IME-LONDON
/
LONDON-IOS
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
763 Commits
3 Branches
2 Tags
339 MiB
Tree: aeff3cd145
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'aeff3cd145'
${ noResults }
LONDON-IOS/Pods/FirebaseAuth/Firebase/Auth/Source/AuthProviders/Phone/FIRPhoneAuthProvider.m

519 lines
22 KiB
Raw Normal View History

git init
6 years ago
  1. /*
  2. * Copyright 2017 Google
  3. *
  4. * Licensed under the Apache License, Version 2.0 (the "License");
  5. * you may not use this file except in compliance with the License.
  6. * You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. */
  17. #import "FIRPhoneAuthProvider.h"
  19. #import <FirebaseCore/FIRLogger.h>
  20. #import "FIRPhoneAuthCredential_Internal.h"
  21. #import <FirebaseCore/FIRApp.h>
  22. #import "FIRAuthAPNSToken.h"
  23. #import "FIRAuthAPNSTokenManager.h"
  24. #import "FIRAuthAppCredential.h"
  25. #import "FIRAuthAppCredentialManager.h"
  26. #import "FIRAuthGlobalWorkQueue.h"
  27. #import "FIRAuth_Internal.h"
  28. #import "FIRAuthURLPresenter.h"
  29. #import "FIRAuthNotificationManager.h"
  30. #import "FIRAuthErrorUtils.h"
  31. #import "FIRAuthBackend.h"
  32. #import "FIRAuthSettings.h"
  33. #import "FIRAuthWebUtils.h"
  34. #import "FirebaseAuthVersion.h"
  35. #import <FirebaseCore/FIROptions.h>
  36. #import "FIRGetProjectConfigRequest.h"
  37. #import "FIRGetProjectConfigResponse.h"
  38. #import "FIRSendVerificationCodeRequest.h"
  39. #import "FIRSendVerificationCodeResponse.h"
  40. #import "FIRVerifyClientRequest.h"
  41. #import "FIRVerifyClientResponse.h"
  43. NS_ASSUME_NONNULL_BEGIN
  45. /** @typedef FIRReCAPTCHAURLCallBack
  46. @brief The callback invoked at the end of the flow to fetch a reCAPTCHA URL.
  47. @param reCAPTCHAURL The reCAPTCHA URL.
  48. @param error The error that occured while fetching the reCAPTCHAURL, if any.
  49. */
  50. typedef void (^FIRReCAPTCHAURLCallBack)(NSURL *_Nullable reCAPTCHAURL, NSError *_Nullable error);
  52. /** @typedef FIRVerifyClientCallback
  53. @brief The callback invoked at the end of a client verification flow.
  54. @param appCredential credential that proves the identity of the app during a phone
  55. authentication flow.
  56. @param error The error that occured while verifying the app, if any.
  57. */
  58. typedef void (^FIRVerifyClientCallback)(FIRAuthAppCredential *_Nullable appCredential,
  59. NSError *_Nullable error);
  61. /** @typedef FIRFetchAuthDomainCallback
  62. @brief The callback invoked at the end of the flow to fetch the Auth domain.
  63. @param authDomain The Auth domain.
  64. @param error The error that occured while fetching the auth domain, if any.
  65. */
  66. typedef void (^FIRFetchAuthDomainCallback)(NSString *_Nullable authDomain,
  67. NSError *_Nullable error);
  68. /** @var kAuthDomainSuffix
  69. @brief The suffix of the auth domain pertiaining to a given Firebase project.
  70. */
  71. static NSString *const kAuthDomainSuffix = @"firebaseapp.com";
  73. /** @var kauthTypeVerifyApp
  74. @brief The auth type to be specified in the app verification request.
  75. */
  76. static NSString *const kAuthTypeVerifyApp = @"verifyApp";
  78. /** @var kReCAPTCHAURLStringFormat
  79. @brief The format of the URL used to open the reCAPTCHA page during app verification.
  80. */
  81. NSString *const kReCAPTCHAURLStringFormat = @"https://%@/__/auth/handler?";
  83. @implementation FIRPhoneAuthProvider {
  85. /** @var _auth
  86. @brief The auth instance used for verifying the phone number.
