Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge branch 'release/1.2.0'

Conflicts:
	OAuth2Client.xcodeproj/project.pbxproj
  • Loading branch information...
commit 93533dd88156c3ca877ccd4c4a818c862769d701 2 parents 5b4a4c3 + fee570e
@stigi stigi authored
View
4 NXOAuth2Client.podspec
@@ -1,11 +1,11 @@
Pod::Spec.new do |s|
s.name = 'NXOAuth2Client'
- s.version = '1.1.0'
+ s.version = '1.2.0'
s.license = 'BSD'
s.summary = 'Client library for OAuth2 (currently built against draft 10 of the OAuth2 spec)'
s.homepage = 'https://github.com/nxtbgthng/OAuth2Client'
s.author = { 'nxtbgthng' => 'team@nxtbgthng.com'}
- s.source = { :git => 'https://github.com/nxtbgthng/OAuth2Client.git', :tag => 'v1.1.0' }
+ s.source = { :git => 'https://github.com/nxtbgthng/OAuth2Client.git', :tag => 'v1.2.0' }
s.source_files = 'NXOAuth2Account+Private.h', 'Sources/', 'Sources/OAuth2Client/'
s.frameworks = 'Security'
s.requires_arc = true
View
2  OAuth2Client.framework-Info.plist
@@ -13,7 +13,7 @@
<key>CFBundlePackageType</key>
<string>FMWK</string>
<key>CFBundleShortVersionString</key>
- <string>1.1.0</string>
+ <string>1.2.0</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
View
10 OAuth2Client.xcodeproj/project.pbxproj
@@ -362,7 +362,7 @@
0867D690FE84028FC02AAC07 /* Project object */ = {
isa = PBXProject;
attributes = {
- LastUpgradeCheck = 0440;
+ LastUpgradeCheck = 0450;
ORGANIZATIONNAME = nxtbgthng;
};
buildConfigurationList = 1DEB922208733DC00010E9CD /* Build configuration list for PBXProject "OAuth2Client" */;
@@ -445,7 +445,7 @@
buildSettings = {
ALWAYS_SEARCH_USER_PATHS = NO;
ARCHS = (
- armv7,
+ "$(inherited)",
armv6,
);
CLANG_ENABLE_OBJC_ARC = YES;
@@ -472,7 +472,7 @@
buildSettings = {
ALWAYS_SEARCH_USER_PATHS = NO;
ARCHS = (
- armv7,
+ "$(inherited)",
armv6,
);
CLANG_ENABLE_OBJC_ARC = YES;
@@ -495,10 +495,12 @@
isa = XCBuildConfiguration;
buildSettings = {
ARCHS = "$(ARCHS_STANDARD_32_64_BIT)";
+ COMBINE_HIDPI_IMAGES = YES;
GCC_C_LANGUAGE_STANDARD = c99;
GCC_OPTIMIZATION_LEVEL = 0;
GCC_WARN_ABOUT_RETURN_TYPE = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
+ MACOSX_DEPLOYMENT_TARGET = 10.7;
OTHER_LDFLAGS = "-ObjC";
};
name = Debug;
@@ -507,9 +509,11 @@
isa = XCBuildConfiguration;
buildSettings = {
ARCHS = "$(ARCHS_STANDARD_32_64_BIT)";
+ COMBINE_HIDPI_IMAGES = YES;
GCC_C_LANGUAGE_STANDARD = c99;
GCC_WARN_ABOUT_RETURN_TYPE = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
+ MACOSX_DEPLOYMENT_TARGET = 10.7;
OTHER_CFLAGS = "-DNS_BLOCK_ASSERTIONS=1";
OTHER_LDFLAGS = "-ObjC";
};
View
26 Sources/NSString+NXOAuth2.m
@@ -18,9 +18,8 @@ @implementation NSString (NXOAuth2)
+ (NSString *)nxoauth2_stringWithUUID;
{
- __autoreleasing NSString *result;
CFUUIDRef theUUID = CFUUIDCreate(kCFAllocatorDefault);
- result = (__bridge_transfer NSString *)CFUUIDCreateString(kCFAllocatorDefault, theUUID);
+ NSString *result = (__bridge_transfer NSString *)CFUUIDCreateString(kCFAllocatorDefault, theUUID);
CFRelease(theUUID);
return result;
}
@@ -59,24 +58,19 @@ - (NSDictionary *)nxoauth2_parametersFromEncodedQueryString;
- (NSString *)nxoauth2_URLEncodedString;
{
-
