From 452437030f69f6c232b35d209ddb2441220326f6 Mon Sep 17 00:00:00 2001 From: Nirodha Perera Date: Thu, 13 Jan 2022 15:26:59 +0530 Subject: [PATCH 1/2] Changed to store param values in shared preferences --- .../java/com/rnappauth/RNAppAuthModule.java | 70 +++++++++++++------ 1 file changed, 49 insertions(+), 21 deletions(-) diff --git a/android/src/main/java/com/rnappauth/RNAppAuthModule.java b/android/src/main/java/com/rnappauth/RNAppAuthModule.java index d0f6ebb0..0a2053f7 100644 --- a/android/src/main/java/com/rnappauth/RNAppAuthModule.java +++ b/android/src/main/java/com/rnappauth/RNAppAuthModule.java @@ -3,6 +3,7 @@ import android.app.Activity; import android.app.PendingIntent; import android.content.ComponentName; +import android.content.SharedPreferences; import android.content.Context; import android.content.Intent; import android.net.Uri; @@ -62,17 +63,12 @@ public class RNAppAuthModule extends ReactContextBaseJavaModule implements Activ private final ReactApplicationContext reactContext; private Promise promise; - private boolean dangerouslyAllowInsecureHttpRequests; - private Boolean skipCodeExchange; - private Boolean usePKCE; private Boolean useNonce; - private String codeVerifier; private String clientAuthMethod = "basic"; private Map registrationRequestHeaders = null; private Map authorizationRequestHeaders = null; private Map tokenRequestHeaders = null; private Map additionalParametersMap; - private String clientSecret; private final ConcurrentHashMap mServiceConfigurations = new ConcurrentHashMap<>(); private boolean isPrefetched = false; @@ -236,13 +232,17 @@ public void authorize( // store args in private fields for later use in onActivityResult handler this.promise = promise; - this.dangerouslyAllowInsecureHttpRequests = dangerouslyAllowInsecureHttpRequests; this.additionalParametersMap = additionalParametersMap; - this.clientSecret = clientSecret; this.clientAuthMethod = clientAuthMethod; - this.skipCodeExchange = skipCodeExchange; this.useNonce = useNonce; - this.usePKCE = usePKCE; + + SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); + SharedPreferences.Editor editor = sharedPref.edit(); + editor.putBoolean("dangerouslyAllowInsecureHttpRequests", dangerouslyAllowInsecureHttpRequests); + editor.putBoolean("skipCodeExchange", skipCodeExchange); + editor.putBoolean("usePKCE", usePKCE); + editor.putString("clientSecret", clientSecret); + editor.apply(); // when serviceConfiguration is provided, we don't need to hit up the OpenID well-known id endpoint if (serviceConfiguration != null || hasServiceConfiguration(issuer)) { @@ -330,7 +330,10 @@ public void refresh( } // store setting in private field for later use in onActivityResult handler - this.dangerouslyAllowInsecureHttpRequests = dangerouslyAllowInsecureHttpRequests; + SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); + SharedPreferences.Editor editor = sharedPref.edit(); + editor.putBoolean("dangerouslyAllowInsecureHttpRequests", dangerouslyAllowInsecureHttpRequests); + editor.apply(); this.additionalParametersMap = additionalParametersMap; // when serviceConfiguration is provided, we don't need to hit up the OpenID well-known id endpoint @@ -416,10 +419,17 @@ public void onActivityResult(Activity activity, int requestCode, int resultCode, return; } - if (this.skipCodeExchange) { + SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); + Boolean skipCodeExchange = sharedPref.getBoolean("skipCodeExchange", false); + + if (skipCodeExchange) { + + String codeVerifier = sharedPref.getString("codeVerifier", null); + Boolean usePKCE = sharedPref.getBoolean("usePKCE", true); + WritableMap map; - if (this.usePKCE && this.codeVerifier != null) { - map = TokenResponseFactory.authorizationCodeResponseToMap(response, this.codeVerifier); + if (usePKCE && codeVerifier != null) { + map = TokenResponseFactory.authorizationCodeResponseToMap(response, codeVerifier); } else { map = TokenResponseFactory.authorizationResponseToMap(response); } @@ -430,16 +440,16 @@ public void onActivityResult(Activity activity, int requestCode, int resultCode, return; } - + Boolean dangerouslyAllowInsecureHttpRequests = sharedPref.getBoolean("dangerouslyAllowInsecureHttpRequests", false); final Promise authorizePromise = this.promise; final AppAuthConfiguration configuration = createAppAuthConfiguration( - createConnectionBuilder(this.dangerouslyAllowInsecureHttpRequests, this.tokenRequestHeaders), - this.dangerouslyAllowInsecureHttpRequests + createConnectionBuilder(dangerouslyAllowInsecureHttpRequests, this.tokenRequestHeaders), + dangerouslyAllowInsecureHttpRequests ); AuthorizationService