapID)")
                 """)
         cleverTapInstance?.onUserLogin(profile, withCleverTapID: cleverTapID)
+        
+        setDevicesProperty()
     }
 
     func setPushToken(_ token: Data) {
@@ -210,6 +216,11 @@ class CTWrapper: Wrapper {
         }
     }
 
+    func setDevicesProperty() {
+        // CleverTap SDK ensures the values are unique locally
+        cleverTapInstance?.profileAddMultiValue(identityManager.deviceId, forKey: Constants.DevicesUserProperty)
+    }
+    
     // MARK: Traffic Source
     func setTrafficSourceInfo(_ info: [AnyHashable: Any]) {
         let source = info["publisherName"] as? String

LeanplumSDK/LeanplumSDK/ClassesSwift/Migration/Wrapper/IdentityManager.swift

@@ -6,17 +6,24 @@
 //  Copyright © 2022 Leanplum. All rights reserved.
 
 import Foundation
+// Use @_implementationOnly to *not* expose CleverTapSDK to the Leanplum-Swift header
+@_implementationOnly import CleverTapSDK
 
 /**
  * Identity mapping between Leanplum userId and deviceId and CleverTap Identity and CTID.
  *
  *  Mappings:
  *  - anonymous: <CTID=deviceId, Identity=null>
- *  - non-anonymous to <CTID=deviceId_userId, Identity=userId>
+ *  - non-anonymous to <CTID=deviceId_userIdHash, Identity=userId>
+ *  - if invalid deviceId <deviceId=deviceIdHash>
+ *
+ *  UserId Hash is generated using the first 10 chars of the userId SHA256 string (hex).
+ *  If the deviceId does _not_ pass validation _or_ is _longer_ than 50 characters,
+ *  the first 32 chars of the deviceId SHA256 string (hex) are used as deviceIdHash.
  *
  *  - Note: On login of anonymous user, a merge should happen. CleverTap SDK allows merges
  *  only when the CTID remains the same, meaning that the merged profile would get the anonymous
- *  profile's CTID: <CTID=deviceId, Identity=userId>.
+ *  profile's CTID: <CTID=deviceId, Identity=userIdHash>.
  *  In order to keep track which is that userId, it is saved into `anonymousLoginUserId`.
  *  For this userId, the CTID is always set to deviceId.
  *  Leanplum UserId can be set through Leanplum.start and Leanplum.setUserId
@@ -29,6 +36,9 @@ class IdentityManager {
         static let Identity = "Identity"
         static let AnonymousLoginUserIdKey = "__leanplum_anonymous_login_user_id"
         static let IdentityStateKey = "__leanplum_identity_state"
+        
+        static let DeviceIdLengthLimit = 50
+        static let IdentityHashLength = 10
     }
 
     enum IdentityState: String  {
@@ -58,7 +68,12 @@ class IdentityManager {
 
     func setUserId(_ userId: String) {
         if (state == IdentityState.anonymous()) {
-            anonymousLoginUserId = userId
+            if let hash = Utilities.sha256_40(string: userId) {
+                anonymousLoginUserId = hash
+            } else {
+                Log.error("[Wrapper] Failed to generate SHA256 for userId: \(userId)")
+                anonymousLoginUserId = userIdHash
+            }
             Log.debug("[Wrapper] Anonymous user on device \(deviceId) will be merged to \(userId)")
             state = IdentityState.identified()
         }
@@ -76,19 +91,51 @@ class IdentityManager {
     func identifyNonAnonymous() {
         if let state = state,
            state == IdentityState.anonymous() {
-            anonymousLoginUserId = userId
+            anonymousLoginUserId = userIdHash
         }
         state = IdentityState.identified()
     }
 
-    var cleverTapID: String {
-        if userId != anonymousLoginUserId,
-           userId != deviceId {
-            return "\(deviceId)_\(userId)"
+    var userIdHash: String {
+        guard let hash = Utilities.sha256_40(string: userId) else {
+            Log.error("[Wrapper] Failed to generate SHA256 for userId: \(userId)")
+            return userId
         }
-         
+
+        return hash
+    }
+
+    var isValidCleverTapID: Bool {
+        // Only the deviceId could be invalid, since the userIdHash should always be valid,
+        // but we still validate the whole CTID to be safe
+        CleverTap.isValidCleverTapId(originalCleverTapID) &&
+        deviceId.count <= Constants.DeviceIdLengthLimit
+    }
+    
+    var originalCleverTapID: String {
+        if shouldAppendUserId {
+            return "\(deviceId)_\(userIdHash)"
+        }
+        
         return deviceId
     }
+
+    var cleverTapID: String {
+        if isValidCleverTapID {
+            return originalCleverTapID
+        }
+        
+        guard let ctDevice = Utilities.sha256_128(string: deviceId) else {
+            Log.error("[Wrapper] Failed to generate SHA256 for deviceId: \(deviceId)")
+            return originalCleverTapID
+        }
+        
+        if shouldAppendUserId {
+            return "\(ctDevice)_\(userIdHash)"
+        }
+        
+        return ctDevice
+    }
 
     var profile: [AnyHashable: Any] {
         [Constants.Identity: userId]
@@ -97,4 +144,8 @@ class IdentityManager {
     var isAnonymous: Bool {
         userId == deviceId
     }
+    
+    var shouldAppendUserId: Bool {
+        userIdHash != anonymousLoginUserId && userId != deviceId
+    }
 }

