Attestation on confirmation (#5762)

## Summary
<!-- Simple summary of what was changed. -->
Add an AttestationChallenge wrapper around StripeAttest that prewarms
attestation on init and fetches an assertion with a timeout.

Wrap PassiveCaptchaChallenge and AttestationChallenge in
ConfirmationChallenge. Anywhere we previously passed
PassiveCaptchaChallenge, we now pass in ConfirmationChallenge.
ConfirmationChallenge creates the passive captcha and attestation
challenges asynchronously in parallel and fetches their tokens with
timeout in parallel and creates the radar options for the requests.

Added playground switch so that we can test with/without attestation,
similar to the passive captcha switch. Will be removed on release.

Moved PassiveCaptchaChallenge into StripePaymentSheet, @_spi(STP)
HCaptcha
## Motivation
<!-- Why are you making this change? If it's for fixing a bug, if
possible, please include a code snippet or example project that
demonstrates the issue. -->
Attestation support for HCaptcha project
## Testing
<!-- How was the code tested? Be as specific as possible. -->
<!-- Ignored Tests: Did you newly ignore a test in this PR? If so,
please open an R4 incident so that the test can be re-enabled as soon as
possible-->
Added tests
Example request:
https://admin.corp.stripe.com/request-log/req_YXMjaq42sec9gb
## Changelog
<!-- Is this a notable change that affects users? If so, add a line to
`CHANGELOG.md` and prefix the line with one of the following:
    - [Added] for new features.
    - [Changed] for changes in existing functionality.
    - [Deprecated] for soon-to-be removed features.
    - [Removed] for now removed features.
    - [Fixed] for any bug fixes.
    - [Security] in case of vulnerabilities.
-->
N/A

Author: joyceqin-stripe

Example/PaymentSheet Example/PaymentSheet Example/CustomerSheetTestPlayground.swift

@@ -95,6 +95,7 @@ struct CustomerSheetTestPlayground: View {
                         SettingView(setting: $playgroundController.settings.preferredNetworksEnabled)
                         SettingView(setting: $playgroundController.settings.cardBrandAcceptance)
                         SettingView(setting: $playgroundController.settings.enablePassiveCaptcha)
+                        SettingView(setting: $playgroundController.settings.enableAttestationOnConfirmation)
                         SettingView(setting: $playgroundController.settings.autoreload)
                         TextField("headerTextForSelectionScreen", text: headerTextForSelectionScreenBinding)
                         SettingView(setting: $playgroundController.settings.allowsRemovalOfLastSavedPaymentMethod)

Example/PaymentSheet Example/PaymentSheet Example/CustomerSheetTestPlaygroundController.swift

@@ -160,6 +160,7 @@ class CustomerSheetTestPlaygroundController: ObservableObject {
         }
         configuration.opensCardScannerAutomatically = settings.opensCardScannerAutomatically == .on
         configuration.enablePassiveCaptcha = settings.enablePassiveCaptcha == .on
+        configuration.enableAttestationOnConfirmation = settings.enableAttestationOnConfirmation == .on
 
         return configuration
     }

Example/PaymentSheet Example/PaymentSheet Example/CustomerSheetTestPlaygroundSettings.swift

@@ -162,6 +162,13 @@ public struct CustomerSheetTestPlaygroundSettings: Codable, Equatable {
         case off
     }
 
+    enum EnableAttestationOnConfirmation: String, PickerEnum {
+        static var enumName: String { "Enable attestation on confirmation" }
+
+        case on
+        case off
+    }
+
     enum OpensCardScannerAutomatically: String, PickerEnum {
         static let enumName: String = "opensCardScannerAutomatically"
         case on
@@ -176,6 +183,7 @@ public struct CustomerSheetTestPlaygroundSettings: Codable, Equatable {
     var headerTextForSelectionScreen: String?
     var defaultBillingAddress: DefaultBillingAddress
     var enablePassiveCaptcha: EnablePassiveCaptcha
+    var enableAttestationOnConfirmation: EnableAttestationOnConfirmation
     var autoreload: Autoreload
 
     var attachDefaults: BillingDetailsAttachDefaults
@@ -202,6 +210,7 @@ public struct CustomerSheetTestPlaygroundSettings: Codable, Equatable {
                                                    headerTextForSelectionScreen: nil,
                                                    defaultBillingAddress: .off,
                                                    enablePassiveCaptcha: .on,
+                                                   enableAttestationOnConfirmation: .on,
                                                    autoreload: .on,
                                                    attachDefaults: .off,
                                                    collectName: .automatic,

