Inicio Explorar Ayuda
Iniciar sesión
surajm
/
Insure-Genie
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Rama: master
Ramas Etiquetas
Insure-Genie
/
Pods
/
AppAuth
/
Source
/
AppAuthCore
/
OIDServiceDiscovery.m

OIDServiceDiscovery.m 13 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362 
  1. /*! @file OIDServiceDiscovery.m
    2. 

  2.     @brief AppAuth iOS SDK
    3. 

  3.     @copyright
    4. 

  4.         Copyright 2015 Google Inc. All Rights Reserved.
    5. 

  5.     @copydetails
    6. 

  6.         Licensed under the Apache License, Version 2.0 (the "License");
    7. 

  7.         you may not use this file except in compliance with the License.
    8. 

  8.         You may obtain a copy of the License at
    9. 

  9. 

  10.         http://www.apache.org/licenses/LICENSE-2.0
    11. 

  11. 

  12.         Unless required by applicable law or agreed to in writing, software
    13. 

  13.         distributed under the License is distributed on an "AS IS" BASIS,
    14. 

  14.         WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15. 

  15.         See the License for the specific language governing permissions and
    16. 

  16.         limitations under the License.
    17. 

  17.  */
    18. 

  18. 

  19. #import "OIDServiceDiscovery.h"
    20. 

  20. 

  21. #import "OIDDefines.h"
    22. 

  22. #import "OIDErrorUtilities.h"
    23. 

  23. 

  24. NS_ASSUME_NONNULL_BEGIN
    25. 

  25. 

  26. /*! Field keys associated with an OpenID Connect Discovery Document. */
    27. 

  27. static NSString *const kIssuerKey = @"issuer";
    28. 

  28. static NSString *const kAuthorizationEndpointKey = @"authorization_endpoint";
    29. 

  29. static NSString *const kTokenEndpointKey = @"token_endpoint";
    30. 

  30. static NSString *const kUserinfoEndpointKey = @"userinfo_endpoint";
    31. 

  31. static NSString *const kJWKSURLKey = @"jwks_uri";
    32. 

  32. static NSString *const kRegistrationEndpointKey = @"registration_endpoint";
    33. 

  33. static NSString *const kEndSessionEndpointKey = @"end_session_endpoint";
    34. 

  34. static NSString *const kScopesSupportedKey = @"scopes_supported";
    35. 

  35. static NSString *const kResponseTypesSupportedKey = @"response_types_supported";
    36. 

  36. static NSString *const kResponseModesSupportedKey = @"response_modes_supported";
    37. 

  37. static NSString *const kGrantTypesSupportedKey = @"grant_types_supported";
    38. 

  38. static NSString *const kACRValuesSupportedKey = @"acr_values_supported";
    39. 

  39. static NSString *const kSubjectTypesSupportedKey = @"subject_types_supported";
    40. 

  40. static NSString *const kIDTokenSigningAlgorithmValuesSupportedKey =
    41. 

  41.     @"id_token_signing_alg_values_supported";
    42. 

  42. static NSString *const kIDTokenEncryptionAlgorithmValuesSupportedKey =
    43. 

  43.     @"id_token_encryption_alg_values_supported";
    44. 

  44. static NSString *const kIDTokenEncryptionEncodingValuesSupportedKey =
    45. 

  45.     @"id_token_encryption_enc_values_supported";
    46. 

  46. static NSString *const kUserinfoSigningAlgorithmValuesSupportedKey =
    47. 

  47.     @"userinfo_signing_alg_values_supported";
    48. 

  48. static NSString *const kUserinfoEncryptionAlgorithmValuesSupportedKey =
    49. 

  49.     @"userinfo_encryption_alg_values_supported";
    50. 

  50. static NSString *const kUserinfoEncryptionEncodingValuesSupportedKey =
    51. 

  51.     @"userinfo_encryption_enc_values_supported";
    52. 

  52. static NSString *const kRequestObjectSigningAlgorithmValuesSupportedKey =
    53. 

  53.     @"request_object_signing_alg_values_supported";
    54. 

  54. static NSString *const kRequestObjectEncryptionAlgorithmValuesSupportedKey =
    55. 

  55.     @"request_object_encryption_alg_values_supported";
    56. 

  56. static NSString *const kRequestObjectEncryptionEncodingValuesSupported =
    57. 

  57.     @"request_object_encryption_enc_values_supported";
    58. 

