Permalink
Browse files

A Better support for OAuth2 authorization-code flow exceptions has be…

…ing added. (#84)
  • Loading branch information...
1 parent 135ba87 commit 346b6e0b9f19b14a5bce70ff47822c99d59eef30 @rodchile rodchile committed Aug 22, 2011
@@ -61,12 +61,32 @@
/**
* Sent when a new access token has being acquired
*/
-- (void)accessTokenAcquired;
+- (void)accessTokenAcquired:(NSString *)token;
/**
- * Sent when an access token request has failed due to an error
+ * Sent when an access token request has failed due an invalid authorization code
*/
-- (void)accessTokenAcquiredWithErrors;
+- (void)errInvalidGrant:(NSString *)description;
+@optional
+
+/**
+ * Other OAuth2 protocol exceptions for the authorization code flow
+ */
+
+- (void)errUnauthorizedClient:(NSString *)description;
+
+- (void)errInvalidClient:(NSString *)description;
+
+- (void)errInvalidRequest:(NSString *)description;
+
+- (void)errUnsupportedGrantType:(NSString *)description;
+
+- (void)errInvalidScope:(NSString *)description;
+
+/** The access_token request has ended with an error.
+ */
+
+- (void)tokenRequestDidFailWithError:(NSString *)description;
@end
@@ -8,6 +8,8 @@
#import "RKClientOAuth.h"
+
+
@implementation RKClientOAuth
@synthesize clientID = _clientID, clientSecret = _clientSecret, authorizationCode = _authorizationCode, authorizationURL = _authorizationURL, callbackURL = _callbackURL, oauth2Delegate = _oauth2Delegate;
@@ -49,16 +51,46 @@ -(NSString *)getAccessToken{
- (void)request:(RKRequest*)request didLoadResponse:(RKResponse*)response{
NSError* error = nil;
- id json = [response parsedBody:&error];
- if ([json isKindOfClass:[NSDictionary class]]) {
- NSDictionary *tokens = (NSDictionary *) json;
- if ((_accessToken = [tokens objectForKey:@"access_token"])) {
- NSLog(@"A new access token has being acquired");
- [_oauth2Delegate accessTokenAcquired];
- }
- else{
- [_oauth2Delegate accessTokenAcquiredWithErrors];
- NSLog(@"An error has being detected in the access token request %@", [response body]);
+ NSString* errorResponse = nil;
+
+ //Use the parsedBody answer in NSDictionary
+
+ NSDictionary* oauthResponse = (NSDictionary *) [response parsedBody:&error];
+ if ([oauthResponse isKindOfClass:[NSDictionary class]]) {
+
+ //Check the if an access token comes in the response
+
+ if ((_accessToken = [oauthResponse objectForKey:@"access_token"])) {
+
+ // W00T We got an accessToken
+
+ [_oauth2Delegate accessTokenAcquired:_accessToken];
+ }
+
+ //Heads-up! There is an error in the response
+ //The possible errors are defined in the OAuth2 Protocol
+ else if((errorResponse = [oauthResponse objectForKey:@"error"] )){
+
+ if([errorResponse isEqualToString:@"invalid_grant"]){
+ [_oauth2Delegate errInvalidGrant:[oauthResponse objectForKey:@"error_description"]];
+
+ }
+ else if([errorResponse isEqualToString:@"unauthorized_client"]){
+ [_oauth2Delegate errUnauthorizedClient:[oauthResponse objectForKey:@"error_description"]];
+
+ }
+ else if([errorResponse isEqualToString:@"invalid_client"]){
+ [_oauth2Delegate errInvalidClient:[oauthResponse objectForKey:@"error_description"]];
+ }
+ else if([errorResponse isEqualToString:@"invalid_request"]){
+ [_oauth2Delegate errInvalidRequest:[oauthResponse objectForKey:@"error_description"]];
+ }
+ else if([errorResponse isEqualToString:@"unsupported_grant_type"]){
+ [_oauth2Delegate errUnauthorizedClient:[oauthResponse objectForKey:@"error_description"]];
+ }
+ else if([errorResponse isEqualToString:@"invalid_scope"]){
+ [_oauth2Delegate errInvalidScope:[oauthResponse objectForKey:@"error_description"]];
+ }
}
}
@@ -67,8 +99,7 @@ - (void)request:(RKRequest*)request didLoadResponse:(RKResponse*)response{
- (void)request:(RKRequest*)request didFailLoadWithError:(NSError*)error{
- NSLog(@"An error has being detected in the access token request %@", [error debugDescription]);
- [_oauth2Delegate accessTokenAcquiredWithErrors];
+ [_oauth2Delegate tokenRequestDidFailWithError:[error debugDescription]];
}
@@ -22,9 +22,20 @@ - (void)itShouldGetAccessToken{
client.callbackURL = @"http://someURL.com";
[client validateAuthorizationCode];
[loader waitForResponse];
- assertThat([client getAccessToken], is(equalTo(@"581b50dca15a9d41eb280d5cbd52c7da4fb564621247848171508dd9d0dfa551a2efe9d06e110e62335abf13b6446a5c49e4bf6007cd90518fbbb0d1535b4dbc")));
+ assertThatBool(loader.success, is(equalToBool(YES)));
}
+- (void)itShouldNotGetAccessToken{
+ RKSpecResponseLoader* loader = [RKSpecResponseLoader responseLoader];
+ RKClientOAuth *client = RKSpecNewClientOAuth(loader);
+ client.authorizationCode = @"someInvalidAuthorizationCode";
+ client.callbackURL = @"http://someURL.com";
+ [client validateAuthorizationCode];
+ [loader waitForResponse];
+
+ assertThatBool(loader.success, is(equalToBool(NO)));
+
+}
- (void)itShouldGetProtectedResource{
//TODO: Encapsulate this code in a correct manner
RKSpecResponseLoader* loader = [RKSpecResponseLoader responseLoader];
@@ -27,7 +27,7 @@ + (RKSpecResponseLoader*)responseLoader {
- (id)init {
self = [super init];
if (self) {
- _timeout = 3;
+ _timeout = 4;
_awaitingResponse = NO;
}
@@ -106,14 +106,15 @@ - (void)objectLoaderDidLoadUnexpectedResponse:(RKObjectLoader*)objectLoader {
_unknownResponse = YES;
}
-- (void)accessTokenAcquired{
+#pragma mark - OAuth delegates
+
+- (void)accessTokenAcquired:(NSString *)token{
_awaitingResponse = NO;
_success = YES;
-
}
-- (void)accessTokenAcquiredWithProblems{
+- (void)errInvalidGrant:(NSString *)description{
_awaitingResponse = NO;
_success = NO;
}

0 comments on commit 346b6e0

Please sign in to comment.