Merge pull request #194 from mattrubin/camera-permissions

Handle missing camera permissions

Author: mattrubin

Authenticator/Source/AppController.swift

@@ -182,6 +182,13 @@ class AppController {
                 feedbackGenerator.notificationOccurred(.success)
             }
 
+        case .showApplicationSettings:
+            guard let applicationSettingsURL = URL(string: UIApplicationOpenSettingsURLString) else {
+                handleEffect(.showErrorMessage("Failed to open application settings."))
+                return
+            }
+            UIApplication.shared.openURL(applicationSettingsURL)
+
         case let .openURL(url):
             if #available(iOS 9.0, *) {
                 let safariViewController = SFSafariViewController(url: url)

Authenticator/Source/QRScanner.swift

@@ -62,25 +62,25 @@ class QRScanner: NSObject, AVCaptureMetadataOutputObjectsDelegate {
     // MARK: Capture
 
     enum CaptureSessionError: Error {
-        case inputError
-        case outputError
+        case noCaptureDevice
+        case noQRCodeMetadataType
     }
 
     private class func createCaptureSessionWithDelegate(_ delegate: AVCaptureMetadataOutputObjectsDelegate) throws -> AVCaptureSession {
         let captureSession = AVCaptureSession()
 
-        guard let captureDevice = AVCaptureDevice.defaultDevice(withMediaType: AVMediaTypeVideo),
-            let captureInput = try? AVCaptureDeviceInput(device: captureDevice) else {
-                throw CaptureSessionError.inputError
+        guard let captureDevice = AVCaptureDevice.defaultDevice(withMediaType: AVMediaTypeVideo) else {
+            throw CaptureSessionError.noCaptureDevice
         }
+        let captureInput = try AVCaptureDeviceInput(device: captureDevice)
         captureSession.addInput(captureInput)
 
         let captureOutput = AVCaptureMetadataOutput()
         // The output must be added to the session before it can be checked for metadata types
         captureSession.addOutput(captureOutput)
         guard let availableTypes = captureOutput.availableMetadataObjectTypes,
             (availableTypes as NSArray).contains(AVMetadataObjectTypeQRCode) else {
-                throw CaptureSessionError.outputError
+                throw CaptureSessionError.noQRCodeMetadataType
         }
         captureOutput.metadataObjectTypes = [AVMetadataObjectTypeQRCode]
         captureOutput.setMetadataObjectsDelegate(delegate, queue: DispatchQueue.main)
@@ -92,6 +92,14 @@ class QRScanner: NSObject, AVCaptureMetadataOutputObjectsDelegate {
         return (AVCaptureDevice.defaultDevice(withMediaType: AVMediaTypeVideo) != nil)
     }
 
+    class var authorizationStatus: AVAuthorizationStatus {
+        return AVCaptureDevice.authorizationStatus(forMediaType: AVMediaTypeVideo)
+    }
+
+    class func requestAccess(_ completionHandler: @escaping (Bool) -> Void) {
+        AVCaptureDevice.requestAccess(forMediaType: AVMediaTypeVideo, completionHandler: completionHandler)
+    }
+
     // MARK: AVCaptureMetadataOutputObjectsDelegate
 
     func captureOutput(_ captureOutput: AVCaptureOutput?, didOutputMetadataObjects metadataObjects: [Any]?, from connection: AVCaptureConnection?) {

Authenticator/Source/Root.swift

@@ -119,6 +119,7 @@ extension Root {
 
         case showErrorMessage(String)
         case showSuccessMessage(String)
+        case showApplicationSettings
         case openURL(URL)
     }
 
@@ -283,6 +284,9 @@ extension Root {
             modal = .entryForm(TokenEntryForm())
             return nil
 
+        case .showApplicationSettings:
+            return .showApplicationSettings
+
         case .saveNewToken(let token):
             return .addToken(token,
                              success: Event.tokenFormSucceeded,

Authenticator/Source/TokenScanner.swift

@@ -50,13 +50,15 @@ struct TokenScanner: Component {
     enum Action {
         case cancel
         case beginManualTokenEntry
+        case showApplicationSettings
         case scannerDecodedText(String)
         case scannerError(Error)
     }
 
     enum Effect {
         case cancel
         case beginManualTokenEntry
+        case showApplicationSettings
         case saveNewToken(Token)
         case showErrorMessage(String)
     }
@@ -69,6 +71,9 @@ struct TokenScanner: Component {
         case .beginManualTokenEntry:
             return .beginManualTokenEntry
 
+        case .showApplicationSettings:
+            return .showApplicationSettings
+
         case .scannerDecodedText(let text):
             // Attempt to create a token from the decoded text
             guard let url = URL(string: text),

Authenticator/Source/TokenScannerViewController.swift

@@ -34,6 +34,39 @@ class TokenScannerViewController: UIViewController, QRScannerDelegate {
     private var viewModel: TokenScanner.ViewModel
     private let dispatchAction: (TokenScanner.Action) -> Void
 
