Add unit tests.

GoogleSignIn/Sources/GIDAuthorizationUtil.h

@@ -53,7 +53,7 @@ NS_ASSUME_NONNULL_BEGIN
 /// @param error The reference to the error.
 /// @return The array of all scopes or nil if there is an error.
 + (nullable NSArray<NSString *> *)
-    resolvedScopesFromGrantedScoped:(NSArray<NSString *> *)scopes
+    resolvedScopesFromGrantedScopes:(NSArray<NSString *> *)scopes
                       withNewScopes:(NSArray<NSString *> *)newScopes
                               error:(NSError * __autoreleasing *)error;
 

GoogleSignIn/Sources/GIDAuthorizationUtil.m

@@ -117,7 +117,7 @@ NS_ASSUME_NONNULL_BEGIN
 }
 
 + (nullable NSArray<NSString *> *)
-    resolvedScopesFromGrantedScoped:(NSArray<NSString *> *)scopes
+    resolvedScopesFromGrantedScopes:(NSArray<NSString *> *)scopes
                       withNewScopes:(NSArray<NSString *> *)newScopes
                               error:(NSError * __autoreleasing *)error {
   NSMutableSet<NSString *> *grantedScopes = [NSMutableSet setWithArray:scopes];

GoogleSignIn/Sources/GIDSignIn.m

@@ -252,7 +252,7 @@ static NSString *const kConfigOpenIDRealmKey = @"GIDOpenIDRealm";
                   completion:(nullable GIDSignInCompletion)completion {
   NSError *error;
   NSArray<NSString *> *allScopes =
-      [GIDAuthorizationUtil resolvedScopesFromGrantedScoped:self.currentUser.grantedScopes
+      [GIDAuthorizationUtil resolvedScopesFromGrantedScopes:self.currentUser.grantedScopes
                                               withNewScopes:scopes
                                                       error:&error];
   if (error) {

GoogleSignIn/Tests/Unit/GIDAuthorizationUtilTest.m

@@ -22,6 +22,7 @@
 
 #import "GoogleSignIn/Sources/GIDSignInInternalOptions.h"
 #import "GoogleSignIn/Sources/GIDSignInPreferences.h"
+#import "GoogleSignIn/Tests/Unit/OIDAuthorizationResponse+Testing.h"
 #import "GoogleSignIn/Tests/Unit/OIDTokenResponse+Testing.h"
 
 #ifdef SWIFT_PACKAGE
@@ -35,6 +36,7 @@ NS_ASSUME_NONNULL_BEGIN
 static NSString * const kClientId = @"FakeClientID";
 static NSString * const kUserEmail = @"FakeUserEmail";
 static NSString * const kServerClientId = @"FakeServerClientID";
+static NSString * const kOpenIDRealm = @"FakeRealm";
 
 static NSString * const kScopeBirthday = @"birthday";
 static NSString * const kScopeEmail = @"email";
@@ -46,6 +48,7 @@ static NSString * const kScopeProfile = @"profile";
 
 @implementation GIDAuthorizationUtilTest {
   GIDConfiguration *_configuration;
+  BOOL _isEligibleForEMM;
 }
 
 - (void)setUp {
@@ -54,8 +57,14 @@ static NSString * const kScopeProfile = @"profile";
                                                serverClientID:kServerClientId
                                                  hostedDomain:kHostedDomain
                                                   openIDRealm:nil];
+  
+#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
+  _isEligibleForEMM = [UIDevice currentDevice].systemVersion.integerValue >= 9;
+#endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST
 }
 
+# pragma mark - test `authorizationRequestWithOptions:emmSupport:`.
+
 - (void)testCreateAuthorizationRequest_signInFlow {
   GIDSignInInternalOptions *options =
       [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
@@ -134,11 +143,7 @@ static NSString * const kScopeProfile = @"profile";
 - (void)testCreateAuthorizationRequest_signInFlow_EMM {
   GIDSignInInternalOptions *options =
       [GIDSignInInternalOptions defaultOptionsWithConfiguration:_configuration
-#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
                                        presentingViewController:nil
-#elif TARGET_OS_OSX
-                                               presentingWindow:nil
-#endif // TARGET_OS_OSX
                                                       loginHint:kUserEmail
                                                   addScopesFlow:NO
                                                      completion:nil];
@@ -154,8 +159,7 @@ static NSString * const kScopeProfile = @"profile";
       systemName, [UIDevice currentDevice].systemVersion];
   NSDictionary<NSString *, NSObject *> *authParams = request.additionalParameters;
   
-  BOOL isEligibleForEMM = [UIDevice currentDevice].systemVersion.integerValue >= 9;
-  if (isEligibleForEMM) {
+  if (_isEligibleForEMM) {
     XCTAssertEqualObjects(authParams[@"emm_support"], kEMMVersion,
                           @"EMM support should match in auth request");
     XCTAssertEqualObjects(authParams[@"device_os"], expectedOSVersion,
@@ -170,13 +174,85 @@ static NSString * const kScopeProfile = @"profile";
 