LeanplumSDK/LeanplumSDK/ClassesSwift/Utilities/Utilities.swift

@@ -6,9 +6,9 @@
 //  Copyright © 2021 Leanplum. All rights reserved.
 
 import Foundation
+import CommonCrypto
 
-// TODO: Remove Utilities class when we add proper models
-public class Utilities: NSObject {    
+public class Utilities: NSObject {
     /**
      * Returns Leanplum message Id from Notification userInfo.
      * Use this method to identify Leanplum Notifications
@@ -22,4 +22,37 @@ public class Utilities: NSObject {
         }
         return nil
     }
+    
+    @objc public static func sha256(data: Data) -> Data {
+        var hash = [UInt8](repeating: 0, count: Int(CC_SHA256_DIGEST_LENGTH))
+        data.withUnsafeBytes {
+            _ = CC_SHA256($0.baseAddress, CC_LONG(data.count), &hash)
+        }
+        return Data(hash)
+    }
+    
+    @objc public static func sha256(string: String) -> String? {
+        guard let messageData = string.data(using: String.Encoding.utf8) else { return nil }
+        let hashedData = sha256(data: messageData)
+        return hashedData.hexEncodedString()
+    }
+    
+    @objc public static func sha256_128(string: String) -> String? {
+        guard let str = sha256(string: string) else { return nil }
+        
+        let hexLength = 256/2/4
+        return substring(string: str, openEndIndex: hexLength)
+    }
+    
+    @objc public static func sha256_40(string: String) -> String? {
+        guard let str = sha256(string: string) else { return nil }
+        
+        let hexLength = 40/4
+        return substring(string: str, openEndIndex: hexLength)
+    }
+    
+    static func substring(string: String, openEndIndex: Int) -> String {
+        let endIndex = string.index(string.startIndex, offsetBy: openEndIndex)
+        return String(string[..<endIndex])
+    }
 }

LeanplumSDKApp/LeanplumSDKApp.xcodeproj/project.pbxproj

@@ -133,6 +133,7 @@
 		6A39C48F27283EE8000D5320 /* NotificationsProxyTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A39C48E27283EE8000D5320 /* NotificationsProxyTest.swift */; };
 		6A54E9CD273B156600DE0E61 /* NotificationsManagerTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A54E9CC273B156600DE0E61 /* NotificationsManagerTest.swift */; };
 		6A81EDDE284681D8001B4BE9 /* TiedPrioritiesDelay.json in Resources */ = {isa = PBXBuildFile; fileRef = 6A81EDDD284681D8001B4BE9 /* TiedPrioritiesDelay.json */; };
+		6A8411BB2903080A009F0431 /* UtilitiesTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A8411BA2903080A009F0431 /* UtilitiesTest.swift */; };
 		6A9D0A9627342BA300466133 /* NotificationsProxyiOS9Test.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A9D0A9527342BA300466133 /* NotificationsProxyiOS9Test.swift */; };
 		6A9D0A9827342EE300466133 /* NotificationsManagerMock.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A9D0A9727342EE300466133 /* NotificationsManagerMock.swift */; };
 		6A9D0A9A273430A700466133 /* NotificationTestHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6A9D0A99273430A700466133 /* NotificationTestHelper.swift */; };
@@ -335,6 +336,7 @@
 		6A39C48E27283EE8000D5320 /* NotificationsProxyTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NotificationsProxyTest.swift; sourceTree = "<group>"; };
 		6A54E9CC273B156600DE0E61 /* NotificationsManagerTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NotificationsManagerTest.swift; sourceTree = "<group>"; };
 		6A81EDDD284681D8001B4BE9 /* TiedPrioritiesDelay.json */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.json; path = TiedPrioritiesDelay.json; sourceTree = "<group>"; };
+		6A8411BA2903080A009F0431 /* UtilitiesTest.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UtilitiesTest.swift; sourceTree = "<group>"; };
 		6A9D0A9527342BA300466133 /* NotificationsProxyiOS9Test.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NotificationsProxyiOS9Test.swift; sourceTree = "<group>"; };
 		6A9D0A9727342EE300466133 /* NotificationsManagerMock.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NotificationsManagerMock.swift; sourceTree = "<group>"; };
 		6A9D0A99273430A700466133 /* NotificationTestHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NotificationTestHelper.swift; sourceTree = "<group>"; };
@@ -487,6 +489,7 @@
 				075AB1082684AAD9007CA1BD /* Utilities */,
 				6A39C48D27283EE7000D5320 /* LeanplumSDKTests-Bridging-Header.h */,
 				6A07FDAF283544E300995BE3 /* DictionaryValueKeyPathTest.swift */,
+				6A8411BA2903080A009F0431 /* UtilitiesTest.swift */,
 			);
 			path = Classes;
 			sourceTree = "<group>";
@@ -1018,6 +1021,7 @@
 				C9D503672754C9DC0034C5B3 /* PushNotificationSettingsTest.swift in Sources */,
 				075AB1262684AAD9007CA1BD /* LPRequest+Extension.m in Sources */,
 				6A9D0A9A273430A700466133 /* NotificationTestHelper.swift in Sources */,
+				6A8411BB2903080A009F0431 /* UtilitiesTest.swift in Sources */,
 				075AB12B2684AAD9007CA1BD /* LPOpenUrlMessageTemplateTest.m in Sources */,
 				075AB1132684AAD9007CA1BD /* LPEventDataManagerTest.m in Sources */,
 				075AB1122684AAD9007CA1BD /* LPUtilsTest.m in Sources */,