Use GIDAuthorizationFlowProcessor in GIDSignIn

GoogleSignIn/Sources/GIDAuthorizationFlowProcessor/API/GIDAuthorizationFlowProcessor.h

@@ -32,6 +32,7 @@ NS_ASSUME_NONNULL_BEGIN
 ///     clientID, scopes, loginHint and extraParams.
 /// @param completion The block that is called on completion asynchronously.
 - (void)startWithOptions:(GIDSignInInternalOptions *)options
+              emmSupport:(NSString *)emmSupport
               completion:(void (^)(OIDAuthorizationResponse *_Nullable authorizationResponse,
                                    NSError *_Nullable error))completion;
 
@@ -47,4 +48,3 @@ NS_ASSUME_NONNULL_BEGIN
 @end
 
 NS_ASSUME_NONNULL_END
-

GoogleSignIn/Sources/GIDAuthorizationFlowProcessor/Implementations/GIDAuthorizationFlowProcessor.h

@@ -24,8 +24,6 @@ NS_ASSUME_NONNULL_BEGIN
 
 @interface GIDAuthorizationFlowProcessor : NSObject <GIDAuthorizationFlowProcessor>
 
-- (instancetype)initWithAppAuthConfiguration:(OIDServiceConfiguration *)appAuthConfiguration;
-
 @end
 
 NS_ASSUME_NONNULL_END

GoogleSignIn/Sources/GIDAuthorizationFlowProcessor/Implementations/GIDAuthorizationFlowProcessor.m

@@ -15,12 +15,6 @@
 
 NS_ASSUME_NONNULL_BEGIN
 
-// Expected path in the URL scheme to be handled.
-static NSString *const kBrowserCallbackPath = @"/oauth2callback";
-
-// The EMM support version
-static NSString *const kEMMVersion = @"1";
-
 // Parameters for the auth and token exchange endpoints.
 static NSString *const kAudienceParameter = @"audience";
 
@@ -43,15 +37,8 @@ static NSString *const kHostedDomainParameter = @"hd";
   return _currentAuthorizationFlow != nil;
 }
 
-- (instancetype)initWithAppAuthConfiguration:(OIDServiceConfiguration *)appAuthConfiguration {
-  self = [super self];
-  if (self) {
-    _appAuthConfiguration = appAuthConfiguration;
-  }
-  return self;
-}
-
 - (void)startWithOptions:(GIDSignInInternalOptions *)options
+              emmSupport:(NSString *)emmSupport
               completion:(void (^)(OIDAuthorizationResponse *_Nullable authorizationResponse,
                                    NSError *_Nullable error))completion {
   GIDSignInCallbackSchemes *schemes =
@@ -59,12 +46,6 @@ static NSString *const kHostedDomainParameter = @"hd";
   NSURL *redirectURL = [NSURL URLWithString:[NSString stringWithFormat:@"%@:%@",
                                              [schemes clientIdentifierScheme],
                                              kBrowserCallbackPath]];
-  NSString *emmSupport;
-#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
-  emmSupport = [[self class] isOperatingSystemAtLeast9] ? kEMMVersion : nil;
-#elif TARGET_OS_MACCATALYST || TARGET_OS_OSX
-  emmSupport = nil;
-#endif // TARGET_OS_MACCATALYST || TARGET_OS_OSX
 
   NSMutableDictionary<NSString *, NSString *> *additionalParameters = [@{} mutableCopy];
   additionalParameters[kIncludeGrantedScopesParameter] = @"true";
@@ -88,9 +69,15 @@ static NSString *const kHostedDomainParameter = @"hd";
 #endif // TARGET_OS_OSX || TARGET_OS_MACCATALYST
   additionalParameters[kSDKVersionLoggingParameter] = GIDVersion();
   additionalParameters[kEnvironmentLoggingParameter] = GIDEnvironment();
+  
+  NSURL *authorizationEndpointURL = [GIDSignInPreferences authorizationEndpointURL];
+  NSURL *tokenEndpointURL = [GIDSignInPreferences tokenEndpointURL];
+  OIDServiceConfiguration *appAuthConfiguration =
+      [[OIDServiceConfiguration alloc] initWithAuthorizationEndpoint:authorizationEndpointURL
+                                                       tokenEndpoint:tokenEndpointURL];
 
   OIDAuthorizationRequest *request =
-      [[OIDAuthorizationRequest alloc] initWithConfiguration:_appAuthConfiguration
+      [[OIDAuthorizationRequest alloc] initWithConfiguration:appAuthConfiguration
                                                     clientId:options.configuration.clientID
                                                       scopes:options.scopes
                                                  redirectURL:redirectURL
@@ -110,19 +97,17 @@ static NSString *const kHostedDomainParameter = @"hd";
 }
 
