Support manual code exchange

louisaspicer · Jesus Hernandez · commit d94dd7ef9a78 · 2020-02-20T00:41:52.000+01:00
diff --git a/android/src/main/java/com/rnappauth/RNAppAuthModule.java b/android/src/main/java/com/rnappauth/RNAppAuthModule.java
@@ -61,6 +61,7 @@ public class RNAppAuthModule extends ReactContextBaseJavaModule implements Activ
     private final ReactApplicationContext reactContext;
     private Promise promise;
     private Boolean dangerouslyAllowInsecureHttpRequests;
+    private Boolean skipCodeExchange;
     private String clientAuthMethod = "basic";
     private Map<String, String> registrationRequestHeaders = null;
     private Map<String, String> authorizationRequestHeaders = null;
@@ -215,6 +216,7 @@ public void authorize(
             final ReadableArray scopes,
             final ReadableMap additionalParameters,
             final ReadableMap serviceConfiguration,
+            final Boolean skipCodeExchange,
             final Boolean usePKCE,
             final String clientAuthMethod,
             final Boolean dangerouslyAllowInsecureHttpRequests,
@@ -232,6 +234,7 @@ public void authorize(
         this.additionalParametersMap = additionalParametersMap;
         this.clientSecret = clientSecret;
         this.clientAuthMethod = clientAuthMethod;
+        this.skipCodeExchange = skipCodeExchange;
 
         // when serviceConfiguration is provided, we don't need to hit up the OpenID well-known id endpoint
         if (serviceConfiguration != null || mServiceConfiguration.get() != null) {
@@ -391,6 +394,13 @@ public void onActivityResult(Activity activity, int requestCode, int resultCode,
                 return;
             }
 
+            if (this.skipCodeExchange) {
+                WritableMap map = TokenResponseFactory.authorizationResponseToMap(response);
+                promise.resolve(map);
+                return;
+            }
+
+
             final Promise authorizePromise = this.promise;
             final AppAuthConfiguration configuration = createAppAuthConfiguration(
                     createConnectionBuilder(this.dangerouslyAllowInsecureHttpRequests, this.tokenRequestHeaders)
diff --git a/android/src/main/java/com/rnappauth/utils/TokenResponseFactory.java b/android/src/main/java/com/rnappauth/utils/TokenResponseFactory.java
@@ -64,6 +64,26 @@ public static final WritableMap tokenResponseToMap(TokenResponse response, Autho
         }
 
 
+        return map;
+    }
+
+
+    /*
+     * Read raw authorization into a React Native map to be passed down the bridge
+     */
+    public static final WritableMap authorizationResponseToMap(AuthorizationResponse authResponse) {
+        WritableMap map = Arguments.createMap();
+        map.putString("authorizationCode", authResponse.authorizationCode);
+        map.putString("accessToken", authResponse.accessToken);
+        map.putMap("additionalParameters", MapUtil.createAdditionalParametersMap(authResponse.additionalParameters));
+        map.putString("idToken", authResponse.idToken);
+        map.putString("tokenType", authResponse.tokenType);
+        map.putArray("scopes", createScopeArray(authResponse.scope));
+
+        if (authResponse.accessTokenExpirationTime != null) {
+            map.putString("accessTokenExpirationTime", DateUtil.formatTimestamp(authResponse.accessTokenExpirationTime));
+        }
+
         return map;
     }
 }
diff --git a/index.d.ts b/index.d.ts
@@ -72,6 +72,7 @@ export type AuthConfiguration = BaseAuthConfiguration & {
   useNonce?: boolean;
   usePKCE?: boolean;
   warmAndPrefetchChrome?: boolean;
+  skipCodeExchange?: boolean;
 };
 
 export interface AuthorizeResult {
@@ -83,6 +84,7 @@ export interface AuthorizeResult {
   refreshToken: string;
   tokenType: string;
   scopes: string[];
+  authorizationCode: string;
 }
 
 export interface RefreshResult {
diff --git a/index.js b/index.js
@@ -155,6 +155,7 @@ export const authorize = ({
   clientAuthMethod = 'basic',
   dangerouslyAllowInsecureHttpRequests = false,
   customHeaders,
+  skipCodeExchange = false,
 }) => {
   validateIssuerOrServiceConfigurationEndpoints(issuer, serviceConfiguration);
   validateClientId(clientId);
@@ -170,6 +171,7 @@ export const authorize = ({
     scopes,
     additionalParameters,
     serviceConfiguration,
+    skipCodeExchange,
   ];
 
