Support Refresh Tokens

ibm-cloud-security · Feb 1, 2018 · 2a7bb45 · 2a7bb45
1 parent 49e1033
commit 2a7bb45
Show file tree

Hide file tree

Showing 19 changed files with 825 additions and 322 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,6 @@
 BluemixAppID.xcodeproj/
 BluemixAppID.xcworkspace/
 Pods/
-Podfile.lock
+Podfile.lock
+.idea/
+*.DS_Store
diff --git a/BluemixAppID.podspec b/BluemixAppID.podspec
@@ -1,6 +1,6 @@
 Pod::Spec.new do |s|
     s.name         = "BluemixAppID"
-    s.version      = '2.0.0'
+    s.version      = '3.0.0'
     s.summary      = "AppID Swift SDK"
     s.homepage     = "https://github.com/ibm-bluemix-mobile-services/appid-clientsdk-swift"
     s.license      = 'Apache License, Version 2.0'

diff --git a/BluemixAppID.xcodeproj/project.pbxproj b/BluemixAppID.xcodeproj/project.pbxproj
@@ -8,6 +8,8 @@
 
 /* Begin PBXBuildFile section */
 		181050421EE1BD9200AAA443 /* TokenResponseDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 181050411EE1BD9200AAA443 /* TokenResponseDelegate.swift */; };
+		4D42CF8A20173BD200EF40B6 /* RefreshToken.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4D42CF8920173BD200EF40B6 /* RefreshToken.swift */; };
+		4D42CF8C20173BDD00EF40B6 /* RefreshTokenImpl.swift in Sources */ = {isa = PBXBuildFile; fileRef = 4D42CF8B20173BDD00EF40B6 /* RefreshTokenImpl.swift */; };
 		686FA7AB6F9EE8ACF04FFE5B /* Pods_BluemixAppID.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F9518D9FBE5C06EEB62E45B4 /* Pods_BluemixAppID.framework */; };
 		9178A9196CA83023A3A1FC90 /* Pods_BluemixAppIDTests.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8D5F58BDE9E7A759720873B7 /* Pods_BluemixAppIDTests.framework */; };
 		BDC0D53F1E5EF68300444F9E /* UserAttributeManagerImpl.swift in Sources */ = {isa = PBXBuildFile; fileRef = BDC0D53E1E5EF68300444F9E /* UserAttributeManagerImpl.swift */; };
@@ -89,6 +91,8 @@
 
 /* Begin PBXFileReference section */
 		181050411EE1BD9200AAA443 /* TokenResponseDelegate.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TokenResponseDelegate.swift; sourceTree = "<group>"; };
+		4D42CF8920173BD200EF40B6 /* RefreshToken.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RefreshToken.swift; sourceTree = "<group>"; };
+		4D42CF8B20173BDD00EF40B6 /* RefreshTokenImpl.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RefreshTokenImpl.swift; sourceTree = "<group>"; };
 		66E951CC5B401814BE794DBE /* Pods-BluemixAppIDTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-BluemixAppIDTests.debug.xcconfig"; path = "Pods/Target Support Files/Pods-BluemixAppIDTests/Pods-BluemixAppIDTests.debug.xcconfig"; sourceTree = "<group>"; };
 		8D5F58BDE9E7A759720873B7 /* Pods_BluemixAppIDTests.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_BluemixAppIDTests.framework; sourceTree = BUILT_PRODUCTS_DIR; };
 		BDC0D53E1E5EF68300444F9E /* UserAttributeManagerImpl.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = UserAttributeManagerImpl.swift; sourceTree = "<group>"; };
@@ -275,6 +279,7 @@
 		EFBA1FFA1E51F7D9000EB3F5 /* Tokens */ = {
 			isa = PBXGroup;
 			children = (
+				4D42CF8920173BD200EF40B6 /* RefreshToken.swift */,
 				EFBA1FFB1E51F7D9000EB3F5 /* AccessToken.swift */,
 				EFBA1FFC1E51F7D9000EB3F5 /* OAuthClient.swift */,
 			);
@@ -309,6 +314,7 @@
 		EFBA20101E51F7D9000EB3F5 /* tokens */ = {
 			isa = PBXGroup;
 			children = (
+				4D42CF8B20173BDD00EF40B6 /* RefreshTokenImpl.swift */,
 				EFBA20111E51F7D9000EB3F5 /* AbstractToken.swift */,
 				EFBA20121E51F7D9000EB3F5 /* AccessTokenImpl.swift */,
 				EFBA20131E51F7D9000EB3F5 /* IdentityTokenImpl.swift */,
@@ -615,6 +621,7 @@
 				EFBA206A1E51F7D9000EB3F5 /* Utils.swift in Sources */,
 				EFBA20501E51F7D9000EB3F5 /* JSONPreference.swift in Sources */,
 				EFBA20681E51F7D9000EB3F5 /* OAuthClientImpl.swift in Sources */,
+				4D42CF8C20173BDD00EF40B6 /* RefreshTokenImpl.swift in Sources */,
 				EFBA20301E51F7D9000EB3F5 /* AppIDAuthorizationManager.swift in Sources */,
 				EFBA20381E51F7D9000EB3F5 /* LoginWidget.swift in Sources */,
 				EFBA20361E51F7D9000EB3F5 /* IdentityToken.swift in Sources */,
@@ -633,6 +640,7 @@
 				EFBA203C1E51F7D9000EB3F5 /* OAuthClient.swift in Sources */,
 				EFBA20481E51F7D9000EB3F5 /* AuthorizationHeaderHelper.swift in Sources */,
 				EFBA205A1E51F7D9000EB3F5 /* safariView.swift in Sources */,
+				4D42CF8A20173BD200EF40B6 /* RefreshToken.swift in Sources */,
 				EFBA20581E51F7D9000EB3F5 /* RegistrationManager.swift in Sources */,
 				EFBA203A1E51F7D9000EB3F5 /* AccessToken.swift in Sources */,
 			);

