Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

revise authentication, only delete the authorization object created f…

…rom the client which created it
  • Loading branch information...
commit 224700ea1e86b951ed6806c05a79fd20e609de64 1 parent 0c2b573
@trivektor authored
View
2  AppConfig.plist
@@ -10,5 +10,7 @@
<string>https://raw.github.com</string>
<key>KeychainName</key>
<string>GitosKeychain</string>
+ <key>KeychainAccountName</key>
+ <string>gitos</string>
</dict>
</plist>
View
12 Gitos-iPad.xcodeproj/project.pbxproj
@@ -283,6 +283,8 @@
B569D0CD16FE6861002216DD /* glyphicons_078_warning_sign@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = B569D0C916FE6861002216DD /* glyphicons_078_warning_sign@2x.png */; };
B569D0CE16FE6861002216DD /* glyphicons_198_ok.png in Resources */ = {isa = PBXBuildFile; fileRef = B569D0CA16FE6861002216DD /* glyphicons_198_ok.png */; };
B569D0CF16FE6861002216DD /* glyphicons_198_ok@2x.png in Resources */ = {isa = PBXBuildFile; fileRef = B569D0CB16FE6861002216DD /* glyphicons_198_ok@2x.png */; };
+ B569D0D216FE6F0F002216DD /* Authorization.m in Sources */ = {isa = PBXBuildFile; fileRef = B569D0D116FE6F0F002216DD /* Authorization.m */; };
+ B569D0D516FE7923002216DD /* GitosConstants.m in Sources */ = {isa = PBXBuildFile; fileRef = B569D0D416FE7923002216DD /* GitosConstants.m */; };
B57E39AA16FE5CBB006C2BD1 /* YRDropdownView.m in Sources */ = {isa = PBXBuildFile; fileRef = B57E39A916FE5CBB006C2BD1 /* YRDropdownView.m */; };
B5BC451E16BA5DFD00434848 /* prettify.css in Resources */ = {isa = PBXBuildFile; fileRef = B5BC451B16BA5DFD00434848 /* prettify.css */; };
B5BC452016BA5DFD00434848 /* sunburst.css in Resources */ = {isa = PBXBuildFile; fileRef = B5BC451D16BA5DFD00434848 /* sunburst.css */; };
@@ -677,6 +679,10 @@
B569D0C916FE6861002216DD /* glyphicons_078_warning_sign@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "glyphicons_078_warning_sign@2x.png"; sourceTree = "<group>"; };
B569D0CA16FE6861002216DD /* glyphicons_198_ok.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = glyphicons_198_ok.png; sourceTree = "<group>"; };
B569D0CB16FE6861002216DD /* glyphicons_198_ok@2x.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = "glyphicons_198_ok@2x.png"; sourceTree = "<group>"; };
+ B569D0D016FE6F0F002216DD /* Authorization.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Authorization.h; sourceTree = "<group>"; };
+ B569D0D116FE6F0F002216DD /* Authorization.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = Authorization.m; sourceTree = "<group>"; };
+ B569D0D316FE7923002216DD /* GitosConstants.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = GitosConstants.h; sourceTree = "<group>"; };
+ B569D0D416FE7923002216DD /* GitosConstants.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = GitosConstants.m; sourceTree = "<group>"; };
B57E39A816FE5CBB006C2BD1 /* YRDropdownView.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = YRDropdownView.h; sourceTree = "<group>"; };
B57E39A916FE5CBB006C2BD1 /* YRDropdownView.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = YRDropdownView.m; sourceTree = "<group>"; };
B5BC451B16BA5DFD00434848 /* prettify.css */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.css; path = prettify.css; sourceTree = "<group>"; };
@@ -1166,6 +1172,10 @@
B54F69E216D2F69C00978DD9 /* Notification.m */,
B511D44A16DB36AE00DD0ED5 /* PullRequest.h */,
B511D44B16DB36AF00DD0ED5 /* PullRequest.m */,
+ B569D0D016FE6F0F002216DD /* Authorization.h */,
+ B569D0D116FE6F0F002216DD /* Authorization.m */,
+ B569D0D316FE7923002216DD /* GitosConstants.h */,
+ B569D0D416FE7923002216DD /* GitosConstants.m */,
);
path = Classes;
sourceTree = "<group>";
@@ -1590,6 +1600,8 @@
B511D44C16DB36B000DD0ED5 /* PullRequest.m in Sources */,
B511D45016DB383D00DD0ED5 /* PullRequestDetailsViewController.m in Sources */,
B57E39AA16FE5CBB006C2BD1 /* YRDropdownView.m in Sources */,
+ B569D0D216FE6F0F002216DD /* Authorization.m in Sources */,
