Add Flatbuffer for saving/loading Instance ID data.

Also adds some testing framework so we can ensure that things save/load
properly (and also check whatever else is important).

PiperOrigin-RevId: 248236907

Author: jonsimantov

app/instance_id/iid_data.fbs

@@ -0,0 +1,36 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// The FlatBuffers schema for IID desktop saved data.
+
+native_include "app/memory/unique_ptr.h";
+
+namespace firebase.instance_id.internal;
+
+table InstanceIdDesktopData {
+  // Instance ID, random number generated by the client which acts as a unique
+  // identifier when requesting tokens from the IID backend.
+  instance_id:string;
+  // Device ID returned by the check-in service.  This is used to request tokens
+  // from the IID service.
+  device_id:string;
+  // Security token returned by the check-in service.  This is used to request
+  // tokens from the IID service.
+  security_token:string;
+  // When the device ID and security token expire in UTC milliseconds since the
+  // epoch.
+  expiration_time:uint64;
+}
+
+root_type InstanceIdDesktopData;

app/instance_id/instance_id_desktop_impl.cc

@@ -16,19 +16,32 @@
 
 #include <assert.h>
 
+#include "app/instance_id/iid_data_generated.h"
+#include "app/src/app_identifier.h"
 #include "app/src/cleanup_notifier.h"
 
 namespace firebase {
 namespace instance_id {
 namespace internal {
 
+using firebase::app::secure::UserSecureManager;
+
 std::map<App*, InstanceIdDesktopImpl*>
     InstanceIdDesktopImpl::instance_id_by_app_;          // NOLINT
 Mutex InstanceIdDesktopImpl::instance_id_by_app_mutex_;  // NOLINT
 
-InstanceIdDesktopImpl::InstanceIdDesktopImpl(App* app) : app_(app) {
+InstanceIdDesktopImpl::InstanceIdDesktopImpl(App* app)
+    : storage_semaphore_(0), app_(app) {
   future_manager().AllocFutureApi(this, kInstanceIdFnCount);
 
+  std::string package_name = app->options().package_name();
+  std::string project_id = app->options().project_id();
+  std::string app_identifier;
+
+  user_secure_manager_ = MakeUnique<UserSecureManager>(
+      "iid", firebase::internal::CreateAppIdentifierFromOptions(app_->options())
+                 .c_str());
+
   // Guarded through GetInstance() already.
   instance_id_by_app_[app] = this;
 
@@ -132,6 +145,98 @@ Future<void> InstanceIdDesktopImpl::DeleteTokenLastResult() {
       ref_future()->LastResult(kInstanceIdFnRemoveToken));
 }
 
