Use URL scheme for auth

No longer requires com.apple.security.network.server
lucka-me · Mar 9, 2021 · 4a72843 · 4a72843
1 parent fdafa52
commit 4a72843
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 31 deletions.
diff --git a/Shared/PotoriApp.swift b/Shared/PotoriApp.swift
@@ -63,18 +63,18 @@ struct PotoriApp: App {
                 }
             }
             .onOpenURL { url in
-                guard
-                    url.scheme == "potori",
-                    let host = url.host
-                else {
-                    return
-                }
-                if host == "nomination" {
-                    let id = url.lastPathComponent
-                    navigation.openNominations = .init("view.nominations", nil, id, panel: .list)
-                    #if os(iOS)
-                    navigation.activePanel = .dashboard
-                    navigation.activeLink = Navigation.nominationWidgetTarget
+                if url.scheme == "potori", let host = url.host {
+                    if host == "nomination" {
+                        let id = url.lastPathComponent
+                        navigation.openNominations = .init("view.nominations", nil, id, panel: .list)
+                        #if os(iOS)
+                        navigation.activePanel = .dashboard
+                        navigation.activeLink = Navigation.nominationWidgetTarget
+                        #endif
+                    }
+                } else {
+                    #if os(macOS)
+                    service.google.auth.onOpenURL(url)
                     #endif
                 }
             }

diff --git a/Shared/Service/GoogleKit.swift b/Shared/Service/GoogleKit.swift
@@ -24,33 +24,31 @@ final class GoogleKit: ObservableObject {
         private static let authKeychainName = "auth.google"
 
         private var authorization: GTMAppAuthFetcherAuthorization? = nil
-        #if os(iOS)
         private var currentAuthorizationFlow: OIDExternalUserAgentSession? = nil
-        #endif
 
         init() {
             loadAuth()
         }
 
-        #if os(macOS)
-        func logIn() {
-            // Listen to HTTP for redirect
-            let httpHandler = OIDRedirectHTTPHandler(successURL: URL(string: Self.redirectURL))
-            let listenerURL = httpHandler.startHTTPListener(nil)
-            httpHandler.currentAuthorizationFlow = OIDAuthState.authState(
-                byPresenting: getAuthRequest(redirectURL: listenerURL)
-            ) { authState, error in
-                httpHandler.cancelHTTPListener()
-                self.authStateCallback(authState: authState, error: error)
-            }
-        }
-        #else
+
         func logIn() {
+            #if os(macOS)
+            currentAuthorizationFlow = OIDAuthState.authState(
+                byPresenting: getAuthRequest(),
+                callback: authStateCallback
+            )
+            #else
             currentAuthorizationFlow = OIDAuthState.authState(
                 byPresenting: getAuthRequest(),
                 presenting: UIApplication.shared.windows.first!.rootViewController!,
                 callback: authStateCallback
             )
+            #endif
+        }
+
+        #if os(macOS)
+        func onOpenURL(_ url: URL) {
+            currentAuthorizationFlow?.resumeExternalUserAgentFlow(with: url)
         }
         #endif
 
@@ -67,7 +65,7 @@ final class GoogleKit: ObservableObject {
             return authorization
         }
 
-        private func getAuthRequest(redirectURL: URL? = nil) -> OIDAuthorizationRequest {
+        private func getAuthRequest() -> OIDAuthorizationRequest {
             return OIDAuthorizationRequest.init(
                 configuration: GTMAppAuthFetcherAuthorization.configurationForGoogle(),
                 clientId: Self.clientID,
@@ -77,7 +75,7 @@ final class GoogleKit: ObservableObject {
                     kGTLRAuthScopeDriveFile,
                     kGTLRAuthScopeGmailReadonly
                 ],
-                redirectURL: redirectURL ?? URL(string: Self.redirectURL)!,
+                redirectURL: URL(string: Self.redirectURL)!,
                 responseType: OIDResponseTypeCode,
                 additionalParameters: nil
             )

diff --git a/macOS/Info.plist b/macOS/Info.plist
@@ -18,6 +18,17 @@
 	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
 	<key>CFBundleShortVersionString</key>
 	<string>$(MARKETING_VERSION)</string>
+	<key>CFBundleURLTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleURLSchemes</key>
+			<array>
+				<string>com.googleusercontent.apps.361295761775-oa7u8sbbldvaq29c5gbg74ep906pqhd8</string>
+			</array>
+			<key>CFBundleTypeRole</key>
+			<string>Editor</string>
+		</dict>
+	</array>
 	<key>CFBundleVersion</key>
 	<string>GIT_COMMIT_COUNT</string>
 	<key>LSApplicationCategoryType</key>

diff --git a/macOS/macOS.entitlements b/macOS/macOS.entitlements
@@ -12,7 +12,5 @@
 	<true/>
 	<key>com.apple.security.network.client</key>
 	<true/>
-	<key>com.apple.security.network.server</key>
-	<true/>
 </dict>
 </plist>