- CFStringRef cfResult = CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault, //Allocator
- (__bridge CFStringRef)self, //Original String
- NULL, //Characters to leave unescaped
- (CFStringRef)@"!*'();:@&=+$,/?%#[]", //Legal Characters to be escaped
- kCFStringEncodingUTF8); //Encoding
- __autoreleasing NSString *result = (__bridge_transfer NSString *)cfResult;
- return result;
+ return (__bridge_transfer NSString *) CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault, //Allocator
+ (__bridge CFStringRef)self, //Original String
+ NULL, //Characters to leave unescaped
+ CFSTR("!*'();:@&=+$,/?%#[]"), //Legal Characters to be escaped
+ kCFStringEncodingUTF8); //Encoding
}
- (NSString *)nxoauth2_URLDecodedString;
{
- CFStringRef cfResult = CFURLCreateStringByReplacingPercentEscapesUsingEncoding(kCFAllocatorDefault,
- (__bridge CFStringRef)self,
- CFSTR(""),
- kCFStringEncodingUTF8);
- __autoreleasing NSString *result = (__bridge_transfer NSString *)cfResult;
- return result;
+ return (__bridge_transfer NSString *) CFURLCreateStringByReplacingPercentEscapesUsingEncoding(kCFAllocatorDefault,
+ (__bridge CFStringRef)self,
+ CFSTR(""),
+ kCFStringEncodingUTF8);
}
@end
View
7 Sources/OAuth2Client/NXOAuth2AccessToken.h
@@ -19,12 +19,14 @@
@private
NSString *accessToken;
NSString *refreshToken;
+ NSString *tokenType;
NSDate *expiresAt;
NSSet *scope;
NSString *responseBody;
}
@property (nonatomic, readonly) NSString *accessToken;
@property (nonatomic, readonly) NSString *refreshToken;
+@property (nonatomic, readonly) NSString *tokenType;
@property (nonatomic, readonly) NSDate *expiresAt;
@property (nonatomic, readonly) BOOL doesExpire;
@property (nonatomic, readonly) BOOL hasExpired;
@@ -32,12 +34,15 @@
@property (nonatomic, readonly) NSString *responseBody;
+ (id)tokenWithResponseBody:(NSString *)responseBody;
++ (id)tokenWithResponseBody:(NSString *)responseBody tokenType:(NSString *)tokenType;
- (id)initWithAccessToken:(NSString *)accessToken;
- (id)initWithAccessToken:(NSString *)accessToken refreshToken:(NSString *)refreshToken expiresAt:(NSDate *)expiryDate;
- (id)initWithAccessToken:(NSString *)accessToken refreshToken:(NSString *)refreshToken expiresAt:(NSDate *)expiryDate scope:(NSSet *)scope;
-- (id)initWithAccessToken:(NSString *)accessToken refreshToken:(NSString *)refreshToken expiresAt:(NSDate *)expiryDate scope:(NSSet *)scope responseBody:(NSString *)responseBody; // designated
+- (id)initWithAccessToken:(NSString *)accessToken refreshToken:(NSString *)refreshToken expiresAt:(NSDate *)expiryDate scope:(NSSet *)scope responseBody:(NSString *)responseBody;
+- (id)initWithAccessToken:(NSString *)accessToken refreshToken:(NSString *)refreshToken expiresAt:(NSDate *)expiryDate scope:(NSSet *)scope responseBody:(NSString *)responseBody tokenType:(NSString*)tokenType; // designated
+- (void)restoreWithOldToken:(NXOAuth2AccessToken *)oldToken;
#pragma mark Keychain Support
View
58 Sources/OAuth2Client/NXOAuth2AccessToken.m
@@ -22,6 +22,11 @@ @implementation NXOAuth2AccessToken
+ (id)tokenWithResponseBody:(NSString *)theResponseBody;
{
