From 1464e4bbd36092afdb232f405b3ccb9b0b01d2f2 Mon Sep 17 00:00:00 2001 From: Rita Zerrizuela Date: Mon, 6 Dec 2021 20:27:07 -0300 Subject: [PATCH 1/2] Remove parameterless `tokenExchange()` method --- Auth0/Auth0Authentication.swift | 30 ++++++++++++++++-------------- Auth0/Authentication.swift | 16 ---------------- V2_MIGRATION_GUIDE.md | 17 +++++++++++++++-- 3 files changed, 31 insertions(+), 32 deletions(-) diff --git a/Auth0/Auth0Authentication.swift b/Auth0/Auth0Authentication.swift index 8fda9030..7d7d383d 100644 --- a/Auth0/Auth0Authentication.swift +++ b/Auth0/Auth0Authentication.swift @@ -270,20 +270,6 @@ struct Auth0Authentication: Authentication { telemetry: self.telemetry) } - func tokenExchange() -> Request { - let payload: [String: Any] = [ - "client_id": self.clientId - ] - let token = URL(string: "oauth/token", relativeTo: self.url)! - return Request(session: session, - url: token, - method: "POST", - handle: codable, - parameters: payload, - logger: self.logger, - telemetry: self.telemetry) - } - func tokenExchange(withCode code: String, codeVerifier: String, redirectURI: String) -> Request { return self.tokenExchange().parameters([ "code": code, @@ -340,6 +326,7 @@ struct Auth0Authentication: Authentication { // MARK: - Private Methods private extension Auth0Authentication { + func login(username: String, otp: String, realm: String, audience: String?, scope: String) -> Request { let url = URL(string: "oauth/token", relativeTo: self.url)! var payload: [String: Any] = [ @@ -360,6 +347,20 @@ private extension Auth0Authentication { telemetry: self.telemetry) } + func tokenExchange() -> Request { + let payload: [String: Any] = [ + "client_id": self.clientId + ] + let token = URL(string: "oauth/token", relativeTo: self.url)! + return Request(session: session, + url: token, + method: "POST", + handle: codable, + parameters: payload, + logger: self.logger, + telemetry: self.telemetry) + } + func tokenExchange(subjectToken: String, subjectTokenType: String, scope: String, audience: String?, parameters: [String: Any]?) -> Request { var parameters: [String: Any] = parameters ?? [:] parameters["grant_type"] = "urn:ietf:params:oauth:grant-type:token-exchange" @@ -369,4 +370,5 @@ private extension Auth0Authentication { parameters["scope"] = scope return self.tokenExchange().parameters(parameters) } + } diff --git a/Auth0/Authentication.swift b/Auth0/Authentication.swift index fbbb097e..72733c1d 100644 --- a/Auth0/Authentication.swift +++ b/Auth0/Authentication.swift @@ -410,22 +410,6 @@ public protocol Authentication: Trackable, Loggable { */ func userInfo(withAccessToken accessToken: String) -> Request - /** - Perform a OAuth2 token request against Auth0. - - ``` - Auth0 - .authentication(clientId: clientId, domain: "samples.auth0.com") - .tokenExchange() - .parameters(["key": "value"]) - .start { print($0) } - ``` - - - returns: a request that will yield Auth0 user's credentials - - seeAlso: exchangeCode(codeVerifier:, redirectURI:) for PKCE - */ - func tokenExchange() -> Request - /** Performs the last step of Proof Key for Code Exchange [RFC 7636](https://tools.ietf.org/html/rfc7636). diff --git a/V2_MIGRATION_GUIDE.md b/V2_MIGRATION_GUIDE.md index 885c1e8f..0361e543 100644 --- a/V2_MIGRATION_GUIDE.md +++ b/V2_MIGRATION_GUIDE.md @@ -97,6 +97,20 @@ Use `createUser(email:username:password:connection:userMetadata:rootAttributes:` Use `userInfo(withAccessToken:)` instead. +#### `tokenExchange(withParameters:)` + +Use `tokenExchange(withCode:codeVerifier:redirectURI:)` instead. To pass custom parameters, use the `parameters(_:)` method from `Request`: + +```swift +Auth0 + .authentication() + .tokenExchange(withCode: code, codeVerifier: codeVerifier, redirectURI: redirectURI) + .parameters(["key": "value"]) // 👈🏻 + .start { result in + // ... + } +``` + #### `tokenExchange(withAppleAuthorizationCode:scope:audience:fullName:)` Use `login(appleAuthorizationCode:fullName:profile:audience:scope:)` instead. @@ -305,14 +319,13 @@ The following methods lost the `parameters` parameter: - `login(phoneNumber:code:audience:scope:)` - `login(usernameOrEmail:password:realm:audience:scope:)` - `loginDefaultDirectory(withUsername:password:audience:scope:)` -- `tokenExchange()` To pass custom parameters to those (or any) method in the Authentication client, use the `parameters(_:)` method from `Request`: ```swift Auth0 .authentication() - .tokenExchange() // Returns a Request + .renew(withRefreshToken: refreshToken) // Returns a Request .parameters(["key": "value"]) // 👈🏻 .start { result in // ... From 8f5a6561e3739ce4f122668f5ef2135481789ce4 Mon Sep 17 00:00:00 2001 From: Rita Zerrizuela Date: Tue, 7 Dec 2021 07:51:37 -0300 Subject: [PATCH 2/2] Address review feedback --- Auth0/Auth0Authentication.swift | 8 ++++---- Auth0/Authentication.swift | 4 ++-- Auth0/OAuth2Grant.swift | 2 +- Auth0Tests/AuthenticationSpec.swift | 4 ++-- V2_MIGRATION_GUIDE.md | 8 ++++++-- 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/Auth0/Auth0Authentication.swift b/Auth0/Auth0Authentication.swift index 7d7d383d..6644190e 100644 --- a/Auth0/Auth0Authentication.swift +++ b/Auth0/Auth0Authentication.swift @@ -270,8 +270,8 @@ struct Auth0Authentication: Authentication { telemetry: self.telemetry) } - func tokenExchange(withCode code: String, codeVerifier: String, redirectURI: String) -> Request { - return self.tokenExchange().parameters([ + func codeExchange(withCode code: String, codeVerifier: String, redirectURI: String) -> Request { + return self.token().parameters([ "code": code, "code_verifier": codeVerifier, "redirect_uri": redirectURI, @@ -347,7 +347,7 @@ private extension Auth0Authentication { telemetry: self.telemetry) } - func tokenExchange() -> Request { + func token() -> Request { let payload: [String: Any] = [ "client_id": self.clientId ] @@ -368,7 +368,7 @@ private extension Auth0Authentication { parameters["subject_token_type"] = subjectTokenType parameters["audience"] = audience parameters["scope"] = scope - return self.tokenExchange().parameters(parameters) + return self.token().parameters(parameters) } } diff --git a/Auth0/Authentication.swift b/Auth0/Authentication.swift index 72733c1d..c8f132cf 100644 --- a/Auth0/Authentication.swift +++ b/Auth0/Authentication.swift @@ -418,7 +418,7 @@ public protocol Authentication: Trackable, Loggable { ``` Auth0 .authentication(clientId: clientId, domain: "samples.auth0.com") - .tokenExchange(withCode: "a code", codeVerifier: "code verifier", redirectURI: "https://samples.auth0.com/callback") + .codeExchange(withCode: "a code", codeVerifier: "code verifier", redirectURI: "https://samples.auth0.com/callback") .start { print($0) } ``` @@ -429,7 +429,7 @@ public protocol Authentication: Trackable, Loggable { - returns: a request that will yield Auth0 user's credentials - seeAlso: https://tools.ietf.org/html/rfc7636 */ - func tokenExchange(withCode code: String, codeVerifier: String, redirectURI: String) -> Request + func codeExchange(withCode code: String, codeVerifier: String, redirectURI: String) -> Request /** Renew user's credentials with a refresh_token grant for `/oauth/token` diff --git a/Auth0/OAuth2Grant.swift b/Auth0/OAuth2Grant.swift index 7d35bcd7..3d5b93b3 100644 --- a/Auth0/OAuth2Grant.swift +++ b/Auth0/OAuth2Grant.swift @@ -76,7 +76,7 @@ struct PKCE: OAuth2Grant { nonce: self.defaults["nonce"], organization: self.organization) authentication - .tokenExchange(withCode: code, codeVerifier: verifier, redirectURI: redirectUrlString) + .codeExchange(withCode: code, codeVerifier: verifier, redirectURI: redirectUrlString) .start { result in switch result { case .failure(let error) where error.localizedDescription == "Unauthorized": diff --git a/Auth0Tests/AuthenticationSpec.swift b/Auth0Tests/AuthenticationSpec.swift index 4716c4ac..2ec87c2a 100644 --- a/Auth0Tests/AuthenticationSpec.swift +++ b/Auth0Tests/AuthenticationSpec.swift @@ -1006,7 +1006,7 @@ class AuthenticationSpec: QuickSpec { it("should exchange code for tokens") { stub(condition: isToken(Domain) && hasAtLeast(["code": code, "code_verifier": codeVerifier, "grant_type": "authorization_code", "redirect_uri": redirectURI])) { _ in return authResponse(accessToken: AccessToken, idToken: IdToken) }.name = "Code Exchange Auth" waitUntil(timeout: Timeout) { done in - auth.tokenExchange(withCode: code, codeVerifier: codeVerifier, redirectURI: redirectURI).start { result in + auth.codeExchange(withCode: code, codeVerifier: codeVerifier, redirectURI: redirectURI).start { result in expect(result).to(haveCredentials(AccessToken, IdToken)) done() } @@ -1019,7 +1019,7 @@ class AuthenticationSpec: QuickSpec { let description = "Invalid code" let invalidCode = "return invalid code" stub(condition: isToken(Domain) && hasAtLeast(["code": invalidCode])) { _ in return authFailure(code: code, description: description) }.name = "Invalid Code" - auth.tokenExchange(withCode: invalidCode, codeVerifier: codeVerifier, redirectURI: redirectURI).start { result in + auth.codeExchange(withCode: invalidCode, codeVerifier: codeVerifier, redirectURI: redirectURI).start { result in expect(result).to(haveAuthenticationError(code: code, description: description)) done() } diff --git a/V2_MIGRATION_GUIDE.md b/V2_MIGRATION_GUIDE.md index 0361e543..9c153f7b 100644 --- a/V2_MIGRATION_GUIDE.md +++ b/V2_MIGRATION_GUIDE.md @@ -99,12 +99,12 @@ Use `userInfo(withAccessToken:)` instead. #### `tokenExchange(withParameters:)` -Use `tokenExchange(withCode:codeVerifier:redirectURI:)` instead. To pass custom parameters, use the `parameters(_:)` method from `Request`: +Use `codeExchange(withCode:codeVerifier:redirectURI:)` instead. To pass custom parameters, use the `parameters(_:)` method from `Request`: ```swift Auth0 .authentication() - .tokenExchange(withCode: code, codeVerifier: codeVerifier, redirectURI: redirectURI) + .codeExchange(withCode: code, codeVerifier: codeVerifier, redirectURI: redirectURI) .parameters(["key": "value"]) // 👈🏻 .start { result in // ... @@ -312,6 +312,10 @@ These properties were removed: The Authentication API client methods will now only yield errors of type `AuthenticationError`. The underlying error (if any) is available via the `cause: Error?` property of the `AuthenticationError`. +#### Renamed `tokenExchange(withCode:codeVerifier:redirectURI:)` + +The method `tokenExchange(withCode:codeVerifier:redirectURI:)` was renamed to `codeExchange(withCode:codeVerifier:redirectURI:)`. + #### Removed `parameters` parameter The following methods lost the `parameters` parameter: