Skip to content

Commit

Permalink
Merge pull request #71 from auth0/grant_type_password_realm
Browse files Browse the repository at this point in the history 
Added grant type password realm support
  • Loading branch information
@hzalaz
hzalaz authored Dec 13, 2016
2 parents 6f9b17c + 835f58d commit df3823c
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 0 deletions.
13 changes: 13 additions & 0 deletions Auth0/Auth0Authentication.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,19 @@ struct Auth0Authentication: Authentication {
return Request(session: session, url: resourceOwner, method: "POST", handle: authenticationObject, payload: payload, logger: self.logger, telemetry: self.telemetry)
}

func login(usernameOrEmail username: String, password: String, audience: String?, scope: String?, realm: String?) -> Request<Credentials, AuthenticationError> {
let resourceOwner = URL(string: "/oauth/token", relativeTo: self.url)!
var payload: [String: Any] = [
"username": username,
"password": password,
"grant_type": "http://auth0.com/oauth/grant-type/password-realm",
"client_id": self.clientId,
]
payload["audience"] = audience
payload["scope"] = scope
payload["realm"] = realm
return Request(session: session, url: resourceOwner, method: "POST", handle: authenticationObject, payload: payload, logger: self.logger, telemetry: self.telemetry)
}

func createUser(email: String, username: String? = nil, password: String, connection: String, userMetadata: [String: Any]? = nil) -> Request<DatabaseUser, AuthenticationError> {
var payload: [String: Any] = [
Expand Down
71 changes: 71 additions & 0 deletions Auth0/Authentication.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,40 @@ public protocol Authentication: Trackable, Loggable {
*/
func login(usernameOrEmail username: String, password: String, multifactorCode: String?, connection: String, scope: String, parameters: [String: Any]) -> Request<Credentials, AuthenticationError>

/**
Login using username and password to the clients default_directory

```
Auth0
.authentication(clientId: clientId, domain: "samples.auth0.com")
.login(
usernameOrEmail: "support@auth0.com",
password: "a secret password")
```

You can also specify audience and scope

```
Auth0
.authentication(clientId: clientId, domain: "samples.auth0.com")
.login(
usernameOrEmail: "support@auth0.com",
password: "a secret password",
audience: "https://myapi.com/api",
scope: "openid profile",
realm: "mydatabase")
```

- Parameters:
- username: username or email used of the user to authenticate
- password: password of the user
- audience: API Identifier that the client is requesting access to.
- scope: scope value requested when authenticating the user.
- realm: domain realm or connection name
- Returns: authentication request that will yield Auth0 User Credentials
*/
func login(usernameOrEmail username: String, password: String, audience: String?, scope: String?, realm: String?) -> Request<Credentials, AuthenticationError>

/**
Creates a user in a Database connection

Expand Down Expand Up @@ -429,6 +463,43 @@ public extension Authentication {
return self.login(usernameOrEmail: username, password: password, multifactorCode: multifactorCode, connection: connection, scope: scope, parameters: parameters)
}

/**
Login using username and password to the clients default_directory

```
Auth0
.authentication(clientId: clientId, domain: "samples.auth0.com")
.login(
usernameOrEmail: "support@auth0.com",
password: "a secret password")
```

You can also specify audience and scope

```
Auth0
.authentication(clientId: clientId, domain: "samples.auth0.com")
.login(
usernameOrEmail: "support@auth0.com",
password: "a secret password",
audience: "https://myapi.com/api",
scope: "openid profile",
realm: "mydatabase")
```

- Parameters:
- username: username or email used of the user to authenticate
- password: password of the user
- audience: API Identifier that the client is requesting access to.
- scope: scope value requested when authenticating the user.
- realm: domain realm or connection name
- Returns: authentication request that will yield Auth0 User Credentials
*/
public func login(usernameOrEmail username: String, password: String, audience: String? = nil, scope: String? = nil, realm: String? = nil) -> Request<Credentials, AuthenticationError> {
return self.login(usernameOrEmail: username, password: password, audience: audience, scope: scope, realm: realm)
}


/**
Creates a user in a Database connection

Expand Down
66 changes: 66 additions & 0 deletions Auth0Tests/AuthenticationSpec.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,72 @@ class AuthenticationSpec: QuickSpec {

}

// MARK:- grant type paswword
describe("grant type password") {

it("should receive token with username and password") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password"

waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: ValidPassword).start { result in
expect(result).to(haveCredentials())
done()
}
}
}

it("should fail to return token") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password"
waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: "invalid").start { result in
expect(result).toNot(haveCredentials())
done()
}
}
}

it("should specify scope in request") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword, "scope": "openid"])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password Custom Scope"
waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: ValidPassword, scope: "openid").start { result in
expect(result).to(haveCredentials())
done()
}
}
}

it("should specify audience in request") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword, "audience" : "https://myapi.com/api"])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password Custom Scope and audience"
waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: ValidPassword, audience: "https://myapi.com/api").start { result in
expect(result).to(haveCredentials())
done()
}
}
}

it("should specify audience and scope in request") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword, "scope": "openid", "audience" : "https://myapi.com/api"])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password Custom Scope and audience"
waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: ValidPassword, audience: "https://myapi.com/api", scope: "openid").start { result in
expect(result).to(haveCredentials())
done()
}
}
}

it("should specify audience,scope and realm in request") {
stub(condition: isToken(Domain) && hasAtLeast(["username":SupportAtAuth0, "password": ValidPassword, "scope": "openid", "audience" : "https://myapi.com/api", "realm" : "customconnection"])) { _ in return authResponse(accessToken: AccessToken) }.name = "Grant Password Custom audience, scope and realm"
waitUntil(timeout: Timeout) { done in
auth.login(usernameOrEmail: SupportAtAuth0, password: ValidPassword, audience: "https://myapi.com/api", scope: "openid", realm: "customconnection").start { result in
expect(result).to(haveCredentials())
done()
}
}
}

}

describe("create user") {

beforeEach {
Expand Down

0 comments on commit df3823c

Please sign in to comment.