   if (Platform.OS === 'android') {
diff --git a/ios/RNAppAuth.m b/ios/RNAppAuth.m
@@ -88,6 +88,7 @@ - (dispatch_queue_t)methodQueue
                  scopes: (NSArray *) scopes
                  additionalParameters: (NSDictionary *_Nullable) additionalParameters
                  serviceConfiguration: (NSDictionary *_Nullable) serviceConfiguration
+                 skipCodeExchange: (BOOL) skipCodeExchange
                  useNonce: (BOOL *) useNonce
                  usePKCE: (BOOL *) usePKCE
                  resolve: (RCTPromiseResolveBlock) resolve
@@ -104,6 +105,7 @@ - (dispatch_queue_t)methodQueue
                                 useNonce: useNonce
                                  usePKCE: usePKCE
                     additionalParameters: additionalParameters
+                    skipCodeExchange: skipCodeExchange
                                  resolve: resolve
                                   reject: reject];
     } else {
@@ -121,6 +123,7 @@ - (dispatch_queue_t)methodQueue
                                                                                         useNonce: useNonce
                                                                                          usePKCE: usePKCE
                                                                             additionalParameters: additionalParameters
+                                                                                skipCodeExchange: skipCodeExchange
                                                                                          resolve: resolve
                                                                                           reject: reject];
                                                             }];
@@ -259,6 +262,7 @@ - (void)authorizeWithConfiguration: (OIDServiceConfiguration *) configuration
                           useNonce: (BOOL *) useNonce
                            usePKCE: (BOOL *) usePKCE
               additionalParameters: (NSDictionary *_Nullable) additionalParameters
+              skipCodeExchange: (BOOL) skipCodeExchange
                            resolve: (RCTPromiseResolveBlock) resolve
                             reject: (RCTPromiseRejectBlock)  reject
 {
@@ -296,24 +300,39 @@ - (void)authorizeWithConfiguration: (OIDServiceConfiguration *) configuration
         taskId = UIBackgroundTaskInvalid;
     }];
 
-    _currentSession = [OIDAuthState authStateByPresentingAuthorizationRequest:request
+    if (skipCodeExchange) {
+        _currentSession = [OIDAuthorizationService presentAuthorizationRequest:request
                                    presentingViewController:appDelegate.window.rootViewController
-                                                   callback:^(OIDAuthState *_Nullable authState,
-                                                              NSError *_Nullable error) {
+                                                    callback:^(OIDAuthorizationResponse *_Nullable authorizationResponse, NSError *_Nullable error) {
                                                        typeof(self) strongSelf = weakSelf;
                                                        strongSelf->_currentSession = nil;
                                                        [UIApplication.sharedApplication endBackgroundTask:taskId];
                                                        taskId = UIBackgroundTaskInvalid;
-                                                       if (authState) {
-                                                           resolve([self formatResponse:authState.lastTokenResponse
-                                                               withAuthResponse:authState.lastAuthorizationResponse]);
+                                                       if (authorizationResponse) {
+                                                           resolve([self formatAuthorizationResponse:authorizationResponse]);
                                                        } else {
                                                            reject(@"authentication_failed", [error localizedDescription], error);
                                                        }
-                                                   }]; // end [OIDAuthState authStateByPresentingAuthorizationRequest:request
+                                                   }]; // end [OIDAuthState presentAuthorizationRequest:request
+    } else {
+        _currentSession = [OIDAuthState authStateByPresentingAuthorizationRequest:request
+                                presentingViewController:appDelegate.window.rootViewController
+                                                callback:^(OIDAuthState *_Nullable authState,
+                                                            NSError *_Nullable error) {
+                                                    typeof(self) strongSelf = weakSelf;
+                                                    strongSelf->_currentSession = nil;
+                                                    [UIApplication.sharedApplication endBackgroundTask:taskId];
+                                                    taskId = UIBackgroundTaskInvalid;
+                                                    if (authState) {
+                                                        resolve([self formatResponse:authState.lastTokenResponse
+                                                            withAuthResponse:authState.lastAuthorizationResponse]);
+                                                    } else {
+                                                        reject(@"authentication_failed", [error localizedDescription], error);
+                                                    }
+                                                }]; // end [OIDAuthState authStateByPresentingAuthorizationRequest:request
+    }
 }
 
-
 /*
  * Refresh a token with provided OIDServiceConfiguration
  */
@@ -350,6 +369,27 @@ - (void)refreshWithConfiguration: (OIDServiceConfiguration *)configuration
                                         }];
 }
 
+
+/*
+ * Take raw OIDAuthorizationResponse and turn it to response format to pass to JavaScript caller
+ */
+- (NSDictionary*)formatAuthorizationResponse: (OIDAuthorizationResponse*) response {
+    NSDateFormatter *dateFormat = [[NSDateFormatter alloc] init];
+    dateFormat.timeZone = [NSTimeZone timeZoneWithAbbreviation: @"UTC"];
+    [dateFormat setLocale:[NSLocale localeWithLocaleIdentifier:@"en_US_POSIX"]];
+    [dateFormat setDateFormat:@"yyyy-MM-dd'T'HH:mm:ss'Z'"];
+
+    return @{@"authorizationCode": response.authorizationCode ? response.authorizationCode : @"",
+            @"state": response.state ? response.state : @"",
+            @"accessToken": response.accessToken ? response.accessToken : @"",
+            @"accessTokenExpirationDate": response.accessTokenExpirationDate ? [dateFormat stringFromDate:response.accessTokenExpirationDate] : @"",
+            @"tokenType": response.tokenType ? response.tokenType : @"",
+            @"idToken": response.idToken ? response.idToken : @"",
+            @"scopes": response.scope ? [response.scope componentsSeparatedByString:@" "] : [NSArray new],
+            @"additionalParameters": response.additionalParameters,
+            };
+}
+
 /*
  * Take raw OIDTokenResponse and turn it to a token response format to pass to JavaScript caller
  */