Example/PaymentSheet Example/PaymentSheet Example/PaymentSheetTestPlayground.swift

@@ -42,6 +42,7 @@ struct PaymentSheetTestPlayground: View {
                 .textInputAutocapitalization(.never)
         }
         SettingView(setting: $playgroundController.settings.enablePassiveCaptcha)
+        SettingView(setting: $playgroundController.settings.enableAttestationOnConfirmation)
         Group {
             if playgroundController.settings.merchantCountryCode == .US {
                 SettingView(setting: linkEnabledModeBinding)

Example/PaymentSheet Example/PaymentSheet Example/PaymentSheetTestPlaygroundSettings.swift

@@ -314,6 +314,13 @@ struct PaymentSheetTestPlaygroundSettings: Codable, Equatable {
         case off
     }
 
+    enum EnableAttestationOnConfirmation: String, PickerEnum {
+        static var enumName: String { "Enable attestation on confirmation" }
+
+        case on
+        case off
+    }
+
     enum PaymentMethodSave: String, PickerEnum {
         static var enumName: String { "PaymentMethodSave" }
 
@@ -682,6 +689,7 @@ struct PaymentSheetTestPlaygroundSettings: Codable, Equatable {
     var applePayButtonType: ApplePayButtonType
     var allowsDelayedPMs: AllowsDelayedPMs
     var enablePassiveCaptcha: EnablePassiveCaptcha
+    var enableAttestationOnConfirmation: EnableAttestationOnConfirmation
     var paymentMethodSave: PaymentMethodSave
     var allowRedisplayOverride: AllowRedisplayOverride
     var paymentMethodRemove: PaymentMethodRemove
@@ -741,6 +749,7 @@ struct PaymentSheetTestPlaygroundSettings: Codable, Equatable {
             applePayButtonType: .buy,
             allowsDelayedPMs: .on,
             enablePassiveCaptcha: .on,
+            enableAttestationOnConfirmation: .on,
             paymentMethodSave: .enabled,
             allowRedisplayOverride: .notSet,
             paymentMethodRemove: .enabled,

Example/PaymentSheet Example/PaymentSheet Example/PlaygroundController.swift

@@ -214,6 +214,10 @@ class PlaygroundController: ObservableObject {
             configuration.enablePassiveCaptcha = true
         }
 
+        if settings.enableAttestationOnConfirmation == .on {
+            configuration.enableAttestationOnConfirmation = true
+        }
+
         if settings.shippingInfo != .off {
             configuration.allowsPaymentMethodsRequiringShippingAddress = true
             configuration.shippingDetails = { [weak self] in
@@ -334,6 +338,10 @@ class PlaygroundController: ObservableObject {
             configuration.enablePassiveCaptcha = true
         }
 
+        if settings.enableAttestationOnConfirmation == .on {
+            configuration.enableAttestationOnConfirmation = true
+        }
+
         if settings.shippingInfo != .off {
             configuration.allowsPaymentMethodsRequiringShippingAddress = true
             configuration.shippingDetails = { [weak self] in

