123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 |
- /*
- * Copyright 2017 Google
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
- #import "FIRAuthAppCredentialManager.h"
-
- #import "FIRAuthAppCredential.h"
- #import "FIRAuthGlobalWorkQueue.h"
- #import "FIRAuthKeychainServices.h"
-
- NS_ASSUME_NONNULL_BEGIN
-
- /** @var kKeychainDataKey
- @brief The keychain key for the data.
- */
- static NSString *const kKeychainDataKey = @"app_credentials";
-
- /** @var kFullCredentialKey
- @brief The data key for the full app credential.
- */
- static NSString *const kFullCredentialKey = @"full_credential";
-
- /** @var kPendingReceiptsKey
- @brief The data key for the array of pending receipts.
- */
- static NSString *const kPendingReceiptsKey = @"pending_receipts";
-
- /** @var kMaximumNumberOfPendingReceipts
- @brief The maximum number of partial credentials kept by this class.
- */
- static const NSUInteger kMaximumNumberOfPendingReceipts = 32;
-
- @implementation FIRAuthAppCredentialManager {
- /** @var _keychainServices
- @brief The keychain for app credentials to load from and to save to.
- */
- FIRAuthKeychainServices *_keychainServices;
-
- /** @var _pendingReceipts
- @brief A list of pending receipts sorted in the order they were recorded.
- */
- NSMutableArray<NSString *> *_pendingReceipts;
-
- /** @var _callbacksByReceipt
- @brief A map from pending receipts to callbacks.
- */
- NSMutableDictionary<NSString *, FIRAuthAppCredentialCallback> *_callbacksByReceipt;
- }
-
- - (instancetype)initWithKeychain:(FIRAuthKeychainServices *)keychain {
- self = [super init];
- if (self) {
- _keychainServices = keychain;
- // Load the credentials from keychain if possible.
- NSError *error;
- NSData *encodedData = [_keychainServices dataForKey:kKeychainDataKey error:&error];
- if (!error && encodedData) {
- NSKeyedUnarchiver *unarchiver =
- [[NSKeyedUnarchiver alloc] initForReadingWithData:encodedData];
- FIRAuthAppCredential *credential =
- [unarchiver decodeObjectOfClass:[FIRAuthAppCredential class]
- forKey:kFullCredentialKey];
- if ([credential isKindOfClass:[FIRAuthAppCredential class]]) {
- _credential = credential;
- }
- NSSet<Class> *allowedClasses =
- [NSSet<Class> setWithObjects:[NSArray class], [NSString class], nil];
- NSArray<NSString *> *pendingReceipts =
- [unarchiver decodeObjectOfClasses:allowedClasses forKey:kPendingReceiptsKey];
- if ([pendingReceipts isKindOfClass:[NSArray class]]) {
- _pendingReceipts = [pendingReceipts mutableCopy];
- }
- }
- if (!_pendingReceipts) {
- _pendingReceipts = [[NSMutableArray<NSString *> alloc] init];
- }
- _callbacksByReceipt =
- [[NSMutableDictionary<NSString *, FIRAuthAppCredentialCallback> alloc] init];
- }
- return self;
- }
-
- - (NSUInteger)maximumNumberOfPendingReceipts {
- return kMaximumNumberOfPendingReceipts;
- }
-
- - (void)didStartVerificationWithReceipt:(NSString *)receipt
- timeout:(NSTimeInterval)timeout
- callback:(FIRAuthAppCredentialCallback)callback {
- [_pendingReceipts removeObject:receipt];
- if (_pendingReceipts.count >= kMaximumNumberOfPendingReceipts) {
- [_pendingReceipts removeObjectAtIndex:0];
- }
- [_pendingReceipts addObject:receipt];
- _callbacksByReceipt[receipt] = callback;
- [self saveData];
- dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(timeout * NSEC_PER_SEC)),
- FIRAuthGlobalWorkQueue(), ^{
- [self callBackWithReceipt:receipt];
- });
- }
-
- - (BOOL)canFinishVerificationWithReceipt:(NSString *)receipt secret:(NSString *)secret {
- if (![_pendingReceipts containsObject:receipt]) {
- return NO;
- }
- [_pendingReceipts removeObject:receipt];
- _credential = [[FIRAuthAppCredential alloc] initWithReceipt:receipt secret:secret];
- [self saveData];
- [self callBackWithReceipt:receipt];
- return YES;
- }
-
- - (void)clearCredential {
- _credential = nil;
- [self saveData];
- }
-
- #pragma mark - Internal methods
-
- /** @fn saveData
- @brief Save the data in memory to the keychain ignoring any errors.
- */
- - (void)saveData {
- NSMutableData *archiveData = [NSMutableData data];
- NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:archiveData];
- [archiver encodeObject:_credential forKey:kFullCredentialKey];
- [archiver encodeObject:_pendingReceipts forKey:kPendingReceiptsKey];
- [archiver finishEncoding];
- [_keychainServices setData:archiveData forKey:kKeychainDataKey error:NULL];
- }
-
- /** @fn callBackWithReceipt:
- @brief Calls the saved callback for the specifc receipt.
- @param receipt The receipt associated with the callback.
- */
- - (void)callBackWithReceipt:(NSString *)receipt {
- FIRAuthAppCredentialCallback callback = _callbacksByReceipt[receipt];
- if (!callback) {
- return;
- }
- [_callbacksByReceipt removeObjectForKey:receipt];
- if (_credential) {
- callback(_credential);
- } else {
- callback([[FIRAuthAppCredential alloc] initWithReceipt:receipt secret:nil]);
- }
- }
-
- @end
-
- NS_ASSUME_NONNULL_END
|