Skip to content

Commit

Permalink
Merge pull request #142 from DimensionSrl/feature/updates
Browse files Browse the repository at this point in the history 
Removes ACCESS_GRANTED checks
  • Loading branch information
@dulvui
dulvui authored Feb 27, 2024
2 parents 92c8b00 + 873311e commit 8a66495
Show file tree
Hide file tree
Showing 8 changed files with 1 addition and 154 deletions.
17 changes: 0 additions & 17 deletions NOICommunity.xcodeproj/project.pbxproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,6 @@
3185AA12281FDBED00767E31 /* LoadUserInfoCoordinator.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3185AA11281FDBED00767E31 /* LoadUserInfoCoordinator.swift */; };
3185AA15281FEAE900767E31 /* AccessNotGrantedViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3185AA14281FEAE900767E31 /* AccessNotGrantedViewController.swift */; };
3185AA172820005700767E31 /* KeychainAuthStateStorageClient.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3185AA162820005700767E31 /* KeychainAuthStateStorageClient.swift */; };
3185AA1A2820066A00767E31 /* SwiftJWT in Frameworks */ = {isa = PBXBuildFile; productRef = 3185AA192820066A00767E31 /* SwiftJWT */; };
318664A22B22471E0088A752 /* LinkTextView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 318664A12B22471E0088A752 /* LinkTextView.swift */; };
3187667526FB35C100782FA6 /* String+NotDefined.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3187667426FB35C100782FA6 /* String+NotDefined.swift */; };
3187667726FB38D600782FA6 /* DateIntervalFormatter+Factory.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3187667626FB38D600782FA6 /* DateIntervalFormatter+Factory.swift */; };
Expand Down Expand Up @@ -467,7 +466,6 @@
317B6F9C28118BD6008D07C0 /* AuthClient in Frameworks */,
3182F4AC27DB3841005ADDAF /* EventShortTypesClientLive in Frameworks */,
311E0EC62825157800404DCE /* FirebaseMessaging in Frameworks */,
3185AA1A2820066A00767E31 /* SwiftJWT in Frameworks */,
317B6F9E28118BD6008D07C0 /* AuthClientLive in Frameworks */,
317EC889283BB83E00F30B95 /* PeopleClient in Frameworks */,
);
Expand Down Expand Up @@ -1065,7 +1063,6 @@
317B6F9B28118BD6008D07C0 /* AuthClient */,
317B6F9D28118BD6008D07C0 /* AuthClientLive */,
31E058F12812F18800D1F7FE /* KeychainAccess */,
3185AA192820066A00767E31 /* SwiftJWT */,
311E0EC52825157800404DCE /* FirebaseMessaging */,
319C4652282BB32400946AC7 /* ArticlesClient */,
319C4654282BB32400946AC7 /* ArticlesClientLive */,
Expand Down Expand Up @@ -1150,7 +1147,6 @@
31CE9BF42701BF33005EA61A /* XCRemoteSwiftPackageReference "Kingfisher" */,
31EF82572810517500EBE5F0 /* XCRemoteSwiftPackageReference "AppAuth-iOS" */,
31E058F02812F18800D1F7FE /* XCRemoteSwiftPackageReference "KeychainAccess" */,
3185AA182820066A00767E31 /* XCRemoteSwiftPackageReference "Swift-JWT" */,
311E0EC42825157800404DCE /* XCRemoteSwiftPackageReference "firebase-ios-sdk" */,
);
productRefGroup = 3145D22E26B3F73F00F16787 /* Products */;
Expand Down Expand Up @@ -2016,14 +2012,6 @@
minimumVersion = 9.0.0;
};
};
3185AA182820066A00767E31 /* XCRemoteSwiftPackageReference "Swift-JWT" */ = {
isa = XCRemoteSwiftPackageReference;
repositoryURL = "https://github.com/Kitura/Swift-JWT.git";
requirement = {
kind = upToNextMajorVersion;
minimumVersion = 3.0.0;
};
};
31CE9BF42701BF33005EA61A /* XCRemoteSwiftPackageReference "Kingfisher" */ = {
isa = XCRemoteSwiftPackageReference;
repositoryURL = "https://github.com/onevcat/Kingfisher.git";
Expand Down Expand Up @@ -2100,11 +2088,6 @@
isa = XCSwiftPackageProductDependency;
productName = EventShortTypesClientLive;
};
3185AA192820066A00767E31 /* SwiftJWT */ = {
isa = XCSwiftPackageProductDependency;
package = 3185AA182820066A00767E31 /* XCRemoteSwiftPackageReference "Swift-JWT" */;
productName = SwiftJWT;
};
319C4652282BB32400946AC7 /* ArticlesClient */ = {
isa = XCSwiftPackageProductDependency;
productName = ArticlesClient;
Expand Down
63 changes: 0 additions & 63 deletions NOICommunity.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,33 +19,6 @@
"version": "1.6.2"
}
},
{
"package": "Cryptor",
"repositoryURL": "https://github.com/Kitura/BlueCryptor.git",
"state": {
"branch": null,
"revision": "cec97c24b111351e70e448972a7d3fe68a756d6d",
"version": "2.0.2"
}
},
{
"package": "CryptorECC",
"repositoryURL": "https://github.com/Kitura/BlueECC.git",
"state": {
"branch": null,
"revision": "1485268a54f8135435a825a855e733f026fa6cc8",
"version": "1.2.201"
}
},
{
"package": "CryptorRSA",
"repositoryURL": "https://github.com/Kitura/BlueRSA.git",
"state": {
"branch": null,
"revision": "440f78db26d8bb073f29590f1c7bd31004da09ae",
"version": "1.0.201"
}
},
{
"package": "BoringSSL-GRPC",
"repositoryURL": "https://github.com/firebase/boringssl-SwiftPM.git",
Expand Down Expand Up @@ -127,15 +100,6 @@
"version": "7.10.1"
}
},
{
"package": "KituraContracts",
"repositoryURL": "https://github.com/Kitura/KituraContracts.git",
"state": {
"branch": null,
"revision": "8a4778c3aa7833e9e1af884e8819d436c237cd70",
"version": "1.2.201"
}
},
{
"package": "leveldb",
"repositoryURL": "https://github.com/firebase/leveldb.git",
Expand All @@ -145,15 +109,6 @@
"version": "1.22.3"
}
},
{
"package": "LoggerAPI",
"repositoryURL": "https://github.com/Kitura/LoggerAPI.git",
"state": {
"branch": null,
"revision": "e82d34eab3f0b05391082b11ea07d3b70d2f65bb",
"version": "1.9.200"
}
},
{
"package": "nanopb",
"repositoryURL": "https://github.com/firebase/nanopb.git",
Expand All @@ -172,24 +127,6 @@
"version": "2.3.1"
}
},
{
"package": "SwiftJWT",
"repositoryURL": "https://github.com/Kitura/Swift-JWT.git",
"state": {
"branch": null,
"revision": "47c6384b6923e9bb1f214d2ba4bd52af39440588",
"version": "3.6.201"
}
},
{
"package": "swift-log",
"repositoryURL": "https://github.com/apple/swift-log.git",
"state": {
"branch": null,
"revision": "532d8b529501fb73a2455b179e0bbb6d49b652ed",
"version": "1.5.3"
}
},
{
"package": "SwiftProtobuf",
"repositoryURL": "https://github.com/apple/swift-protobuf.git",
Expand Down
3 changes: 0 additions & 3 deletions NOICommunity/AuthFeature/AuthConstants.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,4 @@ enum AuthConstant {

