Changes for v1.4.0

Author: manish2788

README.md

@@ -1,4 +1,4 @@
-# cordova-plugin-oracle-idm-auth 1.3.0
+# cordova-plugin-oracle-idm-auth 1.4.0
 
 ## About the cordova-plugin-oracle-idm-auth
 The plugin provides authentication and authorization functionality for cordova based mobile applications,

RELEASENOTES.md

@@ -1,5 +1,8 @@
 # Release Notes
 
+## 1.4.0 (8 Apr, 2020)
+* Removing the referencing of UIWebView as per Apple guideline.
+
 ## 1.3.0 (3 Dec, 2019)
 * API to control buttons shown on webview for OAuth usecase.
 * Ability to store data into local authenticator secure keystore.

docs/FedAuthPropertiesBuilder.html

@@ -38,8 +38,7 @@ <h2><span class="attribs"><span class="type-signature"></span></span>FedAuthProp
 For example, user may accidentally click a link on the login page. In this case, user can use "Back" button to come back to the login page.
 For example, if the login page is not loaded correctly, user may want to try reloading the page, before cancelling the login.
 If user cancels the login, the promise returned by <a href="AuthenticationFlow.html#login">AuthenticationFlow#login</a> will be rejected.
-For iOS, UIWebView will be used by default.
-App can choose to use WKWebView through <a href="FedAuthPropertiesBuilder.html#enableWkWebView">configuration</a>.
+For iOS, WKWebView will be used by default.
 </p>
 <p>
 While logging out, the plugin brings up a WebView and loads the <a href="FedAuthPropertiesBuilder.html#logoutUrl">logout page</a> provided in the configuration.
@@ -3409,4 +3408,4 @@ <h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="Authentic
 <script> prettyPrint(); </script>
 <script src="scripts/linenumber.js"> </script>
 </body>
-</html>
+</html>

docs/IdmAuthFlows.js.html

@@ -1050,8 +1050,8 @@ <h1 class="page-title">Source: IdmAuthFlows.js</h1>
    * For example, user may accidentally click a link on the login page. In this case, user can use "Back" button to come back to the login page.
    * For example, if the login page is not loaded correctly, user may want to try reloading the page, before cancelling the login.
    * If user cancels the login, the promise returned by {@link AuthenticationFlow#login} will be rejected.
-   * For iOS, {@link https://developer.apple.com/documentation/uikit/uiwebview|UIWebView} will be used by default.
-   * App can choose to use {@link https://developer.apple.com/documentation/webkit/wkwebview|WKWebView} through {@link FedAuthPropertiesBuilder#enableWkWebView|configuration}.
+   * For iOS, {@link https://developer.apple.com/documentation/webkit/wkwebview|WKWebView} will
+   * be used by default.
    * &lt;/p>
    * &lt;p>
    * While logging out, the plugin brings up a WebView and loads the {@link FedAuthPropertiesBuilder#logoutUrl|logout page} provided in the configuration.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cordova-plugin-oracle-idm-auth",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "description": "Provides authentication and authorization functionality using the Oracle IDM SDK, supporting standard protocols like Basic Auth, OAUTH, OpenID Connect and WebSSO.",
   "cordova": {
     "id": "cordova-plugin-oracle-idm-auth",

plugin.xml

@@ -6,7 +6,7 @@
 <plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
         xmlns:android="http://schemas.android.com/apk/res/android"
         id="cordova-plugin-oracle-idm-auth"
-        version="1.2.0">
+        version="1.4.0">
   <name>cordova-plugin-oracle-idm-auth</name>
   <description>Provides authentication and authorization functionality using the Oracle IDM SDK, supporting standard protocols like Basic Auth, OAUTH, OpenID Connect and WebSSO</description>
   <keywords>cordova,idm,authentication,auth</keywords>
@@ -244,8 +244,8 @@
     <header-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMTimer/OMTimeEvent.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMTimer/OMTimer.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMURLProtocol.h"/>
-    <header-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMWebViewClient.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/KeychainItemWrapper.h"/>
+    <header-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMClassicCredential.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMCredential.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMCredentialStore.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMKeyChain.h"/>
@@ -276,6 +276,7 @@
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMClientCertLogoutService.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMClientCredentialGrant.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMConnectionHandler.h"/>
+    <header-file src="src/ios/sdk/IDMMobileSDKv2/OMCSRFRequestHandler.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthAuthenticationService.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthConfiguration.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthLogoutService.h"/>
@@ -309,6 +310,7 @@
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMToken.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMVersion.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/OMWKWebViewClient.h"/>
+    <header-file src="src/ios/sdk/IDMMobileSDKv2/OMWKWebViewCookieHandler.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMDataSerializationHelper.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMSecureCrypto.h"/>
     <header-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMSecureStorage.h"/>
@@ -328,8 +330,8 @@
     <source-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMTimer/OMTimeEvent.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMTimer/OMTimer.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMURLProtocol.m"/>
-    <source-file src="src/ios/sdk/IDMMobileSDKv2/Common/OMWebViewClient.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/KeychainItemWrapper.m"/>
+    <source-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMClassicCredential.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMCredential.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMCredentialStore.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/CredentialStoreService/OMKeyChain.m"/>
@@ -358,6 +360,7 @@
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMClientCertLogoutService.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMClientCredentialGrant.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMConnectionHandler.m"/>
+    <source-file src="src/ios/sdk/IDMMobileSDKv2/OMCSRFRequestHandler.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthAuthenticationService.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthConfiguration.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMFedAuthLogoutService.m"/>
@@ -390,6 +393,7 @@
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMServiceDiscoveryHandler.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMToken.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/OMWKWebViewClient.m"/>
+    <source-file src="src/ios/sdk/IDMMobileSDKv2/OMWKWebViewCookieHandler.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMDataSerializationHelper.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMSecureCrypto.m"/>
     <source-file src="src/ios/sdk/IDMMobileSDKv2/SecureStorage/OMSecureStorage.m"/>

