Use pkce android (#284)

sebk · kadikraman · commit e7468f1b181b · 2019-03-31T17:19:36.000+01:00
* Add usePKCE parameter for authorize method on Android

* Applied usePKCE to the nativeMethodArguments

* Updated Readme: Removed iOS only from usePKCE config description

* Updated tests

* Avoid disrupting the parameter order for iOS
diff --git a/README.md b/README.md
@@ -103,7 +103,7 @@ with optional overrides.
   * **authorize** - (`{ [key: string]: value }`) headers to be passed during authorization request.
   * **token** - (`{ [key: string]: value }`) headers to be passed during token retrieval request.
 * **useNonce** - (`boolean`) _IOS_ (default: true) optionally allows not sending the nonce parameter, to support non-compliant providers
-* **usePKCE** - (`boolean`) _IOS_ (default: true) optionally allows not sending the code_challenge parameter and skipping PKCE code verification, to support non-compliant providers.
+* **usePKCE** - (`boolean`) (default: true) optionally allows not sending the code_challenge parameter and skipping PKCE code verification, to support non-compliant providers.
 
 #### result
 
diff --git a/android/src/main/java/com/rnappauth/RNAppAuthModule.java b/android/src/main/java/com/rnappauth/RNAppAuthModule.java
@@ -66,6 +66,7 @@ public void authorize(
             final ReadableArray scopes,
             final ReadableMap additionalParameters,
             final ReadableMap serviceConfiguration,
+            final Boolean usePKCE,
             final String clientAuthMethod,
             final Boolean dangerouslyAllowInsecureHttpRequests,
             final ReadableMap headers,
@@ -96,6 +97,7 @@ public void authorize(
                         clientId,
                         scopes,
                         redirectUrl,
+                        usePKCE,
                         additionalParametersMap
                 );
             } catch (Exception e) {
@@ -120,6 +122,7 @@ public void onFetchConfigurationCompleted(
                                     clientId,
                                     scopes,
                                     redirectUrl,
+                                    usePKCE,
                                     additionalParametersMap
                             );
                         }
@@ -268,6 +271,7 @@ private void authorizeWithConfiguration(
             final String clientId,
             final ReadableArray scopes,
             final String redirectUrl,
+            final Boolean usePKCE,
             final Map<String, String> additionalParametersMap
     ) {
 
@@ -311,6 +315,10 @@ private void authorizeWithConfiguration(
             authRequestBuilder.setAdditionalParameters(additionalParametersMap);
         }
 
+        if (!usePKCE) {
+            authRequestBuilder.setCodeVerifier(null);
+        }
+
         AuthorizationRequest authRequest = authRequestBuilder.build();
 
         if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.LOLLIPOP) {
diff --git a/index.js b/index.js
@@ -82,6 +82,7 @@ export const authorize = ({
     nativeMethodArguments.push(clientAuthMethod);
     nativeMethodArguments.push(dangerouslyAllowInsecureHttpRequests);
     nativeMethodArguments.push(customHeaders);
+    nativeMethodArguments.push(usePKCE);
   }
 
   if (Platform.OS === 'ios') {
diff --git a/index.spec.js b/index.spec.js
@@ -167,7 +167,8 @@ describe('AppAuth', () => {
             config.serviceConfiguration,
             config.clientAuthMethod,
             false,
-            config.customHeaders
+            config.customHeaders,
+            config.usePKCE
           );
         });
 
@@ -183,7 +184,8 @@ describe('AppAuth', () => {
             config.serviceConfiguration,
             config.clientAuthMethod,
             false,
-            config.customHeaders
+            config.customHeaders,
+            config.usePKCE
           );
         });
 
@@ -199,7 +201,8 @@ describe('AppAuth', () => {
             config.serviceConfiguration,
             config.clientAuthMethod,
             true,
-            config.customHeaders
+            config.customHeaders,
+            config.usePKCE
           );
         });
       });
@@ -219,7 +222,8 @@ describe('AppAuth', () => {
             config.serviceConfiguration,
             config.clientAuthMethod,
             false,
-            customHeaders
+            customHeaders,
+            config.usePKCE
           );
         });
       });
@@ -372,7 +376,8 @@ describe('AppAuth', () => {
             config.serviceConfiguration,
             config.clientAuthMethod,
             false,
-            customHeaders
+            customHeaders,
+            config.usePKCE
           );
         });
       });

Original file line number	Diff line number	Diff line change
`@@ -82,6 +82,7 @@ export const authorize = ({`
`82`	`82`	`nativeMethodArguments.push(clientAuthMethod);`
`83`	`83`	`nativeMethodArguments.push(dangerouslyAllowInsecureHttpRequests);`
`84`	`84`	`nativeMethodArguments.push(customHeaders);`
	`85`	`+ nativeMethodArguments.push(usePKCE);`
`85`	`86`	`}`
`86`	`87`
`87`	`88`	`if (Platform.OS === 'ios') {`