  58. static NSString *const kTokenEndpointAuthMethodsSupportedKey =
    59. 

  59.     @"token_endpoint_auth_methods_supported";
    60. 

  60. static NSString *const kTokenEndpointAuthSigningAlgorithmValuesSupportedKey =
    61. 

  61.     @"token_endpoint_auth_signing_alg_values_supported";
    62. 

  62. static NSString *const kDisplayValuesSupportedKey = @"display_values_supported";
    63. 

  63. static NSString *const kClaimTypesSupportedKey = @"claim_types_supported";
    64. 

  64. static NSString *const kClaimsSupportedKey = @"claims_supported";
    65. 

  65. static NSString *const kServiceDocumentationKey = @"service_documentation";
    66. 

  66. static NSString *const kClaimsLocalesSupportedKey = @"claims_locales_supported";
    67. 

  67. static NSString *const kUILocalesSupportedKey = @"ui_locales_supported";
    68. 

  68. static NSString *const kClaimsParameterSupportedKey = @"claims_parameter_supported";
    69. 

  69. static NSString *const kRequestParameterSupportedKey = @"request_parameter_supported";
    70. 

  70. static NSString *const kRequestURIParameterSupportedKey = @"request_uri_parameter_supported";
    71. 

  71. static NSString *const kRequireRequestURIRegistrationKey = @"require_request_uri_registration";
    72. 

  72. static NSString *const kOPPolicyURIKey = @"op_policy_uri";
    73. 

  73. static NSString *const kOPTosURIKey = @"op_tos_uri";
    74. 

  74. 

  75. @implementation OIDServiceDiscovery {
    76. 

  76.   NSDictionary *_discoveryDictionary;
    77. 

  77. }
    78. 

  78. 

  79. - (nonnull instancetype)init OID_UNAVAILABLE_USE_INITIALIZER(@selector(initWithDictionary:error:))
    80. 

  80. 

  81. - (nullable instancetype)initWithJSON:(NSString *)serviceDiscoveryJSON error:(NSError **)error {
    82. 

  82.   NSData *jsonData = [serviceDiscoveryJSON dataUsingEncoding:NSUTF8StringEncoding];
    83. 

  83.   return [self initWithJSONData:jsonData error:error];
    84. 

  84. }
    85. 

  85. 

  86. - (nullable instancetype)initWithJSONData:(NSData *)serviceDiscoveryJSONData
    87. 

  87.                                     error:(NSError **_Nullable)error {
    88. 

  88.   NSError *jsonError;
    89. 

  89.   NSDictionary *json =
    90. 

  90.       [NSJSONSerialization JSONObjectWithData:serviceDiscoveryJSONData options:0 error:&jsonError];
    91. 

  91.   if (!json || jsonError) {
    92. 

  92.     *error = [OIDErrorUtilities errorWithCode:OIDErrorCodeJSONDeserializationError
    93. 

  93.                               underlyingError:jsonError
    94. 

  94.                                   description:jsonError.localizedDescription];
    95. 

  95.     return nil;
    96. 

  96.   }
    97. 

  97.   if (![json isKindOfClass:[NSDictionary class]]) {
    98. 

  98.     *error = [OIDErrorUtilities errorWithCode:OIDErrorCodeInvalidDiscoveryDocument
    99. 

  99.                               underlyingError:nil
    100. 

  100.                                   description:@"Discovery document isn't a dictionary"];
    101. 

  101.     return nil;
    102. 

  102.   }
    103. 

  103. 

  104.   return [self initWithDictionary:json error:error];
    105. 

  105. }
    106. 

  106. 

  107. - (nullable instancetype)initWithDictionary:(NSDictionary *)serviceDiscoveryDictionary
    108. 

  108.                                       error:(NSError **_Nullable)error {
    109. 

  109.   if (![[self class] dictionaryHasRequiredFields:serviceDiscoveryDictionary error:error]) {
    110. 

  110.     return nil;
    111. 

  111.   }
    112. 

  112.   self = [super init];
    113. 

  113.   if (self) {
    114. 

  114.     _discoveryDictionary = [serviceDiscoveryDictionary copy];
    115. 

  115.   }
    116. 

  116.   return self;
    117. 

  117. }
    118. 

  118. 

  119. #pragma mark -
    120. 

  120. 

  121. /*! @brief Checks to see if the specified dictionary contains the required fields.
    122. 

  122.     @discussion This test is not meant to provide semantic analysis of the document (eg. fields
    123. 

