Marle
/
iOS
Watch 1
Star 1
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
2 Commits
2 Branches
Tree: 17aec42548
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '17aec42548'
${ noResults }
iOS/Pods/FirebaseAuth/Firebase/Auth/Source/AuthProvider/OAuth/FIROAuthProvider.m

FIROAuthProvider.m 16KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384 
  1. /*

  2.  * Copyright 2017 Google

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *      http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. 

  17. #include <CommonCrypto/CommonCrypto.h>

  18. #import "FIROAuthProvider.h"

  19. 

  20. #import <FirebaseCore/FIRApp.h>

  21. #import <FirebaseCore/FIROptions.h>

  22. 

  23. #import "FIRAuthBackend.h"

  24. #import "FIRAuth_Internal.h"

  25. #import "FIRAuthErrorUtils.h"

  26. #import "FIRAuthGlobalWorkQueue.h"

  27. #import "FIRAuthRequestConfiguration.h"

  28. #import "FIRAuthWebUtils.h"

  29. #import "FIRFacebookAuthProvider.h"

  30. #import "FIROAuthCredential_Internal.h"

  31. #import "FIROAuthCredential.h"

  32. 

  33. #if TARGET_OS_IOS

  34. #import "FIRAuthURLPresenter.h"

  35. #endif

  36. 

  37. NS_ASSUME_NONNULL_BEGIN

  38. 

  39. /** @typedef FIRHeadfulLiteURLCallBack

  40.     @brief The callback invoked at the end of the flow to fetch a headful-lite URL.

  41.     @param headfulLiteURL The headful lite URL.

  42.     @param error The error that occurred while fetching the headful-lite, if any.

  43.  */

  44. typedef void (^FIRHeadfulLiteURLCallBack)(NSURL *_Nullable headfulLiteURL,

  45.                NSError *_Nullable error);

  46. 

  47. /** @var kHeadfulLiteURLStringFormat

  48.     @brief The format of the URL used to open the headful lite page during sign-in.

  49.  */

  50. NSString *const kHeadfulLiteURLStringFormat = @"https://%@/__/auth/handler?%@";

  51. 

  52. /** @var kauthTypeSignInWithRedirect

  53.     @brief The auth type to be specified in the sign-in request with redirect request and response.

  54.  */

  55. static NSString *const kAuthTypeSignInWithRedirect = @"signInWithRedirect";

  56. 

  57. @implementation FIROAuthProvider {

  58.   /** @var _auth

  59.       @brief The auth instance used for launching the URL presenter.

  60.    */

  61.   FIRAuth *_auth;

  62. 

  63.   /** @var _callbackScheme

  64.       @brief The callback URL scheme used for headful-lite sign-in.

  65.    */

  66.   NSString *_callbackScheme;

  67. }

  68. 

  69. + (FIROAuthCredential *)credentialWithProviderID:(NSString *)providerID

  70.                                         IDToken:(NSString *)IDToken

  71.                                     accessToken:(nullable NSString *)accessToken {

  72.   return [[FIROAuthCredential alloc] initWithProviderID:providerID

  73.                                                 IDToken:IDToken

  74.                                                rawNonce:nil

  75.                                             accessToken:accessToken

  76.                                                  secret:nil

  77.                                            pendingToken:nil];

  78. }

  79. 

  80. + (FIROAuthCredential *)credentialWithProviderID:(NSString *)providerID

  81.                                      accessToken:(NSString *)accessToken {

  82.   return [[FIROAuthCredential alloc] initWithProviderID:providerID

  83.                                                 IDToken:nil

  84.                                                rawNonce:nil

  85.                                             accessToken:accessToken

  86.                                                  secret:nil

  87.                                            pendingToken:nil];

  88. }

  89. 

  90. + (FIROAuthCredential *)credentialWithProviderID:(NSString *)providerID

  91.                                          IDToken:(NSString *)IDToken

  92.                                         rawNonce:(nullable NSString *)rawNonce

  93.                                      accessToken:(nullable NSString *)accessToken {

  94.   return [[FIROAuthCredential alloc] initWithProviderID:providerID

  95.                                                 IDToken:IDToken

  96.                                                rawNonce:rawNonce

  97.                                             accessToken:accessToken

  98.                                                  secret:nil

  99.                                            pendingToken:nil];

  100. }

  101. 

  102. + (FIROAuthCredential *)credentialWithProviderID:(NSString *)providerID

  103.                                          IDToken:(NSString *)IDToken

  104.                                         rawNonce:(nullable NSString *)rawNonce {

  105.   return [[FIROAuthCredential alloc] initWithProviderID:providerID

  106.                                                 IDToken:IDToken

  107.                                                rawNonce:rawNonce

  108.                                             accessToken:nil

  109.                                                  secret:nil

  110.                                            pendingToken:nil];

  111. }

  112. 