diff --git a/BluemixAppIDTests/AppIDAuthorizationManagerTests.swift b/BluemixAppIDTests/AppIDAuthorizationManagerTests.swift
@@ -20,7 +20,7 @@ public class AppIDAuthorizationManagerTests: XCTestCase {
 
     static var appid:AppID? = nil
     static var manager:AppIDAuthorizationManager? = nil
-
+        
     override public func setUp() {
         super.setUp()
         AppID.sharedInstance.initialize(tenantId: "123", bluemixRegion: "123")
@@ -49,20 +49,40 @@ public class AppIDAuthorizationManagerTests: XCTestCase {
     class MockAuthorizationManager: BluemixAppID.AuthorizationManager {
         static var res = "cancel"
 
+        var shouldCallObtainTokensRefreshToken = false
+        var obtainTokensRefreshTokenCalled = false
+
         override func launchAuthorizationUI(accessTokenString: String? = nil, authorizationDelegate:AuthorizationDelegate) {
             if MockAuthorizationManager.res == "success" {
-                authorizationDelegate.onAuthorizationSuccess(accessToken:AccessTokenImpl(with: AppIDTestConstants.ACCESS_TOKEN)!, identityToken : IdentityTokenImpl(with: AppIDTestConstants.ID_TOKEN)!, response: AppIDAuthorizationManagerTests.expectedResponse)
+                authorizationDelegate.onAuthorizationSuccess(
+                    accessToken:AccessTokenImpl(with: AppIDTestConstants.ACCESS_TOKEN)!,
+                    identityToken : IdentityTokenImpl(with: AppIDTestConstants.ID_TOKEN)!,
+                    refreshToken: nil,
+                    response: AppIDAuthorizationManagerTests.expectedResponse)
             } else if MockAuthorizationManager.res == "failure" {
                 authorizationDelegate.onAuthorizationFailure(error: AuthorizationError.authorizationFailure("someerr"))
             } else {
                 authorizationDelegate.onAuthorizationCanceled()
             }
 
         }
+
+        override func signinWithRefreshToken(refreshTokenString: String?, tokenResponseDelegate: TokenResponseDelegate) {
+            obtainTokensRefreshTokenCalled = true
+            if !shouldCallObtainTokensRefreshToken {
+                XCTFail("Unexpected call to obtainTokensRefreshToken")
+            }
+        }
+
+        func verify() {
+            if shouldCallObtainTokensRefreshToken && !obtainTokensRefreshTokenCalled {
+                XCTFail("Should have called obtainTokensRefreshToken, but the function wasn't called")
+            }
+        }
     }
 
 
-    public func testObtainAuthorization1() {
+    public func testObtainAuthorizationCanceled() {
 
         MockAuthorizationManager.res = "cancel"
         AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
@@ -74,11 +94,48 @@ public class AppIDAuthorizationManagerTests: XCTestCase {
 
