Class: IosAppAttest::Validators::AttestationValidator

Inherits:

BaseValidator

• Object
• BaseValidator
• IosAppAttest::Validators::AttestationValidator

Defined in:

lib/ios_app_attest/validators/attestation_validator.rb

Overview

Validates attestation structure and format

This validator is responsible for verifying the structure and format of the attestation object received from the Apple App Attest service. It ensures the attestation contains all required keys and has the correct format.

Examples:

validator = IosAppAttest::Validators::AttestationValidator.new(config)
validator.validate(attestation)

Instance Attribute Summary

Attributes inherited from BaseValidator

#config, #logger

Instance Method Summary

• #extract_auth_data(attestation) ⇒ String

  Extract authentication data from attestation.

• #extract_receipt(attestation) ⇒ String

  Extract receipt from attestation statement.

• #validate(attestation) ⇒ Object

  Validate the attestation object structure.

Methods inherited from BaseValidator

#initialize

Constructor Details

This class inherits a constructor from IosAppAttest::Validators::BaseValidator

Instance Method Details

#extract_auth_data(attestation) ⇒ String

Extract authentication data from attestation

This method extracts the authentication data from the attestation object. The authentication data contains important information like the relying party ID hash, sign count, AAGUID, and credential ID needed for verification.

Parameters:

• attestation (Hash) —

  The decoded attestation object

Returns:

• (String) —

  The authentication data used for identity verification

# File 'lib/ios_app_attest/validators/attestation_validator.rb', line 52

def extract_auth_data(attestation)
  attestation['authData']
end

#extract_receipt(attestation) ⇒ String

Extract receipt from attestation statement

This method extracts the App Store receipt from the attestation statement. The receipt is used for additional verification with Apple’s servers.

Parameters:

• attestation (Hash) —

  The decoded attestation object

Returns:

• (String) —

  The App Store receipt data

# File 'lib/ios_app_attest/validators/attestation_validator.rb', line 40

def extract_receipt(attestation)
  attestation['attStmt']['receipt']
end

#validate(attestation) ⇒ Object

Validate the attestation object structure

Parameters:

• attestation (Hash) —

  The decoded attestation object

Raises:

• (IosAppAttest::AttestationError) —

  If attestation structure is invalid

# File 'lib/ios_app_attest/validators/attestation_validator.rb', line 18

def validate(attestation)
  required_keys = %w[fmt attStmt authData]
  missing_keys = required_keys - attestation.keys.map(&:to_s)

  if missing_keys.any?
    raise IosAppAttest::AttestationError, 
          "Missing required attestation keys: #{missing_keys.join(', ')}"
  end
  
  unless attestation['fmt'] == 'apple-appattest'
    raise IosAppAttest::AttestationError, 
          "Invalid attestation format: expected 'apple-appattest'"
  end
end