Update Request Header

lib/src/main/java/com/smileidentity/networking/SmileHeaderMetadataInterceptor.kt

@@ -1,6 +1,7 @@
 package com.smileidentity.networking
 
 import com.smileidentity.BuildConfig
+import com.smileidentity.util.getCurrentIsoTimestamp
 import okhttp3.Interceptor
 
 annotation class SmileHeaderMetadata
@@ -11,8 +12,10 @@ object SmileHeaderMetadataInterceptor : Interceptor {
         request.getCustomAnnotation(SmileHeaderMetadata::class.java)
             ?: return chain.proceed(request)
         val newRequest = request.newBuilder()
+            .header("Connection", "Keep-Alive")
             .header("SmileID-Source-SDK", "android")
             .header("SmileID-Source-SDK-Version", BuildConfig.VERSION_NAME)
+            .header("SmileID-Request-Timestamp", getCurrentIsoTimestamp())
             .build()
         return chain.proceed(newRequest)
     }

lib/src/main/java/com/smileidentity/networking/SmileIDSecurityInterceptor.kt

@@ -0,0 +1,33 @@
+package com.smileidentity.networking
+
+import okhttp3.Interceptor
+import okio.Buffer
+import timber.log.Timber
+
+annotation class SmileIDSecurity
+
+object SmileIDSecurityInterceptor : Interceptor {
+    override fun intercept(chain: Interceptor.Chain): okhttp3.Response {
+        val request = chain.request()
+        request.getCustomAnnotation(SmileIDSecurity::class.java)
+            ?: return chain.proceed(request)
+
+        Timber.d("Smile Secure URL ${request.url}")
+        request.headers.forEach { (name, value) ->
+            Timber.d("Smile Secure Headers $name and $value")
+        }
+        request.body?.let { requestBody ->
+            val buffer = Buffer()
+            requestBody.writeTo(buffer)
+            val bodyStr = buffer.readUtf8()
+            Timber.d("Smile Secure Body $bodyStr")
+        }
+
+        val modifiedRequest = request.newBuilder()
+            .header("SmileID-Request-Timestamp", "")
+            .header("SmileID-Request-Mac", "")
+            .build()
+
+        return chain.proceed(modifiedRequest)
+    }
+}

lib/src/main/java/com/smileidentity/networking/SmileIDService.kt

@@ -51,13 +51,15 @@ interface SmileIDService {
      * necessary only when using the [com.smileidentity.models.Config.authToken] and
      * *not* using the API key.
      */
+    @SmileIDSecurity
     @POST("/v1/auth_smile")
     suspend fun authenticate(@Body request: AuthenticationRequest): AuthenticationResponse
 
     /**
      * Used by Job Types that need to upload a file to the server. The response contains the URL
      * [PrepUploadResponse.uploadUrl] that the file should eventually be uploaded to (via [upload]).
      */
+    @SmileIDSecurity
     @POST("/v1/upload")
     suspend fun prepUpload(@Body request: PrepUploadRequest): PrepUploadResponse
 
@@ -66,6 +68,7 @@ interface SmileIDService {
      * uploaded in the order they are provided in [UploadRequest.images], and will be zipped
      * together by [UploadRequestConverterFactory] and [FileNameAdapter]
      */
+    @SmileIDSecurity
     @PUT
     suspend fun upload(@Url url: String, @Body request: UploadRequest)
 
@@ -78,6 +81,7 @@ interface SmileIDService {
      */
     @SmileHeaderAuth
     @SmileHeaderMetadata
+    @SmileIDSecurity
     @SmileIDOptIn
     @Multipart
     @POST("/v2/smart-selfie-enroll")
@@ -103,6 +107,7 @@ interface SmileIDService {
      */
     @SmileHeaderAuth
     @SmileHeaderMetadata
+    @SmileIDSecurity
     @SmileIDOptIn
     @Multipart
     @POST("/v2/smart-selfie-authentication")
@@ -126,6 +131,7 @@ interface SmileIDService {
      * This will be done synchronously, and the result will be returned in the response. If the ID
      * provider is unavailable, the response will be an error.
      */
+    @SmileIDSecurity
     @POST("/v1/id_verification")
     suspend fun doEnhancedKyc(@Body request: EnhancedKycRequest): EnhancedKycResponse
 
