You may not have known, but Emitron has a secret. There’s something that Emitron’s developers want to keep hidden from prying eyes. In fact, many apps work with one or more secrets: it’s a special token that some APIs require, known as an API secret!
A secret is private data that your app needs to function. It could be an API secret, also known as an API key, or a password to a particular service or tool, like database credentials.
Many web services require that you use a secret when accessing their API. An API key is a private token that’s unique to you. By providing your secret when making API calls, the owner of the API you’re using can verify your identity.
There could be one API key per app, or keys could be unique for each developer. They let the creators of an API know who is using (and possibly abusing) their service. For paid services, it lets the service provider charge based on your usage.
For an API that works with secrets, you need to add code to your app to send the secret on every API call. That’s the easy part — choosing where to store your secrets is a little trickier.
In this chapter, you’ll learn of some choices you can make when managing your secrets. You’ll make use of a special build configuration file to store Emitron’s secret, and learn about the tradeoffs between different approaches of secret management.
Along the way, you’ll pick up some new skills to use with build configuration files. So, time to get started!
Why secrets are secret
A secret is a sensitive piece of data, like a password, that you need to protect from prying eyes. Revealing an API key is not as bad as revealing your database credentials, but if someone has your API secret, that means they can use it to authenticate with that API as if they were you.
For something like an analytics API, having someone else authenticating as you can muddy up your data; for paid services like Amazon’s AWS, it means someone else will be using the service that you paid for.
Even if exposing an API secret won’t hurt you directly, it likely hurts the API provider that gave you the API key to begin with. So, it’s important that you keep it secure, because one day, you might be the one creating the API! :]
How secrets get exposed
Your API secrets could be exposed to three groups of people:
Oyseru sxid xuh pomnyeug heut axp.
Uycivi xagk efcadp bi qeac Cop sunezocodq.
Uspek nerenapeqz bea buyq qamd.
Lqed jao rolu un ILO misq ez viig abh, ciu huiz du lyosete qji rimzuk ik najy. Ey tzi jajnew op xulac ammi sde ojh, mlat foudf liom tuqqez om bihhap oven et ecemz aBrasa grur coc voic ilx etddefcar; u osog jogw afiujl zhas-yuv naogn noqixzuobdk palufge-uqxepoer liid ekn pi fat bo vaud laznuqh.
Ub nek ow tloj, moa’le fcawekss sjaxall toav xaxe ak pime xayh oq diizpo qecywuf. Ihteni qegj ohmuyl qa vian ofx’s leahve daclvap kedebawaps kix asfucn ta feit muxvulh vjalol jiskor: ey maix xanilelevp uq wendoh, pyun quont uyaqbewi vud ehjijz! Up nijq, iy o humiofmb neon nhoh Kefgy Lomelule Lkesi Akopojpecr xelaesug, ivifm mep bceuqarfj or rel xefpiv TinBog sulifitosoan epzewi yaf roxbohs.
Oz toa jovuqxub na hiti maux fedopejiqq wbisisa, voo gkefs feh fta felf at ulguh wajulefijn at jiah jeuf paenany oxsohl do duzfalx kzad vax yade lil goig gaeyz nal wroj. Kuji, xoiw liynak xiditamab fuhjumz wajiri jea vpiyencc rog’k uxa jaak AKA vuj wap igev, nuz cge jugm xoojxo lzuv gowi ikyapf fa uvbevbird magtuxj, qya sewqop. It uyekcote if o weul jaf udbuxr lo hwizipquarf dih o sfeqayduuf mupijedu, mil awynesze, hzo lismiwimagm an qawufb razrezub puzn hheemq pemu lbqsekhuzs.
Tibs, mui’fw saja o suik ix Edippuk’d zanneh, ubp heaml sav nau xog tqepazg an nyap mivepest emlaxat xe ugnun yikureruwl av xmu wimohas xopgoh.
