Merge pull request #125 from AzureAD/jason/embeddedWebview

Embedded Webview

Author: jasoncoolmax

IdentityCore/IdentityCore.xcodeproj/project.pbxproj

@@ -21,7 +21,7 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 
-#import "MSIDContants.h"
+#import "MSIDConstants.h"
 
 NSString *const MSID_PLATFORM_KEY               = @"x-client-SKU";
 NSString *const MSID_VERSION_KEY                = @"x-client-Ver";

IdentityCore/src/MSIDContants.h renamed to IdentityCore/src/MSIDConstants.h

@@ -23,7 +23,7 @@
 
 #import "MSIDDeviceId.h"
 #import "MSIDVersion.h"
-#import "MSIDContants.h"
+#import "MSIDConstants.h"
 #import "MSIDOAuth2Constants.h"
 
 #if !TARGET_OS_IPHONE

IdentityCore/src/MSIDContants.m renamed to IdentityCore/src/MSIDConstants.m

@@ -70,6 +70,26 @@ typedef NS_ENUM(NSInteger, MSIDErrorCode)
     MSIDErrorInvalidGrant = -51016,
     MSIDErrorInvalidScope = -51017,
     MSIDErrorInvalidParameter = -51018,
+    MSIDErrorUserCancel = -51019,
+    /*!
+     The authentication request was cancelled programmatically.
+     */
+    MSIDErrorSessionCanceled = -51020,
+    /*!
+     An interactive authentication session is already running with the
+     SafariViewController visible. Another authentication session can not be
+     launched yet.
+     */
+    MSIDErrorInteractiveSessionAlreadyRunning = -51021,
+    /*!
+     An interactive authentication session failed to start.
+     */
+    MSIDErrorInteractiveSessionStartFailure = -51022,
+    
+    MSIDErrorNoMainViewController = -51023,
+    MSIDServerNonHttpsRedirect = -51024,
+    
+    MSIDErrorUnsupportedFunctionality = -51025,
 
     /*!
      The user or application failed to authenticate in the interactive flow.
@@ -78,43 +98,24 @@ typedef NS_ENUM(NSInteger, MSIDErrorCode)
      */
     MSIDErrorAuthorizationFailed = -52020,
 
-    /*!
-     The state returned by the server does not match the state that was sent to
-     the server at the beginning of the authorization attempt.
-     */
-    MSIDErrorInvalidState = -52501,
     /*!
      Interaction required errors occur because of a wide variety of errors
      returned by the authentication service.
      */
     MSIDErrorMismatchedUser             = -52101,
     MSIDErrorNoAuthorizationResponse    = -52102,
     MSIDErrorBadAuthorizationResponse   = -52103,
-
 
-    MSIDErrorUserCancel = -51019,
-    /*!
-     The authentication request was cancelled programmatically.
-     */
-    MSIDErrorSessionCanceled = -51020,
-    /*!
-     An interactive authentication session is already running with the
-     SafariViewController visible. Another authentication session can not be
-     launched yet.
-     */
-    MSIDErrorInteractiveSessionAlreadyRunning = -51021,
     /*!
-     An interactive authentication session failed to start.
+     The state returned by the server does not match the state that was sent to
+     the server at the beginning of the authorization attempt.
      */
-    MSIDErrorInteractiveSessionStartFailure = -51022,
-    
-    MSIDErrorUnsupportedFunctionality = -51018,
+    MSIDErrorInvalidState = -52501,
 
     MSIDErrorCodeFirst = MSIDErrorInternal,
-    MSIDErrorCodeLast = MSIDErrorUnsupportedFunctionality
+    MSIDErrorCodeLast = MSIDErrorInvalidState
 };
 
 extern NSError *MSIDCreateError(NSString *domain, NSInteger code, NSString *errorDescription, NSString *oauthError, NSString *subError, NSError *underlyingError, NSUUID *correlationId, NSDictionary *additionalUserInfo);
 
 extern MSIDErrorCode MSIDErrorCodeForOAuthError(NSString *oauthError, MSIDErrorCode defaultCode);
-

IdentityCore/src/MSIDDeviceId.m

@@ -43,6 +43,7 @@
 @property (readwrite) NSDictionary<NSString *, NSString *> *sliceParameters;
 @property (readwrite) NSString *promptBehavior;
 @property (readwrite) NSString *claims;
+@property (readwrite) NSDictionary<NSString *, NSString *> *customHeaders;
 
 // State verifier: Recommended verifier for state value of the response.
 //  Set to YES to stop if verifying state fails
@@ -59,6 +60,11 @@
 // Priority start URL
 @property (readwrite) NSURL *explicitStartURL;
 