+    private let permissionLabel: UILabel = {
+        let linkTitle = "Go to Settings →"
+        let message = "To add a new token via QR code, Authenticator needs permission to access the camera.\n\(linkTitle)"
+        let paragraphStyle = NSMutableParagraphStyle()
+        paragraphStyle.lineHeightMultiple = 1.3
+        paragraphStyle.paragraphSpacing = 5
+        let attributedMessage = NSMutableAttributedString(string: message, attributes: [
+            NSFontAttributeName: UIFont.systemFont(ofSize: 15, weight: UIFontWeightLight),
+            NSParagraphStyleAttributeName: paragraphStyle,
+            ])
+        attributedMessage.addAttribute(NSFontAttributeName, value: UIFont.boldSystemFont(ofSize: 15),
+                                       range: (attributedMessage.string as NSString).range(of: linkTitle))
+
+        let label = UILabel()
+        label.numberOfLines = 0
+        label.attributedText = attributedMessage
+        label.textAlignment = .center
+        label.textColor = UIColor.otpForegroundColor
+        return label
+    }()
+
+    private lazy var permissionButton: UIButton = {
+        let button = UIButton(frame: UIScreen.main.bounds)
+        button.backgroundColor = .black
+        button.addTarget(self, action: #selector(TokenScannerViewController.editPermissions), for: .touchUpInside)
+
+        self.permissionLabel.frame = button.bounds.insetBy(dx: 35, dy: 35)
+        self.permissionLabel.autoresizingMask = [.flexibleWidth, .flexibleHeight]
+        button.addSubview(self.permissionLabel)
+
+        return button
+    }()
+
     // MARK: Initialization
 
     init(viewModel: TokenScanner.ViewModel, dispatchAction: @escaping (TokenScanner.Action) -> Void) {
@@ -73,6 +106,11 @@ class TokenScannerViewController: UIViewController, QRScannerDelegate {
         videoLayer.frame = view.layer.bounds
         view.layer.addSublayer(videoLayer)
 
+        permissionButton.frame = view.bounds
+        permissionButton.autoresizingMask = [.flexibleWidth, .flexibleHeight]
+        permissionButton.isHidden = true
+        view.addSubview(permissionButton)
+
         if CommandLine.isDemo {
             // If this is a demo, display an image in place of the AVCaptureVideoPreviewLayer.
             let imageView = UIImageView(frame: view.bounds)
@@ -83,17 +121,46 @@ class TokenScannerViewController: UIViewController, QRScannerDelegate {
         }
 
         let overlayView = ScannerOverlayView(frame: view.bounds)
+        overlayView.isUserInteractionEnabled = false
         view.addSubview(overlayView)
     }
 
     override func viewWillAppear(_ animated: Bool) {
         super.viewWillAppear(animated)
+
+        switch QRScanner.authorizationStatus {
+        case .notDetermined:
+            QRScanner.requestAccess { [weak self] accessGranted in
+                if accessGranted {
+                    self?.startScanning()
+                } else {
+                    self?.showMissingAccessMessage()
+                }
+            }
+        case .authorized:
+            startScanning()
+        case .denied:
+            showMissingAccessMessage()
+        case .restricted:
+            // There's nothing we can do if camera access is restricted.
+            // This should only ever be reached if camera restrictions are changed while the app is running, because if
+            // the app is launched with restrictions already enabled, the deviceCanScan check will retrun false.
+            dispatchAction(.beginManualTokenEntry)
+            break
+        }
+    }
+
+    private func startScanning() {
         scanner.delegate = self
         scanner.start { captureSession in
             self.videoLayer.session = captureSession
         }
     }
 
+    private func showMissingAccessMessage() {
+        permissionButton.isHidden = false
+    }
+
     override func viewWillDisappear(_ animated: Bool) {
         super.viewWillDisappear(animated)
         scanner.stop()
@@ -109,6 +176,10 @@ class TokenScannerViewController: UIViewController, QRScannerDelegate {
         dispatchAction(.beginManualTokenEntry)
     }
 
+    func editPermissions() {
+        dispatchAction(.showApplicationSettings)
+    }
+
     // MARK: QRScannerDelegate
 
     func handleDecodedText(_ text: String) {

AuthenticatorTests/TokenScannerTests.swift

@@ -58,6 +58,18 @@ class TokenScannerTests: XCTestCase {
         XCTAssertTrue(tokenScanner.viewModel.isScanning)
     }
 
+    func testShowApplicationSettings() {
+        var tokenScanner = TokenScanner()
+
+        let action = TokenScanner.Action.showApplicationSettings
+        let effect = tokenScanner.update(action)
+        guard let requiredEffect = effect,
+            case .showApplicationSettings = requiredEffect else {
+                XCTFail("Expected effect .showApplicationSettings, got \(String(describing: effect))")
+                return
+        }
+    }
+
     func testScannerDecodedBadText() {
         var tokenScanner = TokenScanner()
         XCTAssertTrue(tokenScanner.viewModel.isScanning)