authService = new AuthorizationService(this.reactContext, configuration); - TokenRequest tokenRequest = response.createTokenExchangeRequest(this.additionalParametersMap); + TokenRequest tokenRequest = this.additionalParametersMap? response.createTokenExchangeRequest(this.additionalParametersMap) : response.createTokenExchangeRequest(); AuthorizationService.TokenResponseCallback tokenResponseCallback = new AuthorizationService.TokenResponseCallback() { @@ -459,14 +469,24 @@ public void onTokenRequestCompleted( } }; - if (this.clientSecret != null) { - ClientAuthentication clientAuth = this.getClientAuthentication(this.clientSecret, this.clientAuthMethod); + String clientSecret = sharedPref.getString("clientSecret", null); + if (clientSecret != null) { + ClientAuthentication clientAuth = this.getClientAuthentication(clientSecret, this.clientAuthMethod); authService.performTokenRequest(tokenRequest, clientAuth, tokenResponseCallback); } else { authService.performTokenRequest(tokenRequest, tokenResponseCallback); } + SharedPreferences.Editor editor = sharedPref.edit(); + editor.remove("dangerouslyAllowInsecureHttpRequests") + editor.remove("clientSecret") + editor.remove("dangerouslyAllowInsecureHttpRequests") + editor.remove("skipCodeExchange") + editor.remove("usePKCE") + editor.remove("codeVerifier") + editor.apply(); + } } @@ -588,8 +608,12 @@ private void authorizeWithConfiguration( if (!usePKCE) { authRequestBuilder.setCodeVerifier(null); } else { - this.codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier(); - authRequestBuilder.setCodeVerifier(this.codeVerifier); + String codeVerifier = CodeVerifierUtil.generateRandomCodeVerifier(); + SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); + SharedPreferences.Editor editor = sharedPref.edit(); + editor.putString("codeVerifier", codeVerifier); + editor.apply(); + authRequestBuilder.setCodeVerifier(codeVerifier); } if(!useNonce) { @@ -675,6 +699,10 @@ public void onTokenRequestCompleted(@Nullable TokenResponse response, @Nullable } else { authService.performTokenRequest(tokenRequest, tokenResponseCallback); } + SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); + SharedPreferences.Editor editor = sharedPref.edit(); + editor.remove("dangerouslyAllowInsecureHttpRequests") + editor.apply() } private void parseHeaderMap (ReadableMap headerMap) { From 2f8509e6a6b6aa192e90ddd8a2871d6f3c274573 Mon Sep 17 00:00:00 2001 From: Nirodha Perera Date: Wed, 19 Jan 2022 11:57:19 +0530 Subject: [PATCH 2/2] Fixed build errors with incorrect syntax --- .../java/com/rnappauth/RNAppAuthModule.java | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/android/src/main/java/com/rnappauth/RNAppAuthModule.java b/android/src/main/java/com/rnappauth/RNAppAuthModule.java index 0a2053f7..e0487472 100644 --- a/android/src/main/java/com/rnappauth/RNAppAuthModule.java +++ b/android/src/main/java/com/rnappauth/RNAppAuthModule.java @@ -449,7 +449,7 @@ public void onActivityResult(Activity activity, int requestCode, int resultCode, AuthorizationService authService = new AuthorizationService(this.reactContext, configuration); - TokenRequest tokenRequest = this.additionalParametersMap? response.createTokenExchangeRequest(this.additionalParametersMap) : response.createTokenExchangeRequest(); + TokenRequest tokenRequest = this.additionalParametersMap != null? response.createTokenExchangeRequest(this.additionalParametersMap) : response.createTokenExchangeRequest(); AuthorizationService.TokenResponseCallback tokenResponseCallback = new AuthorizationService.TokenResponseCallback() { @@ -479,12 +479,12 @@ public void onTokenRequestCompleted( } SharedPreferences.Editor editor = sharedPref.edit(); - editor.remove("dangerouslyAllowInsecureHttpRequests") - editor.remove("clientSecret") - editor.remove("dangerouslyAllowInsecureHttpRequests") - editor.remove("skipCodeExchange") - editor.remove("usePKCE") - editor.remove("codeVerifier") + editor.remove("dangerouslyAllowInsecureHttpRequests"); + editor.remove("clientSecret"); + editor.remove("dangerouslyAllowInsecureHttpRequests"); + editor.remove("skipCodeExchange"); + editor.remove("usePKCE"); + editor.remove("codeVerifier"); editor.apply(); } @@ -701,8 +701,8 @@ public void onTokenRequestCompleted(@Nullable TokenResponse response, @Nullable } SharedPreferences sharedPref = getCurrentActivity().getPreferences(Context.MODE_PRIVATE); SharedPreferences.Editor editor = sharedPref.edit(); - editor.remove("dangerouslyAllowInsecureHttpRequests") - editor.apply() + editor.remove("dangerouslyAllowInsecureHttpRequests"); + editor.apply(); } private void parseHeaderMap (ReadableMap headerMap) {