From ed404238437e3e623502ef362d7bef03ba7487d3 Mon Sep 17 00:00:00 2001 From: Tung Wu Date: Mon, 6 Nov 2023 22:22:33 +0800 Subject: [PATCH] Always use origin of authorization endpoint to call apis --- Sources/APIClient.swift | 74 ++++++++++++++++++++++++++--------------- 1 file changed, 47 insertions(+), 27 deletions(-) diff --git a/Sources/APIClient.swift b/Sources/APIClient.swift index 5e51db1..167e8e4 100644 --- a/Sources/APIClient.swift +++ b/Sources/APIClient.swift @@ -592,28 +592,42 @@ class DefaultAuthAPIClient: AuthAPIClient { purpose: String, handler: @escaping (Result) -> Void ) { - var urlRequest = URLRequest(url: endpoint.appendingPathComponent("/oauth2/challenge")) - urlRequest.httpMethod = "POST" - urlRequest.setValue("application/json", forHTTPHeaderField: "content-type") - urlRequest.httpBody = try? JSONEncoder().encode(ChallengeBody(purpose: purpose)) - - fetch(request: urlRequest, handler: { (result: Result, Error>) in - handler(result.flatMap { $0.toResult() }) - }) + makeAuthgearURL(path: "/oauth2/challenge") { result in + switch result { + case let .failure(err): + handler(.failure(err)) + case let .success(url): + var urlRequest = URLRequest(url: url) + urlRequest.httpMethod = "POST" + urlRequest.setValue("application/json", forHTTPHeaderField: "content-type") + urlRequest.httpBody = try? JSONEncoder().encode(ChallengeBody(purpose: purpose)) + + self.fetch(request: urlRequest, handler: { (result: Result, Error>) in + handler(result.flatMap { $0.toResult() }) + }) + } + } } func requestAppSessionToken( refreshToken: String, handler: @escaping (Result) -> Void ) { - var urlRequest = URLRequest(url: endpoint.appendingPathComponent("/oauth2/app_session_token")) - urlRequest.httpMethod = "POST" - urlRequest.setValue("application/json", forHTTPHeaderField: "content-type") - urlRequest.httpBody = try? JSONEncoder().encode(AppSessionTokenBody(refreshToken: refreshToken)) - - fetch(request: urlRequest, handler: { (result: Result, Error>) in - handler(result.flatMap { $0.toResult() }) - }) + makeAuthgearURL(path: "/oauth2/app_session_token") { result in + switch result { + case let .failure(err): + handler(.failure(err)) + case let .success(url): + var urlRequest = URLRequest(url: url) + urlRequest.httpMethod = "POST" + urlRequest.setValue("application/json", forHTTPHeaderField: "content-type") + urlRequest.httpBody = try? JSONEncoder().encode(AppSessionTokenBody(refreshToken: refreshToken)) + + self.fetch(request: urlRequest, handler: { (result: Result, Error>) in + handler(result.flatMap { $0.toResult() }) + }) + } + } } func requestWechatAuthCallback(code: String, state: String, handler: @escaping (Result) -> Void) { @@ -625,16 +639,22 @@ class DefaultAuthAPIClient: AuthAPIClient { var urlComponents = URLComponents() urlComponents.queryItems = queryItems - let u = endpoint.appendingPathComponent("/sso/wechat/callback") - var urlRequest = URLRequest(url: u) - urlRequest.httpMethod = "POST" - urlRequest.setValue( - "application/x-www-form-urlencoded", - forHTTPHeaderField: "content-type" - ) - urlRequest.httpBody = urlComponents.query?.data(using: .utf8) - authgearFetch(urlSession: self.defaultSession, request: urlRequest, handler: { result in - handler(result.map { _ in () }) - }) + makeAuthgearURL(path: "/sso/wechat/callback") { result in + switch result { + case let .failure(err): + handler(.failure(err)) + case let .success(url): + var urlRequest = URLRequest(url: url) + urlRequest.httpMethod = "POST" + urlRequest.setValue( + "application/x-www-form-urlencoded", + forHTTPHeaderField: "content-type" + ) + urlRequest.httpBody = urlComponents.query?.data(using: .utf8) + authgearFetch(urlSession: self.defaultSession, request: urlRequest, handler: { result in + handler(result.map { _ in () }) + }) + } + } } }