Quickstart-ios-swift-grpc - Quickstart for integrating Approov with iOS apps in Swift that make API requests you wish to protect using GRPC

Overview

Approov Quickstart: iOS Swift GRPC (Google Remote Procedure Call)

This quickstart is written specifically for native iOS apps that are written in Swift and making API calls using GRPC-Swift that you wish to protect with Approov. If this is not your situation, then please check if there is a more relevant quickstart guide available.

This quickstart provides the basic steps for integrating Approov into your app. A more detailed step-by-step guide using a Shapes App Example is also available.

To follow this guide you should have received an onboarding email for a trial or paid Approov account.

ADDING APPROOV SERVICE DEPENDENCY

The Approov integration is available via the Swift Package Manager. This allows inclusion into the project by simply specifying a dependency in the Add Package Dependency Xcode option. Add the package https://github.com/approov/approov-service-ios-swift-grpc.git and then choose the relevant Approov SDK version, in this case 2.9.0, and select the Exact Version option:

Add Package Dependency

The package is actually an open source wrapper layer that allows you to easily use Approov with GRPC-Swift. This has a further dependency to the closed source Approov SDK.

USING APPROOV SERVICE

The ApproovClientConnection class mimics the interface and functionality of the ClientConnection class provided by GRPC-Swift, but also initializes the Approov SDK and sets up pinning for the GRPC channel created by an ApproovClientConnection.Builder.

The <enter-your-config-string-here> is a custom string that configures your Approov account access. This will have been provided in your Approov onboarding email (it will be something like #123456#K/XPlLtfcwnWkzv99Wj5VmAxo4CrU267J1KlQyoz8Qo=).

The simplest way to use the ApproovClientConnection class is to find and replace all the ClientConnection with ApproovClientConnection.

let builder = ApproovClientConnection.usingTLSBackedByNIOSSL(approovConfigString: "<enter-your-config-string-here>", on: group!)

You can then create secure pinned GRPC channels by using the returned builder instead of the usual ClientConnection.Builder:

let channel = builder.connect(host: hostname, port: port)

Approov-enable GRPC clients by adding a ClientInterceptor factory. The ClientInterceptor factory should return an ApproovClientInterceptor for any GRPC call that requires to be protected with Approov. The ApproovClientInterceptor adds an Approov-Token header to a GRPC request.

// Provide the channel to the generated client.
client = Your_YourClient(channel: channel, interceptors: ApproovClientInterceptorFactory(hostname: hostname))

An ApproovClientInterceptorFactory looks similar to this template and must be implemented specifically to match the code generated by the GRPC protoc compiler for your protocol definitions (.proto files). In the example below all types starting withYour_ would have been automatically generated. Note that an ApproovInterceptor needs to be returned only for GRPCs that should be protected with an Approov token.

import ApproovGRPC
import Foundation
import GRPC

// Example client interceptor factory to show how to create an ApproovClientInterceptorFactory for a specific
// ClientInterceptorFactoryProtocol.
class ApproovClientInterceptorFactory: Your_YourClientInterceptorFactoryProtocol {

    // hostname/domain for which to add an Approov token to protected GRPC requests
    let hostname: String

    init(hostname: String) {
        self.hostname = hostname
    }

    /// - Returns: Interceptors to use when invoking a GRPC that does not require Approov protection.
    func makeUnprotectedInterceptors() -> [ClientInterceptor<Your_UnprotectedRequest, Your_UnprotectedReply>] {
        return []
    }

    /// - Returns: Interceptors to use when invoking a GRPC that requires Approov protection.
    func makeProtectedInterceptors() -> [ClientInterceptor<Your_ProtectedRequest, Your_ProtectedReply>] {
        return [ApproovClientInterceptor<Your_ProtectedRequest, Your_ProtectedReply>(hostname: hostname)]
    }
}

CHECKING IT WORKS

Initially you won't have set which API domains to protect, so the interceptor will not add anything. It will have called Approov though and made contact with the Approov cloud service. You will see logging from Approov saying UNKNOWN_URL.

Your Approov onboarding email should contain a link allowing you to access Live Metrics Graphs. After you've run your app with Approov integration you should be able to see the results in the live metrics within a minute or so. At this stage you could even release your app to get details of your app population and the attributes of the devices they are running upon.

However, to actually protect your APIs there are some further steps you can learn about in Next Steps.

You might also like...
CoreNetwork module with the basic functionality of requests to the network

CoreNetwork module with the basic functionality of requests to the network

Menet is a TCP network middleware that can be dynamically modified through HTTP requests.
Menet is a TCP network middleware that can be dynamically modified through HTTP requests.