+ return [self tokenWithResponseBody:theResponseBody tokenType:nil];
+}
+
++ (id)tokenWithResponseBody:(NSString *)theResponseBody tokenType:(NSString *)tokenType;
+{
NSDictionary *jsonDict = nil;
Class jsonSerializationClass = NSClassFromString(@"NSJSONSerialization");
if (jsonSerializationClass) {
@@ -51,6 +56,11 @@ + (id)tokenWithResponseBody:(NSString *)theResponseBody;
NSString *aRefreshToken = [jsonDict objectForKey:@"refresh_token"];
NSString *scopeString = [jsonDict objectForKey:@"scope"];
+ // if the response overrides token_type we take it from the response
+ if ([jsonDict objectForKey:@"token_type"]) {
+ tokenType = [jsonDict objectForKey:@"token_type"];
+ }
+
NSSet *scope = nil;
if (scopeString) {
scope = [NSSet setWithArray:[scopeString componentsSeparatedByCharactersInSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]]];
@@ -61,10 +71,11 @@ + (id)tokenWithResponseBody:(NSString *)theResponseBody;
expiryDate = [NSDate dateWithTimeIntervalSinceNow:[expiresIn integerValue]];
}
return [[[self class] alloc] initWithAccessToken:anAccessToken
- refreshToken:aRefreshToken
- expiresAt:expiryDate
- scope:scope
- responseBody:theResponseBody];
+ refreshToken:aRefreshToken
+ expiresAt:expiryDate
+ scope:scope
+ responseBody:theResponseBody
+ tokenType:tokenType];
}
- (id)initWithAccessToken:(NSString *)anAccessToken;
@@ -91,6 +102,16 @@ - (id)initWithAccessToken:(NSString *)anAccessToken refreshToken:(NSString *)aRe
- (id)initWithAccessToken:(NSString *)anAccessToken refreshToken:(NSString *)aRefreshToken expiresAt:(NSDate *)anExpiryDate scope:(NSSet *)aScope responseBody:(NSString *)aResponseBody;
{
+ return [[[self class] alloc] initWithAccessToken:anAccessToken
+ refreshToken:aRefreshToken
+ expiresAt:anExpiryDate
+ scope:aScope
+ responseBody:aResponseBody
+ tokenType:nil];
+}
+
+- (id)initWithAccessToken:(NSString *)anAccessToken refreshToken:(NSString *)aRefreshToken expiresAt:(NSDate *)anExpiryDate scope:(NSSet *)aScope responseBody:(NSString *)aResponseBody tokenType:(NSString *)aTokenType
+{
// a token object without an actual token is not what we want!
NSAssert1(anAccessToken, @"No token from token response: %@", aResponseBody);
if (anAccessToken == nil) {
@@ -104,10 +125,17 @@ - (id)initWithAccessToken:(NSString *)anAccessToken refreshToken:(NSString *)aRe
expiresAt = [anExpiryDate copy];
scope = aScope ? [aScope copy] : [[NSSet alloc] init];
responseBody = [aResponseBody copy];
+ tokenType = [aTokenType copy];
}
return self;
}
+- (void)restoreWithOldToken:(NXOAuth2AccessToken *)oldToken;
+{
+ if (self.refreshToken == nil) {
+ refreshToken = oldToken.refreshToken;
+ }
+}
#pragma mark Accessors
@@ -117,6 +145,21 @@ - (id)initWithAccessToken:(NSString *)anAccessToken refreshToken:(NSString *)aRe
@synthesize expiresAt;
@synthesize scope;
@synthesize responseBody;
+@synthesize tokenType;
+
+- (NSString*)tokenType
+{
+ if (tokenType == nil || [tokenType isEqualToString:@""]) {
+ //fall back on OAuth if token type not set
+ return @"OAuth";
+ } else if ([tokenType isEqualToString:@"bearer"]) {
+ //this is for out case sensitive server