 - (BOOL)resumeExternalUserAgentFlowWithURL:(NSURL *)url {
-  return [_currentAuthorizationFlow resumeExternalUserAgentFlowWithURL:url];
+  if ([_currentAuthorizationFlow resumeExternalUserAgentFlowWithURL:url]) {
+    _currentAuthorizationFlow = nil;
+    return YES;
+  } else {
+    return NO;
+  }
 }
 
 - (void)cancelAuthenticationFlow {
   [_currentAuthorizationFlow cancel];
-}
-
-# pragma mark - Helpers
-
-- (BOOL)isOperatingSystemAtLeast9 {
-  NSProcessInfo *processInfo = [NSProcessInfo processInfo];
-  return [processInfo respondsToSelector:@selector(isOperatingSystemAtLeastVersion:)] &&
-      [processInfo isOperatingSystemAtLeastVersion:(NSOperatingSystemVersion){.majorVersion = 9}];
+  _currentAuthorizationFlow = nil;
 }
 
 @end

GoogleSignIn/Sources/GIDSignIn.m

@@ -82,9 +82,6 @@ static NSString *const kUserInfoURLTemplate = @"https://%@/oauth2/v3/userinfo";
 // The URL template for the URL to revoke the token.
 static NSString *const kRevokeTokenURLTemplate = @"https://%@/o/oauth2/revoke";
 
-// Expected path in the URL scheme to be handled.
-static NSString *const kBrowserCallbackPath = @"/oauth2callback";
-
 // Expected path for EMM callback.
 static NSString *const kEMMCallbackPath = @"/emmcallback";
 
@@ -126,9 +123,6 @@ static const NSTimeInterval kPresentationDelayAfterCancel = 1.0;
 static NSString *const kAudienceParameter = @"audience";
 // See b/11669751 .
 static NSString *const kOpenIDRealmParameter = @"openid.realm";
-static NSString *const kIncludeGrantedScopesParameter = @"include_granted_scopes";
-static NSString *const kLoginHintParameter = @"login_hint";
-static NSString *const kHostedDomainParameter = @"hd";
 
 // Minimum time to expiration for a restored access token.
 static const NSTimeInterval kMinimumRestoredAccessTokenTimeToExpire = 600.0;
@@ -158,8 +152,6 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
   // represent a sign in continuation.
   GIDSignInInternalOptions *_currentOptions;
   
-  // AppAuth external user-agent session state.
-  id<OIDExternalUserAgentSession> _currentAuthorizationFlow;
   // Flag to indicate that the auth flow is restarting.
   BOOL _restarting;
   
@@ -167,6 +159,9 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
   
   // The class to fetches data from a url end point.
   id<GIDHTTPFetcher> _httpFetcher;
+  
+  // The class to control the authorization flow.
+  id<GIDAuthorizationFlowProcessor> _authorizationFlowProcessor;
 }
 
 #pragma mark - Public methods
@@ -178,8 +173,7 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
 - (BOOL)handleURL:(NSURL *)url {
   // Check if the callback path matches the expected one for a URL from Safari/Chrome/SafariVC.
   if ([url.path isEqual:kBrowserCallbackPath]) {
-    if ([_currentAuthorizationFlow resumeExternalUserAgentFlowWithURL:url]) {
-      _currentAuthorizationFlow = nil;
+    if ([_authorizationFlowProcessor resumeExternalUserAgentFlowWithURL:url]) {
       return YES;
     }
     return NO;
@@ -251,12 +245,12 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
                           additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                                 completion:(nullable GIDSignInCompletion)completion {
   GIDSignInInternalOptions *options =
-    [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
-                                     presentingViewController:presentingViewController
-                                                    loginHint:hint
-                                                addScopesFlow:NO
-                                                       scopes:additionalScopes
-                                                   completion:completion];
+      [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
+                                       presentingViewController:presentingViewController
+                                                      loginHint:hint
+                                                  addScopesFlow:NO
+                                                         scopes:additionalScopes
+                                                     completion:completion];
   [self signInWithOptions:options];
 }
 
@@ -329,12 +323,12 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
                   additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                         completion:(nullable GIDSignInCompletion)completion {
   GIDSignInInternalOptions *options =
-    [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
-                                             presentingWindow:presentingWindow
-                                                    loginHint:hint
-                                                addScopesFlow:NO
-                                                       scopes:additionalScopes
-                                                   completion:completion];
+      [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
+                                               presentingWindow:presentingWindow
+                                                      loginHint:hint
+                                                  addScopesFlow:NO
+                                                         scopes:additionalScopes
+                                                     completion:completion];
   [self signInWithOptions:options];
 }
 
