From 0b277d4ca1be3e0f32e859fd1e09345c3122af9d Mon Sep 17 00:00:00 2001 From: Luciano Balmaceda Date: Wed, 21 Dec 2016 18:49:43 -0300 Subject: [PATCH 1/3] add flag to prefer /oauth/token endpoints for authentication --- lib/build.gradle | 2 +- .../main/java/com/auth0/android/lock/Lock.java | 12 ++++++++++++ .../com/auth0/android/lock/PasswordlessLock.java | 12 ++++++++++++ .../lock/internal/configuration/Options.java | 11 ++++++++++- .../android/lock/MockAuthenticationRequest.java | 9 ++++++++- .../lock/internal/configuration/OptionsTest.java | 15 +++++++++++++++ 6 files changed, 58 insertions(+), 3 deletions(-) diff --git a/lib/build.gradle b/lib/build.gradle index ce82e6c1b..94d98fe8c 100644 --- a/lib/build.gradle +++ b/lib/build.gradle @@ -31,7 +31,7 @@ dependencies { compile 'com.android.support:design:24.2.1' compile 'com.google.code.gson:gson:2.6.2' compile 'com.squareup:otto:1.3.8' - compile 'com.auth0.android:auth0:1.1.2' + compile 'com.auth0.android:auth0:1.3.0' testCompile 'junit:junit:4.12' testCompile 'org.hamcrest:hamcrest-library:1.3' testCompile 'org.robolectric:robolectric:3.1.2' diff --git a/lib/src/main/java/com/auth0/android/lock/Lock.java b/lib/src/main/java/com/auth0/android/lock/Lock.java index 094d3c331..b295693da 100644 --- a/lib/src/main/java/com/auth0/android/lock/Lock.java +++ b/lib/src/main/java/com/auth0/android/lock/Lock.java @@ -264,6 +264,18 @@ public Builder useImplicitGrant(boolean useImplicitGrant) { return this; } + /** + * Use OAuth 2.0 Authorization API. You will need to enable this setting in the Dashboard first. Go to Account (top right), Account Settings, click Advanced and check the toggle at the bottom. + * Default is {@code false} + * + * @param use if Lock will use the OAuth 2.0 API or the previous implementation. + * @return the current Builder instance + */ + public Builder useOAuth2(boolean use) { + options.useOAuth2API(use); + return this; + } + /** * Whether the LockActivity can be closed when pressing the Back key or not. * diff --git a/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java b/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java index 18d8780d9..ffa23f9eb 100644 --- a/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java +++ b/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java @@ -262,6 +262,18 @@ public Builder useImplicitGrant(boolean useImplicitGrant) { return this; } + /** + * Use OAuth 2.0 Authorization API. You will need to enable this setting in the Dashboard first. Go to Account (top right), Account Settings, click Advanced and check the toggle at the bottom. + * Default is {@code false} + * + * @param use if Lock will use the OAuth 2.0 API or the previous implementation. + * @return the current Builder instance + */ + public Builder useOAuth2(boolean use) { + options.useOAuth2API(use); + return this; + } + /** * Whether the PasswordlessLockActivity can be closed when pressing the Back key or not. * diff --git a/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java b/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java index 3132958a4..693cba322 100644 --- a/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java +++ b/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java @@ -73,6 +73,7 @@ public class Options implements Parcelable { private boolean loginAfterSignUp; private boolean mustAcceptTerms; private boolean useLabeledSubmitButton; + private boolean useOAuth2API; private String defaultDatabaseConnection; private List connections; private List enterpriseConnectionsUsingWebForm; @@ -116,6 +117,7 @@ protected Options(Parcel in) { mustAcceptTerms = in.readByte() != WITHOUT_DATA; useCodePasswordless = in.readByte() != WITHOUT_DATA; useLabeledSubmitButton = in.readByte() != WITHOUT_DATA; + useOAuth2API = in.readByte() != WITHOUT_DATA; defaultDatabaseConnection = in.readString(); usernameStyle = in.readInt(); initialScreen = in.readInt(); @@ -188,6 +190,7 @@ public void writeToParcel(Parcel dest, int flags) { dest.writeByte((byte) (mustAcceptTerms ? HAS_DATA : WITHOUT_DATA)); dest.writeByte((byte) (useCodePasswordless ? HAS_DATA : WITHOUT_DATA)); dest.writeByte((byte) (useLabeledSubmitButton ? HAS_DATA : WITHOUT_DATA)); + dest.writeByte((byte) (useOAuth2API ? HAS_DATA : WITHOUT_DATA)); dest.writeString(defaultDatabaseConnection); dest.writeInt(usernameStyle); dest.writeInt(initialScreen); @@ -388,7 +391,9 @@ public void setLoginAfterSignUp(boolean loginAfterSignUp) { } public AuthenticationAPIClient getAuthenticationAPIClient() { - return new AuthenticationAPIClient(account); + AuthenticationAPIClient client = new AuthenticationAPIClient(account); + client.setOAuth2Preferred(useOAuth2API); + return client; } public void setUseCodePasswordless(boolean useCode) { @@ -481,4 +486,8 @@ public void withScope(@NonNull String scope) { public String getScope() { return scope; } + + public void setUseOAuth2API(boolean use) { + this.useOAuth2API = use; + } } \ No newline at end of file diff --git a/lib/src/test/java/com/auth0/android/lock/MockAuthenticationRequest.java b/lib/src/test/java/com/auth0/android/lock/MockAuthenticationRequest.java index 141de0ec4..06b13d390 100644 --- a/lib/src/test/java/com/auth0/android/lock/MockAuthenticationRequest.java +++ b/lib/src/test/java/com/auth0/android/lock/MockAuthenticationRequest.java @@ -14,6 +14,7 @@ public class MockAuthenticationRequest implements AuthenticationRequest { String grantType; String connection; String scope; + String audience; String device; String accessToken; HashMap parameters; @@ -45,6 +46,12 @@ public AuthenticationRequest setDevice(String device) { return this; } + @Override + public AuthenticationRequest setAudience(String audience) { + this.audience = audience; + return this; + } + @Override public AuthenticationRequest setAccessToken(String accessToken) { this.accessToken = accessToken; @@ -60,7 +67,7 @@ public AuthenticationRequest addAuthenticationParameters(Map par @Override public void start(BaseCallback callback) { this.callback = callback; - this.started=true; + this.started = true; } @Override diff --git a/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java b/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java index be0118038..8b63c16de 100644 --- a/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java +++ b/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java @@ -141,6 +141,21 @@ public void shouldUseWebview() throws Exception { assertThat(options.useBrowser(), is(equalTo(parceledOptions.useBrowser()))); } + @Test + public void shouldUseOAuth2API() throws Exception { + options.setUseOAuth2API(true); + + Parcel parcel = Parcel.obtain(); + options.writeToParcel(parcel, 0); + parcel.setDataPosition(0); + + Options parceledOptions = Options.CREATOR.createFromParcel(parcel); + assertThat(options.getAuthenticationAPIClient(), is(notNullValue())); + assertThat(options.getAuthenticationAPIClient().isOAuth2Preferred(), is(true)); + assertThat(parceledOptions.getAuthenticationAPIClient(), is(notNullValue())); + assertThat(parceledOptions.getAuthenticationAPIClient().isOAuth2Preferred(), is(true)); + } + @Test public void shouldUseLabeledSubmitButton() throws Exception { options.setUseLabeledSubmitButton(true); From 29a6d4a1c2d286dc5667fcfded760a7c225d9e7d Mon Sep 17 00:00:00 2001 From: Luciano Balmaceda Date: Thu, 22 Dec 2016 10:38:59 -0300 Subject: [PATCH 2/3] remove oauth2 flag for passwordless for now --- .../com/auth0/android/lock/PasswordlessLock.java | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java b/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java index ffa23f9eb..18d8780d9 100644 --- a/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java +++ b/lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java @@ -262,18 +262,6 @@ public Builder useImplicitGrant(boolean useImplicitGrant) { return this; } - /** - * Use OAuth 2.0 Authorization API. You will need to enable this setting in the Dashboard first. Go to Account (top right), Account Settings, click Advanced and check the toggle at the bottom. - * Default is {@code false} - * - * @param use if Lock will