Menet Menet is a TCP network middleware that can be dynamically modified through HTTP requests. This is an experimental project, do NOT use it in prod

Easy and lightweight network layer for creating different set of network requests like GET, POST, PUT, DELETE customizable with coders conforming to TopLevelDecoder, TopLevelEncoder
Easy and lightweight network layer for creating different set of network requests like GET, POST, PUT, DELETE customizable with coders conforming to TopLevelDecoder, TopLevelEncoder

Easy and lightweight network layer for creating different set of network requests like GET, POST, PUT, DELETE customizable with coders conforming to TopLevelDecoder, TopLevelEncoder

APIProvider - API Provider Package for easier API management inspired by abstraction

APIProvider Using APIProvider you can easily communicate with all API endpoints

This is my attempt to make this repo available on swift package manager

Parse LiveQuery Client for iOS/OSX PFQuery is one of the key concepts for Parse. It allows you to retrieve PFObjects by specifying some conditions, ma

This package is meant to make http request of an easy way inspiren in the architecture of Moya package

NetworkAgent This package is meant to make http request of an easy way inspiren in the architecture of Moya package. This package is 100% free of depe

Make it easier to observe network connectivity in SwiftUI.

ReachabilityX ReachabilityX is built using NWPathMonitor from Apple's Network framework to provide an easy way to observe the network changes for Swif

A web API client in Swift built using Async/Await

Get A modern web API client in Swift built using Async/Await and Actors. let cli

 Postie - The Next-Level HTTP API Client using Combine
Postie - The Next-Level HTTP API Client using Combine

Postie - The Next-Level HTTP API Client using Combine Postie is a pure Swift library for building URLRequests using property wrappers.

Owner
Approov Integration Examples
A collection of free to use code examples and pre-built deployable solutions for users of the Approov authentication service
Approov Integration Examples
Codegeneration tool for isomorphic server and mobile Go apps with gRPC & Protobuf.

Codegeneration tool for isomorphic server and mobile Go apps with gRPC & Protobuf. Share code between your backend, Android & iOS app!

Kirill Biakov 17 Jun 25, 2020
Grpc example project for swift

How to gRPC on Swift Projects This file aims to guide you to gRPC implementation on your swift project. Installing the Protobuf Compiler Open Terminal

Mert Gürcan 0 Dec 8, 2021
🌸 Powerful Codable API requests builder and manager for iOS.

This lib is about network requests with blackjack, roulette and craps! Using it you will be able to convert your massive API layer code into an awesom

CodyFire 251 Jan 8, 2023
VFNetwork is a protocol-oriented network layer that will help you assemble your requests in just a few steps.

Simple, Fast and Easy. Introduction VFNetwork is a protocol-oriented network layer that will help you assemble your requests in just a few steps. How

Victor Freitas 4 Aug 22, 2022
A frida tool that capture GET/POST HTTP requests of iOS Swift library 'Alamofire' and disable SSL Pinning.

FridaHookSwiftAlamofire A frida tool that capture GET/POST HTTP requests of iOS Swift library 'Alamofire' and disable SSL Pinning. 中文文档及过程 Features Ca

neilwu 69 Dec 16, 2022
Thin wrapper around NSURLSession in swift. Simplifies HTTP requests.

SwiftHTTP SwiftHTTP is a thin wrapper around NSURLSession in Swift to simplify HTTP requests. Features Convenient Closure APIs Simple Queue Support Pa

Dalton 1.9k Dec 7, 2022
Request adapter for URL requests from "MovieLister" demo app (Swift for Good book, a chapter by Ben Scheirman)

RequestAdapter Request adapter for URL requests from "MovieLister" demo app (Swift for Good book, a chapter by Ben Scheirman) The code is taken from:

Mihaela Mihaljevic Jakic 0 Nov 22, 2021
Easy to use CFNetwork wrapper for HTTP requests, Objective-C, Mac OS X and iPhone

ASIHTTPRequest is an easy to use wrapper around the CFNetwork API that makes some of the more tedious aspects of communicating with web servers easier

Ben Copsey 5.8k Dec 14, 2022
a NSURLCache subclass for handling all web requests that use NSURLRequest

EVURLCache What is this? This is a NSURLCache subclass for handeling all web requests that use NSURLRequest. (This includes UIWebView) The EVURLCache

Edwin Vermeer 296 Dec 18, 2022
Synchronous requests for AFNetworking 1.x, 2.x, and 3.x

AFNetworking-Synchronous A minimal category which extends AFNetworking to support synchronous requests. Usage 3.x pod 'AFNetworking', '~> 3.0' pod

Paul Melnikow 160 Dec 7, 2022