@@ -457,11 +451,8 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
 - (id)initPrivate {
   id<GIDKeychainHandler> keychainHandler = [[GIDKeychainHandler alloc] init];
   id<GIDHTTPFetcher> httpFetcher = [[GIDHTTPFetcher alloc] init];
-  
-  
-  // Start from here after taking GIDAppAuthConfiguration out of GIDSignIn.m.
   id<GIDAuthorizationFlowProcessor> authorizationFlowProcessor =
-      [[GIDAuthorizationFlowProcessor alloc] init];
+  [[GIDAuthorizationFlowProcessor alloc] init];
   return [self initWithKeychainHandler:keychainHandler
                            httpFetcher:httpFetcher
             authorizationFlowProcessor:authorizationFlowProcessor];
@@ -499,6 +490,7 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
     
     _keychainHandler = keychainHandler;
     _httpFetcher = httpFetcher;
+    _authorizationFlowProcessor = authorizationFlowProcessor;
   }
   return self;
 }
@@ -524,7 +516,6 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
     // Explicitly throw exception for missing client ID here. This must come before
     // scheme check because schemes rely on reverse client IDs.
     [self assertValidParameters];
-
     [self assertValidPresentingViewController];
 
     // If the application does not support the required URL schemes tell the developer so.
@@ -563,64 +554,17 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
 #pragma mark - Authentication flow
 
 - (void)authenticateInteractivelyWithOptions:(GIDSignInInternalOptions *)options {
-  GIDSignInCallbackSchemes *schemes =
-      [[GIDSignInCallbackSchemes alloc] initWithClientIdentifier:options.configuration.clientID];
-  NSURL *redirectURL = [NSURL URLWithString:[NSString stringWithFormat:@"%@:%@",
-                                             [schemes clientIdentifierScheme],
-                                             kBrowserCallbackPath]];
   NSString *emmSupport;
 #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
   emmSupport = [[self class] isOperatingSystemAtLeast9] ? kEMMVersion : nil;
 #elif TARGET_OS_MACCATALYST || TARGET_OS_OSX
   emmSupport = nil;
 #endif // TARGET_OS_MACCATALYST || TARGET_OS_OSX
-
-  NSMutableDictionary<NSString *, NSString *> *additionalParameters = [@{} mutableCopy];
-  additionalParameters[kIncludeGrantedScopesParameter] = @"true";
-  if (options.configuration.serverClientID) {
-    additionalParameters[kAudienceParameter] = options.configuration.serverClientID;
-  }
-  if (options.loginHint) {
-    additionalParameters[kLoginHintParameter] = options.loginHint;
-  }
-  if (options.configuration.hostedDomain) {
-    additionalParameters[kHostedDomainParameter] = options.configuration.hostedDomain;
-  }
-
-#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
-  [additionalParameters addEntriesFromDictionary:
-      [GIDEMMSupport parametersWithParameters:options.extraParams
-                                   emmSupport:emmSupport
-                       isPasscodeInfoRequired:NO]];
-#elif TARGET_OS_OSX || TARGET_OS_MACCATALYST
-  [additionalParameters addEntriesFromDictionary:options.extraParams];
-#endif // TARGET_OS_OSX || TARGET_OS_MACCATALYST
-  additionalParameters[kSDKVersionLoggingParameter] = GIDVersion();
-  additionalParameters[kEnvironmentLoggingParameter] = GIDEnvironment();
   
-  NSURL *authorizationEndpointURL = [GIDSignInPreferences authorizationEndpointURL];
-  NSURL *tokenEndpointURL = [GIDSignInPreferences tokenEndpointURL];
-  OIDServiceConfiguration *appAuthConfiguration =
-      [[OIDServiceConfiguration alloc] initWithAuthorizationEndpoint:authorizationEndpointURL
-                                                       tokenEndpoint:tokenEndpointURL];
-
-  OIDAuthorizationRequest *request =
-      [[OIDAuthorizationRequest alloc] initWithConfiguration:appAuthConfiguration
-                                                    clientId:options.configuration.clientID
-                                                      scopes:options.scopes
-                                                 redirectURL:redirectURL
-                                                responseType:OIDResponseTypeCode
-                                        additionalParameters:additionalParameters];
-
-  _currentAuthorizationFlow = [OIDAuthorizationService
-      presentAuthorizationRequest:request
-#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
-         presentingViewController:options.presentingViewController
-#elif TARGET_OS_OSX
-                 presentingWindow:options.presentingWindow
-#endif // TARGET_OS_OSX
-                        callback:^(OIDAuthorizationResponse *_Nullable authorizationResponse,
-                                   NSError *_Nullable error) {
+  [_authorizationFlowProcessor startWithOptions:options
+                                     emmSupport:(NSString *)emmSupport
+                                     completion:^(OIDAuthorizationResponse *authorizationResponse,
+                                                  NSError *error) {
     [self processAuthorizationResponse:authorizationResponse
                                  error:error
                             emmSupport:emmSupport];
@@ -689,7 +633,6 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
 
