Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Webview interaction and system webview #126

Merged
merged 60 commits into from
Jun 16, 2018
Merged

Webview interaction and system webview #126

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
60 commits
Select commit Hold shift + click to select a range
5f61177
add some more definitions. subject to change.
unpluggedk Apr 21, 2018
e905d25
updating msidwebviewauthorization to have start instead of init
unpluggedk Apr 23, 2018
ba71b3d
initial implementation of webview interactive session.
unpluggedk Apr 26, 2018
fc1d8db
updating system webview controller in handling response
unpluggedk Apr 28, 2018
f29dcb3
bring in pkce and make changes to how system webviews work
unpluggedk Apr 28, 2018
c669afe
add urlQueryItemsArray in NSDictionary extension
unpluggedk Apr 28, 2018
d8813b5
address comments
unpluggedk Apr 29, 2018
c8c826f
more of addresssing comments
unpluggedk Apr 29, 2018
4dd6ec6
refactor web auth response logic
unpluggedk Apr 29, 2018
d987e60
refactor response creation
unpluggedk Apr 30, 2018
8c99592
update project settings
unpluggedk Apr 30, 2018
d99bc6f
system webview flow functionally 'in place'
unpluggedk May 2, 2018
10aae32
preprocessors for mac vs iphone targets in system webview
unpluggedk May 2, 2018
0e34d81
type fix: msal prefix to msid prefix
unpluggedk May 2, 2018
9e7fb0b
readdress header imports
unpluggedk May 2, 2018
0bd3d7f
refactoring
unpluggedk May 4, 2018
7b5255b
revise sha256 method - incorrect implementation in adal perhaps?
unpluggedk May 4, 2018
69e15a1
update oauth error handling, for now a hack to get suberror from
unpluggedk May 4, 2018
fbbb81e
revise synchronized handling for session, and add clearing of the
unpluggedk May 8, 2018
c5675ec
fix tests
unpluggedk May 9, 2018
f1207ee
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk May 9, 2018
d58eed6
replace idtoken string parameter into uid/utid
unpluggedk May 9, 2018
6f737f0
update project files and some to make mac test build work
unpluggedk May 9, 2018
b2c9929
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk May 9, 2018
0dc3a61
remove preprocessor and replace with @available(...)
unpluggedk May 10, 2018
243fb01
SafariViewController flow in place.
unpluggedk May 11, 2018
9ea3817
fix typo
unpluggedk May 11, 2018
a4d2286
remove unneeded test variables
unpluggedk May 11, 2018
459dc3a
fix mac errors - exclude uikit files
unpluggedk May 14, 2018
a234566
add unit testing for web responses + bug fixes
unpluggedk May 17, 2018
a4eacd1
adding more testing for MSIDWebviewAuthorization and bug fixing
unpluggedk May 17, 2018
af44efc
revise web authorization flow - with bug fixes
unpluggedk May 18, 2018
36b3ef2
add test stubs and few comments
unpluggedk May 18, 2018
517a114
more unit testing and minor fixes
unpluggedk May 18, 2018
a5d230e
fix mac tests
unpluggedk May 18, 2018
5ed28e3
add telemetry
unpluggedk May 22, 2018
2b8b756
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk May 22, 2018
1230844
address comments
unpluggedk May 22, 2018
dda26c7
remove replaced file
unpluggedk May 22, 2018
375e1d4
Merge remote-tracking branch 'origin/dev' into jak/system_webview
unpluggedk May 22, 2018
f54800a
update unit testeing on WPJ response
unpluggedk May 22, 2018
ec90fb5
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk May 22, 2018
b31e99f
checkpoint: update flow as discussed
unpluggedk May 24, 2018
8718d82
Merge branch 'oldalton/msal_updates_to_cache' of https://github.com/A…
unpluggedk May 24, 2018
a9cff24
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk May 24, 2018
1ea816d
update the flow - revise how request state is being passed around
unpluggedk May 25, 2018
7b8979c
refactor for improvements. unit tests need to be fixed.
unpluggedk May 25, 2018
7d9ed31
minor bug fix - saferi viewcontroller reset upon completion
unpluggedk May 25, 2018
58b7c6a
adding unit testing after changes and some minor fixes
unpluggedk May 26, 2018
dad2296
move testcacheIdentifiers to testIdentifiers.
unpluggedk May 28, 2018
9801600
revise start of web interactive session to return void than BOOL
unpluggedk May 30, 2018
9d505c8
update mock webview controller
unpluggedk May 31, 2018
97ddaa1
state verification to have a terminating conditional
unpluggedk Jun 1, 2018
9ec3d45
fix returning error at start webview
unpluggedk Jun 1, 2018
804186a
separate webview factory and revised response handling
unpluggedk Jun 6, 2018
17834c5
add unit testing and minor fixes
unpluggedk Jun 7, 2018
e5da20a
- MSIDWebviewConfiguration no longer inherits from MSIDConfiguration.
unpluggedk Jun 8, 2018
865eff9
address rest of the comments
unpluggedk Jun 11, 2018
185db0d
addressing feedback: remove stateVerifier flag for places unnecessary,
unpluggedk Jun 14, 2018
6183514
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
unpluggedk Jun 15, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 44 additions & 32 deletions IdentityCore/IdentityCore.xcodeproj/project.pbxproj
View file
Open in desktop