+ B569D0D516FE7923002216DD /* GitosConstants.m in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
View
BIN  ...deproj/project.xcworkspace/xcuserdata/trivuong.xcuserdatad/UserInterfaceState.xcuserstate
Binary file not shown
View
11 Gitos-iPad/Classes/Authorization.h
@@ -10,4 +10,15 @@
@interface Authorization : NSObject
+@property (nonatomic, retain) NSDictionary *data;
+
+- (id)initWithData:(NSDictionary *)authorizationData;
+
+- (NSString *)getId;
+- (NSString *)getUrl;
+- (NSDictionary *)getApp;
+- (NSString *)getName;
+- (NSString *)getToken;
++ (NSArray *)appScopes;
+
@end
View
38 Gitos-iPad/Classes/Authorization.m
@@ -10,4 +10,42 @@
@implementation Authorization
+- (id)initWithData:(NSDictionary *)authorizationData
+{
+ self = [super init];
+ self.data = authorizationData;
+ return self;
+}
+
+- (NSString *)getId
+{
+ return [NSString stringWithFormat:@"%@", [self.data valueForKey:@"id"]];
+}
+
+- (NSString *)getUrl
+{
+ return [self.data valueForKey:@"url"];
+}
+
+- (NSDictionary *)getApp
+{
+ return [self.data valueForKey:@"app"];
+}
+
+- (NSString *)getName
+{
+ NSDictionary *app = [self getApp];
+ return [app valueForKey:@"name"];
+}
+
+- (NSString *)getToken
+{
+ return [self.data valueForKey:@"token"];
+}
+
++ (NSArray *)appScopes
+{
+ return @[@"user", @"public_repo", @"repo", @"repo:status", @"notifications", @"gist"];
+}
+
@end
View
16 Gitos-iPad/Classes/GitosConstants.h
@@ -0,0 +1,16 @@
+//
+// GitosConstants.h
+// Gitos-iPad
+//
+// Created by Tri Vuong on 3/23/13.
+// Copyright (c) 2013 Crafted By Tri. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+
+@interface GitosConstants : NSObject
+
+extern const NSString *CLIENT_ID;
+extern const NSString *CLIENT_SECRET;
+
+@end
View
16 Gitos-iPad/Classes/GitosConstants.m
@@ -0,0 +1,16 @@
+//
+// GitosConstants.m
+// Gitos-iPad
+//
+// Created by Tri Vuong on 3/23/13.
+// Copyright (c) 2013 Crafted By Tri. All rights reserved.
+//
+
+#import "GitosConstants.h"
+
+@implementation GitosConstants
+
+const NSString *CLIENT_ID = @"75f198a854031c317e62";
+const NSString *CLIENT_SECRET = @"07d3e053d06132245799f4afe45b90d2780a89a8";
+
+@end
View
86 Gitos-iPad/Controllers/LoginViewController.m
@@ -7,11 +7,8 @@
//
#import "LoginViewController.h"
-#import "SSKeychain.h"
#import "AppInitialization.h"
-#import "AFHTTPClient.h"
-#import "AFJSONRequestOperation.h"
-#import "AppConfig.h"
+#import "Authorization.h"
@interface LoginViewController ()
@@ -97,16 +94,13 @@ - (void)authenticate
[alert show];
return;
}
-
+
NSURL *url = [NSURL URLWithString:[AppConfig getConfigValue:@"GithubApiHost"]];
-
- NSMutableArray *scopes = [[NSMutableArray alloc] initWithObjects:@"user", @"public_repo", @"repo", @"repo:status",
- @"notifications", @"gist", nil];
-
+
NSMutableDictionary *oauthParams = [NSMutableDictionary dictionaryWithObjectsAndKeys:
- scopes, @"scopes",
- @"75f198a854031c317e62", @"client_id",
- @"07d3e053d06132245799f4afe45b90d2780a89a8", @"client_secret",
+ [Authorization appScopes], @"scopes",
+ CLIENT_ID, @"client_id",
+ CLIENT_SECRET, @"client_secret",
nil];
AFHTTPClient *httpClient = [[AFHTTPClient alloc] initWithBaseURL:url];
@@ -121,24 +115,30 @@ - (void)authenticate
^(AFHTTPRequestOperation *operation, id responseObject) {
[self.spinnerView setHidden:NO];
NSString *response = [operation responseString];
-
+
NSDictionary *json = [NSJSONSerialization JSONObjectWithData:[response dataUsingEncoding:NSUTF8StringEncoding] options:NSJSONReadingMutableContainers error:nil];
-
- NSString *token = [json valueForKey:@"token"];
- [SSKeychain setPassword:token forService:@"access_token" account:@"gitos"];
+
+ Authorization *authorization = [[Authorization alloc] initWithData:json];
+
+ NSString *token = [authorization getToken];
+ NSString *authorizationId = [authorization getId];
+ NSString *account = [AppConfig getConfigValue:@"KeychainAccountName"];
+
+ [SSKeychain setPassword:token forService:@"access_token" account:account];