 // Perform authentication with the provided options.
 - (void)authenticateWithOptions:(GIDSignInInternalOptions *)options {
-
   // If this is an interactive flow, we're not going to try to restore any saved auth state.
   if (options.interactive) {
     [self authenticateInteractivelyWithOptions:options];
@@ -910,12 +853,11 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
     return NO;
   }
 #endif // TARGET_OS_OSX
-  if (!_currentAuthorizationFlow) {
+  if (!_authorizationFlowProcessor.isStarted) {
     return NO;
   }
   _restarting = YES;
-  [_currentAuthorizationFlow cancel];
-  _currentAuthorizationFlow = nil;
+  [_authorizationFlowProcessor cancelAuthenticationFlow];
   _restarting = NO;
   NSDictionary<NSString *, NSString *> *extraParameters = @{ kEMMRestartAuthParameter : @"1" };
   // In iOS 13 the presentation of ASWebAuthenticationSession needs an anchor window,

GoogleSignIn/Sources/GIDSignInPreferences.h

@@ -18,9 +18,15 @@
 
 NS_ASSUME_NONNULL_BEGIN
 
+// The name of the query parameter used for logging the SDK version.
 extern NSString *const kSDKVersionLoggingParameter;
+
+// The name of the query parameter used for logging the Apple execution environment.
 extern NSString *const kEnvironmentLoggingParameter;
 
+// Expected path in the URL scheme to be handled.
+extern NSString *const kBrowserCallbackPath;
+
 NSString* GIDVersion(void);
 
 NSString* GIDEnvironment(void);

GoogleSignIn/Sources/GIDSignInPreferences.m

@@ -16,16 +16,14 @@
 
 NS_ASSUME_NONNULL_BEGIN
 
+NSString *const kSDKVersionLoggingParameter = @"gpsdk";
+NSString *const kEnvironmentLoggingParameter = @"gidenv";
+NSString *const kBrowserCallbackPath = @"/oauth2callback";
+
 static NSString *const kLSOServer = @"accounts.google.com";
 static NSString *const kTokenServer = @"oauth2.googleapis.com";
 static NSString *const kUserInfoServer = @"www.googleapis.com";
 
-// The name of the query parameter used for logging the SDK version.
-NSString *const kSDKVersionLoggingParameter = @"gpsdk";
-
-// The name of the query parameter used for logging the Apple execution environment.
-NSString *const kEnvironmentLoggingParameter = @"gidenv";
-
 // Supported Apple execution environments
 static NSString *const kAppleEnvironmentUnknown = @"unknown";
 static NSString *const kAppleEnvironmentIOS = @"ios";

GoogleSignIn/Tests/Unit/GIDSignInTest.m

@@ -26,6 +26,7 @@
 // Test module imports
 @import GoogleSignIn;
 
+#import "GoogleSignIn/Sources/GIDAuthorizationFlowProcessor/Implementations/GIDAuthorizationFlowProcessor.h"
 #import "GoogleSignIn/Sources/GIDEMMSupport.h"
 #import "GoogleSignIn/Sources/GIDGoogleUser_Private.h"
 #import "GoogleSignIn/Sources/GIDSignIn_Private.h"
@@ -311,8 +312,12 @@ static NSString *const kNewScope = @"newScope";
   
   _httpFetcher = [[GIDFakeHTTPFetcher alloc] init];
   
+  GIDAuthorizationFlowProcessor * authorizationFlowProcessor =
+      [[GIDAuthorizationFlowProcessor alloc] init];
+  
   _signIn = [[GIDSignIn alloc] initWithKeychainHandler:_keychainHandler
-                                           httpFetcher:_httpFetcher];
+                                           httpFetcher:_httpFetcher
+                            authorizationFlowProcessor:authorizationFlowProcessor];
   _hint = nil;
 
   __weak GIDSignInTest *weakSelf = self;