123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 |
-
-
- #import "FIRSecureTokenService.h"
-
- #import "FIRAuth.h"
- #import "FIRAuthSerialTaskQueue.h"
- #import "FIRAuthBackend.h"
- #import "FIRAuthRequestConfiguration.h"
- #import "FIRSecureTokenRequest.h"
- #import "FIRSecureTokenResponse.h"
-
- NS_ASSUME_NONNULL_BEGIN
-
-
- static NSString *const kAPIKeyCodingKey = @"APIKey";
-
-
- static NSString *const kRefreshTokenKey = @"refreshToken";
-
-
- static NSString *const kAccessTokenKey = @"accessToken";
-
-
- static NSString *const kAccessTokenExpirationDateKey = @"accessTokenExpirationDate";
-
-
- static const NSTimeInterval kFiveMinutes = 5 * 60;
-
- @interface FIRSecureTokenService ()
- - (instancetype)init NS_DESIGNATED_INITIALIZER;
- @end
-
- @implementation FIRSecureTokenService {
-
-
- FIRAuthSerialTaskQueue *_taskQueue;
-
-
-
- NSString *_Nullable _authorizationCode;
-
-
-
- NSString *_Nullable _accessToken;
- }
-
- - (instancetype)init {
- self = [super init];
- if (self) {
- _taskQueue = [[FIRAuthSerialTaskQueue alloc] init];
- }
- return self;
- }
-
- - (instancetype)initWithRequestConfiguration:(FIRAuthRequestConfiguration *)requestConfiguration
- authorizationCode:(NSString *)authorizationCode {
- self = [self init];
- if (self) {
- _requestConfiguration = requestConfiguration;
- _authorizationCode = [authorizationCode copy];
- }
- return self;
- }
-
- - (instancetype)initWithRequestConfiguration:(FIRAuthRequestConfiguration *)requestConfiguration
- accessToken:(nullable NSString *)accessToken
- accessTokenExpirationDate:(nullable NSDate *)accessTokenExpirationDate
- refreshToken:(NSString *)refreshToken {
- self = [self init];
- if (self) {
- _requestConfiguration = requestConfiguration;
- _accessToken = [accessToken copy];
- _accessTokenExpirationDate = [accessTokenExpirationDate copy];
- _refreshToken = [refreshToken copy];
- }
- return self;
- }
-
- - (void)fetchAccessTokenForcingRefresh:(BOOL)forceRefresh
- callback:(FIRFetchAccessTokenCallback)callback {
- [_taskQueue enqueueTask:^(FIRAuthSerialTaskCompletionBlock complete) {
- if (!forceRefresh && [self hasValidAccessToken]) {
- complete();
- callback(self->_accessToken, nil, NO);
- } else {
- [self requestAccessToken:^(NSString *_Nullable token,
- NSError *_Nullable error,
- BOOL tokenUpdated) {
- complete();
- callback(token, error, tokenUpdated);
- }];
- }
- }];
- }
-
- - (NSString *)rawAccessToken {
- return _accessToken;
- }
-
- #pragma mark - NSSecureCoding
-
- + (BOOL)supportsSecureCoding {
- return YES;
- }
-
- - (nullable instancetype)initWithCoder:(NSCoder *)aDecoder {
- NSString *refreshToken = [aDecoder decodeObjectOfClass:[NSString class] forKey:kRefreshTokenKey];
- NSString *accessToken = [aDecoder decodeObjectOfClass:[NSString class] forKey:kAccessTokenKey];
- NSDate *accessTokenExpirationDate =
- [aDecoder decodeObjectOfClass:[NSDate class] forKey:kAccessTokenExpirationDateKey];
- if (!refreshToken) {
- return nil;
- }
- self = [self init];
- if (self) {
- _refreshToken = refreshToken;
- _accessToken = accessToken;
- _accessTokenExpirationDate = accessTokenExpirationDate;
- }
- return self;
- }
-
- - (void)encodeWithCoder:(NSCoder *)aCoder {
-
-
- [aCoder encodeObject:_requestConfiguration.APIKey forKey:kAPIKeyCodingKey];
-
- [aCoder encodeObject:_refreshToken forKey:kRefreshTokenKey];
- [aCoder encodeObject:_accessToken forKey:kAccessTokenKey];
- [aCoder encodeObject:_accessTokenExpirationDate forKey:kAccessTokenExpirationDateKey];
- }
-
- #pragma mark - Private methods
-
-
- - (void)requestAccessToken:(FIRFetchAccessTokenCallback)callback {
- FIRSecureTokenRequest *request;
- if (_refreshToken.length) {
- request = [FIRSecureTokenRequest refreshRequestWithRefreshToken:_refreshToken
- requestConfiguration:_requestConfiguration];
- } else {
- request = [FIRSecureTokenRequest authCodeRequestWithCode:_authorizationCode
- requestConfiguration:_requestConfiguration];
- }
- [FIRAuthBackend secureToken:request
- callback:^(FIRSecureTokenResponse *_Nullable response,
- NSError *_Nullable error) {
- BOOL tokenUpdated = NO;
- NSString *newAccessToken = response.accessToken;
- if (newAccessToken.length && ![newAccessToken isEqualToString:self->_accessToken]) {
- self->_accessToken = [newAccessToken copy];
- self->_accessTokenExpirationDate = response.approximateExpirationDate;
- tokenUpdated = YES;
- }
- NSString *newRefreshToken = response.refreshToken;
- if (newRefreshToken.length &&
- ![newRefreshToken isEqualToString:self->_refreshToken]) {
- self->_refreshToken = [newRefreshToken copy];
- tokenUpdated = YES;
- }
- callback(newAccessToken, error, tokenUpdated);
- }];
- }
-
- - (BOOL)hasValidAccessToken {
- return _accessToken && [_accessTokenExpirationDate timeIntervalSinceNow] > kFiveMinutes;
- }
-
- @end
-
- NS_ASSUME_NONNULL_END
|