Set AIProxy DeviceCheck bypass token as env variable (#55)

jamesrochabrun · Jun 26, 2024 · 6bc5fe0 · 6bc5fe0
1 parent f5de0e0
commit 6bc5fe0
Show file tree

Hide file tree

Showing 5 changed files with 96 additions and 134 deletions.
diff --git a/Examples/SwiftOpenAIExample/SwiftOpenAIExample/AIProxyIntroView.swift b/Examples/SwiftOpenAIExample/SwiftOpenAIExample/AIProxyIntroView.swift
@@ -11,19 +11,20 @@ import SwiftOpenAI
 struct AIProxyIntroView: View {
 
  @State private var partialKey = ""
- @State private var deviceCheckBypass = ""
 
  var body: some View {
  NavigationStack {
  VStack {
  Spacer()
  VStack(spacing: 24) {
  TextField("Enter partial key", text: $partialKey)
- TextField("Enter DeviceCheck bypass", text: $deviceCheckBypass)
  }
  .padding()
  .textFieldStyle(.roundedBorder)
 
+ Text("You receive a partial key when you configure an app in the AIProxy dashboard")
+ .font(.caption)
+
  NavigationLink(destination: OptionsListView(openAIService: aiproxyService, options: OptionsListView.APIOption.allCases.filter({ $0 != .localChat }))) {
  Text("Continue")
  .padding()
@@ -46,28 +47,7 @@ struct AIProxyIntroView: View {
  }
 
  private var aiproxyService: some OpenAIService {
- // Attention AIProxy customers!
- //
- // Please do not let a `deviceCheckBypass` slip into an archived version of your app that you distribute (including through TestFlight).
- // Doing so would allow an attacker to use the bypass themselves.
- // The bypass is intended to only be used by developers during development in the iOS simulator (where DeviceCheck does not exist).
- //
- // Please retain these conditional checks if you copy this example into your own code.
- // Your integration code should look like this:
- //
- // #if DEBUG && targetEnvironment(simulator)
- // OpenAIServiceFactory.service(
- // aiproxyPartialKey: "hardcode-partial-key-here",
- // aiproxyDeviceCheckBypass: "hardcode-device-check-bypass-here"
- // )
- // #else
- // OpenAIServiceFactory.service(aiproxyPartialKey: "hardcode-partial-key-here")
- // #endif
- #if DEBUG && targetEnvironment(simulator)
- OpenAIServiceFactory.service(aiproxyPartialKey: partialKey, aiproxyDeviceCheckBypass: deviceCheckBypass)
- #else
  OpenAIServiceFactory.service(aiproxyPartialKey: partialKey)
- #endif
  }
 }
 

diff --git a/README.md b/README.md
@@ -3012,33 +3012,35 @@ We offer AIProxy support so that developers can build **and** distribute apps us
 
 ### How does my SwiftOpenAI code change?
 
-SwiftOpenAI supports proxying requests through AIProxy with a small change to your integration code.
+SwiftOpenAI supports proxying requests through AIProxy with two changes to your Xcode project:
 
-Instead of initializing `service` with:
+1. Instead of initializing `service` with:
 
  let apiKey = "your_openai_api_key_here"
  let service = OpenAIServiceFactory.service(apiKey: apiKey)
 
 Use:
 
- #if DEBUG && targetEnvironment(simulator)
  let service = OpenAIServiceFactory.service(
  aiproxyPartialKey: "hardcode_partial_key_here",
- aiproxyDeviceCheckBypass: "hardcode_device_check_bypass_here"
  )
- #else
- let service = OpenAIServiceFactory.service(
- aiproxyPartialKey: "hardcode_partial_key_here"
- )
- #endif
 
-The `aiproxyPartialKey` and `aiproxyDeviceCheckBypass` values are provided to you on the [AIProxy developer dashboard](https://developer.aiproxy.pro).
+The `aiproxyPartialKey` value is provided to you on the [AIProxy developer dashboard](https://developer.aiproxy.pro)
+
+2. Add an `AIPROXY_DEVICE_CHECK_BYPASS' env variable to Xcode. This token is provided to you in the AIProxy
+ developer dashboard, and is necessary for the iOS simulator to communicate with the AIProxy backend.
+ - Type `cmd shift ,` to open up the "Edit Schemes" menu in Xcode
+ - Select `Run` in the sidebar
+ - Select `Arguments` from the top nav
+ - Add to the "Environment Variables" section (not the "Arguments Passed on Launch" section) an env
+ variable with name `AIPROXY_DEVICE_CHECK_BYPASS` and value that we provided you in the AIProxy dashboard
+
 
-⚠️ It is important that you do not let the `aiproxyDeviceCheckBypass` token leak into a distribution
-build of your app (including TestFlight distributions). Please retain the conditional compilation
-checks that are present in the sample code above.
+⚠️ The `AIPROXY_DEVICE_CHECK_BYPASS` is intended for the simulator only. Do not let it leak into
+a distribution build of your app (including a TestFlight distribution). If you follow the steps above,
+then the constant won't leak because env variables are not packaged into the app bundle.
 
-#### What is the `aiproxyDeviceCheckBypass` constant?
+#### What is the `AIPROXY_DEVICE_CHECK_BYPASS` constant?
 
 AIProxy uses Apple's [DeviceCheck](https://developer.apple.com/documentation/devicecheck) to ensure
 that requests received by the backend originated from your app on a legitimate Apple device.