 #endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST
 
+#pragma mark - test `accessTokenRequestWithAuthState:serverClientID:openIDRealm:emmSupport:`.
+
+- (void)testCreateAccessTokenRequest_NoAccessToken_hasAuthorizationCode {
+  OIDAuthorizationResponse *authResponse =
+      [OIDAuthorizationResponse testInstanceWithAdditionalParameters:nil
+                                                         errorString:nil];
+  
+  OIDAuthState *authState = [[OIDAuthState alloc] initWithAuthorizationResponse:authResponse
+                                                                  tokenResponse:nil];
+  
+  OIDTokenRequest *tokenRequest =
+      [GIDAuthorizationUtil accessTokenRequestWithAuthState:authState
+                                             serverClientID:kServerClientId
+                                                openIDRealm:kOpenIDRealm
+                                                 emmSupport:nil];
+  
+  NSDictionary<NSString *, NSString *> *params = tokenRequest.additionalParameters;
+  XCTAssertEqual(params[kOpenIDRealmParameter], kOpenIDRealm, @"OpenID Realm should match.");
+  XCTAssertEqual(params[kAudienceParameter], kServerClientId, @"Server Client ID should match.");
+}
+
+#if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
+
+- (void)testCreateAccessTokenRequest_EMMFlow {
+  NSDictionary<NSString *, NSString *> *additionalParameters =
+      @{ @"emm_passcode_info_required" : @"1" };
+  
+  OIDAuthorizationResponse *authResponse =
+      [OIDAuthorizationResponse testInstanceWithAdditionalParameters:additionalParameters
+                                                         errorString:nil];
+  
+  OIDAuthState *authState = [[OIDAuthState alloc] initWithAuthorizationResponse:authResponse
+                                                                  tokenResponse:nil];
+  
+  OIDTokenRequest *tokenRequest =
+      [GIDAuthorizationUtil accessTokenRequestWithAuthState:authState
+                                             serverClientID:nil
+                                                openIDRealm:nil
+                                                 emmSupport:kEMMVersion];
+  NSString *systemName = [UIDevice currentDevice].systemName;
+  if ([systemName isEqualToString:@"iPhone OS"]) {
+    systemName = @"iOS";
+  }
+  NSString *expectedOSVersion = [NSString stringWithFormat:@"%@ %@",
+      systemName, [UIDevice currentDevice].systemVersion];
+  
+  NSDictionary<NSString *, NSString *> *tokenParams = tokenRequest.additionalParameters;
+  
+  if (_isEligibleForEMM) {
+    XCTAssertEqualObjects(tokenParams[@"emm_support"], kEMMVersion,
+                          @"EMM support should match in token request");
+    XCTAssertEqualObjects(tokenParams[@"device_os"],
+                          expectedOSVersion,
+                          @"OS version should match in token request");
+    XCTAssertNotNil(tokenParams[@"emm_passcode_info"],
+                    @"passcode info should be in token request");
+  } else {
+    XCTAssertNil(tokenParams[@"emm_support"],
+                 @"EMM support should not be in token request for unsupported OS");
+    XCTAssertNil(tokenParams[@"device_os"],
+                 @"OS version should not be in token request for unsupported OS");
+    XCTAssertNil(tokenParams[@"emm_passcode_info"],
+                 @"passcode info should not be in token request for unsupported OS");
+  }
+  
+  
+}
+
+#endif // TARGET_OS_IOS && !TARGET_OS_MACCATALYST
+
+#pragma mark - test `resolvedScopesFromGrantedScopes:ithNewScopes:error:`.
+
 - (void)testUnionScopes_success {
   NSArray<NSString *> *scopes = @[kScopeEmail, kScopeProfile];
   NSArray<NSString *> *newScopes = @[kScopeBirthday];
   
   NSError *error;
   NSArray<NSString *> *allScopes =
-      [GIDAuthorizationUtil resolvedScopesFromGrantedScoped:scopes
+      [GIDAuthorizationUtil resolvedScopesFromGrantedScopes:scopes
                                               withNewScopes:newScopes
                                                       error:&error];
   
@@ -191,7 +267,7 @@ static NSString * const kScopeProfile = @"profile";
   
   NSError *error;
   NSArray<NSString *> *allScopes =
-      [GIDAuthorizationUtil resolvedScopesFromGrantedScoped:scopes
+      [GIDAuthorizationUtil resolvedScopesFromGrantedScopes:scopes
                                               withNewScopes:newScopes
                                                       error:&error];
   

GoogleSignIn/Tests/Unit/GIDSignInTest.m

@@ -122,7 +122,7 @@ static NSString * const kAppHasRunBeforeKey = @"GPP_AppHasRunBefore";
 static NSString * const kFingerprintKeychainName = @"fingerprint";
 static NSString * const kVerifierKeychainName = @"verifier";
 static NSString * const kVerifierKey = @"verifier";
-static NSString * const kOpenIDRealmKey = @"openid.realm";
+//static NSString * const kOpenIDRealmKey = @"openid.realm";
 static NSString * const kSavedKeychainServiceName = @"saved-keychain";
 static NSString * const kKeychainAccountName = @"GooglePlus";
 static NSString * const kUserNameKey = @"name";
@@ -231,9 +231,6 @@ static NSString *const kNewScope = @"newScope";
   // The completion to be used when testing `GIDSignIn`.
   GIDSignInCompletion _completion;
 