Large diffs are not rendered by default.

8 changes: 8 additions & 0 deletions ...tityCore/IdentityCore.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>IDEDidComputeMac32BitWarning</key>
<true/>
</dict>
</plist>
40 changes: 40 additions & 0 deletions IdentityCore/src/MSIDError.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,49 @@ typedef NS_ENUM(NSInteger, MSIDErrorCode)
MSIDErrorInvalidClient = -51015,
MSIDErrorInvalidGrant = -51016,
MSIDErrorInvalidParameter = -51017,

/*!
The user or application failed to authenticate in the interactive flow.
Inspect MSALOAuthErrorKey and MSALErrorDescriptionKey in the userInfo
dictionary for more detailed information about the specific error.
*/
MSIDErrorAuthorizationFailed = -52018,

/*!
The state returned by the server does not match the state that was sent to
the server at the beginning of the authorization attempt.
*/
MSALErrorInvalidState = -52501,
/*!
Interaction required errors occur because of a wide variety of errors
returned by the authentication service.
*/
MSIDErrorMismatchedUser = -52101,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just curious, when is this error returned?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When parameter sets a user, and we force webview to login as a different user.
We handled it as an error in MSAL, we can discuss about this.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: can we put errors in increasing order? (MSIDErrorInvalidState is in the middle)

MSIDErrorNoAuthorizationResponse = -52102,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: no authorization code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no, it's just url nil response.

MSIDErrorBadAuthorizationResponse = -52103,


MSIDErrorUserCancel = -51019,
/*!
The authentication request was cancelled programmatically.
*/
MSIDErrorSessionCanceled = -51020,
/*!
An interactive authentication session is already running with the
SafariViewController visible. Another authentication session can not be
launched yet.
*/
MSIDErrorInteractiveSessionAlreadyRunning = -51021,
/*!
An interactive authentication session failed to start.
*/
MSIDErrorInteractiveSessionStartFailure = -51022,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is the case when this would happen?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SFAuthenticationSession: when start is called on a cancelled session
SafariViewController, when we can't find the current viewcontroller to present from.


MSIDErrorCodeFirst = MSIDErrorInternal,
MSIDErrorCodeLast = MSIDErrorInvalidParameter
};

extern NSError *MSIDCreateError(NSString *domain, NSInteger code, NSString *errorDescription, NSString *oauthError, NSString *subError, NSError *underlyingError, NSUUID *correlationId, NSDictionary *additionalUserInfo);

extern MSIDErrorCode MSIDErrorCodeForOAuthError(NSString *oauthError, MSIDErrorCode defaultCode);

17 changes: 17 additions & 0 deletions IdentityCore/src/MSIDError.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,3 +49,20 @@
}


MSIDErrorCode MSIDErrorCodeForOAuthError(NSString *oauthError, MSIDErrorCode defaultCode)
{
if (oauthError && [oauthError caseInsensitiveCompare:@"invalid_request"] == NSOrderedSame)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already have this code in token response I think. Can we combine it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done, i've changed TokenResponse to call this.

{
return MSIDErrorInvalidRequest;
}
if (oauthError && [oauthError caseInsensitiveCompare:@"invalid_client"] == NSOrderedSame)
{
return MSIDErrorInvalidClient;
}
if (oauthError && [oauthError caseInsensitiveCompare:@"invalid_scope"] == NSOrderedSame)
{
return MSIDErrorInvalidParameter;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: should we be more specific about which parameter is invalid?