src/android/src/oracle/idm/auth/plugin/IdmAuthentication.java

@@ -756,6 +756,7 @@ private Map<String, Object> _fetchOauthHeaders(OMAuthenticationContext context,
     List<OMToken> tokens = context.getTokens(scopes);
     if (tokens.size() > 0)
     {
+      addExpiryTimeHeader(headers, tokens.get(0).getExpiryTime());
       addAuthorizationHeader(headers, _BEARER, tokens.get(0).getValue());
     }
     return headers;
@@ -805,6 +806,15 @@ private void addAuthorizationHeader(Map<String, Object> headers, String tokenTyp
     headers.put(_AUTHORIZATION, String.format(_TOKEN_FORMAT, tokenType, token));
   }
 
+  /**
+   * Adds expiry time header to the map.
+   * @param headers
+   * @param expiryTime
+   */
+  private void addExpiryTimeHeader(Map<String, Object> headers, Date expiryTime)
+  {
+    headers.put(_EXPIRY_TIME, expiryTime);
+  }
 
   /**
    * @return true When OM_PROP_PARSE_TOKEN_RELAY_RESPONSE set to true, false otherwise.
@@ -843,6 +853,7 @@ private void unbindChromeTabs() {
   private static final String _TOKEN_FORMAT = "%s %s";
   private static final String _BEARER = "Bearer";
   private static final String _BASIC = "Basic";
+  private static final String _EXPIRY_TIME = "ExpiryTime";
   private static final String _CHALLENGE_ERROR = "error";
   private static final String _REFRESH_EXPIRED_TOKENS = "refreshExpiredTokens";
   private static final String _IS_AUTHENTICATED_KEY = "isAuthenticated";

src/android/src/oracle/idm/auth/plugin/IdmAuthenticationPlugin.java

@@ -130,6 +130,16 @@ else if ("getLocalAuthSupportInfo".equals(action))
       _localAuth.getLocalAuthSupportInfo(args, callbackContext);
       return true;
     }
+    else if ("setPreference".equals(action))
+    {
+      _localAuth.setPreference(args, callbackContext);
+      return true;
+    }
+    else if ("getPreference".equals(action))
+    {
+      _localAuth.getPreference(args, callbackContext);
+      return true;
+    }
 
     invokeCallbackError(callbackContext, "Invalid action: " + action);
     return false;

src/android/src/oracle/idm/auth/plugin/local/LocalAuthentication.java

@@ -20,6 +20,14 @@
 import oracle.idm.mobile.auth.local.OMFingerprintAuthenticator;
 import oracle.idm.mobile.auth.local.OMPinAuthenticator;
 import org.apache.cordova.CallbackContext;
+
+import oracle.idm.mobile.auth.local.*;
+import oracle.idm.mobile.credentialstore.OMCredentialStore;
+import oracle.idm.mobile.crypto.OMKeyManagerException;
+import oracle.idm.mobile.crypto.OMSecureStorageException;
+import oracle.idm.mobile.crypto.OMSecureStorageService;
+import java.io.Serializable;
+
 import org.apache.cordova.PluginResult;
 import org.json.JSONArray;
 import org.json.JSONObject;
@@ -41,10 +49,16 @@ public LocalAuthentication(Activity mainActivity) {
     this._context = mainActivity.getApplicationContext();
     try {
       this._sharedManager = OMAuthenticationManager.getInstance(mainActivity.getApplicationContext());
+      OMAuthenticator defAuth = OMMobileSecurityService.getDefaultAuthenticator(_context);
+      _defaultSecuredStore = new OMSecureStorageService(_context, defAuth.getKeyStore(), OMCredentialStore.DEFAULT_AUTHENTICATOR_NAME);
+
       _init();
     } catch (OMAuthenticationManagerException e) {
       // Nothing we can do to recover here.
       throw new RuntimeException(e);
+    } catch (OMKeyManagerException e) {
+      // Nothing we can do to recover here.
+      throw new RuntimeException(e);
     }
   }
 