+ [SSKeychain setPassword:authorizationId forService:@"authorization_id" account:account];
[AppInitialization run:self.view.window];
}
- failure:^(AFHTTPRequestOperation *operation, NSError *error) {
- [self.spinnerView setHidden:YES];
- NSString *response = [operation responseString];
-
- NSDictionary *json = [NSJSONSerialization JSONObjectWithData:[response dataUsingEncoding:NSUTF8StringEncoding] options:NSJSONReadingMutableContainers error:nil];
-
- UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Alert" message:nil delegate:self cancelButtonTitle:@"OK" otherButtonTitles:nil];
-
- [alert setMessage:[json valueForKey:@"message"]];
- [alert show];
- }];
+ failure:^(AFHTTPRequestOperation *operation, NSError *error) {
+ [self.spinnerView setHidden:YES];
+ NSString *response = [operation responseString];
+
+ NSDictionary *json = [NSJSONSerialization JSONObjectWithData:[response dataUsingEncoding:NSUTF8StringEncoding] options:NSJSONReadingMutableContainers error:nil];
+
+ UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Alert" message:nil delegate:self cancelButtonTitle:@"OK" otherButtonTitles:nil];
+
+ [alert setMessage:[json valueForKey:@"message"]];
+ [alert show];
+ }];
[operation start];
[usernameField resignFirstResponder];
@@ -156,30 +156,32 @@ - (void)deleteExistingAuthorizations
@"75f198a854031c317e62", @"client_id",
@"07d3e053d06132245799f4afe45b90d2780a89a8", @"client_secret",
nil];
-
+
AFHTTPClient *httpClient = [[AFHTTPClient alloc] initWithBaseURL:url];
[httpClient setParameterEncoding:AFJSONParameterEncoding];
[httpClient setAuthorizationHeaderWithUsername:username password:password];
-
+
NSMutableURLRequest *postRequest = [httpClient requestWithMethod:@"GET" path:@"/authorizations" parameters:oauthParams];
-
+
AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:postRequest];
[operation setCompletionBlockWithSuccess:^(AFHTTPRequestOperation *operation, id responseObject) {
NSString *response = [operation responseString];
-
+
NSArray *json = [NSJSONSerialization JSONObjectWithData:[response dataUsingEncoding:NSUTF8StringEncoding] options:NSJSONReadingMutableContainers error:nil];
-
- NSDictionary *authorization;
-
+
+ NSString *account = [AppConfig getConfigValue:@"KeychainAccountName"];
+ NSString *storedAuthorizationId = [SSKeychain passwordForService:@"authorization_id" account:account];
+
for (int i=0; i < [json count]; i++) {
- authorization = [json objectAtIndex:i];
- NSString *appName = [[authorization valueForKey:@"app"] valueForKey:@"name"];
-
- if ([appName isEqualToString:@"Gitos"]) {
- NSInteger authorizationId = [[authorization valueForKey:@"id"] integerValue];
- NSLog(@"deleting existing authorization id");
-
- NSMutableURLRequest *deleteRequest = [httpClient requestWithMethod:@"DELETE" path:[NSString stringWithFormat:@"/authorizations/%i", authorizationId] parameters:nil];
+ Authorization *authorization = [[Authorization alloc] initWithData:[json objectAtIndex:i]];
+
+ NSString *authorizationId = [authorization getId];
+
+ if ([[authorization getName] isEqualToString:@"Gitos"] && [authorizationId isEqualToString:storedAuthorizationId]) {
+
+ NSLog(@"deleting existing authorization id: %@", storedAuthorizationId);
+
+ NSMutableURLRequest *deleteRequest = [httpClient requestWithMethod:@"DELETE" path:[NSString stringWithFormat:@"/authorizations/%@", storedAuthorizationId] parameters:nil];
AFHTTPRequestOperation *deleteOperation = [[AFHTTPRequestOperation alloc] initWithRequest:deleteRequest];
[deleteOperation setCompletionBlockWithSuccess:^(AFHTTPRequestOperation *operation, id responseObject) {
[self authenticate];
View
1  Gitos-iPad/Gitos-iPad-Prefix.pch
@@ -13,6 +13,7 @@
#import <Foundation/Foundation.h>
#import <CoreData/CoreData.h>
#import <MessageUI/MessageUI.h>
+ #import "GitosConstants.h"
#import "AFHTTPClient.h"
#import "AFHTTPRequestOperation.h"
#import "SSKeychain.h"
Please sign in to comment.
Something went wrong with that request. Please try again.