  87. */
  88. FIRAuth *_auth;
  90. /** @var _callbackScheme
  91. @brief The callback URL scheme used for reCAPTCHA fallback.
  92. */
  93. NSString *_callbackScheme;
  94. }
  96. /** @fn initWithAuth:
  97. @brief returns an instance of @c FIRPhoneAuthProvider assocaited with the provided auth
  98. instance.
  99. @return An Instance of @c FIRPhoneAuthProvider.
  100. */
  101. - (nullable instancetype)initWithAuth:(FIRAuth *)auth {
  102. self = [super init];
  103. if (self) {
  104. _auth = auth;
  105. _callbackScheme = [[[_auth.app.options.clientID componentsSeparatedByString:@"."]
  106. reverseObjectEnumerator].allObjects componentsJoinedByString:@"."];
  107. }
  108. return self;
  109. }
  111. - (void)verifyPhoneNumber:(NSString *)phoneNumber
  112. UIDelegate:(nullable id<FIRAuthUIDelegate>)UIDelegate
  113. completion:(nullable FIRVerificationResultCallback)completion {
  114. if (![self isCallbackSchemeRegistered]) {
  115. [NSException raise:NSInternalInconsistencyException
  116. format:@"Please register custom URL scheme '%@' in the app's Info.plist file.",
  117. _callbackScheme];
  118. }
  119. dispatch_async(FIRAuthGlobalWorkQueue(), ^{
  120. FIRVerificationResultCallback callBackOnMainThread = ^(NSString *_Nullable verificationID,
  121. NSError *_Nullable error) {
  122. if (completion) {
  123. dispatch_async(dispatch_get_main_queue(), ^{
  124. completion(verificationID, error);
  125. });
  126. }
  127. };
  128. [self internalVerifyPhoneNumber:phoneNumber completion:^(NSString *_Nullable verificationID,
  129. NSError *_Nullable error) {
  130. if (!error) {
  131. callBackOnMainThread(verificationID, nil);
  132. return;
  133. }
  134. NSError *underlyingError = error.userInfo[NSUnderlyingErrorKey];
  135. BOOL isInvalidAppCredential = error.code == FIRAuthErrorCodeInternalError &&
  136. underlyingError.code == FIRAuthErrorCodeInvalidAppCredential;
  137. if (error.code != FIRAuthErrorCodeMissingAppToken && !isInvalidAppCredential) {
  138. callBackOnMainThread(nil, error);
  139. return;
  140. }
  141. NSMutableString *eventID = [[NSMutableString alloc] init];
  142. for (int i=0; i<10; i++) {
  143. [eventID appendString:
  144. [NSString stringWithFormat:@"%c", 'a' + arc4random_uniform('z' - 'a' + 1)]];
  145. }
  146. [self reCAPTCHAURLWithEventID:eventID completion:^(NSURL *_Nullable reCAPTCHAURL,
  147. NSError *_Nullable error) {
  148. if (error) {
  149. callBackOnMainThread(nil, error);
  150. return;
  151. }
  152. FIRAuthURLCallbackMatcher callbackMatcher = ^BOOL(NSURL *_Nullable callbackURL) {
  153. return [self isVerifyAppURL:callbackURL eventID:eventID];
  154. };
  155. [self->_auth.authURLPresenter presentURL:reCAPTCHAURL
  156. UIDelegate:UIDelegate
  157. callbackMatcher:callbackMatcher
  158. completion:^(NSURL *_Nullable callbackURL,
  159. NSError *_Nullable error) {
  160. if (error) {
  161. callBackOnMainThread(nil, error);
  162. return;
  163. }
  164. NSError *reCAPTCHAError;
  165. NSString *reCAPTCHAToken = [self reCAPTCHATokenForURL:callbackURL error:&reCAPTCHAError];
  166. if (!reCAPTCHAToken) {
  167. callBackOnMainThread(nil, reCAPTCHAError);
  168. return;
  169. }
  170. FIRSendVerificationCodeRequest *request =
  171. [[FIRSendVerificationCodeRequest alloc] initWithPhoneNumber:phoneNumber
  172. appCredential:nil
  173. reCAPTCHAToken:reCAPTCHAToken
  174. requestConfiguration:
  175. self->_auth.requestConfiguration];
  176. [FIRAuthBackend sendVerificationCode:request
  177. callback:^(FIRSendVerificationCodeResponse
  178. *_Nullable response, NSError *_Nullable error) {
  179. if (error) {
  180. callBackOnMainThread(nil, error);