  113. + (instancetype)providerWithProviderID:(NSString *)providerID {

  114.   return [[self alloc]initWithProviderID:providerID auth:[FIRAuth auth]];

  115. }

  116. 

  117. + (instancetype)providerWithProviderID:(NSString *)providerID auth:(FIRAuth *)auth {

  118.   return [[self alloc] initWithProviderID:providerID auth:auth];

  119. }

  120. 

  121. #if TARGET_OS_IOS

  122. - (void)getCredentialWithUIDelegate:(nullable id<FIRAuthUIDelegate>)UIDelegate

  123.                          completion:(nullable FIRAuthCredentialCallback)completion {

  124.   if (![FIRAuthWebUtils isCallbackSchemeRegisteredForCustomURLScheme:self->_callbackScheme]) {

  125.     [NSException raise:NSInternalInconsistencyException

  126.                 format:@"Please register custom URL scheme '%@' in the app's Info.plist file.",

  127.                        self->_callbackScheme];

  128.   }

  129.   __weak __typeof__(self) weakSelf = self;

  130.   __weak FIRAuth *weakAuth = _auth;

  131.   __weak NSString *weakProviderID = _providerID;

  132.   dispatch_async(FIRAuthGlobalWorkQueue(), ^{

  133.     FIRAuthCredentialCallback callbackOnMainThread = ^(FIRAuthCredential *_Nullable credential,

  134.                                                        NSError *_Nullable error) {

  135.       if (completion) {

  136.         dispatch_async(dispatch_get_main_queue(), ^{

  137.           completion(credential, error);

  138.         });

  139.       }

  140.     };

  141.     NSString *eventID = [FIRAuthWebUtils randomStringWithLength:10];

  142.     NSString *sessionID = [FIRAuthWebUtils randomStringWithLength:10];

  143.     __strong __typeof__(self) strongSelf = weakSelf;

  144.     [strongSelf getHeadFulLiteURLWithEventID:eventID

  145.                              sessionID:sessionID

  146.                             completion:^(NSURL *_Nullable headfulLiteURL,

  147.                                          NSError *_Nullable error) {

  148.       if (error) {

  149.         callbackOnMainThread(nil, error);

  150.         return;

  151.       }

  152.       FIRAuthURLCallbackMatcher callbackMatcher = ^BOOL(NSURL *_Nullable callbackURL) {

  153.         return [FIRAuthWebUtils isExpectedCallbackURL:callbackURL

  154.                                               eventID:eventID

  155.                                              authType:kAuthTypeSignInWithRedirect

  156.                                        callbackScheme:strongSelf->_callbackScheme];

  157.       };

  158.       __strong FIRAuth *strongAuth = weakAuth;

  159.       [strongAuth.authURLPresenter presentURL:headfulLiteURL

  160.                                    UIDelegate:UIDelegate

  161.                               callbackMatcher:callbackMatcher

  162.                                    completion:^(NSURL *_Nullable callbackURL,

  163.                                                 NSError *_Nullable error) {

  164.         if (error) {

  165.           callbackOnMainThread(nil, error);

  166.           return;

  167.         }

  168.         NSString *OAuthResponseURLString =

  169.             [strongSelf OAuthResponseForURL:callbackURL error:&error];

  170.         if (error) {

  171.           callbackOnMainThread(nil, error);

  172.           return;

  173.         }

  174.         __strong NSString *strongProviderID = weakProviderID;

  175.         FIROAuthCredential *credential =

  176.             [[FIROAuthCredential alloc] initWithProviderID:strongProviderID

  177.                                                  sessionID:sessionID

  178.                                     OAuthResponseURLString:OAuthResponseURLString];

  179.         callbackOnMainThread(credential, nil);

  180.       }];

  181.     }];

  182.   });

  183. }

  184. #endif  // TARGET_OS_IOS

  185. 

  186. #pragma mark - Internal Methods

  187. 

  188. /** @fn initWithProviderID:auth:

  189.     @brief returns an instance of @c FIROAuthProvider associated with the provided auth instance.

  190.     @param auth The Auth instance to be associated with the OAuthProvider instance.

  191.     @return An Instance of @c FIROAuthProvider.

  192.   */

  193. - (nullable instancetype)initWithProviderID:(NSString *)providerID auth:(FIRAuth *)auth {

  194.   NSAssert(![providerID isEqual:FIRFacebookAuthProviderID],

  195.            @"Sign in with Facebook is not supported via generic IDP; the Facebook TOS "

  196.            "dictate that you must use the Facebook iOS SDK for Facebook login.");

  197.   NSAssert(![providerID isEqual:@"apple.com"],

  198.            @"Sign in with Apple is not supported via generic IDP; You must use the Apple iOS SDK"

  199.            " for Sign in with Apple.");

  200.   self = [super init];

  201.   if (self) {

  202.     _auth = auth;

  203.     _providerID = providerID;

  204.     _callbackScheme = [[[_auth.app.options.clientID componentsSeparatedByString:@"."]