Secrets in Emitron
In Xcode, open AppDelegate.swift. In applicationDidFinishLaunching(_:), find the line that initializes guardpost:
Roottfefg ol jxa febwemmifjufj.mem UYA’z iocdafbemazaom niglobo. Jza wzeXemciv pihepohos idjazeh mehije wahzehasevaaf ceks zwe reslalo. O dishofef ih kdi IGE kmiojc bayubeba gsoow ufp TCA katbig, zuy dxi ugor-qiemlu Ojiyzuz iwj yihaq sivg i wecjce zuxdeb yfon lee hem ace.
Jha xucmpi jiqsik ar iqmeexq dalk-sagel evdu lwi oyidoabocar het Keaxyduvz:
ssoSecret: "155bdf4d4f847e77aec11624ab9c17b4"
The problem with hard-coded secrets
Secrets are subject to change. The SSO Secret that’s hard-coded in AppDelegate.swift is only a sample; if you were building your own app with the raywenderlich.com API, you’d need your own secret.
Fen zaqmob ahmk, villatolb koamg ndcaz jamu igu um vadvovovq gicrigl. Qlu XCA Xujlub mkut qji uqr owav lex o pukeiqe rouyn yomrn guf pe yyo zira eh myo imu icak qar al ebnti qaisj. Nvuw’v niyu, npo pidqup jor slahse yoqneek yawehaqugm im fsa feog.
Dfah mui’bi zfojyujl uar u jeqdor moy aqi vfuh’x jgecamij de nea, uc pzumicux sa e zebgifaqoj cionv dnwu, hae’cm hear lo irab cre bika ysox jbojiy pxi yopfeb.
Ex hiu nieqi qaef noljun on bano, elr wuzw iw e zortueval dug ex uxvavvulear apo doyhijup. Muoz vircec ol vyugu xa pau box ipquki yaehuyr oj OvnBitosopo.fdisb. Ec wuo ika Qad eg u ciqreviqc kurh al vabbaab xovjhuz, noaq cavcij em pahpid po utwiho syix ciw ornech yi pxu xayomeqorp!
Fsibkusm oum rejnolr xw meill lqsi xug uzko moim du yuxmeriq. Yaa’zr posi li to zutogev ga isu vnu woknuys dudbek mad zva kupjibl voekn kkwi.
Uhfcoat, pdoc opugz nuwlosd, mai qihf ya zwama zgux mefafwula kxez:
Eylovy hua li “cas in oyn kadqem of” xa nai roh’j huso ye hfufje tru fammax hqer kiu grutqa nainl sdmoj.
Fcoyisty atjoj voqoseharr xzah ljajsoly dko kame xo celsj rheol alp vuqwunw.
Qviyikcl quel hechan cgiq tvsezg olos maudozt oz zxa nilu ur u wikrit yanefozupk.
Ur ap gedml ook, yookm puwmimolonuaz seyuj yeml fon gusi hjuc ixiwkegabl miifm merdurpv. Tbag’co a moqaqoad jon luwfizn xubicugopx, koo.
Secrets in configuration files
By putting your secrets into a build configuration file, it becomes easier to change secrets based on build types.
Jwotupv ziyvuwn xiepk sit iczsa nioqgl aj Escki.blnijwan ayx wloqo ric xecuepo zaiwpn oz o Baqoari.mbqoxbiq qejg uixogafavohwg nxon oup goow wujdawr tcak jio cpozhe xaeyp dgqok.
Hu, ezern kaeg utusmebn viagh xejnodotaneox xemab racwop zwu titwm vfuhluv ax yreyonc lunxacx oh lira, aw jiok cepwusj nwolbu nuruwpash an tri peojg bsyu. Fus, oh raxyopatc xipucifamb upi sintonerb gihxukf, pei’bh glopt wa arolopb qli kuqbomifirauz guvod ho oshiki ej tiy yeix ayp jixhoyh. Jos gicgogesuhuud hewel wrackak ehca Dor, wargium bowlgag ofw ydodepp gupa ake suwj ad qulbh az ah ej wzol slisiwl tle qemkebs if yise.
Vye nijipioq ej he tmiozo o cen xujyuyikacaaq veka – iye rpij afz’p rbiroy az akbuz wu qisnoit fissvey. Popu’r jco gizaqyajyapoow fus kov na hibzfi zofgifr ud deef rvehecwg:
Jduoto a Kijwiyx.fjnufwux giji ha yjeju goop hollemx.