+ //oauth server should be case insensitive so this should make no difference
+ return @"Bearer";
+ } else {
+ return tokenType;
+ }
+}
- (BOOL)doesExpire;
{
@@ -128,10 +171,9 @@ - (BOOL)hasExpired;
return ([[NSDate date] earlierDate:expiresAt] == expiresAt);
}
-
- (NSString *)description;
{
- return [NSString stringWithFormat:@"<NXOAuth2Token token:%@ refreshToken:%@ expiresAt:%@>", self.accessToken, self.refreshToken, self.expiresAt];
+ return [NSString stringWithFormat:@"<NXOAuth2Token token:%@ refreshToken:%@ expiresAt:%@ tokenType: %@>", self.accessToken, self.refreshToken, self.expiresAt, self.tokenType];
}
@@ -144,6 +186,9 @@ - (void)encodeWithCoder:(NSCoder *)aCoder
[aCoder encodeObject:expiresAt forKey:@"expiresAt"];
[aCoder encodeObject:scope forKey:@"scope"];
[aCoder encodeObject:responseBody forKey:@"responseBody"];
+ if (tokenType) {
+ [aCoder encodeObject:tokenType forKey:@"tokenType"];
+ }
}
- (id)initWithCoder:(NSCoder *)aDecoder
@@ -162,6 +207,7 @@ - (id)initWithCoder:(NSCoder *)aDecoder
expiresAt = [[aDecoder decodeObjectForKey:@"expiresAt"] copy];
scope = [[aDecoder decodeObjectForKey:@"scope"] copy];
responseBody = [[aDecoder decodeObjectForKey:@"responseBody"] copy];
+ tokenType = [[aDecoder decodeObjectForKey:@"tokenType"] copy];
}
return self;
}
View
2  Sources/OAuth2Client/NXOAuth2Account.m
@@ -80,12 +80,14 @@ - (NXOAuth2Client *)oauthClient;
NSString *clientSecret = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationSecret];
NSURL *authorizeURL = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationAuthorizeURL];
NSURL *tokenURL = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationTokenURL];
+ NSString *tokenType = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationTokenType];
oauthClient = [[NXOAuth2Client alloc] initWithClientID:clientID
clientSecret:clientSecret
authorizeURL:authorizeURL
tokenURL:tokenURL
accessToken:self.accessToken
+ tokenType:tokenType
persistent:NO
delegate:self];
}
View
20 Sources/OAuth2Client/NXOAuth2AccountStore.h
@@ -32,6 +32,8 @@ extern NSString * const kNXOAuth2AccountStoreConfigurationSecret;
extern NSString * const kNXOAuth2AccountStoreConfigurationAuthorizeURL;
extern NSString * const kNXOAuth2AccountStoreConfigurationTokenURL;
extern NSString * const kNXOAuth2AccountStoreConfigurationRedirectURL;
+extern NSString * const kNXOAuth2AccountStoreConfigurationScope;
+extern NSString * const kNXOAuth2AccountStoreConfigurationTokenType;
#pragma mark Account Type
@@ -75,6 +77,23 @@ typedef void(^NXOAuth2PreparedAuthorizationURLHandler)(NSURL *preparedURL);
redirectURL:(NSURL *)aRedirectURL
forAccountType:(NSString *)anAccountType;
+- (void)setClientID:(NSString *)aClientID
+ secret:(NSString *)aSecret
+ scope:(NSSet *)theScope
+ authorizationURL:(NSURL *)anAuthorizationURL
+ tokenURL:(NSURL *)aTokenURL
+ redirectURL:(NSURL *)aRedirectURL
+ forAccountType:(NSString *)anAccountType;
+
+- (void)setClientID:(NSString *)aClientID
+ secret:(NSString *)aSecret
+ scope:(NSSet *)theScope
+ authorizationURL:(NSURL *)anAuthorizationURL
+ tokenURL:(NSURL *)aTokenURL
+ redirectURL:(NSURL *)aRedirectURL