  205.         reverseObjectEnumerator].allObjects componentsJoinedByString:@"."];

  206.   }

  207.   return self;

  208. }

  209. 

  210. /** @fn OAuthResponseForURL:error:

  211.     @brief Parses the redirected URL and returns a string representation of the OAuth response URL.

  212.     @param URL The url to be parsed for an OAuth response URL.

  213.     @param error The error that occurred if any.

  214.     @return The OAuth response if successful.

  215.  */

  216. - (nullable NSString *)OAuthResponseForURL:(NSURL *)URL error:(NSError *_Nullable *_Nullable)error {

  217.   NSDictionary<NSString *, NSString *> *URLQueryItems =

  218.       [FIRAuthWebUtils dictionaryWithHttpArgumentsString:URL.query];

  219.   NSURL *deepLinkURL = [NSURL URLWithString:URLQueryItems[@"deep_link_id"]];

  220.   URLQueryItems =

  221.       [FIRAuthWebUtils dictionaryWithHttpArgumentsString:deepLinkURL.query];

  222.   NSString *queryItemLink = URLQueryItems[@"link"];

  223.   if (queryItemLink) {

  224.     return queryItemLink;

  225.   }

  226.   if (!error) {

  227.     return nil;

  228.   }

  229.   NSData *errorData = [URLQueryItems[@"firebaseError"] dataUsingEncoding:NSUTF8StringEncoding];

  230.   NSError *jsonError;

  231.   NSDictionary *errorDict = [NSJSONSerialization JSONObjectWithData:errorData

  232.                                                             options:0

  233.                                                               error:&jsonError];

  234.   if (jsonError) {

  235.     *error = [FIRAuthErrorUtils JSONSerializationErrorWithUnderlyingError:jsonError];

  236.     return nil;

  237.   }

  238.   *error = [FIRAuthErrorUtils URLResponseErrorWithCode:errorDict[@"code"]

  239.                                                message:errorDict[@"message"]];

  240.   if (!*error) {

  241.     NSString *reason;

  242.     if(errorDict[@"code"] && errorDict[@"message"]) {

  243.       reason = [NSString stringWithFormat:@"[%@] - %@",errorDict[@"code"], errorDict[@"message"]];

  244.     }

  245.     *error = [FIRAuthErrorUtils webSignInUserInteractionFailureWithReason:reason];

  246.   }

  247.   return nil;

  248. }

  249. 

  250. /** @fn getHeadFulLiteURLWithEventID:completion:

  251.     @brief Constructs a URL used for opening a headful-lite flow using a given event

  252.         ID and session ID.

  253.     @param eventID The event ID used for this purpose.

  254.     @param sessionID The session ID used when completing the headful lite flow.

  255.     @param completion The callback invoked after the URL has been constructed or an error

  256.         has been encountered.

  257.  */

  258. - (void)getHeadFulLiteURLWithEventID:(NSString *)eventID

  259.                            sessionID:(NSString *)sessionID

  260.                           completion:(FIRHeadfulLiteURLCallBack)completion {

  261.    __weak __typeof__(self) weakSelf = self;

  262.   [FIRAuthWebUtils fetchAuthDomainWithRequestConfiguration:_auth.requestConfiguration

  263.                                                 completion:^(NSString *_Nullable authDomain,

  264.                                                              NSError *_Nullable error) {

  265.     if (error) {

  266.       if (completion) {

  267.         completion(nil, error);

  268.       }

  269.       return;

  270.     }

  271.      __strong __typeof__(self) strongSelf = weakSelf;

  272.     NSString *bundleID = [NSBundle mainBundle].bundleIdentifier;

  273.     NSString *clienID = strongSelf->_auth.app.options.clientID;

  274.     NSString *apiKey = strongSelf->_auth.requestConfiguration.APIKey;

  275.     NSMutableDictionary *urlArguments = [@{

  276.       @"apiKey" : apiKey,

  277.       @"authType" : @"signInWithRedirect",

  278.       @"ibi" : bundleID ?: @"",

  279.       @"clientId" : clienID,

  280.       @"sessionId" : [strongSelf hashforString:sessionID],

  281.       @"v" : [FIRAuthBackend authUserAgent],

  282.       @"eventId" : eventID,

  283.       @"providerId" : strongSelf->_providerID,

  284.     } mutableCopy];