}

return defaultCode;
}
2 changes: 2 additions & 0 deletions IdentityCore/src/MSIDOAuth2Constants.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ extern NSString *const MSID_OAUTH2_AUTHORIZATION_CODE;
extern NSString *const MSID_OAUTH2_AUTHORIZATION_URI;
extern NSString *const MSID_OAUTH2_AUTHORITY;
extern NSString *const MSID_OAUTH2_AUTHORIZE_SUFFIX;
extern NSString *const MSID_OAUTH2_V2_AUTHORIZE_SUFFIX;
extern NSString *const MSID_OAUTH2_BEARER;
extern NSString *const MSID_OAUTH2_CLIENT_ID;
extern NSString *const MSID_OAUTH2_CODE;
Expand Down Expand Up @@ -58,6 +59,7 @@ extern NSString *const MSID_OAUTH2_ASSERTION;
extern NSString *const MSID_OAUTH2_EXPIRES_ON;
extern NSString *const MSID_OAUTH2_EXT_EXPIRES_IN;
extern NSString *const MSID_FAMILY_ID;
extern NSString *const MSID_AUTH_CLOUD_INSTANCE_HOST_NAME;

// Used for PKCE support
extern NSString *const MSID_OAUTH2_CODE_CHALLENGE;
Expand Down
3 changes: 3 additions & 0 deletions IdentityCore/src/MSIDOAuth2Constants.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
NSString *const MSID_OAUTH2_ACCESS_TOKEN = @"access_token";
NSString *const MSID_OAUTH2_AUTHORIZATION = @"authorization";
NSString *const MSID_OAUTH2_AUTHORIZE_SUFFIX = @"/oauth2/authorize";
NSString *const MSID_OAUTH2_V2_AUTHORIZE_SUFFIX = @"/oauth2/v2/authorize";
NSString *const MSID_OAUTH2_AUTHORITY = @"authority";
NSString *const MSID_OAUTH2_AUTHORIZATION_CODE = @"authorization_code";
NSString *const MSID_OAUTH2_AUTHORIZATION_URI = @"authorization_uri";
Expand Down Expand Up @@ -75,6 +76,8 @@
NSString *const MSID_OAUTH2_ADDITIONAL_SERVER_INFO = @"additional_server_info";
NSString *const MSID_OAUTH2_ENVIRONMENT = @"environment";

NSString *const MSID_AUTH_CLOUD_INSTANCE_HOST_NAME = @"cloud_instance_host_name";

NSString *const MSID_CREDENTIAL_TYPE_CACHE_KEY = @"credential_type";
NSString *const MSID_ENVIRONMENT_CACHE_KEY = @"environment";
NSString *const MSID_REALM_CACHE_KEY = @"realm";
Expand Down
10 changes: 8 additions & 2 deletions IdentityCore/src/oauth2/MSIDOauth2Factory.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
// THE SOFTWARE.

#import <Foundation/Foundation.h>
#import "MSIDWebviewInteracting.h"

@class MSIDTokenResponse;
@class MSIDBaseToken;
Expand Down Expand Up @@ -57,7 +58,12 @@

// Webviews
- (id<MSIDWebviewInteracting>)embeddedWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
customWebview:(WKWebView *)webview;
- (id<MSIDWebviewInteracting>)systemWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams;
customWebview:(WKWebView *)webview
completionHandler:(MSIDWebUICompletionHandler)completionHandler;
- (id<MSIDWebviewInteracting>)systemWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
callbackURLScheme:(NSString *)callbackURLScheme
completionHandler:(MSIDWebUICompletionHandler)completionHandler;

- (NSURL *)startURLFromRequest:(MSIDRequestParameters *)requestParams;

@end
10 changes: 10 additions & 0 deletions IdentityCore/src/oauth2/MSIDOauth2Factory.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
#import "MSIDLegacySingleResourceToken.h"
#import "MSIDIdToken.h"
#import "MSIDAccount.h"
#import "MSIDSystemWebviewController.h"

@implementation MSIDOauth2Factory

Expand Down Expand Up @@ -269,15 +270,24 @@ - (MSIDAccount *)fillAccount:(MSIDAccount *)account
#pragma mark - Webview controllers
- (id<MSIDWebviewInteracting>)embeddedWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
customWebview:(WKWebView *)webview
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// TODO: return default
return nil;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be filled

}

- (id<MSIDWebviewInteracting>)systemWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
callbackURLScheme:(NSString *)callbackURLScheme
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// TODO: return default
return nil;
}