  123.         where the value @c none is not an allowed option would not cause this method to fail if
    124. 

  124.         their value was @c none.) We are just testing to make sure we can meet the nullability
    125. 

  125.         contract we promised in the header.
    126. 

  126.  */
    127. 

  127. + (BOOL)dictionaryHasRequiredFields:(NSDictionary<NSString *, id> *)dictionary
    128. 

  128.                               error:(NSError **_Nullable)error {
    129. 

  129.   static NSString *const kMissingFieldErrorText = @"Missing field: %@";
    130. 

  130.   static NSString *const kInvalidURLFieldErrorText = @"Invalid URL: %@";
    131. 

  131. 

  132.   NSArray *requiredFields = @[
    133. 

  133.     kIssuerKey,
    134. 

  134.     kAuthorizationEndpointKey,
    135. 

  135.     kTokenEndpointKey,
    136. 

  136.     kJWKSURLKey,
    137. 

  137.     kResponseTypesSupportedKey,
    138. 

  138.     kSubjectTypesSupportedKey,
    139. 

  139.     kIDTokenSigningAlgorithmValuesSupportedKey
    140. 

  140.   ];
    141. 

  141. 

  142.   for (NSString *field in requiredFields) {
    143. 

  143.     if (!dictionary[field]) {
    144. 

  144.       if (error) {
    145. 

  145.         NSString *errorText = [NSString stringWithFormat:kMissingFieldErrorText, field];
    146. 

  146.         *error = [OIDErrorUtilities errorWithCode:OIDErrorCodeInvalidDiscoveryDocument
    147. 

  147.                                   underlyingError:nil
    148. 

  148.                                       description:errorText];
    149. 

  149.       }
    150. 

  150.       return NO;
    151. 

  151.     }
    152. 

  152.   }
    153. 

  153. 

  154.   // Check required URL fields are valid URLs.
    155. 

  155.   NSArray *requiredURLFields = @[
    156. 

  156.     kIssuerKey,
    157. 

  157.     kTokenEndpointKey,
    158. 

  158.     kJWKSURLKey
    159. 

  159.   ];
    160. 

  160. 

  161.   for (NSString *field in requiredURLFields) {
    162. 

  162.     if (![NSURL URLWithString:dictionary[field]]) {
    163. 

  163.       if (error) {
    164. 

  164.         NSString *errorText = [NSString stringWithFormat:kInvalidURLFieldErrorText, field];
    165. 

  165.         *error = [OIDErrorUtilities errorWithCode:OIDErrorCodeInvalidDiscoveryDocument
    166. 

  166.                                   underlyingError:nil
    167. 

  167.                                       description:errorText];
    168. 

  168.       }
    169. 

  169.       return NO;
    170. 

  170.     }
    171. 

  171.   }
    172. 

  172. 

  173.   return YES;
    174. 

  174. }
    175. 

  175. 

  176. #pragma mark - NSCopying
    177. 

  177. 

  178. - (instancetype)copyWithZone:(nullable NSZone *)zone {
    179. 

  179.   // The documentation for NSCopying specifically advises us to return a reference to the original
    180. 

  180.   // instance in the case where instances are immutable (as ours is):
    181. 

  181.   // "Implement NSCopying by retaining the original instead of creating a new copy when the class
    182. 

  182.   // and its contents are immutable."
    183. 

  183.   return self;
    184. 

  184. }
    185. 

  185. 

  186. #pragma mark - NSSecureCoding
    187. 

  187. 

  188. + (BOOL)supportsSecureCoding {
    189. 

  189.   return YES;
    190. 

  190. }
    191. 

  191. 

  192. - (nullable instancetype)initWithCoder:(NSCoder *)aDecoder {
    193. 

  193.   NSError *error;
    194. 

  194.   NSDictionary *dictionary = [[NSDictionary alloc] initWithCoder:aDecoder];
    195. 

  195.   self = [self initWithDictionary:dictionary error:&error];
    196. 

  196.   if (error) {
    197. 

  197.     return nil;
    198. 

  198.   }
    199. 

  199.   return self;
    200. 

  200. }
    201. 

  201. 

  202. - (void)encodeWithCoder:(NSCoder *)aCoder {
    203. 

  203.   [_discoveryDictionary encodeWithCoder:aCoder];
    204. 

  204. }
    205. 

  205. 

  206. #pragma mark - Properties
    207. 

  207. 