  181. return;
  182. }
  183. callBackOnMainThread(response.verificationID, nil);
  184. }];
  185. }];
  186. }];
  187. }];
  188. });
  189. }
  191. - (FIRPhoneAuthCredential *)credentialWithVerificationID:(NSString *)verificationID
  192. verificationCode:(NSString *)verificationCode {
  193. return [[FIRPhoneAuthCredential alloc] initWithProviderID:FIRPhoneAuthProviderID
  194. verificationID:verificationID
  195. verificationCode:verificationCode];
  196. }
  198. + (instancetype)provider {
  199. return [[self alloc]initWithAuth:[FIRAuth auth]];
  200. }
  202. + (instancetype)providerWithAuth:(FIRAuth *)auth {
  203. return [[self alloc]initWithAuth:auth];
  204. }
  206. #pragma mark - Internal Methods
  208. /** @fn isCallbackSchemeRegistered
  209. @brief Checks whether or not the expected callback scheme has been registered by the app.
  210. @remarks This method is thread-safe.
  211. */
  212. - (BOOL)isCallbackSchemeRegistered {
  213. NSString *expectedCustomScheme = [_callbackScheme lowercaseString];
  214. NSArray *urlTypes = [[NSBundle mainBundle] objectForInfoDictionaryKey:@"CFBundleURLTypes"];
  215. for (NSDictionary *urlType in urlTypes) {
  216. NSArray *urlTypeSchemes = urlType[@"CFBundleURLSchemes"];
  217. for (NSString *urlTypeScheme in urlTypeSchemes) {
  218. if ([urlTypeScheme.lowercaseString isEqualToString:expectedCustomScheme]) {
  219. return YES;
  220. }
  221. }
  222. }
  223. return NO;
  224. }
  226. /** @fn reCAPTCHATokenForURL:error:
  227. @brief Parses the reCAPTCHA URL and returns.
  228. @param URL The url to be parsed for a reCAPTCHA token.
  229. @param error The error that occurred if any.
  230. @return The reCAPTCHA token if successful.
  231. */
  232. - (NSString *)reCAPTCHATokenForURL:(NSURL *)URL error:(NSError **)error {
  233. NSURLComponents *actualURLComponents = [NSURLComponents componentsWithURL:URL resolvingAgainstBaseURL:NO];
  234. NSArray<NSURLQueryItem *> *queryItems = [actualURLComponents queryItems];
  235. NSString *deepLinkURL = [FIRAuthWebUtils queryItemValue:@"deep_link_id" from:queryItems];
  236. NSData *errorData;
  237. if (deepLinkURL) {
  238. actualURLComponents = [NSURLComponents componentsWithString:deepLinkURL];
  239. queryItems = [actualURLComponents queryItems];
  240. NSString *recaptchaToken = [FIRAuthWebUtils queryItemValue:@"recaptchaToken" from:queryItems];
  241. if (recaptchaToken) {
  242. return recaptchaToken;
  243. }
  244. NSString *firebaseError = [FIRAuthWebUtils queryItemValue:@"firebaseError" from:queryItems];
  245. errorData = [firebaseError dataUsingEncoding:NSUTF8StringEncoding];
  246. } else {
  247. errorData = nil;
  248. }
  249. NSError *jsonError;
  250. NSDictionary *errorDict = [NSJSONSerialization JSONObjectWithData:errorData
  251. options:0
  252. error:&jsonError];
  253. if (jsonError) {
  254. *error = [FIRAuthErrorUtils JSONSerializationErrorWithUnderlyingError:jsonError];
  255. return nil;
  256. }
  257. *error = [FIRAuthErrorUtils URLResponseErrorWithCode:errorDict[@"code"]
  258. message:errorDict[@"message"]];
  259. if (!*error) {
  260. NSString *reason;
  261. if(errorDict[@"code"] && errorDict[@"message"]) {
  262. reason = [NSString stringWithFormat:@"[%@] - %@",errorDict[@"code"], errorDict[@"message"]];
  263. } else {
  264. reason = [NSString stringWithFormat:@"An unknown error occurred with the following "
  265. "response: %@", deepLinkURL];
  266. }
  267. *error = [FIRAuthErrorUtils appVerificationUserInteractionFailureWithReason:reason];
  268. }
  269. return nil;
  270. }
  272. /** @fn isVerifyAppURL:
  273. @brief Parses a URL into all available query items.