+// Save the instance ID to local secure storage.
+bool InstanceIdDesktopImpl::SaveToStorage() {
+  // Build up a serialized buffer algorithmically:
+  flatbuffers::FlatBufferBuilder builder;
+
+  auto iid_data_table = CreateInstanceIdDesktopDataDirect(
+      builder, instance_id_.c_str(), checkin_data_.device_id.c_str(),
+      checkin_data_.security_token.c_str(), expiration_time_);
+  builder.Finish(iid_data_table);
+
+  std::string save_string;
+  auto bufferpointer =
+      reinterpret_cast<const char*>(builder.GetBufferPointer());
+  save_string.assign(bufferpointer, bufferpointer + builder.GetSize());
+  // Encode flatbuffer
+  std::string encoded;
+  UserSecureManager::BinaryToAscii(save_string, &encoded);
+
+  Future<void> future =
+      user_secure_manager_->SaveUserData(app_->name(), encoded);
+
+  future.OnCompletion(
+      [](const Future<void>& result, void* sem_void) {
+        Semaphore* sem_ptr = reinterpret_cast<Semaphore*>(sem_void);
+        sem_ptr->Post();
+      },
+      &storage_semaphore_);
+  storage_semaphore_.Wait();
+  return future.error() == 0;
+}
+
+// Load the instance ID from local secure storage.
+bool InstanceIdDesktopImpl::LoadFromStorage() {
+  Future<std::string> future = user_secure_manager_->LoadUserData(app_->name());
+
+  future.OnCompletion(
+      [](const Future<std::string>& result, void* sem_void) {
+        Semaphore* sem_ptr = reinterpret_cast<Semaphore*>(sem_void);
+        sem_ptr->Post();
+      },
+      &storage_semaphore_);
+  storage_semaphore_.Wait();
+  if (future.error() == 0) {
+    ReadStoredInstanceIdData(*future.result());
+  }
+  return future.error() == 0;
+}
+
+// Delete the instance ID from local secure storage.
+bool InstanceIdDesktopImpl::DeleteFromStorage() {
+  Future<void> future = user_secure_manager_->DeleteUserData(app_->name());
+
+  future.OnCompletion(
+      [](const Future<void>& result, void* sem_void) {
+        Semaphore* sem_ptr = reinterpret_cast<Semaphore*>(sem_void);
+        sem_ptr->Post();
+      },
+      &storage_semaphore_);
+  storage_semaphore_.Wait();
+  return future.error() == 0;
+}
+
+// Returns true if data was successfully read.
+bool InstanceIdDesktopImpl::ReadStoredInstanceIdData(
+    const std::string& loaded_string) {
+  // Decode to flatbuffer
+  std::string decoded;
+  if (!UserSecureManager::AsciiToBinary(loaded_string, &decoded)) {
+    LogWarning("Error decoding saved Instance ID.");
+    return false;
+  }
+  // Verify the Flatbuffer is valid.
+  flatbuffers::Verifier verifier(
+      reinterpret_cast<const uint8_t*>(decoded.c_str()), decoded.length());
+  if (!VerifyInstanceIdDesktopDataBuffer(verifier)) {
+    LogWarning("Error verifying saved Instance ID.");
+    return false;
+  }
+
+  auto iid_data_fb = GetInstanceIdDesktopData(decoded.c_str());
+  if (iid_data_fb == nullptr) {
+    LogWarning("Error reading table for saved Instance ID.");
+    return false;
+  }
+
+  instance_id_ = iid_data_fb->instance_id()->c_str();
+  checkin_data_.device_id = iid_data_fb->device_id()->c_str();
+  checkin_data_.security_token = iid_data_fb->security_token()->c_str();
+  expiration_time_ = iid_data_fb->expiration_time();
+  return true;
+}
+
 }  // namespace internal
 }  // namespace instance_id
 }  // namespace firebase

app/instance_id/instance_id_desktop_impl.h

@@ -15,18 +15,23 @@
 #ifndef FIREBASE_APP_CLIENT_CPP_INSTANCE_ID_INSTANCE_ID_DESKTOP_IMPL_H_
 #define FIREBASE_APP_CLIENT_CPP_INSTANCE_ID_INSTANCE_ID_DESKTOP_IMPL_H_
 
+#include <cstdint>
 #include <map>
 #include <string>
 
+#include "app/memory/unique_ptr.h"
 #include "app/src/future_manager.h"
 #include "app/src/include/firebase/app.h"
 #include "app/src/include/firebase/future.h"
-#include "app/src/mutex.h"
+#include "app/src/secure/user_secure_manager.h"
+#include "app/src/semaphore.h"
 
 namespace firebase {
 namespace instance_id {
 namespace internal {
 
+class InstanceIdDesktopImplTest;  // For testing.
+
 class InstanceIdDesktopImpl {
  public:
   // Future functions for Instance Id
@@ -35,6 +40,9 @@ class InstanceIdDesktopImpl {
     kInstanceIdFnRemoveId,
     kInstanceIdFnGetToken,
     kInstanceIdFnRemoveToken,
+    kInstanceIdFnStorageSave,
+    kInstanceIdFnStorageLoad,
+    kInstanceIdFnStorageDelete,
     kInstanceIdFnCount,
   };
 
@@ -90,6 +98,8 @@ class InstanceIdDesktopImpl {
   App& app() { return *app_; }
 
  private:
+  friend class InstanceIdDesktopImplTest;
+
   explicit InstanceIdDesktopImpl(App* app);
 