Example/PaymentSheet Example/PaymentSheetUITest/EmbeddedUITest.swift

@@ -20,9 +20,9 @@ class EmbeddedUITests: PaymentSheetUITestCase {
 
         let cardButton = app.buttons["Card"]
         XCTAssertTrue(cardButton.waitForExistence(timeout: 10))
-        // filter out async passive captcha logs
+        // filter out async passive captcha and attestation logs
         let startupLog = analyticsLog.compactMap({ $0[string: "event"] })
-            .filter({ !$0.starts(with: "luxe") }).filter({ !$0.starts(with: "elements.captcha.passive") })
+            .filter({ !$0.starts(with: "luxe") }).filter({ !$0.starts(with: "elements.captcha.passive") && !($0.contains("attest")) })
         XCTAssertEqual(
             startupLog,
             // fraud detection telemetry should not be sent in tests, so it should report an API failure

Example/PaymentSheet Example/PaymentSheetUITest/PaymentSheetUITest.swift

@@ -242,8 +242,8 @@ class PaymentSheetStandardUITests: PaymentSheetUITestCase {
 
         app.buttons["Apple Pay, apple_pay"].waitForExistenceAndTap(timeout: 30) // Should default to Apple Pay
         XCTAssertEqual(
-            // filter out async passive captcha logs
-            analyticsLog.map({ $0[string: "event"] }).filter({ !($0?.starts(with: "elements.captcha.passive") ?? false) }),
+            // filter out async passive captcha and attestation logs
+            analyticsLog.map({ $0[string: "event"] }).filter({ !($0?.starts(with: "elements.captcha.passive") ?? false) && !($0?.contains("attest") ?? false) }),
             // fraud detection telemetry should not be sent in tests, so it should report an API failure
             ["mc_load_started", "link.account_lookup.complete", "mc_load_succeeded", "fraud_detection_data_repository.api_failure", "mc_custom_init_customer_applepay", "mc_custom_sheet_savedpm_show"]
         )
@@ -628,12 +628,12 @@ class PaymentSheetDeferredUITests: PaymentSheetUITestCase {
 
         XCTAssertEqual(
             // Ignore luxe_* analytics since there are a lot and I'm not sure if they're the same every time
-            // filter out async passive captcha logs
-            analyticsLog.map({ $0[string: "event"] }).filter({ $0 != "luxe_image_selector_icon_from_bundle" && $0 != "luxe_image_selector_icon_downloaded" && !($0?.starts(with: "elements.captcha.passive") ?? false) }),
+            // filter out async passive captcha and attestation logs
+            analyticsLog.map({ $0[string: "event"] }).filter({ $0 != "luxe_image_selector_icon_from_bundle" && $0 != "luxe_image_selector_icon_downloaded" && !($0?.starts(with: "elements.captcha.passive") ?? false) && !($0?.contains("attest") ?? false) }),
             // fraud detection telemetry should not be sent in tests, so it should report an API failure
             ["mc_complete_init_applepay", "mc_load_started", "mc_load_succeeded", "fraud_detection_data_repository.api_failure", "mc_complete_sheet_newpm_show", "mc_lpms_render", "mc_form_shown", "link.inline_signup.shown"]
         )
-        XCTAssertEqual(analyticsLog.filter({ !($0[string: "event"]?.starts(with: "elements.captcha.passive") ?? false || $0[string: "event"]?.starts(with: "link") ?? false) }).last?[string: "selected_lpm"], "card")
+        XCTAssertEqual(analyticsLog.filter({ !($0[string: "event"]?.starts(with: "elements.captcha.passive") ?? false || $0[string: "event"]?.contains("attest") ?? false || $0[string: "event"]?.starts(with: "link") ?? false) }).last?[string: "selected_lpm"], "card")
 
         try? fillCardData(app, container: nil)
 
@@ -642,9 +642,26 @@ class PaymentSheetDeferredUITests: PaymentSheetUITestCase {
         let successText = app.staticTexts["Success!"]
         XCTAssertTrue(successText.waitForExistence(timeout: 10.0))
 
