Set AIProxy DeviceCheck bypass token as env variable (#55)

Author: lzell

Examples/SwiftOpenAIExample/SwiftOpenAIExample/AIProxyIntroView.swift

@@ -11,19 +11,20 @@ import SwiftOpenAI
 struct AIProxyIntroView: View {
 
    @State private var partialKey = ""
-   @State private var deviceCheckBypass = ""
 
    var body: some View {
       NavigationStack {
          VStack {
             Spacer()
             VStack(spacing: 24) {
                TextField("Enter partial key", text: $partialKey)
-               TextField("Enter DeviceCheck bypass", text: $deviceCheckBypass)
             }
             .padding()
             .textFieldStyle(.roundedBorder)
 
+            Text("You receive a partial key when you configure an app in the AIProxy dashboard")
+               .font(.caption)
+
             NavigationLink(destination: OptionsListView(openAIService: aiproxyService, options: OptionsListView.APIOption.allCases.filter({ $0 != .localChat }))) {
                Text("Continue")
                   .padding()
@@ -46,28 +47,7 @@ struct AIProxyIntroView: View {
    }
 
    private var aiproxyService: some OpenAIService {
-      // Attention AIProxy customers!
-      //
-      // Please do not let a `deviceCheckBypass` slip into an archived version of your app that you distribute (including through TestFlight).
-      // Doing so would allow an attacker to use the bypass themselves.
-      // The bypass is intended to only be used by developers during development in the iOS simulator (where DeviceCheck does not exist).
-      //
-      // Please retain these conditional checks if you copy this example into your own code.
-      // Your integration code should look like this:
-      //
-      //     #if DEBUG && targetEnvironment(simulator)
-      //           OpenAIServiceFactory.service(
-      //              aiproxyPartialKey: "hardcode-partial-key-here",
-      //              aiproxyDeviceCheckBypass: "hardcode-device-check-bypass-here"
-      //           )
-      //     #else
-      //           OpenAIServiceFactory.service(aiproxyPartialKey: "hardcode-partial-key-here")
-      //     #endif
-      #if DEBUG && targetEnvironment(simulator)
-      OpenAIServiceFactory.service(aiproxyPartialKey: partialKey, aiproxyDeviceCheckBypass: deviceCheckBypass)
-      #else
       OpenAIServiceFactory.service(aiproxyPartialKey: partialKey)
-      #endif
    }
 }
 

README.md

@@ -3012,33 +3012,35 @@ We offer AIProxy support so that developers can build **and** distribute apps us
 
 ### How does my SwiftOpenAI code change?
 
-SwiftOpenAI supports proxying requests through AIProxy with a small change to your integration code.
+SwiftOpenAI supports proxying requests through AIProxy with two changes to your Xcode project:
 
-Instead of initializing `service` with:
+1. Instead of initializing `service` with:
 
         let apiKey = "your_openai_api_key_here"
         let service = OpenAIServiceFactory.service(apiKey: apiKey)
 
 Use:
 
-        #if DEBUG && targetEnvironment(simulator)
         let service = OpenAIServiceFactory.service(
             aiproxyPartialKey: "hardcode_partial_key_here",
-            aiproxyDeviceCheckBypass: "hardcode_device_check_bypass_here"
         )
-        #else
-        let service = OpenAIServiceFactory.service(
-            aiproxyPartialKey: "hardcode_partial_key_here"
-        )
-        #endif
 
-The `aiproxyPartialKey` and `aiproxyDeviceCheckBypass` values are provided to you on the [AIProxy developer dashboard](https://developer.aiproxy.pro).
+The `aiproxyPartialKey` value is provided to you on the [AIProxy developer dashboard](https://developer.aiproxy.pro)
+
+2. Add an `AIPROXY_DEVICE_CHECK_BYPASS' env variable to Xcode. This token is provided to you in the AIProxy
+   developer dashboard, and is necessary for the iOS simulator to communicate with the AIProxy backend.
+    - Type `cmd shift ,` to open up the "Edit Schemes" menu in Xcode
+    - Select `Run` in the sidebar
+    - Select `Arguments` from the top nav
+    - Add to the "Environment Variables" section (not the "Arguments Passed on Launch" section) an env
+      variable with name `AIPROXY_DEVICE_CHECK_BYPASS` and value that we provided you in the AIProxy dashboard
+
 
-⚠️  It is important that you do not let the `aiproxyDeviceCheckBypass` token leak into a distribution
-build of your app (including TestFlight distributions). Please retain the conditional compilation
-checks that are present in the sample code above.
+⚠️  The `AIPROXY_DEVICE_CHECK_BYPASS` is intended for the simulator only. Do not let it leak into
+a distribution build of your app (including a TestFlight distribution). If you follow the steps above,
+then the constant won't leak because env variables are not packaged into the app bundle.
 
-#### What is the `aiproxyDeviceCheckBypass` constant?
+#### What is the `AIPROXY_DEVICE_CHECK_BYPASS` constant?
 
 AIProxy uses Apple's [DeviceCheck](https://developer.apple.com/documentation/devicecheck) to ensure
 that requests received by the backend originated from your app on a legitimate Apple device.