From fd27f76e537b95464c42d4a68da26991fbc33b57 Mon Sep 17 00:00:00 2001 From: Martin Walsh Date: Tue, 20 Jun 2017 11:59:53 +0100 Subject: [PATCH 1/3] Legacy flow deprecations Warnings added --- Auth0/Authentication.swift | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Auth0/Authentication.swift b/Auth0/Authentication.swift index 3c40bebd..6878e7cc 100644 --- a/Auth0/Authentication.swift +++ b/Auth0/Authentication.swift @@ -83,6 +83,7 @@ public protocol Authentication: Trackable, Loggable { - returns: authentication request that will yield Auth0 User Credentials - seeAlso: Credentials */ + @available(*, deprecated, message: "see login(usernameOrEmail username: String, password: String, realm: String, audience: String?, scope: String?)") // swiftlint:disable:next function_parameter_count func login(usernameOrEmail username: String, password: String, multifactorCode: String?, connection: String, scope: String, parameters: [String: Any]) -> Request @@ -223,6 +224,7 @@ public protocol Authentication: Trackable, Loggable { - returns: an authentication request that will yield Auth0 user credentials after creating the user. */ + @available(*, deprecated, message: "see createUser(email: String, username: String?, password: String, connection: String, userMetadata: [String: Any]?)") // swiftlint:disable:next function_parameter_count func signUp(email: String, username: String?, password: String, connection: String, userMetadata: [String: Any]?, scope: String, parameters: [String: Any]) -> ConcatRequest @@ -251,6 +253,7 @@ public protocol Authentication: Trackable, Loggable { - parameter parameters: additional authentication parameters added for Web link. Ignored in other types - returns: a request + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ func startPasswordless(email: String, type: PasswordlessType, connection: String, parameters: [String: Any]) -> Request @@ -278,6 +281,7 @@ public protocol Authentication: Trackable, Loggable { - parameter connection: name of the passwordless connection. By default is 'sms' - returns: a request + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ func startPasswordless(phoneNumber: String, type: PasswordlessType, connection: String) -> Request @@ -295,7 +299,7 @@ public protocol Authentication: Trackable, Loggable { - returns: a request that will yield token information */ - @available(*, deprecated, message: "see userInfo(token: String)") + @available(*, deprecated, message: "see userInfo(withAccessToken accessToken: String)") func tokenInfo(token: String) -> Request /** @@ -311,7 +315,7 @@ public protocol Authentication: Trackable, Loggable { - parameter token: token obtained by authenticating the user - returns: a request that will yield user information - - important: If you are using an OIDC Conformant client please see `userClaimInfo` + - warning: for OIDC-conformant clients please use `userInfo(withAccessToken accessToken: String)` */ func userInfo(token: String) -> Request @@ -358,6 +362,7 @@ public protocol Authentication: Trackable, Loggable { - parameter parameters: additional parameters sent during authentication - returns: a request that will yield Auth0 user's credentials + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ func loginSocial(token: String, connection: String, scope: String, parameters: [String: Any]) -> Request @@ -682,6 +687,7 @@ public extension Authentication { - parameter parameters: additional authentication parameters added for Web link. Ignored in other types - returns: a request + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ public func startPasswordless(email: String, type: PasswordlessType = .Code, connection: String = "email", parameters: [String: Any] = [:]) -> Request { return self.startPasswordless(email: email, type: type, connection: connection, parameters: parameters) @@ -710,6 +716,7 @@ public extension Authentication { - parameter connection: name of the passwordless connection. By default is 'sms' - returns: a request + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ public func startPasswordless(phoneNumber: String, type: PasswordlessType = .Code, connection: String = "sms") -> Request { return self.startPasswordless(phoneNumber: phoneNumber, type: type, connection: connection) @@ -740,6 +747,7 @@ public extension Authentication { - parameter parameters: additional parameters sent during authentication - returns: a request that will yield Auth0 user's credentials + - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ public func loginSocial(token: String, connection: String, scope: String = "openid", parameters: [String: Any] = [:]) -> Request { return self.loginSocial(token: token, connection: connection, scope: scope, parameters: parameters) From f8ff08604978e4bb137b6b76010160a544750a5f Mon Sep 17 00:00:00 2001 From: Hernan Zalazar Date: Sun, 25 Jun 2017 17:38:30 -0300 Subject: [PATCH 2/3] Add more information about grant types --- Auth0/Authentication.swift | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/Auth0/Authentication.swift b/Auth0/Authentication.swift index 