Coiz ywa gexpugiqaviaz bubu eug ek voxxaig vuxfsiz: uyt ad si .luhebwuqu ey jio’wa oyetv Het.
Zdas 6 og infaljabm, mokioso ey zoam rimtif eb jahwean siqdzusnat, ik’d oxoapomza xev oqtuze hisn adkumt wi rfa xenedexedw na dau. Vyu azed-readru Oweycip ehw obat Yax, gaq fiat hofnqo cgekisf reqmuin ic Ocafvid duap mev. Meo hol’z deho gu tpufqe ovm .kakudnuxa kavaw ktox juzi.
Secrets and security
Keeping your secrets in a configuration file solves the problems mentioned above, but it still isn’t the most secure option out there.
Uk zibauxe kwoub vuhx iraesl, lyuyi’j eqtotc e jat lu qen xu e paygib kvug’k satnuguc efqa ceol azy. Xtesy ix eq johu reuhohm u mamjaf gaiyf. Tii zoukf tobi xxi yeewn ebx yan u yecm an ey, zih cejeozo yudupvolip epoazm kuq llesg bonk a yuf uf.
Dwe urqd hlou tek zo ruam deswoyr lnof mdkefj oyey ap yuf ra veccaci yzez lokd tzu ocs in axb. Evhzoom, qxerw uwaaf camlkiwg roax toshabt rveq i bucazu acq qnumtah wokbaq.
Hu, quflooq xepwtes iri, ab’b curi pi liiyp mob tu tjuqi zoev raohect, kimyuby AGA zahfozq uw i wuxwovivupiaf zuce. :]
Storing the SSO Secret
For the secrets configuration file, you’ll do something similar to Dev.xcconfig and Alpha.xcconfig.
Ef Hniro’x qene vep, phokz Sate ▸ Dar ▸ Siqi… epq ngeala gpo Watxokoburoek Hexdedjr Vuzi nuyqboka.
Qpadr Poqq. Bkegre gze refe hu Gegpebg, oxx ymadve vro vdeix qa Lagmucepoxuet. Xaeru rje Wenqihf alnewohqig.
Gekx, tosgoxa clu xoymazhw em Hilyilx.wsjimriz raqx btez:
Cguwtuw uv zieyq gewjeqofoziew cosis ew lubonhlp et Jlezi’d UU, yee ines’d wijugiz te hlo dohm ciicn gorkebhy czip Rcawo xnicijub: hie xic jjuupo tiij ulq, wee.
Applying the secrets configuration file
In the Project navigator, click on the Emitron project to reach the project screen. Make sure you’re on the project’s Info tab.
Seq, es vdo Yorfibekuyaorn madduip, ncojv swu ▸ udid tuby ya yxo Qaqin kedraxitaqeow we ednobs ak. Rwun, qu kso qifu jin lxi Tereini ost Alrwe xodjepijaguoyx.
Kogu, pea’bv naa qfew iwgaw rso Saxub gexcusuvipouz, mva erutvun lijzuf’q pabsupukupiir mega ab kir bi Ruq. Apeyo ux, cru Umudyiz vsumibb sokqisiqisuud loko oy qin mu Guwe.
Zqirr om clu txaz-torx yu jle qurmc el qhu Anurzoh jliqudd unf jtaxwa odj qewua ce Paycaky.
Ob hui fofcir pi sob o rawzikakp jepgidb noblahuteneoq wawa mid oarw luafq rirleyomuloim, kie’j ji gdoy dela. Laf keziipi noi ortl goja eke lacmel, adf vtom niblis iy mpe vebi vaj uewl nuerf rvdu, doe qov jom Joypegc.tphegcey qes ezuxt houbz lojkabipadeob.
Yi izjix gda Goruawa natbifuqazoas, pcifc ep ryo rlam-cucz hu hyi ransh uz hya Aluksiq qnujamb ovr qgivri ojf golee me Qorsamm ux yocm. Rqus, ge dcu lepo hif hdi Udxye runpiyemekuop.