  208. - (NSDictionary<NSString *, NSString *> *)discoveryDictionary {
    209. 

  209.   return _discoveryDictionary;
    210. 

  210. }
    211. 

  211. 

  212. - (NSURL *)issuer {
    213. 

  213.   return [NSURL URLWithString:_discoveryDictionary[kIssuerKey]];
    214. 

  214. }
    215. 

  215. 

  216. - (NSURL *)authorizationEndpoint {
    217. 

  217.   return [NSURL URLWithString:_discoveryDictionary[kAuthorizationEndpointKey]];
    218. 

  218. }
    219. 

  219. 

  220. - (NSURL *)tokenEndpoint {
    221. 

  221.   return [NSURL URLWithString:_discoveryDictionary[kTokenEndpointKey]];
    222. 

  222. }
    223. 

  223. 

  224. - (nullable NSURL *)userinfoEndpoint {
    225. 

  225.   return [NSURL URLWithString:_discoveryDictionary[kUserinfoEndpointKey]];
    226. 

  226. }
    227. 

  227. 

  228. - (NSURL *)jwksURL {
    229. 

  229.   return [NSURL URLWithString:_discoveryDictionary[kJWKSURLKey]];
    230. 

  230. }
    231. 

  231. 

  232. - (nullable NSURL *)registrationEndpoint {
    233. 

  233.   return [NSURL URLWithString:_discoveryDictionary[kRegistrationEndpointKey]];
    234. 

  234. }
    235. 

  235. 

  236. - (nullable NSURL *)endSessionEndpoint {
    237. 

  237.     return [NSURL URLWithString:_discoveryDictionary[kEndSessionEndpointKey]];
    238. 

  238. }
    239. 

  239. 

  240. - (nullable NSArray<NSString *> *)scopesSupported {
    241. 

  241.   return _discoveryDictionary[kScopesSupportedKey];
    242. 

  242. }
    243. 

  243. 

  244. - (NSArray<NSString *> *)responseTypesSupported {
    245. 

  245.   return _discoveryDictionary[kResponseTypesSupportedKey];
    246. 

  246. }
    247. 

  247. 

  248. - (nullable NSArray<NSString *> *)responseModesSupported {
    249. 

  249.   return _discoveryDictionary[kResponseModesSupportedKey];
    250. 

  250. }
    251. 

  251. 

  252. - (nullable NSArray<NSString *> *)grantTypesSupported {
    253. 

  253.   return _discoveryDictionary[kGrantTypesSupportedKey];
    254. 

  254. }
    255. 

  255. 

  256. - (nullable NSArray<NSString *> *)acrValuesSupported {
    257. 

  257.   return _discoveryDictionary[kACRValuesSupportedKey];
    258. 

  258. }
    259. 

  259. 

  260. - (NSArray<NSString *> *)subjectTypesSupported {
    261. 

  261.   return _discoveryDictionary[kSubjectTypesSupportedKey];
    262. 

  262. }
    263. 

  263. 

  264. - (NSArray<NSString *> *) IDTokenSigningAlgorithmValuesSupported {
    265. 

  265.   return _discoveryDictionary[kIDTokenSigningAlgorithmValuesSupportedKey];
    266. 

  266. }
    267. 

  267. 

  268. - (nullable NSArray<NSString *> *)IDTokenEncryptionAlgorithmValuesSupported {
    269. 

  269.   return _discoveryDictionary[kIDTokenEncryptionAlgorithmValuesSupportedKey];
    270. 

  270. }
    271. 

  271. 

  272. - (nullable NSArray<NSString *> *)IDTokenEncryptionEncodingValuesSupported {
    273. 

  273.   return _discoveryDictionary[kIDTokenEncryptionEncodingValuesSupportedKey];
    274. 

  274. }
    275. 

  275. 

  276. - (nullable NSArray<NSString *> *)userinfoSigningAlgorithmValuesSupported {
    277. 

  277.   return _discoveryDictionary[kUserinfoSigningAlgorithmValuesSupportedKey];
    278. 

  278. }
    279. 

  279. 

  280. - (nullable NSArray<NSString *> *)userinfoEncryptionAlgorithmValuesSupported {
    281. 

  281.   return _discoveryDictionary[kUserinfoEncryptionAlgorithmValuesSupportedKey];
    282. 

  282. }
    283. 

  283. 

  284. - (nullable NSArray<NSString *> *)userinfoEncryptionEncodingValuesSupported {
    285. 

  285.   return _discoveryDictionary[kUserinfoEncryptionEncodingValuesSupportedKey];
    286. 

  286. }
    287. 

  287. 

  288. - (nullable NSArray<NSString *> *)requestObjectSigningAlgorithmValuesSupported {
    289. 

  289.   return _discoveryDictionary[kRequestObjectSigningAlgorithmValuesSupportedKey];
    290. 

  290. }
    291. 

  291. 

  292. - (nullable NSArray<NSString *> *) requestObjectEncryptionAlgorithmValuesSupported {
    293. 

  293.   return _discoveryDictionary[kRequestObjectEncryptionAlgorithmValuesSupportedKey];
    294. 

  294. }
    295. 

  295. 

  296. - (nullable NSArray<NSString *> *) requestObjectEncryptionEncodingValuesSupported {
    297. 

  297.   return _discoveryDictionary[kRequestObjectEncryptionEncodingValuesSupported];
    298. 

  298. }
    299. 

  299. 

  300. - (nullable NSArray<NSString *> *)tokenEndpointAuthMethodsSupported {
    301. 

  301.   return _discoveryDictionary[kTokenEndpointAuthMethodsSupportedKey];
    302. 

  302. }
    303. 

  303. 

  304. - (nullable NSArray<NSString *> *)tokenEndpointAuthSigningAlgorithmValuesSupported {
    305. 

  305.   return _discoveryDictionary[kTokenEndpointAuthSigningAlgorithmValuesSupportedKey];
    306. 

  306. }
    307. 

  307. 

  308. - (nullable NSArray<NSString *> *)displayValuesSupported {
    309. 

  309.   return _discoveryDictionary[kDisplayValuesSupportedKey];
    310. 

  310. }
    311. 

  311. 

  312. - (nullable NSArray<NSString *> *)claimTypesSupported {
    313. 

  313.   return _discoveryDictionary[kClaimTypesSupportedKey];
    314. 

  314. }
    315. 

  315. 

  316. - (nullable NSArray<NSString *> *)claimsSupported {
    317. 

  317.   return _discoveryDictionary[kClaimsSupportedKey];
    318. 

  318. }
    319. 

  319. 

  320. - (nullable NSURL *)serviceDocumentation {
    321. 

  321.   return [NSURL URLWithString:_discoveryDictionary[kServiceDocumentationKey]];
    322. 

  322. }
    323. 

  323. 

  324. - (nullable NSArray<NSString *> *)claimsLocalesSupported {
    325. 

  325.   return _discoveryDictionary[kClaimsLocalesSupportedKey];
    326. 

  326. }
    327. 

  327. 

  328. - (nullable NSArray<NSString *> *)UILocalesSupported {
    329. 

  329.   return _discoveryDictionary[kUILocalesSupportedKey];
    330. 

  330. }
    331. 

  331. 

  332. - (BOOL)claimsParameterSupported {
    333. 

  333.   return [_discoveryDictionary[kClaimsParameterSupportedKey] boolValue];
    334. 

  334. }
    335. 

  335. 

  336. - (BOOL)requestParameterSupported {
    337. 

  337.   return [_discoveryDictionary[kRequestParameterSupportedKey] boolValue];
    338. 

  338. }
    339. 

  339. 

  340. - (BOOL)requestURIParameterSupported {
    341. 

  341.   // Default is true/YES.
    342. 

  342.   if (!_discoveryDictionary[kRequestURIParameterSupportedKey]) {
    343. 

  343.     return YES;
    344. 

  344.   }
    345. 

  345.   return [_discoveryDictionary[kRequestURIParameterSupportedKey] boolValue];
    346. 

  346. }
    347. 

  347. 

  348. - (BOOL)requireRequestURIRegistration {
    349. 

  349.   return [_discoveryDictionary[kRequireRequestURIRegistrationKey] boolValue];
    350. 

  350. }
    351. 

  351. 

  352. - (nullable NSURL *)OPPolicyURI {
    353. 

  353.   return [NSURL URLWithString:_discoveryDictionary[kOPPolicyURIKey]];
    354. 

  354. }
    355. 

  355. 

  356. - (nullable NSURL *)OPTosURI {
    357. 

  357.   return [NSURL URLWithString:_discoveryDictionary[kOPTosURIKey]];
    358. 

  358. }
    359. 

  359. 

  360. @end
    361. 

  361. 

  362. NS_ASSUME_NONNULL_END
    363.