feat(dart): add signIn, signOut, PKCE methods

simeng-li · simeng-li · commit 5754fdeb8210 · 2022-08-18T17:21:51.000+08:00
add signIn, signOut, PKCE methods
diff --git a/lib/interfaces/logto_config.dart b/lib/interfaces/logto_config.dart
@@ -0,0 +1,14 @@
+class LogtoConfig {
+  final String endpoint;
+  final String appId;
+  final String? appSecret;
+  final List<String>? scopes;
+  final List<String>? resources;
+
+  const LogtoConfig(
+      {required this.appId,
+      required this.endpoint,
+      this.appSecret,
+      this.resources,
+      this.scopes});
+}
diff --git a/lib/interfaces/logto_interfaces.dart b/lib/interfaces/logto_interfaces.dart
@@ -0,0 +1,2 @@
+export 'logto_config.dart';
+export 'oidc_provider_config.dart';
diff --git a/lib/interfaces/oidc_provider_config.dart b/lib/interfaces/oidc_provider_config.dart
@@ -0,0 +1,13 @@
+import 'package:jose/src/util.dart';
+
+class OidcProviderConfig extends JsonObject {
+  Uri get authorizationEndpoint => getTyped('authorization_endpoint')!;
+  Uri get tokenEndpoint => getTyped('token_endpoint')!;
+  Uri get issuer => getTyped('issuer')!;
+  Uri get jwksUri => getTyped('jwks_uri')!;
+  Uri get userinfoEndpoint => getTyped('userinfo_endpoint')!;
+  Uri get revocationEndpoint => getTyped('revocation_endpoint')!;
+  Uri get endSessionEndpoint => getTyped('end_session_endpoint')!;
+
+  OidcProviderConfig.fromJson(Map<String, dynamic> json) : super.from(json);
+}
diff --git a/lib/logto_client.dart b/lib/logto_client.dart
@@ -0,0 +1,8 @@
+import '/interfaces/logto_config.dart';
+
+// Logto SDK
+class Logto {
+  final LogtoConfig config;
+
+  Logto(this.config);
+}
diff --git a/lib/logto_core.dart b/lib/logto_core.dart
@@ -0,0 +1,49 @@
+import 'interfaces/logto_interfaces.dart';
+import 'utilities/utils.dart';
+
+class Core {
+  static const String codeChallengeMethod = 'S256';
+  static const String responseType = 'code';
+  static const String prompt = 'consent';
+
+  static Uri generateSignInUri(
+      {required String authorizationEndpoint,
+      required clientId,
+      required Uri redirectUri,
+      required String codeChallenge,
+      required String state,
+      List<String> scopes = const [],
+      List<String>? resources,
+      String prompt = Core.prompt}) {
+    var signInUri = Uri.parse(authorizationEndpoint);
+
+    Map<String, dynamic> queryParameters = {
+      'client_id': clientId,
+      'redirect_uri': redirectUri.toString(),
+      'code_challenge': codeChallenge,
+      'code_challenge_method': Core.codeChallengeMethod,
+      'state': state,
+      'scope': withReservedScopes(scopes).join(' '),
+      'response_type': Core.responseType,
+      'prompt': prompt,
+    };
+
+    if (resources != null && resources.isNotEmpty) {
+      queryParameters.addAll({'resources': resources});
+    }
+
+    return addQueryParameters(signInUri, queryParameters);
+  }
+
+  static Uri generateSignOutUri(
+      {required String endSessionEndpoint,
+      required String idToken,
+      required Uri postLogoutRedirectUri}) {
+    var signOutUri = Uri.parse(endSessionEndpoint);
+
+    return addQueryParameters(signOutUri, {
+      'id_token_hint': idToken,
+      'post_logout_redirect_uri': postLogoutRedirectUri.toString()
+    });
+  }
+}
diff --git a/lib/logto_dart_sdk.dart b/lib/logto_dart_sdk.dart
@@ -1,7 +1,4 @@
 library logto_dart_sdk;
 
-/// A Calculator.
-class Calculator {
-  /// Returns [value] plus 1.
-  int addOne(int value) => value + 1;
-}
+export 'logto_client.dart';
+export 'logto_core.dart';
diff --git a/lib/utilities/constants.dart b/lib/utilities/constants.dart
@@ -0,0 +1 @@
+Set<String> reservedScopes = {'openid', 'offline_access'};
diff --git a/lib/utilities/pkce.dart b/lib/utilities/pkce.dart
@@ -0,0 +1,25 @@
+import 'dart:convert';
+
+import 'package:crypto/crypto.dart';
+
+import 'utils.dart' as utils;
+
+class PKCE {
+  final String codeVerifier;
+  final String codeChallenge;
+
+  const PKCE._(this.codeVerifier, this.codeChallenge);
+
+  factory PKCE.generate() {
+    String codeVerifier = PKCE.generateCodeVerifier();
+    String codeChallenge = PKCE.generateCodeChallenge(codeVerifier);
+
+    return PKCE._(codeVerifier, codeChallenge);
+  }
+
+  static String generateCodeVerifier() => utils.generateRandomString(64);
+
+  static String generateCodeChallenge(String codeVerifier) => base64Url
+      .encode(sha256.convert(ascii.encode(codeVerifier)).bytes)
+      .replaceAll('=', '');
+}
diff --git a/lib/utilities/utils.dart b/lib/utilities/utils.dart
@@ -0,0 +1,21 @@
+import 'dart:convert';
+import 'dart:math';
+
+import 'constants.dart';
+
+Uri addQueryParameters(Uri url, Map<String, dynamic> parameters) => url.replace(
+    queryParameters: Map.from(url.queryParameters)..addAll(parameters));
+
+String generateRandomString(int length) {
+  Random random = Random.secure();
+
+  return base64UrlEncode(List.generate(length, (_) => random.nextInt(256)))
+      .split('=')[0];
+}
+
+List<String> withReservedScopes(List<String> scopes) {
+  var scopeSet = scopes.toSet();
+  scopeSet.addAll(reservedScopes);
+
+  return scopeSet.toList();
+}
diff --git a/pubspec.yaml b/pubspec.yaml
@@ -8,8 +8,10 @@ environment:
   flutter: ">=1.17.0"
 
