wtsnz/configure-ats.sh

## configure-ats.sh
# Delete any existing NSAppTransportSecurity configurations
/usr/libexec/PlistBuddy -c "Delete :NSAppTransportSecurity" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

# Add the NSAppTransportSecurity dictionary again
/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

# Add s3.amazonaws.com NSExceptionRequiresForwardSecrecy and set it to false
# This is a requirement of the Carnival.io SDK
/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:s3.amazonaws.com dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:s3.amazonaws.com:NSExceptionRequiresForwardSecrecy bool false" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

# For the Dev & QA servers we need to allow insecure loads as the third party api doesn't have ssl on dev/staging
if [ $CONFIGURATION = "Dev" ] || [ $CONFIGURATION = "QA" ]; then
  # Add *api.client.com to allow insecure HTTP loads
  /usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
  /usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com:NSTemporaryExceptionAllowsInsecureHTTPLoads bool true" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
  /usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com:NSIncludesSubdomains bool true" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
fi
	# Delete any existing NSAppTransportSecurity configurations
	/usr/libexec/PlistBuddy -c "Delete :NSAppTransportSecurity" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

	# Add the NSAppTransportSecurity dictionary again
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

	# Add s3.amazonaws.com NSExceptionRequiresForwardSecrecy and set it to false
	# This is a requirement of the Carnival.io SDK
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:s3.amazonaws.com dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:s3.amazonaws.com:NSExceptionRequiresForwardSecrecy bool false" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"

	# For the Dev & QA servers we need to allow insecure loads as the third party api doesn't have ssl on dev/staging
	if [ $CONFIGURATION = "Dev" ] \|\| [ $CONFIGURATION = "QA" ]; then
	# Add *api.client.com to allow insecure HTTP loads
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com dict" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com:NSTemporaryExceptionAllowsInsecureHTTPLoads bool true" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
	/usr/libexec/PlistBuddy -c "Add :NSAppTransportSecurity:NSExceptionDomains:api.client.com:NSIncludesSubdomains bool true" "${TARGET_BUILD_DIR}/${INFOPLIST_PATH}"
	fi