6878e7cc..a481a1af 100644 --- a/Auth0/Authentication.swift +++ b/Auth0/Authentication.swift @@ -82,8 +82,10 @@ public protocol Authentication: Trackable, Loggable { - returns: authentication request that will yield Auth0 User Credentials - seeAlso: Credentials + - warning: this method is deprecated in favor of `login(usernameOrEmail username:, password:, realm:, audience:, scope:)` + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ - @available(*, deprecated, message: "see login(usernameOrEmail username: String, password: String, realm: String, audience: String?, scope: String?)") + @available(*, deprecated, message: "see login(usernameOrEmail username:, password:, realm:, audience:, scope:)") // swiftlint:disable:next function_parameter_count func login(usernameOrEmail username: String, password: String, multifactorCode: String?, connection: String, scope: String, parameters: [String: Any]) -> Request @@ -119,6 +121,7 @@ public protocol Authentication: Trackable, Loggable { - parameter scope: scope value requested when authenticating the user. - important: This only works if you have the OAuth 2.0 API Authorization flag on - returns: authentication request that will yield Auth0 User Credentials + - requires: Grant `http://auth0.com/oauth/grant-type/password-realm`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ func login(usernameOrEmail username: String, password: String, realm: String, audience: String?, scope: String?) -> Request @@ -223,8 +226,9 @@ public protocol Authentication: Trackable, Loggable { - parameter parameters: additional parameters sent during authentication - returns: an authentication request that will yield Auth0 user credentials after creating the user. + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ - @available(*, deprecated, message: "see createUser(email: String, username: String?, password: String, connection: String, userMetadata: [String: Any]?)") + @available(*, deprecated, message: "use createUser(email:, username:, password:, connection:, userMetadata:) and then login(usernameOrEmail username:, password:, realm:, audience:, scope:)") // swiftlint:disable:next function_parameter_count func signUp(email: String, username: String?, password: String, connection: String, userMetadata: [String: Any]?, scope: String, parameters: [String: Any]) -> ConcatRequest @@ -253,7 +257,7 @@ public protocol Authentication: Trackable, Loggable { - parameter parameters: additional authentication parameters added for Web link. Ignored in other types - returns: a request - - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ func startPasswordless(email: String, type: PasswordlessType, connection: String, parameters: [String: Any]) -> Request @@ -281,7 +285,7 @@ public protocol Authentication: Trackable, Loggable { - parameter connection: name of the passwordless connection. By default is 'sms' - returns: a request - - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ func startPasswordless(phoneNumber: String, type: PasswordlessType, connection: String) -> Request @@ -294,12 +298,12 @@ public protocol Authentication: Trackable, Loggable { .tokenInfo(token: token) .start { print($0) } ``` - + - parameter token: token obtained by authenticating the user - + - warning: this method is deprecated in favor of `userInfo(withAccessToken accessToken:)` - returns: a request that will yield token information */ - @available(*, deprecated, message: "see userInfo(withAccessToken accessToken: String)") + @available(*, deprecated, message: "see userInfo(withAccessToken accessToken:)") func tokenInfo(token: String) -> Request /** @@ -315,7 +319,7 @@ public protocol Authentication: Trackable, Loggable { - parameter token: token obtained by authenticating the user - returns: a request that will yield user information - - warning: for OIDC-conformant clients please use `userInfo(withAccessToken accessToken: String)` + - warning: for OIDC-conformant clients please use `userInfo(withAccessToken accessToken:)` */ func userInfo(token: String) -> Request @@ -363,6 +367,7 @@ public protocol Authentication: Trackable, Loggable { - returns: a request that will yield Auth0 user's credentials - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/access_token`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ func loginSocial(token: String, connection: String, scope: String, parameters: [String: Any]) -> Request @@ -379,7 +384,7 @@ public protocol Authentication: Trackable, Loggable { - parameter parameters: request parameters - returns: a request that will yield Auth0 user's credentials - - seeAlso: Authentication#exchangeCode(codeVerifier:redirectURI:) for PKCE + - seeAlso: exchangeCode(codeVerifier:, redirectURI:) for PKCE */ func tokenExchange(withParameters parameters: [String: Any]) -> Request @@ -530,6 +535,7 @@ public extension Authentication { - returns: authentication request that will yield Auth0 User Credentials - seeAlso: Credentials + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ public func login(usernameOrEmail username: String, password: String, multifactorCode: String? = nil, connection: String, scope: String = "openid", parameters: [String: Any] = [:]) -> Request { return self.login(usernameOrEmail: username, password: password, multifactorCode: multifactorCode, connection: connection, scope: scope, parameters: parameters) @@ -566,6 +572,7 @@ public extension Authentication { - parameter audience: API Identifier that the client is requesting access to. - parameter scope: scope value requested when authenticating the user. - Returns: authentication request that will yield Auth0 User Credentials + - requires: Grant `http://auth0.com/oauth/grant-type/password-realm`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ public func login(usernameOrEmail username: String, password: String, realm: String, audience: String? = nil, scope: String? = nil) -> Request { return self.login(usernameOrEmail: username, password: password, realm: realm, audience: audience, scope: scope) @@ -657,6 +664,7 @@ public extension Authentication { - parameter parameters: additional parameters sent during authentication - returns: an authentication request that will yield Auth0 user credentials after creating the user. + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/ro`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ public func signUp(email: String, username: String? = nil, password: String, connection: String, userMetadata: [String: Any]? = nil, scope: String = "openid", parameters: [String: Any] = [:]) -> ConcatRequest { return self.signUp(email: email, username: username, password: password, connection: connection, userMetadata: userMetadata, scope: scope, parameters: parameters) @@ -687,7 +695,6 @@ public extension Authentication { - parameter parameters: additional authentication parameters added for Web link. Ignored in other types - returns: a request - - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ public func startPasswordless(email: String, type: PasswordlessType = .Code, connection: String = "email", parameters: [String: Any] = [:]) -> Request { return self.startPasswordless(email: email, type: type, connection: connection, parameters: parameters) @@ -716,7 +723,6 @@ public extension Authentication { - parameter connection: name of the passwordless connection. By default is 'sms' - returns: a request - - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release */ public func startPasswordless(phoneNumber: String, type: PasswordlessType = .Code, connection: String = "sms") -> Request { return self.startPasswordless(phoneNumber: phoneNumber, type: type, connection: connection) @@ -747,7 +753,7 @@ public extension Authentication { - parameter parameters: additional parameters sent during authentication - returns: a request that will yield Auth0 user's credentials - - warning: disabled for OIDC-conformant clients, an alternative will be added in a future release + - requires: Legacy Grant `http://auth0.com/oauth/legacy/grant-type/access_token`. Check [our documentation](https://auth0.com/docs/clients/client-grant-types) for more info and how to enable it. */ public func loginSocial(token: String, connection: String, scope: String = "openid", parameters: [String: Any] = [:]) -> Request { return self.loginSocial(token: token, connection: connection, scope: scope, parameters: parameters) @@ -770,7 +776,7 @@ public extension Authentication { .start { print($0) } ``` - If you are not using OAuth 2.0 API Authorization please use `delegation(parameters:)` + - precondition: if you are not using OAuth 2.0 API Authorization please use `delegation(parameters:)` - parameter refreshToken: the client's refresh token obtained on auth - parameter scope: scopes to request for the new tokens. By default is nil which will ask for the same ones requested during Auth. From 33364003fdf15c565d3f365dc5ec53c1f0ae0cae Mon Sep 17 00:00:00 2001 From: Hernan Zalazar Date: Sun, 25 Jun 2017 17:47:50 -0300 Subject: [PATCH 3/3] Fix typo [skip ci] --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2f9c0814..c54284f7 100644 --- a/README.md +++ b/README.md @@ -194,7 +194,7 @@ credentialsManager.credentials { error, credentials in ### Authentication API (iOS / macOS / tvOS) The Authentication API exposes AuthN/AuthZ functionality of Auth0, as well as the supported identity protocols like OpenID Connect, OAuth 2.0, and SAML. -We recommend using our Hosted Login Page but if you wish to build your own UI you can use our API endpoints to do so. However some Auth flows (Grant types) are disable by default so you will need to enable them via your Auth0 Dashboard as explained in [this guide](https://auth0.com/docs/clients/client-grant-types#edit-available-grant_types). +We recommend using our Hosted Login Page but if you wish to build your own UI you can use our API endpoints to do so. However some Auth flows (Grant types) are disabled by default so you will need to enable them via your Auth0 Dashboard as explained in [this guide](https://auth0.com/docs/clients/client-grant-types#edit-available-grant_types). These are the required Grant Types that needs to be enabled in your client: