From 219c49f6e383ff05ebfcc5217a2a70a47e27ee27 Mon Sep 17 00:00:00 2001 From: Prashanth Sampath Kumar - p0s097d <Prashanth.Sampathkum@walmart.com> Date: Wed, 2 Apr 2025 10:39:02 -0500 Subject: [PATCH 1/2] Crash fix - when cancelling an authentication session --- Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m index 4a8cda0a3..a5c586175 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m @@ -41,6 +41,9 @@ @interface OIDExternalUserAgentIOS ()<SFSafariViewControllerDelegate> @end #endif +API_AVAILABLE(ios(12.0)) +static ASWebAuthenticationSession *_webAuthenticationVC; + @implementation OIDExternalUserAgentIOS { UIViewController *_presentingViewController; BOOL _prefersEphemeralSession; @@ -51,7 +54,6 @@ @implementation OIDExternalUserAgentIOS { #pragma clang diagnostic ignored "-Wpartial-availability" __weak SFSafariViewController *_safariVC; SFAuthenticationSession *_authenticationVC; - ASWebAuthenticationSession *_webAuthenticationVC; #pragma clang diagnostic pop } @@ -104,7 +106,7 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request if (!UIAccessibilityIsGuidedAccessEnabled()) { __weak OIDExternalUserAgentIOS *weakSelf = self; NSString *redirectScheme = request.redirectScheme; - ASWebAuthenticationSession *authenticationVC = + _webAuthenticationVC = [[ASWebAuthenticationSession alloc] initWithURL:requestURL callbackURLScheme:redirectScheme completionHandler:^(NSURL * _Nullable callbackURL, @@ -113,7 +115,6 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request if (!strongSelf) { return; } - strongSelf->_webAuthenticationVC = nil; if (callbackURL) { [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; } else { @@ -126,12 +127,11 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request }]; #if __IPHONE_OS_VERSION_MAX_ALLOWED >= 130000 if (@available(iOS 13.0, *)) { - authenticationVC.presentationContextProvider = self; - authenticationVC.prefersEphemeralWebBrowserSession = _prefersEphemeralSession; + _webAuthenticationVC.presentationContextProvider = self; + _webAuthenticationVC.prefersEphemeralWebBrowserSession = _prefersEphemeralSession; } #endif - _webAuthenticationVC = authenticationVC; - openedUserAgent = [authenticationVC start]; + openedUserAgent = [_webAuthenticationVC start]; } } // iOS 11, use SFAuthenticationSession From 5548175cd729ac64084358b78defddd1e523e33d Mon Sep 17 00:00:00 2001 From: Prashanth <pkumar@paperlesspost.com> Date: Thu, 22 May 2025 16:46:18 -0500 Subject: [PATCH 2/2] Revert "Merge branch 'master' into crash-fix" This reverts commit fbfd544472f8e76af9c3c95a0fa41c3ba22ebb29, reversing changes made to 219c49f6e383ff05ebfcc5217a2a70a47e27ee27. --- AppAuth.podspec | 4 +- AppAuth.xcodeproj/project.pbxproj | 26 ++++---- CHANGELOG.md | 4 -- CONTRIBUTORS | 1 - Package.swift | 2 +- README.md | 2 +- Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h | 6 +- Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m | 61 +++++++++++++++++-- .../OIDExternalUserAgentIOSCustomBrowser.m | 17 ++++-- Sources/AppAuthCore/OIDRegistrationRequest.m | 15 ++--- UnitTests/OIDAuthStateTests.m | 52 ++-------------- UnitTests/OIDAuthorizationRequestTests.m | 18 +----- UnitTests/OIDAuthorizationResponseTests.m | 18 +----- UnitTests/OIDEndSessionRequestTests.m | 18 +----- UnitTests/OIDRegistrationRequestTests.m | 18 +----- UnitTests/OIDRegistrationResponseTests.m | 18 +----- UnitTests/OIDServiceConfigurationTests.m | 18 +----- UnitTests/OIDServiceDiscoveryTests.m | 24 ++------ UnitTests/OIDTokenRequestTests.m | 18 +----- UnitTests/OIDTokenResponseTests.m | 18 +----- 20 files changed, 122 insertions(+), 236 deletions(-) diff --git a/AppAuth.podspec b/AppAuth.podspec index 17af8b6ce..40febc0a8 100644 --- a/AppAuth.podspec +++ b/AppAuth.podspec @@ -1,7 +1,7 @@ Pod::Spec.new do |s| s.name = "AppAuth" - s.version = "2.0.0" + s.version = "1.7.6" s.summary = "AppAuth for iOS and macOS is a client SDK for communicating with OAuth 2.0 and OpenID Connect providers." s.description = <<-DESC @@ -31,7 +31,7 @@ It follows the OAuth 2.0 for Native Apps best current practice # classes of AppAuth with tokens on watchOS and tvOS, but currently the # library won't help you obtain authorization grants on those platforms. - ios_deployment_target = "12.0" + ios_deployment_target = "9.0" osx_deployment_target = "10.12" s.ios.deployment_target = ios_deployment_target s.osx.deployment_target = osx_deployment_target diff --git a/AppAuth.xcodeproj/project.pbxproj b/AppAuth.xcodeproj/project.pbxproj index e17b22d34..8d770d93c 100644 --- a/AppAuth.xcodeproj/project.pbxproj +++ b/AppAuth.xcodeproj/project.pbxproj @@ -2815,7 +2815,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = YES; ONLY_ACTIVE_ARCH = YES; @@ -2873,7 +2873,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = NO; SDKROOT = iphoneos; @@ -2888,7 +2888,6 @@ 340E73861C5D819B0076B1F6 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { - IPHONEOS_DEPLOYMENT_TARGET = 10.0; PRODUCT_NAME = "$(TARGET_NAME)"; SKIP_INSTALL = YES; }; @@ -2897,7 +2896,6 @@ 340E73871C5D819B0076B1F6 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { - IPHONEOS_DEPLOYMENT_TARGET = 10.0; PRODUCT_NAME = "$(TARGET_NAME)"; SKIP_INSTALL = YES; }; @@ -2909,7 +2907,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -2926,7 +2924,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3040,7 +3038,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3066,7 +3064,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3091,7 +3089,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3116,7 +3114,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3135,7 +3133,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3149,7 +3147,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3403,7 +3401,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3417,7 +3415,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 12.0; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)"; diff --git a/CHANGELOG.md b/CHANGELOG.md index d86a0f705..13beb5467 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,3 @@ -# 2.0.0 -- Raise minimum supported iOS version to iOS 12. ([#918](https://github.com/openid/AppAuth-iOS/pull/918)) -- Remove deprecated `[UIApplication openURL:]` method to compile with Xcode 16. ([#911](https://github.com/openid/AppAuth-iOS/pull/911)) - # 1.7.6 - Fix OIDExternalUserAgentIOSCustomBrowser on versions iOS 10+ ([#871](https://github.com/openid/AppAuth-iOS/pull/871)) - Update runners in tests.yml to macos-13. ([#886](https://github.com/openid/AppAuth-iOS/pull/886)) diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 06dbb5823..bf6f154f9 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -20,4 +20,3 @@ Hernan Zalazar <hernan.zalazar@gmail.com> https://github.com/hzalaz Joseph Heenan <joseph@emobix.co.uk> https://github.com/jogu Julien Bodet <julien.bodet92@gmail.com> https://github.com/julienbodet Tobias Schröpf <schroepf@gmail.com> https://github.com/schroepf -Dave MacLachlan <dmaclach@gmail.com> https://github.com/dmaclach \ No newline at end of file diff --git a/Package.swift b/Package.swift index 208eaf467..103c0f761 100644 --- a/Package.swift +++ b/Package.swift @@ -24,7 +24,7 @@ let package = Package( name: "AppAuth", platforms: [ .macOS(.v10_12), - .iOS(.v12), + .iOS(.v9), .tvOS(.v9), .watchOS(.v2) ], diff --git a/README.md b/README.md index 540feda72..53085b3c4 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ For tvOS, AppAuth implements [OAuth 2.0 Device Authorization Grant #### Supported Versions -AppAuth supports iOS 12 and above. +AppAuth supports iOS 7 and above. iOS 9+ uses the in-app browser tab pattern (via `SFSafariViewController`), and falls back to the system browser (mobile diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h index 4ab6c7452..12abc203c 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h @@ -41,8 +41,10 @@ API_UNAVAILABLE(macCatalyst) /*! @brief The designated initializer. @param presentingViewController The view controller from which to present the authentication UI. @discussion The specific authentication UI used depends on the iOS version and accessibility - options. iOS 12+ uses @c ASWebAuthenticationSession (unless Guided Access is on), - otherwise local browser is used. + options. iOS 8 uses the system browser, iOS 9-10 use @c SFSafariViewController, iOS 11 uses + @c SFAuthenticationSession + (unless Guided Access is on which does not work) or uses @c SFSafariViewController, and iOS + 12+ uses @c ASWebAuthenticationSession (unless Guided Access is on). */ - (nullable instancetype)initWithPresentingViewController: (UIViewController *)presentingViewController diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m index 4545ae51a..a5c586175 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m @@ -134,14 +134,59 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request openedUserAgent = [_webAuthenticationVC start]; } } - // If all else failed use the local browser. + // iOS 11, use SFAuthenticationSession + if (@available(iOS 11.0, *)) { + // SFAuthenticationSession doesn't work with guided access (rdar://40809553) + if (!openedUserAgent && !UIAccessibilityIsGuidedAccessEnabled()) { + __weak OIDExternalUserAgentIOS *weakSelf = self; + NSString *redirectScheme = request.redirectScheme; + SFAuthenticationSession *authenticationVC = + [[SFAuthenticationSession alloc] initWithURL:requestURL + callbackURLScheme:redirectScheme + completionHandler:^(NSURL * _Nullable callbackURL, + NSError * _Nullable error) { + __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; + if (!strongSelf) { + return; + } + strongSelf->_authenticationVC = nil; + if (callbackURL) { + [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; + } else { + NSError *safariError = + [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow + underlyingError:error + description:@"User cancelled."]; + [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; + } + }]; + _authenticationVC = authenticationVC; + openedUserAgent = [authenticationVC start]; + } + } + // iOS 9 and 10, use SFSafariViewController + if (@available(iOS 9.0, *)) { + if (!openedUserAgent && _presentingViewController) { + SFSafariViewController *safariVC = + [[SFSafariViewController alloc] initWithURL:requestURL]; + safariVC.delegate = self; + _safariVC = safariVC; + [_presentingViewController presentViewController:safariVC animated:YES completion:nil]; + openedUserAgent = YES; + } + } + // iOS 8 and earlier, use mobile Safari if (!openedUserAgent){ - [[UIApplication sharedApplication] openURL:requestURL - options:@{} - completionHandler:nil]; - openedUserAgent = YES; + openedUserAgent = [[UIApplication sharedApplication] openURL:requestURL]; } + if (!openedUserAgent) { + [self cleanUp]; + NSError *safariError = [OIDErrorUtilities errorWithCode:OIDErrorCodeSafariOpenError + underlyingError:nil + description:@"Unable to open Safari."]; + [session failExternalUserAgentFlowWithError:safariError]; + } return openedUserAgent; } @@ -155,6 +200,7 @@ - (void)dismissExternalUserAgentAnimated:(BOOL)animated completion:(void (^)(voi #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wpartial-availability" SFSafariViewController *safariVC = _safariVC; + SFAuthenticationSession *authenticationVC = _authenticationVC; ASWebAuthenticationSession *webAuthenticationVC = _webAuthenticationVC; #pragma clang diagnostic pop @@ -164,6 +210,10 @@ - (void)dismissExternalUserAgentAnimated:(BOOL)animated completion:(void (^)(voi // dismiss the ASWebAuthenticationSession [webAuthenticationVC cancel]; if (completion) completion(); + } else if (authenticationVC) { + // dismiss the SFAuthenticationSession + [authenticationVC cancel]; + if (completion) completion(); } else if (safariVC) { // dismiss the SFSafariViewController [safariVC dismissViewControllerAnimated:YES completion:completion]; @@ -176,6 +226,7 @@ - (void)cleanUp { // The weak references to |_safariVC| and |_session| are set to nil to avoid accidentally using // them while not in an authorization flow. _safariVC = nil; + _authenticationVC = nil; _webAuthenticationVC = nil; _session = nil; _externalUserAgentFlowInProgress = NO; diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m index 900bfbe19..c49cbbf9c 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m @@ -145,7 +145,11 @@ - (BOOL)presentExternalUserAgentRequest:(nonnull id<OIDExternalUserAgentRequest> NSString *testURLString = [NSString stringWithFormat:@"%@://example.com", _canOpenURLScheme]; NSURL *testURL = [NSURL URLWithString:testURLString]; if (![[UIApplication sharedApplication] canOpenURL:testURL]) { - [[UIApplication sharedApplication] openURL:_appStoreURL options:@{} completionHandler:nil]; + if (@available(iOS 10.0, *)) { + [[UIApplication sharedApplication] openURL:_appStoreURL options:@{} completionHandler:nil]; + } else { + [[UIApplication sharedApplication] openURL:_appStoreURL]; + } return NO; } } @@ -153,9 +157,14 @@ - (BOOL)presentExternalUserAgentRequest:(nonnull id<OIDExternalUserAgentRequest> // Transforms the request URL and opens it. NSURL *requestURL = [request externalUserAgentRequestURL]; requestURL = _URLTransformation(requestURL); - BOOL willOpen = [[UIApplication sharedApplication] canOpenURL:requestURL]; - [[UIApplication sharedApplication] openURL:requestURL options:@{} completionHandler:nil]; - return willOpen; + if (@available(iOS 10.0, *)) { + BOOL willOpen = [[UIApplication sharedApplication] canOpenURL:requestURL]; + [[UIApplication sharedApplication] openURL:requestURL options:@{} completionHandler:nil]; + return willOpen; + } else { + BOOL openedInBrowser = [[UIApplication sharedApplication] openURL:requestURL]; + return openedInBrowser; + } } - (void)dismissExternalUserAgentAnimated:(BOOL)animated diff --git a/Sources/AppAuthCore/OIDRegistrationRequest.m b/Sources/AppAuthCore/OIDRegistrationRequest.m index 2b3435f85..9efd18fdd 100644 --- a/Sources/AppAuthCore/OIDRegistrationRequest.m +++ b/Sources/AppAuthCore/OIDRegistrationRequest.m @@ -130,15 +130,12 @@ - (instancetype)initWithCoder:(NSCoder *)aDecoder { forKey:kConfigurationKey]; NSString *initialAccessToken = [aDecoder decodeObjectOfClass:[NSString class] forKey:kInitialAccessToken]; - NSArray<NSURL *> *redirectURIs = - [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSURL class]]] - forKey:kRedirectURIsKey]; - NSArray<NSString *> *responseTypes = - [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSString class]]] - forKey:kResponseTypesKey]; - NSArray<NSString *> *grantTypes = - [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSString class]]] - forKey:kGrantTypesKey]; + NSArray<NSURL *> *redirectURIs = [aDecoder decodeObjectOfClass:[NSArray<NSURL *> class] + forKey:kRedirectURIsKey]; + NSArray<NSString *> *responseTypes = [aDecoder decodeObjectOfClass:[NSArray<NSString *> class] + forKey:kResponseTypesKey]; + NSArray<NSString *> *grantTypes = [aDecoder decodeObjectOfClass:[NSArray<NSString *> class] + forKey:kGrantTypesKey]; NSString *subjectType = [aDecoder decodeObjectOfClass:[NSString class] forKey:kSubjectTypeKey]; NSString *tokenEndpointAuthenticationMethod = diff --git a/UnitTests/OIDAuthStateTests.m b/UnitTests/OIDAuthStateTests.m index d18ab3405..051902833 100644 --- a/UnitTests/OIDAuthStateTests.m +++ b/UnitTests/OIDAuthStateTests.m @@ -204,18 +204,7 @@ - (void)testNonCompliantNSCodingNSErrors { NSError *oauthError = [[self class] OAuthTokenInvalidGrantErrorWithUnderlyingError:nonCompliantError]; [authstate updateWithAuthorizationError:oauthError]; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:authstate - requiringSecureCoding:YES - error:&error]; - XCTAssertNoThrow(data, @""); - } else { -#if !TARGET_OS_IOS - XCTAssertNoThrow([NSKeyedArchiver archivedDataWithRootObject:authstate], @""); -#endif - } + XCTAssertNoThrow([NSKeyedArchiver archivedDataWithRootObject:authstate], @""); } /*! @brief Tests @c OIDAuthState.updateWithAuthorizationResponse:error: with a success response. @@ -369,22 +358,8 @@ - (void)testSecureCoding { XCTAssert([OIDAuthState supportsSecureCoding], @""); OIDAuthState *authState = [[self class] testInstance]; - OIDAuthState *authStateCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:authState - requiringSecureCoding:YES - error:&error]; - authStateCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthState class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:authState]; - authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:authState]; + OIDAuthState *authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; XCTAssertEqualObjects(authStateCopy.refreshToken, authState.refreshToken, @""); XCTAssertEqualObjects(authStateCopy.scope, authState.scope, @""); @@ -400,26 +375,9 @@ - (void)testSecureCoding { // Verify the error object is indeed restored. NSError *oauthError = [[self class] OAuthTokenInvalidGrantErrorWithUnderlyingError:nil]; [authState updateWithTokenResponse:nil error:oauthError]; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:authState - requiringSecureCoding:YES - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:authState]; -#endif - } + data = [NSKeyedArchiver archivedDataWithRootObject:authState]; XCTAssertNotNil(authState.authorizationError, @""); - - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - authStateCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthState class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; XCTAssertEqualObjects(authStateCopy.authorizationError.domain, authState.authorizationError.domain, @""); XCTAssertEqual(authStateCopy.authorizationError.code, authState.authorizationError.code, @""); diff --git a/UnitTests/OIDAuthorizationRequestTests.m b/UnitTests/OIDAuthorizationRequestTests.m index dcefc6ff2..dd1329383 100644 --- a/UnitTests/OIDAuthorizationRequestTests.m +++ b/UnitTests/OIDAuthorizationRequestTests.m @@ -322,22 +322,8 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue, @""); - OIDAuthorizationRequest *requestCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:request - requiringSecureCoding:YES - error:&error]; - requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthorizationRequest class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:request]; - requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; + OIDAuthorizationRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDAuthorizationResponseTests.m b/UnitTests/OIDAuthorizationResponseTests.m index 6bfb5fce2..3aded7eaa 100644 --- a/UnitTests/OIDAuthorizationResponseTests.m +++ b/UnitTests/OIDAuthorizationResponseTests.m @@ -158,22 +158,8 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDAuthorizationResponse *response = [[self class] testInstance]; - OIDAuthorizationResponse *responseCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:response - requiringSecureCoding:YES - error:&error]; - responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthorizationResponse class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:response]; - responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; + OIDAuthorizationResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDEndSessionRequestTests.m b/UnitTests/OIDEndSessionRequestTests.m index d9ded81be..38543c8d3 100644 --- a/UnitTests/OIDEndSessionRequestTests.m +++ b/UnitTests/OIDEndSessionRequestTests.m @@ -97,22 +97,8 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue); - OIDEndSessionRequest *requestCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:request - requiringSecureCoding:YES - error:&error]; - requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDEndSessionRequest class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:request]; - requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; + OIDEndSessionRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; XCTAssertNotNil(requestCopy.configuration); XCTAssertEqualObjects(requestCopy.configuration.authorizationEndpoint, diff --git a/UnitTests/OIDRegistrationRequestTests.m b/UnitTests/OIDRegistrationRequestTests.m index f2a7ba3e1..440dab2a5 100644 --- a/UnitTests/OIDRegistrationRequestTests.m +++ b/UnitTests/OIDRegistrationRequestTests.m @@ -142,22 +142,8 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue); - OIDRegistrationRequest *requestCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:request - requiringSecureCoding:YES - error:&error]; - requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDRegistrationRequest class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:request]; - requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; + OIDRegistrationRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDRegistrationResponseTests.m b/UnitTests/OIDRegistrationResponseTests.m index f98787e55..92e57e338 100644 --- a/UnitTests/OIDRegistrationResponseTests.m +++ b/UnitTests/OIDRegistrationResponseTests.m @@ -119,22 +119,8 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDRegistrationResponse *response = [[self class] testInstance]; - OIDRegistrationResponse *responseCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:response - requiringSecureCoding:YES - error:&error]; - responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDRegistrationResponse class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:response]; - responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; + OIDRegistrationResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDServiceConfigurationTests.m b/UnitTests/OIDServiceConfigurationTests.m index bd4c5babb..7f4fcb11c 100644 --- a/UnitTests/OIDServiceConfigurationTests.m +++ b/UnitTests/OIDServiceConfigurationTests.m @@ -363,22 +363,8 @@ - (void)testFetcherWithBadJSON { */ - (void)testSecureCoding { OIDServiceConfiguration *configuration = [[self class] testInstance]; - OIDServiceConfiguration *unarchived; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:configuration - requiringSecureCoding:YES - error:&error]; - unarchived = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDServiceConfiguration class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:configuration]; - unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:configuration]; + OIDServiceConfiguration *unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; XCTAssertEqualObjects(configuration.authorizationEndpoint, unarchived.authorizationEndpoint, @""); XCTAssertEqualObjects(configuration.tokenEndpoint, unarchived.tokenEndpoint, @""); diff --git a/UnitTests/OIDServiceDiscoveryTests.m b/UnitTests/OIDServiceDiscoveryTests.m index f07d5e2a0..6d9faf799 100644 --- a/UnitTests/OIDServiceDiscoveryTests.m +++ b/UnitTests/OIDServiceDiscoveryTests.m @@ -448,25 +448,21 @@ - (void)testSecureCoding { [[OIDServiceDiscovery alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { -#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; -#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { unarchived = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDServiceDiscovery class] fromData:data error:&error]; } else { -#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif } XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); @@ -482,18 +478,16 @@ - (void)testSecureCodingDecodeOld { [[OIDServiceDiscoveryOldEncoding alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { -#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; -#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { NSSet<Class> *allowedClasses = [NSSet setWithArray:@[[OIDServiceDiscovery class], [NSDictionary class], [NSArray class], @@ -504,9 +498,7 @@ - (void)testSecureCodingDecodeOld { fromData:data error:&error]; } else { -#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif } XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); @@ -522,18 +514,16 @@ - (void)testSecureCodingOldDecodeNew { [[OIDServiceDiscoveryOldDecoding alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { -#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; -#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { NSSet<Class> *allowedClasses = [NSSet setWithArray:@[[OIDServiceDiscoveryOldDecoding class], [NSDictionary class], [NSArray class], @@ -544,9 +534,7 @@ - (void)testSecureCodingOldDecodeNew { fromData:data error:&error]; } else { -#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif } XCTAssertNil(error); XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); diff --git a/UnitTests/OIDTokenRequestTests.m b/UnitTests/OIDTokenRequestTests.m index 59a2f8ae6..c387bd809 100644 --- a/UnitTests/OIDTokenRequestTests.m +++ b/UnitTests/OIDTokenRequestTests.m @@ -278,22 +278,8 @@ - (void)testSecureCoding { XCTAssertEqualObjects([urlRequest.allHTTPHeaderFields objectForKey:kTestAdditionalHeaderKey], kTestAdditionalHeaderValue); - OIDTokenRequest *requestCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:request - requiringSecureCoding:YES - error:&error]; - requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDTokenRequest class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:request]; - requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; + OIDTokenRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDTokenResponseTests.m b/UnitTests/OIDTokenResponseTests.m index cce020b73..0eb525ed0 100644 --- a/UnitTests/OIDTokenResponseTests.m +++ b/UnitTests/OIDTokenResponseTests.m @@ -175,22 +175,8 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDTokenResponse *response = [[self class] testInstance]; - OIDTokenResponse *responseCopy; - NSError *error; - NSData *data; - if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { - data = [NSKeyedArchiver archivedDataWithRootObject:response - requiringSecureCoding:YES - error:&error]; - responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDTokenResponse class] - fromData:data - error:&error]; - } else { -#if !TARGET_OS_IOS - data = [NSKeyedArchiver archivedDataWithRootObject:response]; - responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; -#endif - } + NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; + OIDTokenResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the