static let endSessionURI = URL(string: "noi-community://oauth2redirect/end_session-callback")!

static let accessGrantedRole = "ACCESS_GRANTED"


}
10 changes: 0 additions & 10 deletions NOICommunity/AuthFeature/LoadUserInfoViewModel.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import PeopleClient
// MARK: - LoadUserInfoViewModel

enum LoadUserInfoError: Error {
case accessNotGranted
case outsider
}

Expand All @@ -33,7 +32,6 @@ final class LoadUserInfoViewModel {
private var userInfoRequestCancellable: AnyCancellable?

private let authClient: AuthClient
private let hasAccessGrantedClient: HasAccessGrantedClient
private let peopleClient: PeopleClient
private let appPreferencesClient: AppPreferencesClient

Expand All @@ -43,25 +41,17 @@ final class LoadUserInfoViewModel {

init(
authClient: AuthClient,
hasAccessGrantedClient: @escaping HasAccessGrantedClient,
peopleClient: PeopleClient,
appPreferencesClient: AppPreferencesClient,
cache: Cache<CacheKey, UserInfo>? = nil
) {
self.authClient = authClient
self.hasAccessGrantedClient = hasAccessGrantedClient
self.peopleClient = peopleClient
self.appPreferencesClient = appPreferencesClient
self.cache = cache
}

func fetchVerifiedUserInfo() {
guard hasAccessGrantedClient()
else {
resultSubject.send(completion: .failure(LoadUserInfoError.accessNotGranted))
return
}