+#if TARGET_OS_IPHONE
+@property (weak) UIViewController *parentController;
+@property (readwrite)UIModalPresentationStyle presentationType;
+#endif
+
 - (instancetype)initWithAuthorizationEndpoint:(NSURL *)authorizationEndpoint
                                   redirectUri:(NSString *)redirectUri
                                      clientId:(NSString *)clientId
@@ -68,5 +74,4 @@
                                   verifyState:(BOOL)verifyState
                                    enablePkce:(BOOL)enablePkce;
 
-
 @end

IdentityCore/src/MSIDError.h

@@ -29,7 +29,7 @@
 #import "MSIDDeviceId.h"
 #import "NSDictionary+MSIDExtensions.h"
 #import "MSIDVersion.h"
-#import "MSIDContants.h"
+#import "MSIDConstants.h"
 
 static NSTimeInterval const s_defaultTimeoutInterval = 300;
 

IdentityCore/src/configuration/webview/MSIDWebviewConfiguration.h

@@ -399,5 +399,3 @@ - (MSIDWebviewFactory *)webviewFactory
 }
 
 @end
-
-

IdentityCore/src/network/request_configurator/MSIDAADRequestConfigurator.m

@@ -54,4 +54,5 @@
 - (BOOL)verifyRequestState:(NSString *)requestState
                responseURL:(NSURL *)url
                      error:(NSError **)error;
+- (NSString *)generateStateValue;
 @end

IdentityCore/src/oauth2/MSIDOauth2Factory.m

@@ -29,14 +29,30 @@
 #import "MSIDSystemWebviewController.h"
 #import "MSIDPkce.h"
 #import "NSOrderedSet+MSIDExtensions.h"
+#import "MSIDOAuth2EmbeddedWebviewController.h"
 
 @implementation MSIDWebviewFactory
 
 #pragma mark - Webview creation
 
 - (MSIDWebviewSession *)embeddedWebviewSessionFromConfiguration:(MSIDWebviewConfiguration *)configuration customWebview:(WKWebView *)webview context:(id<MSIDRequestContext>)context
 {
-    return nil;
+    NSString *state = [self generateStateValue];
+    NSURL *startURL = [self startURLFromConfiguration:configuration requestState:state];
+    NSURL *redirectURL = [NSURL URLWithString:configuration.redirectUri];
+    
+    MSIDOAuth2EmbeddedWebviewController *embeddedWebviewController
+    = [[MSIDOAuth2EmbeddedWebviewController alloc] initWithStartURL:startURL
+                                                             endURL:redirectURL
+                                                            webview:webview
+                                                      configuration:configuration
+                                                            context:context];
+    
+    MSIDWebviewSession *session = [[MSIDWebviewSession alloc] initWithWebviewController:embeddedWebviewController
+                                                                                factory:self
+                                                                           requestState:state
+                                                                            verifyState:configuration.verifyState];
+    return session;
 }
 
 #if TARGET_OS_IPHONE

IdentityCore/src/oauth2/MSIDWebviewFactory.h

@@ -27,6 +27,8 @@
 #import "MSIDWebWPJAuthResponse.h"
 #import "MSIDWebAADAuthResponse.h"
 #import "MSIDDeviceId.h"
+#import "MSIDAADOAuthEmbeddedWebviewController.h"
+#import "MSIDWebviewSession.h"
 
 @implementation MSIDAADWebviewFactory
 
@@ -68,6 +70,26 @@ @implementation MSIDAADWebviewFactory
     return parameters;
 }
 
+- (MSIDWebviewSession *)embeddedWebviewSessionFromConfiguration:(MSIDWebviewConfiguration *)configuration customWebview:(WKWebView *)webview context:(id<MSIDRequestContext>)context
+{
+    NSString *state = [self generateStateValue];
+    NSURL *startURL = [self startURLFromConfiguration:configuration requestState:state];
+    NSURL *redirectURL = [NSURL URLWithString:configuration.redirectUri];
+    
+    MSIDAADOAuthEmbeddedWebviewController *embeddedWebviewController
+    = [[MSIDAADOAuthEmbeddedWebviewController alloc] initWithStartURL:startURL
+                                                               endURL:redirectURL
+                                                              webview:webview
+                                                        configuration:configuration
+                                                              context:context];
+    
+    MSIDWebviewSession *session = [[MSIDWebviewSession alloc] initWithWebviewController:embeddedWebviewController
+                                                                                factory:self
+                                                                           requestState:state
+                                                                            verifyState:configuration.verifyState];
+    return session;
+}
+
 - (MSIDWebviewResponse *)responseWithURL:(NSURL *)url
                                  context:(id<MSIDRequestContext>)context
                                    error:(NSError **)error

IdentityCore/src/oauth2/MSIDWebviewFactory.m

@@ -28,6 +28,7 @@
 #import "MSIDRefreshToken.h"
 #import "MSIDLegacySingleResourceToken.h"
 #import "MSIDAccount.h"
+#import "MSIDWebviewConfiguration.h"
 
 #import "MSIDAADV1IdTokenClaims.h"
 #import "MSIDOauth2Factory+Internal.h"

IdentityCore/src/oauth2/aad_base/MSIDAADWebviewFactory.m

@@ -22,20 +22,17 @@
 // THE SOFTWARE.
 
 #import "MSIDAADV1WebviewFactory.h"
+#import "MSIDWebviewConfiguration.h"
 
 @implementation MSIDAADV1WebviewFactory
 
-- (MSIDWebviewSession *)embeddedWebviewSessionFromConfiguration:(MSIDWebviewConfiguration *)configuration verifyState:(BOOL)verifyState customWebview:(WKWebView *)webview context:(id<MSIDRequestContext>)context
-{
-    return nil;
-}
-
 - (NSMutableDictionary<NSString *,NSString *> *)authorizationParametersFromConfiguration:(MSIDWebviewConfiguration *)configuration requestState:(NSString *)state
 {
     NSMutableDictionary<NSString *, NSString *> *parameters = [super authorizationParametersFromConfiguration:configuration
                                                                                                  requestState:state];
 
-    // Do custom parameters for AAD V1
+    parameters[MSID_OAUTH2_RESOURCE] = configuration.resource;
+    
     return parameters;
 }
 

IdentityCore/src/oauth2/aad_v1/MSIDAADV1Oauth2Factory.m

@@ -188,5 +188,4 @@ - (MSIDWebviewFactory *)webviewFactory
     return _webviewFactory;
 }
 
-
 @end

IdentityCore/src/oauth2/aad_v1/MSIDAADV1WebviewFactory.m

@@ -29,11 +29,6 @@
 
 @implementation MSIDAADV2WebviewFactory
 
-- (MSIDWebviewSession *)embeddedWebviewSessionFromConfiguration:(MSIDWebviewConfiguration *)configuration verifyState:(BOOL)verifyState customWebview:(WKWebView *)webview context:(id<MSIDRequestContext>)context
-{
-    return nil;
-}
-
 - (NSMutableDictionary<NSString *,NSString *> *)authorizationParametersFromConfiguration:(MSIDWebviewConfiguration *)configuration requestState:(NSString *)state
 {
     NSMutableDictionary<NSString *, NSString *> *parameters = [super authorizationParametersFromConfiguration:configuration

IdentityCore/src/oauth2/aad_v2/MSIDAADV2Oauth2Factory.m

@@ -1,4 +1,3 @@
-
 // Copyright (c) Microsoft Corporation.
 // All rights reserved.
 //

IdentityCore/src/oauth2/aad_v2/MSIDAADV2WebviewFactory.m

@@ -36,7 +36,6 @@ + (BOOL)isExecutingInAppExtension
         return NO;
     }
 
-    
     return [mainBundlePath hasSuffix:@"appex"];
 }
 

IdentityCore/src/util/ios/MSIDAppExtensionUtil.h

@@ -63,5 +63,3 @@ + (UIViewController*)msidCurrentViewControllerWithRootViewController:(UIViewCont
 }
 
 @end
-
-

IdentityCore/src/util/ios/MSIDAppExtensionUtil.m

@@ -44,4 +44,6 @@
 + (NSURL *)cacheUrlForAuthority:(NSURL *)authority
                        tenantId:(NSString *)tenantId;
 
++ (BOOL)isKnownHost:(NSURL *)url;
+
 @end

IdentityCore/src/util/ios/UIApplication+MSIDExtensions.m

@@ -29,6 +29,31 @@
 
 @implementation MSIDAuthority
 
+static NSSet<NSString *> *s_trustedHostList;
+
+// Trusted authorities
+NSString *const MSIDTrustedAuthority             = @"login.windows.net";
+NSString *const MSIDTrustedAuthorityUS           = @"login.microsoftonline.us";
+NSString *const MSIDTrustedAuthorityChina        = @"login.chinacloudapi.cn";
+NSString *const MSIDTrustedAuthorityGermany      = @"login.microsoftonline.de";
+NSString *const MSIDTrustedAuthorityWorldWide    = @"login.microsoftonline.com";
+NSString *const MSIDTrustedAuthorityUSGovernment = @"login-us.microsoftonline.com";
+NSString *const MSIDTrustedAuthorityCloudGovApi  = @"login.cloudgovapi.us";
+
++ (void)initialize
+{
+    s_trustedHostList = [NSSet setWithObjects:MSIDTrustedAuthority, MSIDTrustedAuthorityUS,
+                         MSIDTrustedAuthorityChina, MSIDTrustedAuthorityGermany,
+                         MSIDTrustedAuthorityWorldWide, MSIDTrustedAuthorityUSGovernment, MSIDTrustedAuthorityCloudGovApi, nil];
+}
+
++ (BOOL)isKnownHost:(NSURL *)url
+{
+    if (!url) return NO;
+    
+    return [s_trustedHostList containsObject:url.host.lowercaseString];
+}
+
 + (BOOL)isADFSInstance:(NSString *)endpoint
 {
     if ([NSString msidIsStringNilOrBlank:endpoint])

IdentityCore/src/validation/MSIDAuthority.h

@@ -31,7 +31,7 @@
 #import "MSIDError.h"
 #import "NSURL+MSIDExtensions.h"
 #import "MSIDTelemetry.h"
-#import "MSIDOAuth2EmbeddedWebviewController.h"
+#import "MSIDAADOAuthEmbeddedWebviewController.h"
 #import "MSIDSystemWebviewController.h"
 #import "MSIDWebviewFactory.h"
 
@@ -44,17 +44,11 @@ + (void)startEmbeddedWebviewAuthWithConfiguration:(MSIDWebviewConfiguration *)co
                                           context:(id<MSIDRequestContext>)context
                                 completionHandler:(MSIDWebviewAuthCompletionHandler)completionHandler
 {
-    //    NSString *state = [factory generateStateValue];
-    //    NSURL *startURL = [factory startURLFromConfiguration:configuration requestState:state];
-    //    (void)startURL;
-    //    (void)state;
-    //
-    //    MSIDOAuth2EmbeddedWebviewController *embeddedWebviewController = [[MSIDOAuth2EmbeddedWebviewController alloc] init];
-    //    [self startWebviewAuth:embeddedWebviewController
-    //                   factory:factory
-    //              requestState:state
-    //                   context:context
-    //         completionHandler:completionHandler];
+    [self startEmbeddedWebviewWebviewAuthWithConfiguration:configuration
+                                             oauth2Factory:oauth2Factory
+                                                   webview:nil
+                                                   context:context
+                                         completionHandler:completionHandler];
 }
 
 + (void)startEmbeddedWebviewWebviewAuthWithConfiguration:(MSIDWebviewConfiguration *)configuration
@@ -63,17 +57,10 @@ + (void)startEmbeddedWebviewWebviewAuthWithConfiguration:(MSIDWebviewConfigurati
                                                  context:(id<MSIDRequestContext>)context
                                        completionHandler:(MSIDWebviewAuthCompletionHandler)completionHandler
 {
-    //    NSString *state = [factory generateStateValue];
-    //    NSURL *startURL = [factory startURLFromConfiguration:configuration requestState:state];
-    //    (void)startURL;
-    //    (void)state;
-    //
-    //    MSIDOAuth2EmbeddedWebviewController *embeddedWebviewController = [[MSIDOAuth2EmbeddedWebviewController alloc] init];
-    //    [self startWebviewAuth:embeddedWebviewController
-    //                   factory:factory
-    //              requestState:state
-    //                   context:context
-    //         completionHandler:completionHandler];
+    MSIDWebviewFactory *webviewFactory = [oauth2Factory webviewFactory];
+    MSIDWebviewSession *session = [webviewFactory embeddedWebviewSessionFromConfiguration:configuration customWebview:webview context:context];
+    
+    [self startSession:session context:context completionHandler:completionHandler];
 }
 
 #if TARGET_OS_IPHONE
@@ -182,7 +169,6 @@ + (void)cancelCurrentSession
     }
 }
 
-
 + (BOOL)handleURLResponseForSystemWebviewController:(NSURL *)url;
 {
 #if TARGET_OS_IPHONE
@@ -200,7 +186,3 @@ + (BOOL)handleURLResponseForSystemWebviewController:(NSURL *)url;
 
 
 @end
-
-
-
-

IdentityCore/src/validation/MSIDAuthority.m

@@ -38,9 +38,4 @@ typedef void (^MSIDWebUICompletionHandler)(NSURL *callbackURL, NSError *error);
 
 - (NSURL *)startURL;
 
-@optional
-#if TARGET_OS_IPHONE
-@property UIViewController *parentViewController;
-#endif
-
 @end