Add validation to catch blank ephemeral keys in CustomerConfiguration

CHANGELOG.md

@@ -2,6 +2,9 @@
 ### Payments
 * [Fixed] STPPaymentHandler.handleNextAction allows payment methods that are delayed or require further customer action like like SEPA Debit or OXXO.
 
+### PaymentSheet
+* [Added] Improved validation for ephemeral keys.
+
 ## 23.7.0 2023-04-24
 ### PaymentSheet
 * [Fixed] Fixed disabled text color, using a lower opacity version of the original color instead of the previous `.tertiaryLabel`.

Stripe/StripeiOSTests/PaymentSheet+APITest.swift

@@ -541,7 +541,7 @@ class PaymentSheetAPITest: XCTestCase {
  paymentIntentParams.paymentMethodOptions?.setSetupFutureUsageIfNecessary(
  true,
  paymentMethodType: PaymentSheet.PaymentMethodType.card,
- customer: .init(id: "", ephemeralKeySecret: "")
+ customer: .init(id: "", ephemeralKeySecret: "foo")
  )
 
  let params = STPFormEncoder.dictionary(forObject: paymentIntentParams)
@@ -564,7 +564,7 @@ class PaymentSheetAPITest: XCTestCase {
  paymentIntentParams.paymentMethodOptions?.setSetupFutureUsageIfNecessary(
  false,
  paymentMethodType: PaymentSheet.PaymentMethodType.card,
- customer: .init(id: "", ephemeralKeySecret: "")
+ customer: .init(id: "", ephemeralKeySecret: "foo")
  )
 
  let params = STPFormEncoder.dictionary(forObject: paymentIntentParams)

StripePaymentSheet/Project.swift

@@ -12,5 +12,5 @@ let project = Project.stripeFramework(
  .project(target: "StripePayments", path: "//StripePayments"),
  .project(target: "StripePaymentsUI", path: "//StripePaymentsUI"),
  ],
- unitTestOptions: .testOptions()
+ unitTestOptions: .testOptions(usesPreconditionTesting: true)
 )

StripePaymentSheet/StripePaymentSheet/Source/PaymentSheet/PaymentSheetConfiguration.swift

@@ -172,11 +172,13 @@ extension PaymentSheet {
  /// See https://stripe.com/docs/api/customers/object#customer_object-id
  public let id: String
 
- /// A short-lived token that allows the SDK to access a Customer's payment methods
+ /// A short-lived token that allows the SDK to access a Customer's payment methods. Cannot be empty.
  public let ephemeralKeySecret: String
 
  /// Initializes a CustomerConfiguration
  public init(id: String, ephemeralKeySecret: String) {
+ assert(!ephemeralKeySecret.isEmpty, "Ephemeral key secret cannot be empty")
+
  self.id = id
  self.ephemeralKeySecret = ephemeralKeySecret
  }

StripePaymentSheet/StripePaymentSheetTests/PaymentSheetConfigurationTests.swift

@@ -0,0 +1,21 @@
+//
+// PaymentSheetConfigurationTests.swift
+// StripePaymentSheetTests
+//
+// Copyright © 2023 Stripe, Inc. All rights reserved.
+//
+
+import CwlPreconditionTesting
+import StripePaymentSheet
+import XCTest
+
+final class PaymentSheetConfigurationTests: XCTestCase {
+
+ func test_customerConfigurationInit_assertsWhenEphemeralKeyIsBlank() {
+ let exception = catchBadInstruction {
+ _ = PaymentSheet.CustomerConfiguration(id: "foo", ephemeralKeySecret: "")
+ }
+
+ XCTAssertNotNil(exception)
+ }
+}

Tuist/ProjectDescriptionHelpers/Tuist+Stripe.swift

@@ -12,6 +12,7 @@ extension Project {
  public var includesSnapshots: Bool = false
  public var usesMocks: Bool = false
  public var usesStubs: Bool = false
+ public var usesPreconditionTesting: Bool = false
 
  /// Creates a `TestOptions` instance.
  ///
@@ -28,6 +29,8 @@ extension Project {
  /// If `true`, the OCMock package will be linked.
  /// - usesStubs: Whether the tests in this target use stubs.
  /// If `true`, the OHHTTPStubs package will be linked.
+ /// - usesPreconditionTesting: Whether the tests in this target use precondition, assert, and/or fatal error testing.
+ /// If `true`, the CwlPreconditionTesting package will be linked.
  /// - Returns: A `TestOptions` instance.
  public static func testOptions(
  resources: ResourceFileElements? = nil,
@@ -37,15 +40,17 @@ extension Project {
  ),
  includesSnapshots: Bool = false,
  usesMocks: Bool = false,
- usesStubs: Bool = false
+ usesStubs: Bool = false,
+ usesPreconditionTesting: Bool = false
  ) -> TestOptions {
  return TestOptions(
  resources: resources,
  dependencies: dependencies,
  settings: settings,
  includesSnapshots: includesSnapshots,
  usesMocks: usesMocks,
- usesStubs: usesStubs
+ usesStubs: usesStubs,
+ usesPreconditionTesting: usesPreconditionTesting
  )
  }
  }
@@ -160,6 +165,7 @@ extension Project {
  )
  )
  }
+
  if testUtilsOptions?.usesMocks ?? false
  || unitTestOptions?.usesMocks ?? false
  || uiTestOptions?.usesMocks ?? false
@@ -168,6 +174,7 @@ extension Project {
  .remote(url: "https://github.com/erikdoe/ocmock", requirement: .branch("master"))
  )
  }
+
  if testUtilsOptions?.usesStubs ?? false
  || unitTestOptions?.usesStubs ?? false
  || uiTestOptions?.usesStubs ?? false
@@ -179,6 +186,19 @@ extension Project {
  )
  )
  }
+
+ if testUtilsOptions?.usesPreconditionTesting ?? false
+ || unitTestOptions?.usesPreconditionTesting ?? false
+ || uiTestOptions?.usesPreconditionTesting ?? false
+ {
+ packages.append(
+ .remote(
+ url: "https://github.com/mattgallagher/CwlPreconditionTesting",
+ requirement: .upToNextMajor(from: "2.1.2")
+ )
+ )
+ }
+
  return packages
  }
 
@@ -301,6 +321,10 @@ extension Project {
  .package(product: "OHHTTPStubsSwift"),
  ]
  }
+ if testOptions.usesPreconditionTesting {
+ dependencies.append(.package(product: "CwlPreconditionTesting"))
+ }
+
  return dependencies + testOptions.dependencies
  }