- (NSURL *)startURLFromRequest:(MSIDRequestParameters *)requestParams
{
// Default URL from authority
return nil;
}

@end
2 changes: 2 additions & 0 deletions IdentityCore/src/oauth2/MSIDRequestParameters.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,5 +40,7 @@

@property (readwrite) NSString *loginHint;
@property (readwrite) NSString *extraQueryParameters;
@property (readwrite) NSString *promptBehavior;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think prompt behavior was something AAD V1 specific?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It also exists for MSAL in a different value.

    case MSALForceLogin : return @{ @"prompt" : @"login" };
    case MSALForceConsent : return @{ @"prompt" : @"consent" };
    case MSALSelectAccount : return @{ @"prompt" : @"select_account" };

@property (readwrite) NSString *claims;

@end
56 changes: 56 additions & 0 deletions IdentityCore/src/oauth2/aad_v1/MSIDAADV1Oauth2Factory.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
#import "MSIDRefreshToken.h"
#import "MSIDLegacySingleResourceToken.h"
#import "MSIDAccount.h"
#import "MSIDDeviceId.h"

@implementation MSIDAADV1Oauth2Factory

Expand Down Expand Up @@ -151,15 +152,70 @@ - (MSIDLegacySingleResourceToken *)legacyTokenFromResponse:(MSIDTokenResponse *)
#pragma mark - Webview controllers
- (id<MSIDWebviewInteracting>)embeddedWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
Webview:(WKWebView *)webview
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// Create MSIDEmbeddedWebviewRequest and create EmbeddedWebviewController
return nil;
}

- (id<MSIDWebviewInteracting>)systemWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
callbackURLScheme:(NSString *)callbackURLScheme
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// Create MSIDSystemWebviewRequest and create SystemWebviewController
return nil;
}

- (NSURL *)startURLFrom:(MSIDRequestParameters *)requestParams
{
NSString *state = [self encodeProtocolState:requestParams];

// if value is nil, it won't appear in the dictionary
NSMutableDictionary *queryParams = [NSMutableDictionary dictionaryWithObjectsAndKeys:
MSID_OAUTH2_CODE, MSID_OAUTH2_RESPONSE_TYPE,
[requestParams clientId], MSID_OAUTH2_CLIENT_ID,
[requestParams resource], MSID_OAUTH2_RESOURCE,
[requestParams redirectUri], MSID_OAUTH2_REDIRECT_URI,
state, MSID_OAUTH2_STATE,
requestParams.promptBehavior, @"prompt",
@"1", @"hashchrome", //to hide back button in UI
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just curious, do we still need this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code is JZ's code. I was merely copying and pasting for now to make it compile.
Will remove this code for now from mine.

[NSString msidIsStringNilOrBlank:requestParams.loginHint] ? nil : requestParams.loginHint, MSID_OAUTH2_LOGIN_HINT,
nil];

[queryParams addEntriesFromDictionary:[MSIDDeviceId deviceId]];

NSMutableString *startUrl = [NSMutableString stringWithFormat:@"%@?%@",
[requestParams.authority.absoluteString stringByAppendingString:MSID_OAUTH2_AUTHORIZE_SUFFIX], [queryParams msidURLFormEncode]];

// we expect extraQueryParameters to be URL form encoded
if (![NSString msidIsStringNilOrBlank:requestParams.extraQueryParameters])
{
//Add the '&' for the additional params if not there already:
if ([requestParams.extraQueryParameters hasPrefix:@"&"])
{
[startUrl appendString:requestParams.extraQueryParameters.msidTrimmedString];
}
else
{
[startUrl appendFormat:@"&%@", requestParams.extraQueryParameters.msidTrimmedString];
}
}

// we expect claims to be URL form encoded
if (![NSString msidIsStringNilOrBlank:requestParams.claims])
{
[startUrl appendFormat:@"&claims=%@", requestParams.claims];
}

return [NSURL URLWithString:startUrl];
}

// TODO: if same in MSAL, move to common logic
// Encodes the state parameter for a protocol message
- (NSString *)encodeProtocolState:(MSIDRequestParameters *)requestParams
{
return [[[NSMutableDictionary dictionaryWithObjectsAndKeys:[requestParams authority], @"a", [requestParams resource], @"r", nil]
msidURLFormEncode] msidBase64UrlEncode];
}

@end
21 changes: 20 additions & 1 deletion IdentityCore/src/oauth2/aad_v2/MSIDAADV2Oauth2Factory.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
#import "MSIDAuthority.h"
#import "MSIDAccount.h"
#import "MSIDIdToken.h"
#import "MSIDSystemWebviewController.h"