@@ -136,6 +142,7 @@ interface SmileIDService {
      * If the ID provider is unavailable, the response will be delivered to the callback URL once
      * the ID provider is available again.
      */
+    @SmileIDSecurity
     @POST("/v1/async_id_verification")
     suspend fun doEnhancedKycAsync(@Body request: EnhancedKycRequest): EnhancedKycAsyncResponse
 
@@ -144,6 +151,7 @@ interface SmileIDService {
      * whether it was successful. This should be called when the Job is known to be a
      * SmartSelfie Authentication/Registration.
      */
+    @SmileIDSecurity
     @POST("/v1/job_status")
     suspend fun getSmartSelfieJobStatus(
         @Body request: JobStatusRequest,
@@ -154,6 +162,7 @@ interface SmileIDService {
      * whether it was successful. This should be called when the Job is known to be a
      * Document Verification.
      */
+    @SmileIDSecurity
     @POST("/v1/job_status")
     suspend fun getDocumentVerificationJobStatus(
         @Body request: JobStatusRequest,
@@ -163,6 +172,7 @@ interface SmileIDService {
      * Fetches the status of a Job. This can be used to check if a Job is complete, and if so,
      * whether it was successful. This should be called when the Job is known to be a Biometric KYC.
      */
+    @SmileIDSecurity
     @POST("/v1/job_status")
     suspend fun getBiometricKycJobStatus(
         @Body request: JobStatusRequest,
@@ -172,6 +182,7 @@ interface SmileIDService {
      * Fetches the status of a Job. This can be used to check if a Job is complete, and if so,
      * whether it was successful. This should be called when the Job is known to be Enhanced DocV.
      */
+    @SmileIDSecurity
     @POST("/v1/job_status")
     suspend fun getEnhancedDocumentVerificationJobStatus(
         @Body request: JobStatusRequest,
@@ -181,36 +192,42 @@ interface SmileIDService {
      * Returns the ID types that are enabled for authenticated partner and which of those require
      * consent
      */
+    @SmileIDSecurity
     @POST("/v1/products_config")
     suspend fun getProductsConfig(@Body request: ProductsConfigRequest): ProductsConfigResponse
 
     /**
      * Returns Global DocV supported products and metadata
      */
+    @SmileIDSecurity
     @POST("/v1/valid_documents")
     suspend fun getValidDocuments(@Body request: ProductsConfigRequest): ValidDocumentsResponse
 
     /**
      * Returns supported products and metadata
      */
+    @SmileIDSecurity
     @GET("/v1/services")
     suspend fun getServices(): ServicesResponse
 
     /**
      * Returns the different modes of getting the BVN OTP, either via sms or email
      */
+    @SmileIDSecurity
     @POST("/v1/totp_consent")
     suspend fun requestBvnTotpMode(@Body request: BvnTotpRequest): BvnTotpResponse
 
     /**
      * Returns the BVN OTP via the selected mode
      */
+    @SmileIDSecurity
     @POST("/v1/totp_consent/mode")
     suspend fun requestBvnOtp(@Body request: BvnTotpModeRequest): BvnTotpModeResponse
 
     /**
      * Submits the BVN OTP for verification
      */
+    @SmileIDSecurity
     @POST("/v1/totp_consent/otp")
     suspend fun submitBvnOtp(@Body request: SubmitBvnTotpRequest): SubmitBvnTotpResponse
 }

sample/sample.gradle.kts

@@ -1,3 +1,5 @@
+import org.jetbrains.kotlin.compose.compiler.gradle.ComposeFeatureFlag
+
 plugins {
     alias(libs.plugins.android.application)
     alias(libs.plugins.compose.compiler)
@@ -85,7 +87,7 @@ android {
 }
 
 composeCompiler {
-    enableStrongSkippingMode = true
+    featureFlags.addAll(ComposeFeatureFlag.StrongSkipping)
     reportsDestination = layout.buildDirectory.dir("compose_compiler")
     metricsDestination = layout.buildDirectory.dir("compose_compiler")
 }