  274. @param URL The url to be checked against the authType string.
  275. @return Whether or not the URL matches authType.
  276. */
  277. - (BOOL)isVerifyAppURL:(nullable NSURL *)URL eventID:(NSString *)eventID {
  278. if (!URL) {
  279. return NO;
  280. }
  281. NSURLComponents *actualURLComponents =
  282. [NSURLComponents componentsWithURL:URL resolvingAgainstBaseURL:NO];
  283. actualURLComponents.query = nil;
  284. actualURLComponents.fragment = nil;
  286. NSURLComponents *expectedURLComponents = [NSURLComponents new];
  287. expectedURLComponents.scheme = _callbackScheme;
  288. expectedURLComponents.host = @"firebaseauth";
  289. expectedURLComponents.path = @"/link";
  291. if (!([[expectedURLComponents URL] isEqual:[actualURLComponents URL]])) {
  292. return NO;
  293. }
  294. actualURLComponents = [NSURLComponents componentsWithURL:URL resolvingAgainstBaseURL:NO];
  295. NSArray<NSURLQueryItem *> *queryItems = [actualURLComponents queryItems];
  296. NSString *deepLinkURL = [FIRAuthWebUtils queryItemValue:@"deep_link_id" from:queryItems];
  297. if (deepLinkURL == nil) {
  298. return NO;
  299. }
  300. NSURLComponents *deepLinkURLComponents = [NSURLComponents componentsWithString:deepLinkURL];
  301. NSArray<NSURLQueryItem *> *deepLinkQueryItems = [deepLinkURLComponents queryItems];
  303. NSString *deepLinkAuthType = [FIRAuthWebUtils queryItemValue:@"authType" from:deepLinkQueryItems];
  304. NSString *deepLinkEventID = [FIRAuthWebUtils queryItemValue:@"eventId" from:deepLinkQueryItems];
  305. if ([deepLinkAuthType isEqualToString:kAuthTypeVerifyApp] &&
  306. [deepLinkEventID isEqualToString:eventID]) {
  307. return YES;
  308. }
  309. return NO;
  310. }
  312. /** @fn internalVerifyPhoneNumber:completion:
  313. @brief Starts the phone number authentication flow by sending a verifcation code to the
  314. specified phone number.
  315. @param phoneNumber The phone number to be verified.
  316. @param completion The callback to be invoked when the verification flow is finished.
  317. */
  319. - (void)internalVerifyPhoneNumber:(NSString *)phoneNumber
  320. completion:(nullable FIRVerificationResultCallback)completion {
  321. if (!phoneNumber.length) {
  322. completion(nil, [FIRAuthErrorUtils missingPhoneNumberErrorWithMessage:nil]);
  323. return;
  324. }
  325. [_auth.notificationManager checkNotificationForwardingWithCallback:
  326. ^(BOOL isNotificationBeingForwarded) {
  327. if (!isNotificationBeingForwarded) {
  328. completion(nil, [FIRAuthErrorUtils notificationNotForwardedError]);
  329. return;
  330. }
  331. FIRVerificationResultCallback callback = ^(NSString *_Nullable verificationID,
  332. NSError *_Nullable error) {
  333. if (completion) {
  334. completion(verificationID, error);
  335. }
  336. };
  337. [self verifyClientAndSendVerificationCodeToPhoneNumber:phoneNumber
  338. retryOnInvalidAppCredential:YES
  339. callback:callback];
  340. }];
  341. }
  343. /** @fn verifyClientAndSendVerificationCodeToPhoneNumber:retryOnInvalidAppCredential:callback:
  344. @brief Starts the flow to verify the client via silent push notification.