let userInfoPublisher = authClient.userInfo()
let peoplePublisher = authClient.accessToken()
.flatMap { [peopleClient] accessToken in
Expand Down
3 changes: 1 addition & 2 deletions NOICommunity/Coordinator/Implementations/Custom/AppCoordinator.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,8 +162,7 @@ private extension AppCoordinator {
showAuthorizedContent(animated: true)
case .failure(AuthError.OAuthTokenInvalidGrant):
logout(animated: true)
case .failure(LoadUserInfoError.accessNotGranted),
.failure(LoadUserInfoError.outsider):
case .failure(LoadUserInfoError.outsider):
showAccessNotGrantedCoordinator(animated: true)
case .failure(_):
showAuthorizedContent(animated: true)
Expand Down
3 changes: 0 additions & 3 deletions NOICommunity/Factories/ClientFactory.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,16 +17,13 @@ import ArticlesClient
import PeopleClient

typealias IsAutorizedClient = () -> Bool
typealias HasAccessGrantedClient = () -> Bool

protocol ClientFactory {

func makeAppPreferencesClient() -> AppPreferencesClient

func makeIsAutorizedClient() -> IsAutorizedClient

func makeHasAccessGrantedClient() -> HasAccessGrantedClient

func makeAuthClient() -> AuthClient

func makeArticlesClient() -> ArticlesClient
Expand Down
8 changes: 0 additions & 8 deletions NOICommunity/Factories/DependencyContainer.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ final class DependencyContainer {

let appPreferencesClient: AppPreferencesClient
let isAutorizedClient: IsAutorizedClient
let hasAccessGrantedClient: HasAccessGrantedClient
let authClient: AuthClient
let eventShortClient: EventShortClient
let eventShortTypesClient: EventShortTypesClient
Expand Down Expand Up @@ -55,7 +54,6 @@ final class DependencyContainer {
init(
appPreferencesClient: AppPreferencesClient,
isAutorizedClient: @escaping IsAutorizedClient,
hasAccessGrantedClient: @escaping HasAccessGrantedClient,
authClient: AuthClient,
eventShortClient: EventShortClient,
eventShortTypesClient: EventShortTypesClient,
Expand All @@ -64,7 +62,6 @@ final class DependencyContainer {
) {
self.appPreferencesClient = appPreferencesClient
self.isAutorizedClient = isAutorizedClient
self.hasAccessGrantedClient = hasAccessGrantedClient
self.authClient = authClient
self.eventShortClient = eventShortClient
self.eventShortTypesClient = eventShortTypesClient
Expand Down Expand Up @@ -98,10 +95,6 @@ extension DependencyContainer: ClientFactory {
authClient
}

func makeHasAccessGrantedClient() -> HasAccessGrantedClient {
hasAccessGrantedClient
}

func makeArticlesClient() -> ArticlesClient {
artileClient
}
Expand Down Expand Up @@ -162,7 +155,6 @@ extension DependencyContainer: ViewModelFactory {
func makeLoadUserInfoViewModel() -> LoadUserInfoViewModel {
.init(
authClient: makeAuthClient(),
hasAccessGrantedClient: makeHasAccessGrantedClient(),
peopleClient: makePeopleClient(),
appPreferencesClient: makeAppPreferencesClient(),
cache: userInfoCache
Expand Down
48 changes: 0 additions & 48 deletions NOICommunity/SceneDelegate.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@

import UIKit
import AppAuth
import SwiftJWT
import EventShortClientLive
import AppPreferencesClientLive
import EventShortTypesClient
Expand Down Expand Up @@ -51,18 +50,6 @@ class SceneDelegate: UIResponder, UIWindowSceneDelegate {

return authState.isAuthorized
},
hasAccessGrantedClient: { [weak self] in
guard let self,
let authState = tokenStorage.state,
let accessToken = authState.lastTokenResponse?.accessToken
else { return false }

return self.verify(
jwt: accessToken,
roles: [AuthConstant.accessGrantedRole],
of: AuthConstant.clientID
)
},
authClient: .live(
client: .init(
issuer: AuthConstant.issuerURL,
Expand Down Expand Up @@ -141,38 +128,3 @@ extension SceneDelegate: AuthContext {
}

}


// MARK: Private APIs

private extension SceneDelegate {

func verify(
jwt: String,
roles: [String],
of clientID: String
) -> Bool {
struct MyClaims: Claims {

let resourceAccess: [String: RolesContainer]

private enum CodingKeys: String, CodingKey {
case resourceAccess = "resource_access"
}

struct RolesContainer: Codable {
var roles: [String]
}
}

guard let newJWT = try? JWT<MyClaims>(jwtString: jwt)
else {
return false
}

let jwtRoles = Set(newJWT.claims.resourceAccess[clientID]?.roles ?? [])
let verifyRoles = Set(roles)
return jwtRoles.intersection(verifyRoles) == verifyRoles
}

}

0 comments on commit 8a66495

Please sign in to comment.