+ tokenType:(NSString *)aTokenType
+ forAccountType:(NSString *)anAccountType;
+
- (void)setConfiguration:(NSDictionary *)configuration forAccountType:(NSString *)accountType;
- (NSDictionary *)configurationForAccountType:(NSString *)accountType;
@@ -94,6 +113,7 @@ typedef void(^NXOAuth2PreparedAuthorizationURLHandler)(NSURL *preparedURL);
- (void)requestAccessToAccountWithType:(NSString *)accountType;
- (void)requestAccessToAccountWithType:(NSString *)accountType withPreparedAuthorizationURLHandler:(NXOAuth2PreparedAuthorizationURLHandler)aPreparedAuthorizationURLHandler;
- (void)requestAccessToAccountWithType:(NSString *)accountType username:(NSString *)username password:(NSString *)password;
+- (void)requestAccessToAccountWithType:(NSString *)accountType assertionType:(NSURL *)assertionType assertion:(NSString *)assertion;
- (void)removeAccount:(NXOAuth2Account *)account;
View
56 Sources/OAuth2Client/NXOAuth2AccountStore.m
@@ -40,6 +40,8 @@
NSString * const kNXOAuth2AccountStoreConfigurationAuthorizeURL = @"kNXOAuth2AccountStoreConfigurationAuthorizeURL";
NSString * const kNXOAuth2AccountStoreConfigurationTokenURL = @"kNXOAuth2AccountStoreConfigurationTokenURL";
NSString * const kNXOAuth2AccountStoreConfigurationRedirectURL = @"kNXOAuth2AccountStoreConfigurationRedirectURL";
+NSString * const kNXOAuth2AccountStoreConfigurationScope = @"kNXOAuth2AccountStoreConfigurationScope";
+NSString * const kNXOAuth2AccountStoreConfigurationTokenType = @"kNXOAuth2AccountStoreConfigurationTokenType";
#pragma mark Account Type
@@ -196,6 +198,12 @@ - (void)requestAccessToAccountWithType:(NSString *)accountType username:(NSStrin
[client authenticateWithUsername:username password:password];
}
+- (void)requestAccessToAccountWithType:(NSString *)accountType assertionType:(NSURL *)assertionType assertion:(NSString *)assertion;
+{
+ NXOAuth2Client *client = [self pendingOAuthClientForAccountType:accountType];
+ [client authenticateWithAssertionType:assertionType assertion:assertion];
+}
+
- (void)removeAccount:(NXOAuth2Account *)account;
{
if (account) {
@@ -225,6 +233,44 @@ - (void)setClientID:(NSString *)aClientID
forAccountType:anAccountType];
}
+- (void)setClientID:(NSString *)aClientID
+ secret:(NSString *)aSecret
+ scope:(NSSet *)theScope
+ authorizationURL:(NSURL *)anAuthorizationURL
+ tokenURL:(NSURL *)aTokenURL
+ redirectURL:(NSURL *)aRedirectURL
+ forAccountType:(NSString *)anAccountType;
+{
+ [self setConfiguration:[NSDictionary dictionaryWithObjectsAndKeys:
+ aClientID, kNXOAuth2AccountStoreConfigurationClientID,
+ aSecret, kNXOAuth2AccountStoreConfigurationSecret,
+ theScope, kNXOAuth2AccountStoreConfigurationScope,
+ anAuthorizationURL, kNXOAuth2AccountStoreConfigurationAuthorizeURL,
+ aTokenURL, kNXOAuth2AccountStoreConfigurationTokenURL,
+ aRedirectURL, kNXOAuth2AccountStoreConfigurationRedirectURL, nil]
+ forAccountType:anAccountType];
+}
+
+- (void)setClientID:(NSString *)aClientID
+ secret:(NSString *)aSecret
+ scope:(NSSet *)theScope
+ authorizationURL:(NSURL *)anAuthorizationURL
+ tokenURL:(NSURL *)aTokenURL
+ redirectURL:(NSURL *)aRedirectURL
+ tokenType:(NSString *)aTokenType
+ forAccountType:(NSString *)anAccountType;
+{
+ [self setConfiguration:[NSDictionary dictionaryWithObjectsAndKeys:
+ aClientID, kNXOAuth2AccountStoreConfigurationClientID,
+ aSecret, kNXOAuth2AccountStoreConfigurationSecret,
+ theScope, kNXOAuth2AccountStoreConfigurationScope,
+ anAuthorizationURL, kNXOAuth2AccountStoreConfigurationAuthorizeURL,
+ aTokenURL, kNXOAuth2AccountStoreConfigurationTokenURL,
+ aTokenType, kNXOAuth2AccountStoreConfigurationTokenType,
+ aRedirectURL, kNXOAuth2AccountStoreConfigurationRedirectURL, nil]
+ forAccountType:anAccountType];
+}
+
- (void)setConfiguration:(NSDictionary *)configuration
forAccountType:(NSString *)accountType;
{
@@ -338,16 +384,26 @@ - (NXOAuth2Client *)pendingOAuthClientForAccountType:(NSString *)accountType;
NSString *clientID = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationClientID];
NSString *clientSecret = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationSecret];
+ NSSet *scope = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationScope];
NSURL *authorizeURL = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationAuthorizeURL];
NSURL *tokenURL = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationTokenURL];
+ NSString *tokenType = [configuration objectForKey:kNXOAuth2AccountStoreConfigurationTokenType];
client = [[NXOAuth2Client alloc] initWithClientID:clientID
clientSecret:clientSecret
authorizeURL:authorizeURL
tokenURL:tokenURL
+ accessToken:nil
+ tokenType:tokenType
+ persistent:YES
delegate:self];
+
client.persistent = NO;
+ if (scope != nil) {
+ client.desiredScope = scope;
+ }
+
[self.pendingOAuthClients setObject:client forKey:accountType];
}
}
View
18 Sources/OAuth2Client/NXOAuth2Client.h
@@ -41,10 +41,12 @@ extern NSString * const NXOAuth2ClientConnectionContextTokenRefresh;
NSSet *desiredScope;
NSString *userAgent;
+ NSString *assertion;
// server information
NSURL *authorizeURL;
NSURL *tokenURL;
+ NSString *tokenType;
// token exchange
NXOAuth2Connection *authConnection;
@@ -60,6 +62,7 @@ extern NSString * const NXOAuth2ClientConnectionContextTokenRefresh;
@property (nonatomic, copy, readonly) NSString *clientId;
@property (nonatomic, copy, readonly) NSString *clientSecret;
+@property (nonatomic, copy, readonly) NSString *tokenType;
@property (nonatomic, copy) NSSet *desiredScope;
@property (nonatomic, copy) NSString *userAgent;
@@ -90,6 +93,15 @@ extern NSString * const NXOAuth2ClientConnectionContextTokenRefresh;
persistent:(BOOL)shouldPersist
delegate:(NSObject<NXOAuth2ClientDelegate> *)delegate;
+- (id)initWithClientID:(NSString *)clientId
+ clientSecret:(NSString *)clientSecret
+ authorizeURL:(NSURL *)authorizeURL
+ tokenURL:(NSURL *)tokenURL
+ accessToken:(NXOAuth2AccessToken *)accessToken
+ tokenType:(NSString *)tokenType
+ persistent:(BOOL)shouldPersist
+ delegate:(NSObject<NXOAuth2ClientDelegate> *)delegate;
+
- (BOOL)openRedirectURL:(NSURL *)URL;
@@ -110,6 +122,12 @@ extern NSString * const NXOAuth2ClientConnectionContextTokenRefresh;
*/
- (void)authenticateWithUsername:(NSString *)username password:(NSString *)password;
+/*!
+ * Authenticate with assertion (Assertion Flow)
+ */
+- (void)authenticateWithAssertionType:(NSURL *)assertionType assertion:(NSString *)assertion;
+
+
#pragma mark Public
- (void)requestAccess;
View
87 Sources/OAuth2Client/NXOAuth2Client.m
@@ -60,6 +60,25 @@ - (id)initWithClientID:(NSString *)aClientId
persistent:(BOOL)shouldPersist
delegate:(NSObject<NXOAuth2ClientDelegate> *)aDelegate;
{
+ return [self initWithClientID:aClientId
+ clientSecret:aClientSecret
+ authorizeURL:anAuthorizeURL
+ tokenURL:aTokenURL
+ accessToken:anAccessToken
+ tokenType:nil
+ persistent:shouldPersist
+ delegate:aDelegate];
+}
+
+- (id)initWithClientID:(NSString *)aClientId
+ clientSecret:(NSString *)aClientSecret
+ authorizeURL:(NSURL *)anAuthorizeURL
+ tokenURL:(NSURL *)aTokenURL
+ accessToken:(NXOAuth2AccessToken *)anAccessToken
+ tokenType:(NSString *)aTokenType
+ persistent:(BOOL)shouldPersist
+ delegate:(NSObject<NXOAuth2ClientDelegate> *)aDelegate;
+{
NSAssert(aTokenURL != nil && anAuthorizeURL != nil, @"No token or no authorize URL");
self = [super init];
if (self) {
@@ -69,6 +88,7 @@ - (id)initWithClientID:(NSString *)aClientId
clientSecret = [aClientSecret copy];
authorizeURL = [anAuthorizeURL copy];
tokenURL = [aTokenURL copy];
+ tokenType = [aTokenType copy];
accessToken = anAccessToken;
self.persistent = shouldPersist;
@@ -85,7 +105,7 @@ - (void)dealloc;
#pragma mark Accessors
-@synthesize clientId, clientSecret;
+@synthesize clientId, clientSecret, tokenType;
@synthesize desiredScope, userAgent;
@synthesize delegate, persistent, accessToken, authenticating;
@@ -157,6 +177,15 @@ - (void)setAccessToken:(NXOAuth2AccessToken *)value;
}
}
+- (void)setDesiredScope:(NSSet *)aDesiredScope;
+{
+ if (desiredScope == aDesiredScope) {
+ return;
+ }
+
+ desiredScope = [aDesiredScope copy];
+}
+
#pragma mark Flow
@@ -169,11 +198,17 @@ - (void)requestAccess;
- (NSURL *)authorizationURLWithRedirectURL:(NSURL *)redirectURL;
{
- return [authorizeURL nxoauth2_URLByAddingParameters:[NSDictionary dictionaryWithObjectsAndKeys:
- @"code", @"response_type",
- clientId, @"client_id",
- [redirectURL absoluteString], @"redirect_uri",
- nil]];
+ NSMutableDictionary *parameters = [NSMutableDictionary dictionaryWithObjectsAndKeys:
+ @"code", @"response_type",
+ clientId, @"client_id",
+ [redirectURL absoluteString], @"redirect_uri",
+ nil];
+
+ if (self.desiredScope.count > 0) {
+ [parameters setObject:[[self.desiredScope allObjects] componentsJoinedByString:@" "] forKey:@"scope"];
+ }
+
+ return [authorizeURL nxoauth2_URLByAddingParameters:parameters];
}
@@ -258,6 +293,7 @@ - (void)requestTokenWithAuthGrant:(NSString *)authGrant redirectURL:(NSURL *)red
if (self.desiredScope) {
[parameters setObject:[[self.desiredScope allObjects] componentsJoinedByString:@" "] forKey:@"scope"];
}
+
authConnection = [[NXOAuth2Connection alloc] initWithRequest:tokenRequest
requestParameters:parameters
oauthClient:self
@@ -294,6 +330,35 @@ - (void)authenticateWithUsername:(NSString *)username password:(NSString *)passw
authConnection.context = NXOAuth2ClientConnectionContextTokenRequest;
}
+// Assertion
+- (void)authenticateWithAssertionType:(NSURL *)assertionType assertion:(NSString *)assertion;
+{
+ NSAssert1(!authConnection, @"authConnection already running with: %@", authConnection);
+ NSParameterAssert(assertionType);
+ NSParameterAssert(assertion);
+
+ NSMutableURLRequest *tokenRequest = [NSMutableURLRequest requestWithURL:tokenURL];