use the OAuth 2.0 API or the previous implementation. - * @return the current Builder instance - */ - public Builder useOAuth2(boolean use) { - options.useOAuth2API(use); - return this; - } - /** * Whether the PasswordlessLockActivity can be closed when pressing the Back key or not. * From 707999a52fb48f684bf050f17debae788b72e6b4 Mon Sep 17 00:00:00 2001 From: Luciano Balmaceda Date: Thu, 22 Dec 2016 10:51:04 -0300 Subject: [PATCH 3/3] rename useOAuth2 to setLegacyModeEnabled --- .../android/lock/internal/configuration/Options.java | 12 ++++++------ .../lock/internal/configuration/OptionsTest.java | 8 ++++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java b/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java index 693cba322..57c0d0a03 100644 --- a/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java +++ b/lib/src/main/java/com/auth0/android/lock/internal/configuration/Options.java @@ -73,7 +73,7 @@ public class Options implements Parcelable { private boolean loginAfterSignUp; private boolean mustAcceptTerms; private boolean useLabeledSubmitButton; - private boolean useOAuth2API; + private boolean useLegacyMode; private String defaultDatabaseConnection; private List connections; private List enterpriseConnectionsUsingWebForm; @@ -117,7 +117,7 @@ protected Options(Parcel in) { mustAcceptTerms = in.readByte() != WITHOUT_DATA; useCodePasswordless = in.readByte() != WITHOUT_DATA; useLabeledSubmitButton = in.readByte() != WITHOUT_DATA; - useOAuth2API = in.readByte() != WITHOUT_DATA; + useLegacyMode = in.readByte() != WITHOUT_DATA; defaultDatabaseConnection = in.readString(); usernameStyle = in.readInt(); initialScreen = in.readInt(); @@ -190,7 +190,7 @@ public void writeToParcel(Parcel dest, int flags) { dest.writeByte((byte) (mustAcceptTerms ? HAS_DATA : WITHOUT_DATA)); dest.writeByte((byte) (useCodePasswordless ? HAS_DATA : WITHOUT_DATA)); dest.writeByte((byte) (useLabeledSubmitButton ? HAS_DATA : WITHOUT_DATA)); - dest.writeByte((byte) (useOAuth2API ? HAS_DATA : WITHOUT_DATA)); + dest.writeByte((byte) (useLegacyMode ? HAS_DATA : WITHOUT_DATA)); dest.writeString(defaultDatabaseConnection); dest.writeInt(usernameStyle); dest.writeInt(initialScreen); @@ -392,7 +392,7 @@ public void setLoginAfterSignUp(boolean loginAfterSignUp) { public AuthenticationAPIClient getAuthenticationAPIClient() { AuthenticationAPIClient client = new AuthenticationAPIClient(account); - client.setOAuth2Preferred(useOAuth2API); + client.setLegacyModeEnabled(useLegacyMode); return client; } @@ -487,7 +487,7 @@ public String getScope() { return scope; } - public void setUseOAuth2API(boolean use) { - this.useOAuth2API = use; + public void setLegacyModeEnabled(boolean enabled) { + this.useLegacyMode = enabled; } } \ No newline at end of file diff --git a/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java b/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java index 8b63c16de..9cd863024 100644 --- a/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java +++ b/lib/src/test/java/com/auth0/android/lock/internal/configuration/OptionsTest.java @@ -142,8 +142,8 @@ public void shouldUseWebview() throws Exception { } @Test - public void shouldUseOAuth2API() throws Exception { - options.setUseOAuth2API(true); + public void shouldUseLegacyMode() throws Exception { + options.setLegacyModeEnabled(true); Parcel parcel = Parcel.obtain(); options.writeToParcel(parcel, 0); @@ -151,9 +151,9 @@ public void shouldUseOAuth2API() throws Exception { Options parceledOptions = Options.CREATOR.createFromParcel(parcel); assertThat(options.getAuthenticationAPIClient(), is(notNullValue())); - assertThat(options.getAuthenticationAPIClient().isOAuth2Preferred(), is(true)); + assertThat(options.getAuthenticationAPIClient().isLegacyModeEnabled(), is(true)); assertThat(parceledOptions.getAuthenticationAPIClient(), is(notNullValue())); - assertThat(parceledOptions.getAuthenticationAPIClient().isOAuth2Preferred(), is(true)); + assertThat(parceledOptions.getAuthenticationAPIClient().isLegacyModeEnabled(), is(true)); } @Test