  345. @param retryOnInvalidAppCredential Whether of not the flow should be retried if an
  346. FIRAuthErrorCodeInvalidAppCredential error is returned from the backend.
  347. @param phoneNumber The phone number to be verified.
  348. @param callback The callback to be invoked on the global work queue when the flow is
  349. finished.
  350. */
  351. - (void)verifyClientAndSendVerificationCodeToPhoneNumber:(NSString *)phoneNumber
  352. retryOnInvalidAppCredential:(BOOL)retryOnInvalidAppCredential
  353. callback:(FIRVerificationResultCallback)callback {
  354. if (_auth.settings.isAppVerificationDisabledForTesting) {
  355. FIRSendVerificationCodeRequest *request =
  356. [[FIRSendVerificationCodeRequest alloc] initWithPhoneNumber:phoneNumber
  357. appCredential:nil
  358. reCAPTCHAToken:nil
  359. requestConfiguration:
  360. _auth.requestConfiguration];
  361. [FIRAuthBackend sendVerificationCode:request
  362. callback:^(FIRSendVerificationCodeResponse *_Nullable response,
  363. NSError *_Nullable error) {
  364. callback(response.verificationID, error);
  365. }];
  366. return;
  367. }
  368. [self verifyClientWithCompletion:^(FIRAuthAppCredential *_Nullable appCredential,
  369. NSError *_Nullable error) {
  370. if (error) {
  371. callback(nil, error);
  372. return;
  373. }
  374. FIRSendVerificationCodeRequest *request =
  375. [[FIRSendVerificationCodeRequest alloc] initWithPhoneNumber:phoneNumber
  376. appCredential:appCredential
  377. reCAPTCHAToken:nil
  378. requestConfiguration:
  379. self->_auth.requestConfiguration];
  380. [FIRAuthBackend sendVerificationCode:request
  381. callback:^(FIRSendVerificationCodeResponse *_Nullable response,
  382. NSError *_Nullable error) {
  383. if (error) {
  384. if (error.code == FIRAuthErrorCodeInvalidAppCredential) {
  385. if (retryOnInvalidAppCredential) {
  386. [self->_auth.appCredentialManager clearCredential];
  387. [self verifyClientAndSendVerificationCodeToPhoneNumber:phoneNumber
  388. retryOnInvalidAppCredential:NO
  389. callback:callback];
  390. return;
  391. }
  392. callback(nil, [FIRAuthErrorUtils unexpectedResponseWithDeserializedResponse:nil
  393. underlyingError:error]);
  394. return;
  395. }
  396. callback(nil, error);
  397. return;
  398. }
  399. callback(response.verificationID, nil);
  400. }];
  401. }];
  402. }
  404. /** @fn verifyClientWithCompletion:completion:
  405. @brief Continues the flow to verify the client via silent push notification.
  406. @param completion The callback to be invoked when the client verification flow is finished.
  407. */
  408. - (void)verifyClientWithCompletion:(FIRVerifyClientCallback)completion {
  409. if (_auth.appCredentialManager.credential) {
  410. completion(_auth.appCredentialManager.credential, nil);
  411. return;
  412. }
  413. [_auth.tokenManager getTokenWithCallback:^(FIRAuthAPNSToken *_Nullable token,
  414. NSError *_Nullable error) {
  415. if (!token) {
  416. completion(nil, [FIRAuthErrorUtils missingAppTokenErrorWithUnderlyingError:error]);
  417. return;
  418. }
  419. FIRVerifyClientRequest *request =
  420. [[FIRVerifyClientRequest alloc] initWithAppToken:token.string
  421. isSandbox:token.type == FIRAuthAPNSTokenTypeSandbox
  422. requestConfiguration:self->_auth.requestConfiguration];
  423. [FIRAuthBackend verifyClient:request callback:^(FIRVerifyClientResponse *_Nullable response,
  424. NSError *_Nullable error) {
  425. if (error) {
  426. completion(nil, error);
  427. return;
  428. }
  429. NSTimeInterval timeout = [response.suggestedTimeOutDate timeIntervalSinceNow];
  430. [self->_auth.appCredentialManager
  431. didStartVerificationWithReceipt:response.receipt
  432. timeout:timeout
  433. callback:^(FIRAuthAppCredential *credential) {
  434. if (!credential.secret) {
  435. FIRLogWarning(kFIRLoggerAuth, @"I-AUT000014",
  436. @"Failed to receive remote notification to verify app identity within "
  437. @"%.0f second(s)", timeout);
  438. }
  439. completion(credential, nil);
  440. }];
  441. }];
  442. }];
  443. }
  445. /** @fn reCAPTCHAURLWithEventID:completion:
  446. @brief Constructs a URL used for opening a reCAPTCHA app verification flow using a given event
  447. ID.
  448. @param eventID The event ID used for this purpose.
  449. @param completion The callback invoked after the URL has been constructed or an error
  450. has been encountered.
  451. */
  452. - (void)reCAPTCHAURLWithEventID:(NSString *)eventID completion:(FIRReCAPTCHAURLCallBack)completion {
  453. [self fetchAuthDomainWithCompletion:^(NSString *_Nullable authDomain,
  454. NSError *_Nullable error) {
  455. if (error) {
  456. completion(nil, error);
  457. return;
  458. }
  459. NSString *bundleID = [NSBundle mainBundle].bundleIdentifier;
  460. NSString *clientID = self->_auth.app.options.clientID;
  461. NSString *apiKey = self->_auth.requestConfiguration.APIKey;
  462. NSMutableArray<NSURLQueryItem *> *queryItems = [@[
  463. [NSURLQueryItem queryItemWithName:@"apiKey" value:apiKey],
  464. [NSURLQueryItem queryItemWithName:@"authType" value:kAuthTypeVerifyApp],
  465. [NSURLQueryItem queryItemWithName:@"ibi" value:bundleID ?: @""],
  466. [NSURLQueryItem queryItemWithName:@"clientId" value:clientID],
  467. [NSURLQueryItem queryItemWithName:@"v" value:[FIRAuthBackend authUserAgent]],
  468. [NSURLQueryItem queryItemWithName:@"eventId" value:eventID]
  469. ] mutableCopy
  470. ];
  472. if (self->_auth.requestConfiguration.languageCode) {
  473. [queryItems addObject:[NSURLQueryItem queryItemWithName:@"hl"value:
  474. self->_auth.requestConfiguration.languageCode]];
  475. }
  476. NSURLComponents *components = [[NSURLComponents alloc] initWithString:
  477. [NSString stringWithFormat:kReCAPTCHAURLStringFormat, authDomain]];
  478. [components setQueryItems:queryItems];
  479. completion([components URL], nil);
  480. }];
  481. }
  483. /** @fn fetchAuthDomainWithCompletion:completion:
  484. @brief Fetches the auth domain associated with the Firebase Project.
  485. @param completion The callback invoked after the auth domain has been constructed or an error
  486. has been encountered.
  487. */
  488. - (void)fetchAuthDomainWithCompletion:(FIRFetchAuthDomainCallback)completion {
  489. FIRGetProjectConfigRequest *request =
  490. [[FIRGetProjectConfigRequest alloc] initWithRequestConfiguration:_auth.requestConfiguration];
  492. [FIRAuthBackend getProjectConfig:request
  493. callback:^(FIRGetProjectConfigResponse *_Nullable response,
  494. NSError *_Nullable error) {
  495. if (error) {
  496. completion(nil, error);
  497. return;
  498. }
  499. NSString *authDomain;
  500. for (NSString *domain in response.authorizedDomains) {
  501. NSInteger index = domain.length - kAuthDomainSuffix.length;
  502. if (index >= 2) {
  503. if ([domain hasSuffix:kAuthDomainSuffix] && domain.length >= kAuthDomainSuffix.length + 2) {
  504. authDomain = domain;
  505. break;
  506. }
  507. }
  508. }
  509. if (!authDomain.length) {
  510. completion(nil, [FIRAuthErrorUtils unexpectedErrorResponseWithDeserializedResponse:response]);
  511. return;
  512. }
  513. completion(authDomain, nil);
  514. }];
  515. }
  517. @end
  519. NS_ASSUME_NONNULL_END