-  // The saved token request.
-  OIDTokenRequest *_savedTokenRequest;
-
   // The saved token request callback.
   OIDTokenCallback _savedTokenCallback;
 }
@@ -269,7 +266,7 @@ static NSString *const kNewScope = @"newScope";
   _user = OCMStrictClassMock([GIDGoogleUser class]);
   _oidAuthorizationService = OCMStrictClassMock([OIDAuthorizationService class]);
   OCMStub([self->_oidAuthorizationService
-      performTokenRequest:SAVE_TO_ARG_BLOCK(self->_savedTokenRequest)
+      performTokenRequest:OCMOCK_ANY
                  callback:COPY_TO_ARG_BLOCK(self->_savedTokenCallback)]);
 
   // Fakes
@@ -490,25 +487,6 @@ static NSString *const kNewScope = @"newScope";
                         modalCancel:NO];
 }
 
-- (void)testOpenIDRealm {
-  _signIn.configuration = [[GIDConfiguration alloc] initWithClientID:kClientId
-                                                      serverClientID:nil
-                                                        hostedDomain:nil
-                                                         openIDRealm:kOpenIDRealm];
-
-  [self OAuthLoginWithAddScopesFlow:NO
-                          authError:nil
-                         tokenError:nil
-            emmPasscodeInfoRequired:NO
-                      keychainError:NO
-                     restoredSignIn:NO
-                     oldAccessToken:NO
-                        modalCancel:NO];
-
-  NSDictionary<NSString *, NSString *> *params = _savedTokenRequest.additionalParameters;
-  XCTAssertEqual(params[kOpenIDRealmKey], kOpenIDRealm, @"OpenID Realm should match.");
-}
-
 - (void)testOAuthLogin_ConsentCanceled {
   [self OAuthLoginWithAddScopesFlow:NO
                           authError:@"access_denied"
@@ -815,61 +793,6 @@ static NSString *const kNewScope = @"newScope";
 
 #if TARGET_OS_IOS && !TARGET_OS_MACCATALYST
 
-- (void)testEmmSupportRequestParameters {
-  [self OAuthLoginWithAddScopesFlow:NO
-                          authError:nil
-                         tokenError:nil
-            emmPasscodeInfoRequired:NO
-                      keychainError:NO
-                     restoredSignIn:NO
-                     oldAccessToken:NO
-                        modalCancel:NO];
-
-  NSString *systemName = [UIDevice currentDevice].systemName;
-  if ([systemName isEqualToString:@"iPhone OS"]) {
-    systemName = @"iOS";
-  }
-  NSString *expectedOSVersion = [NSString stringWithFormat:@"%@ %@",
-      systemName, [UIDevice currentDevice].systemVersion];
-
-  NSDictionary<NSString *, NSString *> *tokenParams = _savedTokenRequest.additionalParameters;
-  if (_isEligibleForEMM) {
-    XCTAssertEqualObjects(tokenParams[@"emm_support"], kEMMVersion,
-                          @"EMM support should match in token request");
-    XCTAssertEqualObjects(tokenParams[@"device_os"],
-                          expectedOSVersion,
-                          @"OS version should match in token request");
-    XCTAssertNil(tokenParams[@"emm_passcode_info"],
-                 @"no passcode info should be in token request");
-  } else {
-    XCTAssertNil(tokenParams[@"emm_support"],
-                 @"EMM support should not be in token request for unsupported OS");
-    XCTAssertNil(tokenParams[@"device_os"],
-                 @"OS version should not be in token request for unsupported OS");
-    XCTAssertNil(tokenParams[@"emm_passcode_info"],
-                 @"passcode info should not be in token request for unsupported OS");
-  }
-}
-
-- (void)testEmmPasscodeInfo {
-  [self OAuthLoginWithAddScopesFlow:NO
-                          authError:nil
-                         tokenError:nil
-            emmPasscodeInfoRequired:YES
-                      keychainError:NO
-                     restoredSignIn:NO
-                     oldAccessToken:NO
-                        modalCancel:NO];
-  NSDictionary<NSString *, NSString *> *tokenParams = _savedTokenRequest.additionalParameters;
-  if (_isEligibleForEMM) {
-    XCTAssertNotNil(tokenParams[@"emm_passcode_info"],
-                    @"passcode info should be in token request");
-  } else {
-    XCTAssertNil(tokenParams[@"emm_passcode_info"],
-                 @"passcode info should not be in token request for unsupported OS");
-  }
-}
-
 - (void)testAuthEndpointEMMError {
   if (!_isEligibleForEMM) {
     return;
@@ -1112,7 +1035,6 @@ static NSString *const kNewScope = @"newScope";
   }
 
   if (!restoredSignIn || (restoredSignIn && oldAccessToken)) {
-    XCTAssertNotNil(_savedTokenRequest);
     XCTAssertNotNil(_savedTokenCallback);
 
     // OIDTokenCallback