     }
 
-    public func testObtainAuthorization2() {
+    public func testObtainAuthorizationSuccess() {
         MockAuthorizationManager.res = "success"
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
+        let callback:BMSCompletionHandler = {(response:Response?, error:Error?) in
+            XCTAssertNotNil(response)
+            XCTAssertEqual(AppIDAuthorizationManagerTests.expectedResponse.statusCode, response?.statusCode)
+            XCTAssertEqual(AppIDAuthorizationManagerTests.expectedResponse.responseText, response?.responseText)
+            XCTAssertEqual(AppIDAuthorizationManagerTests.expectedResponse.responseData, response?.responseData)
+            XCTAssertNil(error)
+        }
+        AppIDAuthorizationManagerTests.manager?.obtainAuthorization(completionHandler: callback)
+    }
+
+    public func testObtainAuthorizationWithRefreshTokenSuccess() {
+        MockAuthorizationManager.res = "failure"
+
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
 
+        let tokenManager = TestHelpers.MockTokenManager(
+            oAuthManager: AppIDAuthorizationManagerTests.manager!.oAuthManager)
 
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.tokenManager = tokenManager
+        tokenManager.latestRefreshToken = RefreshTokenImpl(with: "ststs")
+        tokenManager.shouldCallObtainWithRefresh = true
+        let callback:BMSCompletionHandler = {(response:Response?, error:Error?) in
+            XCTAssertNotNil(response)
+            XCTAssertNil(error)
+        }
+        AppIDAuthorizationManagerTests.manager?.obtainAuthorization(completionHandler: callback)
+        tokenManager.verify()
+    }
+
+    public func testObtainAuthorizationSuccessAfterRefreshFails() {
+        MockAuthorizationManager.res = "success"
         AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
+        let tokenManager = TestHelpers.MockTokenManager(
+            oAuthManager: AppIDAuthorizationManagerTests.manager!.oAuthManager)
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.tokenManager = tokenManager
+        tokenManager.shouldCallObtainWithRefresh = true
+        tokenManager.obtainWithRefreshShouldFail = true
+        tokenManager.latestRefreshToken = RefreshTokenImpl(with: "ststs")
+
         let callback:BMSCompletionHandler = {(response:Response?, error:Error?) in
             XCTAssertNotNil(response)
             XCTAssertEqual(AppIDAuthorizationManagerTests.expectedResponse.statusCode, response?.statusCode)
@@ -87,10 +144,11 @@ public class AppIDAuthorizationManagerTests: XCTestCase {
             XCTAssertNil(error)
         }
         AppIDAuthorizationManagerTests.manager?.obtainAuthorization(completionHandler: callback)
-
+        tokenManager.verify()
     }
 
-    public func testObtainAuthorization3() {
+
+    public func testObtainAuthorizationFailure() {
 
         MockAuthorizationManager.res = "failure"
         AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
@@ -101,6 +159,24 @@ public class AppIDAuthorizationManagerTests: XCTestCase {
         AppIDAuthorizationManagerTests.manager?.obtainAuthorization(completionHandler: callback)
 
     }
+
+    public func testObtainAuthorizationFailsAfterRefreshFails() {
+        MockAuthorizationManager.res = "failure"
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.authorizationManager = MockAuthorizationManager(oAuthManager: (AppIDAuthorizationManagerTests.manager?.oAuthManager)!)
+        let tokenManager = TestHelpers.MockTokenManager(
+            oAuthManager: AppIDAuthorizationManagerTests.manager!.oAuthManager)
+        AppIDAuthorizationManagerTests.manager?.oAuthManager.tokenManager = tokenManager
+        tokenManager.shouldCallObtainWithRefresh = true
+        tokenManager.obtainWithRefreshShouldFail = true
+        tokenManager.latestRefreshToken = RefreshTokenImpl(with: "ststs")
+        let callback:BMSCompletionHandler = {(response:Response?, error:Error?) in
+            XCTAssertNil(response)
+            XCTAssertEqual((error as? AuthorizationError)?.description, "someerr")
+        }
+        AppIDAuthorizationManagerTests.manager?.obtainAuthorization(completionHandler: callback)
+        tokenManager.verify()
+    }
+
 
     public func testGetCachedAuthorizationHeader () {
         class AppIDAuthorizationManagerMock: AppIDAuthorizationManager {