  285.     if (strongSelf.scopes.count) {

  286.       urlArguments[@"scopes"] = [strongSelf.scopes componentsJoinedByString:@","];

  287.     }

  288.     if (strongSelf.customParameters.count) {

  289.       NSString *customParameters = [strongSelf customParametersStringWithError:&error];

  290.       if (error) {

  291.         completion(nil, error);

  292.         return;

  293.       }

  294.       if (customParameters) {

  295.         urlArguments[@"customParameters"] = customParameters;

  296.       }

  297.     }

  298.     if (strongSelf->_auth.requestConfiguration.languageCode) {

  299.       urlArguments[@"hl"] = strongSelf->_auth.requestConfiguration.languageCode;

  300.     }

  301.     NSString *argumentsString = [strongSelf httpArgumentsStringForArgsDictionary:urlArguments];

  302.     NSString *URLString =

  303.         [NSString stringWithFormat:kHeadfulLiteURLStringFormat, authDomain, argumentsString];

  304.     if (completion) {

  305.       NSCharacterSet *set = [NSCharacterSet URLFragmentAllowedCharacterSet];

  306.       completion([NSURL URLWithString:

  307.           [URLString stringByAddingPercentEncodingWithAllowedCharacters:set]], nil);

  308.     }

  309.   }];

  310. }

  311. 

  312. /** @fn customParametersString

  313.     @brief Returns a JSON string representation of the custom parameters dictionary corresponding

  314.         to the OAuthProvider.

  315.     @return The JSON string representation of the custom parameters dictionary corresponding

  316.         to the OAuthProvider.

  317.  */

  318. - (nullable NSString *)customParametersStringWithError:(NSError *_Nullable *_Nullable)error {

  319.   if (!_customParameters.count) {

  320.     return nil;

  321.   }

  322. 

  323.   if (!error) {

  324.     return nil;

  325.   }

  326.   NSError *jsonError;

  327.   NSData *customParametersJSONData =

  328.       [NSJSONSerialization dataWithJSONObject:_customParameters

  329.                                       options:0

  330.                                         error:&jsonError];

  331.   if (jsonError) {

  332.     *error = [FIRAuthErrorUtils JSONSerializationErrorWithUnderlyingError:jsonError];

  333.     return nil;

  334.   }

  335. 

  336.   NSString *customParamsRawJSON =

  337.       [[NSString alloc] initWithData:customParametersJSONData encoding:NSUTF8StringEncoding];

  338.   return customParamsRawJSON;

  339. }

  340. 

  341. /** @fn hashforString:

  342.     @brief Returns the SHA256 hash representation of a given string object.

  343.     @param string The string for which a SHA256 hash is desired.

  344.     @return An hexadecimal string representation of the SHA256 hash.

  345.  */

  346. - (NSString *)hashforString:(NSString *)string {

  347.   NSData *sessionIDData = [string dataUsingEncoding:NSUTF8StringEncoding];

  348.   NSMutableData *hashOutputData = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];

  349.   if (CC_SHA256(sessionIDData.bytes,

  350.       (CC_LONG)[sessionIDData length],

  351.       hashOutputData.mutableBytes)) {

  352.   }

  353.   return [self hexStringFromData:hashOutputData];;

  354. }

  355. 

  356. /** @fn hexStringFromData:

  357.     @brief Returns the hexadecimal string representation of an NSData object.

  358.     @param data The NSData object for which a hexadecical string is desired.

  359.     @return The hexadecimal string representation of the supplied NSData object.

  360.  */

  361. - (NSString *)hexStringFromData:(NSData *)data {

  362.   const unsigned char *dataBuffer = (const unsigned char *)[data bytes];

  363.   NSMutableString *string = [[NSMutableString alloc] init];

  364.   for (unsigned int i = 0; i < data.length; i++){

  365.     [string appendFormat:@"%02lx", (unsigned long)dataBuffer[i]];

  366.   }

  367.   return [string copy];

  368. }

  369. 

  370. - (NSString *)httpArgumentsStringForArgsDictionary:(NSDictionary *)argsDictionary {

  371.   NSMutableArray* arguments = [NSMutableArray arrayWithCapacity:argsDictionary.count];

  372.   NSString* key;

  373.   for (key in argsDictionary) {

  374.     NSString *description = [argsDictionary[key] description];

  375.     [arguments addObject:[NSString stringWithFormat:@"%@=%@",

  376.                           [FIRAuthWebUtils stringByUnescapingFromURLArgument:key],

  377.                           [FIRAuthWebUtils stringByUnescapingFromURLArgument:description]]] ;

  378.   }

  379.   return [arguments componentsJoinedByString:@"&"];

  380. }

  381. 

  382. @end

  383. 

  384. NS_ASSUME_NONNULL_END