@@ -195,6 +209,91 @@ public void authenticatePin(JSONArray args, CallbackContext callbackContext) {
       _sendSuccess(callbackContext);
   }
 
+  /**
+   * Fetches the [key,value] data stored in keystore
+   * @param args
+   * @param callbackContext
+   */
+  public void getPreference(JSONArray args, CallbackContext callbackContext) {
+    String id = args.optString(0);
+    String key = args.optString(1);
+
+    try {
+      OMAuthenticator pinAuthenticator = _getAuthenticator(id, LocalAuthType.PIN);
+
+      if (pinAuthenticator == null)
+        throw new IllegalStateException("No enabled authenticators.");
+
+      OMSecureStorageService securedService = new OMSecureStorageService(_context,
+              pinAuthenticator.getKeyStore(),
+              LocalAuthType.PIN.getInstanceId(id));
+      Serializable result = securedService.get(key);
+      if (result == null)
+        throw new IllegalStateException("No key found in PIN secured store, check in default.");
+
+      _sendSuccess(callbackContext, result.toString());
+    } catch (Throwable t) {
+      Log.w(TAG, "Error fetching key.", t);
+      try {
+        Serializable result = _defaultSecuredStore.get(key);
+        _sendSuccess(callbackContext, result == null ? null : result.toString());
+      } catch (OMSecureStorageException e) {
+        Log.e(TAG, "Error while fetching key from default storage.", e);
+        IdmAuthenticationPlugin.invokeCallbackError(callbackContext, PluginErrorCodes.GETTING_VALUE_FROM_DEFAULT_STORAGE_FAILED);
+      }
+      IdmAuthenticationPlugin.invokeCallbackError(callbackContext, PluginErrorCodes.GETTING_VALUE_FROM_SECURED_STORAGE_FAILED);
+    }
+  }
+
+  /**
+   * Sets the [key,value] data in keystore
+   * @param args
+   * @param callbackContext
+   */
+  public void setPreference(JSONArray args, CallbackContext callbackContext) {
+    String id = args.optString(0);
+    String key = args.optString(1);
+    String value = args.optString(2);
+    boolean secure = args.optBoolean(3);
+    if (!secure) {
+      String errorToThrow = PluginErrorCodes.SAVING_VALUE_TO_DEFAULT_STORAGE_FAILED;
+      try {
+        if (value == null)
+          _defaultSecuredStore.delete(key);
+        else
+          _defaultSecuredStore.store(key, value);
+
+        _sendSuccess(callbackContext);
+      } catch (Throwable e) {
+        Log.e(TAG, "Error while storing in default storage.", e);
+        IdmAuthenticationPlugin.invokeCallbackError(callbackContext, errorToThrow);
+      }
+    }
+    String errorToThrow = PluginErrorCodes.SAVING_VALUE_TO_SECURED_STORAGE_FAILED;
+    OMAuthenticator pinAuthenticator = _getAuthenticator(id, LocalAuthType.PIN);
+
+    try {
+      if (pinAuthenticator == null) {
+        errorToThrow = PluginErrorCodes.NO_LOCAL_AUTHENTICATORS_ENABLED;
+        throw new IllegalStateException("No enabled authenticators.");
+      }
+
+      OMSecureStorageService securedService = new OMSecureStorageService(_context,
+              pinAuthenticator.getKeyStore(),
+              LocalAuthType.PIN.getInstanceId(id));
+
+      if (value == null)
+        securedService.delete(key);
+      else
+        securedService.store(key, value);
+      _sendSuccess(callbackContext);
+
+    } catch (Throwable e) {
+      Log.e(TAG, "Error while storing in secured storage.", e);
+      IdmAuthenticationPlugin.invokeCallbackError(callbackContext, errorToThrow);
+    }
+  }
+
   /**
    * This method tries to clean up the fingerprint authenticator, after user
    * has remove his fingerprint enrollment on device.
@@ -493,6 +592,7 @@ private enum Availability { Enrolled, NotEnrolled, NotAvailable };
   private final Context _context;
   private final OMAuthenticationManager _sharedManager;
   private boolean _clearFingerprintInstancesAfterAuthentication;
+  private final OMSecureStorageService _defaultSecuredStore;
 
   // Localized strings for fingerprint prompt
   private static final String PROMPT_MESSAGE = "promptMessage";

src/android/src/oracle/idm/auth/plugin/util/PluginErrorCodes.java

@@ -32,4 +32,8 @@ public interface PluginErrorCodes {
   String BIOMETRIC_NOT_ENABLED = "P1019";
   String CHANGE_PIN_WHEN_PIN_NOT_ENABLED = "P1020";
   String GET_ENABLED_AUTHS_ERROR = "P1021";
+  String SAVING_VALUE_TO_SECURED_STORAGE_FAILED = "P1022";
+  String SAVING_VALUE_TO_DEFAULT_STORAGE_FAILED = "P1023";
+  String GETTING_VALUE_FROM_SECURED_STORAGE_FAILED = "P1024";
+  String GETTING_VALUE_FROM_DEFAULT_STORAGE_FAILED = "P1025";
 }