I've been doing research on how to share data between applications securely. I'd like to get some info on the correct way to handle this before I do a deep dive on implementation using the wrong method. Just cause you can do something does not necessarily mean you should.
User Case: I am working on a suite of language learning apps that have a shared audio file base of several hundred audio files and json files containing important data corresponding to a language. I'd prefer to allow the user to not have to re-download the language bundle when they use another app in our suite.
1. App Extensions - Document Provider Non-UI Variant
According to the documentation:
The File Provider extension grants access to files outside the host app’s sandbox with the open and move actions. This extension (sometimes shortened here to file provider) also allows the host app to download files without presenting a document picker view controller. This feature lets the host app access previously opened documents using secure URL bookmarks, even if those files are no longer stored on the device.
On the surface this seems like a really solid solution. My main concern stems from the last couple lines where it state that the application can download the files no longer stored on the device. I want the files to be stored locally on the device to prevent constant downloading. If the Document Provider does store the files locally and allow the various applications in the group to access the files, then I think this could work.
2. Shared Keychain Access
Allows you to securely store data to a shared keychain that other applications that are part of a suite of applications can access. All applications that share keychain access must use the same app ID prefix. For an example of shared keychain access in action.
I've looked a little into the documentation of this one, and I think this might be the best fit. My major concern with this solution is whether or not there is a size limit to the data uploaded and if mp3/ogg/json file types are allowed. Most the examples/uses I have found with this solution point to sharing strings and small data, I am not sure if it will handle large data like json or audio files.
I also found this repo that apparently makes dealing with Keychain easier:
3. Custom Pasteboards
The custom pasteboard is best for the purpose of semi-privately sharing custom data between two applications. Custom pasteboards are identified using unique names. They can persist data beyond the application that creates them, allowing a pasteboard to hold onto data after the application is terminated or even after rebooting the device.
When writing or reading data to and from a pasteboard, you must specify a pasteboard type. Pasteboard types typically use a uniform type identifier (UTI) to identify the type of data going into and being retrieved from the pasteboard. See Apple’s UIPasteboard Class Reference documentation for additional information.
Above documentation pulled from this post
My main concern with this solution is that perhaps it is a bit of a hack. Logically a pasteboard seems like something that temporarily holds data and allows sharing between apps, whereas the solution I am looking for needs to be more of a permanent solution.
I'd appreciate any info on best practices towards sharing these types of files between apps. I assume there are plenty of other solutions I've omitted here, so if there is a better alternative I'd love some info on it. If it happens one of the listed solutions I have placed here is a good way to solve this problem I'd love to have some more info on your experience with working with them and if my concerns with them are valid, or nothing to worry about.
Thx in advance. As always, well written answers get up-votes ;)