@implementation MSIDAADV2Oauth2Factory

Expand Down Expand Up @@ -214,14 +215,32 @@ - (MSIDBaseToken *)fillAADV2BaseToken:(MSIDBaseToken *)baseToken
#pragma mark - Webview controllers
- (id<MSIDWebviewInteracting>)embeddedWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
Webview:(WKWebView *)webview
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// Create MSIDEmbeddedWebviewRequest and create EmbeddedWebviewController


return nil;
}

- (id<MSIDWebviewInteracting>)systemWebviewControllerWithRequest:(MSIDRequestParameters *)requestParams
callbackURLScheme:(NSString *)callbackURLScheme
completionHandler:(MSIDWebUICompletionHandler)completionHandler
{
// TODO: get authorization endpoint from authority validation cache.

// MSIDWebUIStateVerifier stateVerifier = ^BOOL(NSDictionary *dictionary, NSString *requestState)
// {
// return NO;
// };
//
//
return nil;
}

- (NSURL *)startURLFromRequest:(MSIDRequestParameters *)requestParams
{
// Create MSIDSystemWebviewRequest and create SystemWebviewController

return nil;
}

Expand Down
4 changes: 2 additions & 2 deletions .../src/webview/request/MSIDWebviewRequest.h → IdentityCore/src/util/MSIDCryptoHelper.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@

#import <Foundation/Foundation.h>

@interface MSIDWebviewRequest : NSObject
@interface MSIDCryptoHelper : NSObject

@property NSURL *startURL;
+ (NSData *)msidSHA256fromString:(NSString *)string;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't we already have this functionality in some category (e.g. msidComputeSHA256)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, didn't realize we had it there.


@end
52 changes: 52 additions & 0 deletions IdentityCore/src/util/MSIDCryptoHelper.m
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation.
// All rights reserved.
//
// This code is licensed under the MIT License.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files(the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions :
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
//
//------------------------------------------------------------------------------

#import "MSIDCryptoHelper.h"
#import <CommonCrypto/CommonDigest.h>
#import "MSIDError.h"

@implementation MSIDCryptoHelper

+ (NSData *)msidSHA256fromString:(NSString *)string;
{
NSData *inputData = [string dataUsingEncoding:NSASCIIStringEncoding];
NSMutableData *outData = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];

// input length shouldn't be this big
if (inputData.length > UINT32_MAX)
{
MSID_LOG_ERROR(nil, @"InvalidArgumentException: length too big");
@throw [NSException exceptionWithName: NSInvalidArgumentException
reason:@"Please provide a valid string parameter."
userInfo:nil];
}
CC_SHA256(inputData.bytes, (uint32_t)inputData.length, outData.mutableBytes);

return outData;
}

@end
2 changes: 2 additions & 0 deletions IdentityCore/src/util/NSDictionary+MSIDExtensions.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,6 @@
- (NSString *)msidURLFormEncode;
- (NSDictionary *)dictionaryByRemovingFields:(NSArray *)fieldsToRemove;

- (NSArray<NSURLQueryItem *> *)urlQueryItemsArray;

@end
18 changes: 18 additions & 0 deletions IdentityCore/src/util/NSDictionary+MSIDExtensions.m
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,4 +94,22 @@ - (NSDictionary *)dictionaryByRemovingFields:(NSArray *)fieldsToRemove
return mutableDict;
}

- (NSArray<NSURLQueryItem *> *)urlQueryItemsArray;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just curious, where is this being used?
and nit: there's a ";" in the end

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we use this constructing startURL.

urlComponents.queryItems = [parameters urlQueryItemsArray];

{
NSMutableArray<NSURLQueryItem *> *array = [NSMutableArray new];

for (id key in self.allKeys)
{

NSString *value = [self[key] isKindOfClass:NSUUID.class] ?
((NSUUID *)self[key]).UUIDString : [self[key] description];

[array addObject:[NSURLQueryItem queryItemWithName:[key description]
value:value]];
}

return array;
}


@end
3 changes: 3 additions & 0 deletions IdentityCore/src/util/NSString+MSIDExtensions.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,4 +59,7 @@

- (NSOrderedSet<NSString *> *)scopeSet;

/*! Generate a URL-safe string of random data */
+ (NSString *)randomUrlSafeStringOfSize:(NSUInteger)size;

@end
Loading