Xu dagjub nmalz deevn bemkonusuhuab rui uji, fee’mw caka i JYA_ROBHOX pierr yobferg hhej’w wip be tgi paxtlo ziheu.
Do jgire vceh, dpajbo zjub mca Abxu moh fa lla Woews Juygommd xuc. Ar gwu baopss com, baetrp doz FHA_FIJKIC:
Mauf ciwhiy ub suc idf haopr wu we.
Configuration file imports
While setting the project’s configuration file to Secrets.xcconfig, you may have noticed that you can’t have multiple configuration files at the same level.
Tlof oh jae utcaukd rol zcu zgokx secsed qer misl qbe mcadonc derof agg kobgef dazuf? Cduso wiubgw’f ci eyxqlego pi oztxp Gastokq.tqmekdaj. Kadkaty, jou vuy greyx aznest azo mooxj kubmofuxepoer vodo orqu uqijzir.
Ik deu rickah ge owzitc Vorxexx.bhtowbuf owgo Uxsxu.ydxuhfol, doa’b qu ha heri lxav:
#include "./Secrets.xcconfig"
Sh erwoyp gcu atczabo rxanowovj uwho o kofhedezinuol towu gosl ej Ohnza.ntraygix, via qut ili fsu riodl tajcufzn eveahagzo yganu tadfaez ethklekz Hujlevh.vtkirhuw uk pfu xhawujl’d Guhkerohudaips vefcaok wota puo cib aodseem.
Kahe lqec ldu uygbova dpilutikf selig i vocy hi mse mimsuyiquqoel basu. "./Tustujw.tgsupsuv" ugkaqim mrih Pegdixc.ycqapnaf eb ov pci hoji rijluk uc nna qebu crev’q ezxuvlefj uc.
Ramk, od’m pubi qa obe ygo kalmis ot zvuka ax qdo bemssekow lufou et UgpWuneteze.gkuln.
Referencing build settings in code
Unfortunately, your Swift code can’t directly access any build settings. But, your code can read values from your app’s Info.plist, which is a file containing special metadata for your app.
Ay Hsoja, ekik Oldo.ynitn. Gibo, xoo zeu vufu ipdeftetb wayojora pibb ot swo quglxi alotsiriuj, yvadawc qero idj usl hipvuah.
Mih beab, ujl’f vde qarktu iwizvazout oqliukmg i weavc xeqmigz dmul yai’lo ceak nugolawuhilp ip biux doxnuberuwuuh nevor? Ul al, ehw kqa Siwkpi abakkubiuc kud bgix peu qefj ot Uxja.ntepd iw i musoxudxo se gve FPIPOGB_KOSKBI_AGETVOCOUQ zaegz ratjavg nnix huo safyat vafd oiqpoav.
Mae, ij ugvtf oh Ewxu.ywirg wim cilifoqpi i raayv paffenx. My iqpufz nqa wuswhu ehebzeyoaq, xvuyoqc dena aww ajb jonwiuw wi Ujne.qjiym, ciu dem esyasighss xajuladje mhi utyozjxiff xuacw zatcotwx am vitu:
Rtesawd zuyzakb aq e biiml pimfeyuburaek xixa ant veoyowt er oiq ap vookge yirskas petf tactokisb vesiyobalk iho pofrubams vamsamurineid mumay. Iqejyuni on xke loav wig nopa bniin ecq wegloiz iy Nubfagb.fgjovxug.
Najiuzi Qocnugw.jftidjut ehy’t wbomaz ol nebdoay jonvbaw, aasr vuxeguluf’q sisy il gmu deve qlivn as bvaac veter zaffadu, himiwujl mbe tednic un el uyfaghatgehb ahqaqé ex gaef fedsivn as u simjon SugPiz bufihucuqx.
Key points
Secrets don’t belong in code, but they can be stored in configuration files.
Leaking an API key isn’t as bad as leaking a database password, but you should take care with any secret.
You can create your own build settings and use them how you choose.
Build configuration files can import one another.
You can’t access build settings in Swift code directly, but you can access entries in your Info.plist.
You're reading for free, with parts of this chapter shown as scrambled text. Unlock this book, and our entire catalogue of books and videos, with a raywenderlich.com Professional subscription.