+ [tokenRequest setHTTPMethod:@"POST"];
+ [authConnection cancel]; // just to be sure
+
+ self.authenticating = YES;
+
+ NSMutableDictionary *parameters = [NSMutableDictionary dictionaryWithObjectsAndKeys:
+ @"assertion", @"grant_type",
+ clientId, @"client_id",
+ clientSecret, @"client_secret",
+ assertionType.absoluteString, @"assertion_type",
+ assertion, @"assertion",
+ nil];
+ if (self.desiredScope) {
+ [parameters setObject:[[self.desiredScope allObjects] componentsJoinedByString:@" "] forKey:@"scope"];
+ }
+ authConnection = [[NXOAuth2Connection alloc] initWithRequest:tokenRequest
+ requestParameters:parameters
+ oauthClient:self
+ delegate:self];
+ authConnection.context = NXOAuth2ClientConnectionContextTokenRequest;
+}
#pragma mark Public
@@ -346,8 +411,12 @@ - (void)oauthConnection:(NXOAuth2Connection *)connection didFinishWithData:(NSDa
self.authenticating = NO;
NSString *result = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
- NXOAuth2AccessToken *newToken = [NXOAuth2AccessToken tokenWithResponseBody:result];
+ NXOAuth2AccessToken *newToken = [NXOAuth2AccessToken tokenWithResponseBody:result tokenType:self.tokenType
+ ];
NSAssert(newToken != nil, @"invalid response?");
+
+ [newToken restoreWithOldToken:self.accessToken];
+
self.accessToken = newToken;
for (NXOAuth2Connection *retryConnection in waitingConnections) {
@@ -363,6 +432,10 @@ - (void)oauthConnection:(NXOAuth2Connection *)connection didFinishWithData:(NSDa
- (void)oauthConnection:(NXOAuth2Connection *)connection didFailWithError:(NSError *)error;
{
+ NSString *body = [[NSString alloc] initWithData:connection.data encoding:NSUTF8StringEncoding];
+ NSLog(@"oauthConnection Error: %@", body);
+
+
if (connection == authConnection) {
self.authenticating = NO;
View
12 Sources/OAuth2Client/NXOAuth2Connection.m
@@ -175,7 +175,15 @@ - (NSURLConnection *)createConnection;
return nil;
}
- oauthAuthorizationHeader = [NSString stringWithFormat:@"OAuth %@", client.accessToken.accessToken];
+ NSString *tokenType = client.accessToken.tokenType;
+ if (tokenType == nil) {
+ tokenType = client.tokenType;
+ }
+ if (tokenType == nil) {
+ tokenType = @"OAuth";
+ }
+
+ oauthAuthorizationHeader = [NSString stringWithFormat:@"%@ %@", tokenType, client.accessToken.accessToken];
}
NSMutableURLRequest *startRequest = [request mutableCopy];
@@ -510,7 +518,7 @@ - (NSURLRequest *)connection:(NSURLConnection *)aConnection willSendRequest:(NSU
} else {
// iOS 5 automaticaly strips the authorization 'token' from the header.
// Thus we have to add the OAuth2 'token' again.
- [mutableRequest setValue:[NSString stringWithFormat:@"OAuth %@", client.accessToken.accessToken]
+ [mutableRequest setValue:[NSString stringWithFormat:@"%@ %@", client.accessToken.tokenType, client.accessToken.accessToken]
forHTTPHeaderField:@"Authorization"];
}
return mutableRequest;
View
2  Sources/OAuth2Client/NXOAuth2Request.m
@@ -88,7 +88,7 @@ - (NSURLRequest *)signedURLRequest;
}
if (self.account) {
- NSString *oauthAuthorizationHeader = [NSString stringWithFormat:@"OAuth %@", self.account.accessToken.accessToken];
+ NSString *oauthAuthorizationHeader = [NSString stringWithFormat:@"%@ %@", self.account.accessToken.tokenType, self.account.accessToken.accessToken];
[request setValue:oauthAuthorizationHeader forHTTPHeaderField:@"Authorization"];
}
Please sign in to comment.
Something went wrong with that request. Please try again.