 dependencies:
+  crypto: ^3.0.2
   flutter:
     sdk: flutter
+  jose: ^0.3.2
 
 dev_dependencies:
   flutter_test:
diff --git a/test/dart_sdk_test.dart b/test/dart_sdk_test.dart
diff --git a/test/logto_client_test.dart b/test/logto_client_test.dart
@@ -0,0 +1,17 @@
+import 'package:flutter_test/flutter_test.dart';
+
+import 'package:logto_dart_sdk/interfaces/logto_config.dart';
+import 'package:logto_dart_sdk/logto_client.dart';
+
+void main() {
+  test(' Init Logto Instance', () {
+    const String appId = 'foo';
+    const String endpoint = 'foo@siverhand.io';
+
+    final config = LogtoConfig(appId: 'foo', endpoint: 'foo@siverhand.io');
+    final logto = Logto(config);
+
+    expect(logto.config.appId, appId);
+    expect(logto.config.endpoint, endpoint);
+  });
+}
diff --git a/test/logto_core_test.dart b/test/logto_core_test.dart
@@ -0,0 +1,55 @@
+import 'package:flutter_test/flutter_test.dart';
+
+import 'package:logto_dart_sdk/logto_core.dart';
+import 'package:logto_dart_sdk/utilities/constants.dart';
+import 'package:logto_dart_sdk/utilities/utils.dart';
+
+void main() {
+  test('Generate SignIn Uri', () {
+    const String authorizationEndpoint = 'http://foo.com';
+    const clientId = 'foo_client';
+    var redirectUri = Uri.parse('http://foo.app.io');
+    const String codeChallenge = 'foo_code_challenge';
+    const String state = 'foo_state';
+
+    var signInUri = Core.generateSignInUri(
+        authorizationEndpoint: authorizationEndpoint,
+        clientId: clientId,
+        redirectUri: redirectUri,
+        codeChallenge: codeChallenge,
+        state: state);
+
+    expect(signInUri.scheme, 'http');
+    expect(signInUri.host, 'foo.com');
+    expect(signInUri.queryParameters, containsPair('client_id', clientId));
+    expect(signInUri.queryParameters,
+        containsPair('redirect_uri', 'http://foo.app.io'));
+    expect(signInUri.queryParameters,
+        containsPair('code_challenge', codeChallenge));
+    expect(signInUri.queryParameters,
+        containsPair('code_challenge_method', Core.codeChallengeMethod));
+    expect(signInUri.queryParameters, containsPair('state', state));
+    expect(signInUri.queryParameters,
+        containsPair('scope', reservedScopes.join(' ')));
+    expect(signInUri.queryParameters,
+        containsPair('response_type', Core.responseType));
+    expect(signInUri.queryParameters, containsPair('prompt', Core.prompt));
+  });
+
+  test('Generate SignOut Uri', () {
+    const String endSessionEndpoint = 'https://foo.com';
+    const String idToken = 'foo_id_token';
+    const String postLogoutRedirectUri = 'http://foo.app.io';
+
+    var signOutUri = Core.generateSignOutUri(
+        endSessionEndpoint: endSessionEndpoint,
+        idToken: idToken,
+        postLogoutRedirectUri: Uri.parse(postLogoutRedirectUri));
+
+    expect(signOutUri.scheme, 'https');
+    expect(signOutUri.host, 'foo.com');
+    expect(signOutUri.queryParameters, containsPair('id_token_hint', idToken));
+    expect(signOutUri.queryParameters,
+        containsPair('post_logout_redirect_uri', postLogoutRedirectUri));
+  });
+}
diff --git a/test/utilities/pkce_test.dart b/test/utilities/pkce_test.dart
@@ -0,0 +1,13 @@
+import 'package:flutter_test/flutter_test.dart';
+
+import 'package:logto_dart_sdk/utilities/pkce.dart';
+
+void main() {
+  test(' Generate PKCE pair', () {
+    PKCE pkce = PKCE.generate();
+
+    expect(pkce.codeChallenge, isNotNull);
+    expect(pkce.codeVerifier, isNotNull);
+    expect(PKCE.generateCodeChallenge(pkce.codeVerifier), pkce.codeChallenge);
+  });
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+export 'logto_config.dart';`
	`2`	`+export 'oidc_provider_config.dart';`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Set<String> reservedScopes = {'openid', 'offline_access'};`