   // Get future manager of this object
@@ -100,12 +110,43 @@ class InstanceIdDesktopImpl {
     return future_manager().GetFutureApi(this);
   }
 
+  // Verify and parse the stored IID data, called by LoadFromStorage(), and fill
+  // in this class. Returns false if there are any parsing errors.
+  bool ReadStoredInstanceIdData(const std::string& loaded_string);
+
+  // For testing only, to use a fake UserSecureManager.
+  void SetUserSecureManager(
+      UniquePtr<firebase::app::secure::UserSecureManager> manager) {
+    user_secure_manager_ = manager;
+  }
+
+  // Save the instance ID to local secure storage. Blocking.
+  bool SaveToStorage();
+  // Load the instance ID from local secure storage. Blocking.
+  bool LoadFromStorage();
+  // Delete the instance ID from local secure storage. Blocking.
+  bool DeleteFromStorage();
+
+  // Used to wait for async storage functions to finish.
+  Semaphore storage_semaphore_;
+
+  struct CheckinData {
+    std::string security_token;
+    std::string device_id;
+  };
+
   // Future manager of this object
   FutureManager future_manager_;
 
   // The App this object is connected to.
   App* app_;
 
+  UniquePtr<firebase::app::secure::UserSecureManager> user_secure_manager_;
+
+  CheckinData checkin_data_;
+  std::string instance_id_;
+  uint64_t expiration_time_;
+
   // Global map of App to InstanceIdDesktopImpl
   static std::map<App*, InstanceIdDesktopImpl*> instance_id_by_app_;
 

app/src/secure/user_secure_manager_fake.cc

@@ -0,0 +1,54 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "app/src/secure/user_secure_manager_fake.h"
+
+#include "app/memory/unique_ptr.h"
+#include "app/src/secure/user_secure_fake_internal.h"
+
+namespace firebase {
+namespace app {
+namespace secure {
+
+#if defined(_WIN32)
+static const char kDirectorySeparator[] = "\\";
+#else
+static const char kDirectorySeparator[] = "/";
+#endif  // defined(_WIN32)
+
+// Get temp directory for fake secure storage.
+static std::string GetTestTmpDir(const char test_namespace[]) {
+#if defined(_WIN32)
+  char buf[MAX_PATH + 1];
+  if (GetEnvironmentVariable("TEST_TMPDIR", buf, sizeof(buf))) {
+    return std::string(buf) + kDirectorySeparator + test_namespace;
+  }
+#else
+  // Linux and OS X should either have the TEST_TMPDIR environment variable set.
+  if (const char* value = getenv("TEST_TMPDIR")) {
+    return std::string(value) + kDirectorySeparator + test_namespace;
+  }
+#endif  // defined(_WIN32)
+  // If we weren't able to get TEST_TMPDIR, just use a subdirectory.
+  return test_namespace;
+}
+
+UserSecureManagerFake::UserSecureManagerFake(const char* domain,
+                                             const char* app_id)
+    : UserSecureManager(MakeUnique<UserSecureFakeInternal>(
+          domain, GetTestTmpDir(app_id).c_str())) {}
+
+}  // namespace secure
+}  // namespace app
+}  // namespace firebase

app/src/secure/user_secure_manager_fake.h

@@ -0,0 +1,35 @@
+
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef FIREBASE_APP_CLIENT_CPP_SRC_SECURE_USER_SECURE_MANAGER_FAKE_H_
+#define FIREBASE_APP_CLIENT_CPP_SRC_SECURE_USER_SECURE_MANAGER_FAKE_H_
+
+#include "app/src/secure/user_secure_manager.h"
+
+namespace firebase {
+namespace app {
+namespace secure {
+
+// Fake version of UserSecureManager usable for testing. Stores to TEST_TMPDIR.
+class UserSecureManagerFake : public UserSecureManager {
+ public:
+  explicit UserSecureManagerFake(const char* domain, const char* app_id);
+};
+
+}  // namespace secure
+}  // namespace app
+}  // namespace firebase
+
+#endif  // FIREBASE_APP_CLIENT_CPP_SRC_SECURE_USER_SECURE_MANAGER_FAKE_H_