+        // filter out async attestation logs
         XCTAssertEqual(
-            analyticsLog.suffix(10).map({ $0[string: "event"] }),
-            ["mc_form_interacted", "mc_card_number_completed", "mc_form_completed", "mc_confirm_button_tapped", "elements.captcha.passive.attach", "stripeios.confirmation_token_creation", "stripeios.paymenthandler.confirm.started", "stripeios.payment_intent_confirmation", "stripeios.paymenthandler.confirm.finished", "mc_complete_payment_newpm_success"]
+            analyticsLog.map({ $0[string: "event"] }).filter({ !($0?.starts(with: "elements.captcha.passive") ?? false) && !($0?.contains("attest") ?? false) }).suffix(9),
+            ["mc_form_interacted", "mc_card_number_completed", "mc_form_completed", "mc_confirm_button_tapped", "stripeios.confirmation_token_creation", "stripeios.paymenthandler.confirm.started", "stripeios.payment_intent_confirmation", "stripeios.paymenthandler.confirm.finished", "mc_complete_payment_newpm_success"]
+        )
+
+        XCTAssertEqual(
+            analyticsLog.map({ $0[string: "event"] }).filter({ $0?.starts(with: "elements.captcha.passive") ?? false }),
+            ["elements.captcha.passive.init",
+             "elements.captcha.passive.execute",
+             "elements.captcha.passive.success",
+             "elements.captcha.passive.attach", ]
+        )
+
+        XCTAssertEqual(
+            analyticsLog.map({ $0[string: "event"] }).filter({ $0?.starts(with: "elements.attestation.confirmation") ?? false }),
+            ["elements.attestation.confirmation.prepare",
+             "elements.attestation.confirmation.prepare_failed",
+             "elements.attestation.confirmation.request_token",
+             "elements.attestation.confirmation.request_token_succeeded", ]
         )
 
         // Make sure they all have the same session id

Example/PaymentSheet Example/PaymentSheetUITest/PaymentSheetVerticalUITest.swift

@@ -116,8 +116,8 @@ class PaymentSheetVerticalUITests: PaymentSheetUITestCase {
         app.buttons["•••• 4242"].waitForExistenceAndTap()
         app.buttons["Continue"].tap() // For some reason, waitForExistenceAndTap() does not tap this!
         XCTAssertEqual(
-            // filter out async passive captcha logs
-            analyticsLog.map({ $0[string: "event"] }).filter({ !($0?.starts(with: "elements.captcha.passive") ?? false) }),
+            // filter out async passive captcha and attestation logs
+            analyticsLog.map({ $0[string: "event"] }).filter({ !($0?.starts(with: "elements.captcha.passive") ?? false) && !($0?.contains("attest") ?? false) }),
             // fraud detection telemetry should not be sent in tests, so it should report an API failure
             ["mc_load_started", "link.account_lookup.complete", "mc_load_succeeded", "fraud_detection_data_repository.api_failure", "mc_custom_init_customer_applepay", "mc_custom_sheet_newpm_show", "mc_lpms_render", "mc_custom_paymentoption_savedpm_select", "mc_lpms_render", "mc_confirm_button_tapped"]
         )

StripeCore/StripeCore/Source/Analytics/STPAnalyticEvent.swift

@@ -316,6 +316,15 @@ import Foundation
     case passiveCaptchaError = "elements.captcha.passive.error"
     case passiveCaptchaAttach = "elements.captcha.passive.attach"
 
+    // MARK: - Attestation on Confirmation
+    case attestationConfirmationPrepare = "elements.attestation.confirmation.prepare"
+    case attestationConfirmationPrepareSucceeded = "elements.attestation.confirmation.prepare_succeeded"
+    case attestationConfirmationPrepareFailed = "elements.attestation.confirmation.prepare_failed"
+    case attestationConfirmationRequestToken = "elements.attestation.confirmation.request_token"
+    case attestationConfirmationRequestTokenSucceeded = "elements.attestation.confirmation.request_token_succeeded"
+    case attestationConfirmationRequestTokenFailed = "elements.attestation.confirmation.request_token_failed"
+    case attestationConfirmationError = "elements.attestation.confirmation.error"
+
     // MARK: - STPApplePayContext
     case applePayContextStarted = "stripeios.applepaycontext.confirm.started"
     case applePayContextFinished = "stripeios.applepaycontext.confirm.finished"