Changes for v1.3.0

Author: manish2788

README.md

@@ -1,4 +1,4 @@
-# cordova-plugin-oracle-idm-auth 1.2.0
+# cordova-plugin-oracle-idm-auth 1.3.0
 
 ## About the cordova-plugin-oracle-idm-auth
 The plugin provides authentication and authorization functionality for cordova based mobile applications,

RELEASENOTES.md

@@ -1,5 +1,9 @@
 # Release Notes
 
+## 1.3.0 (3 Dec, 2019)
+* API to control buttons shown on webview for OAuth usecase.
+* Ability to store data into local authenticator secure keystore.
+
 ## 1.2.0 (7 Aug, 2019)
 * API to control buttons shown on webview for WebSSO usecase.
 * Improvements for OAuth and OpenID usecases where login page is opened in an external browser by using in-app browser.

md/error-codes.md

@@ -158,4 +158,7 @@ P1018 | Error while enabling local authenticator.
 P1019 | Either the device does not support biometric or is not enrolled.
 P1020 | Attempt to change PIN when PIN is not enabled.
 P1021 | Error while getting enabled local authentications.
-P1022 | Unable to find the local authenticator required for the operation.
+P1022 | Saving value to secured storage failed.
+P1023 | Saving value to default storage failed.
+P1024 | Getting value from secured storage failed.
+P1025 | Getting value from default storage failed.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cordova-plugin-oracle-idm-auth",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "Provides authentication and authorization functionality using the Oracle IDM SDK, supporting standard protocols like Basic Auth, OAUTH, OpenID Connect and WebSSO.",
   "cordova": {
     "id": "cordova-plugin-oracle-idm-auth",

src/ios/src/IdmAuthentication.m

@@ -696,10 +696,14 @@ - (NSMutableDictionary*) headersForOAuth: (NSSet*) scopes
   }
   NSArray* tokens = [context tokensForScopes:scopes];
   NSString* tokenValue;
+  NSDate* sessionExpiryDate;
 
   if ([tokens count] > 0) {
     tokenValue = ((OMToken*) [tokens objectAtIndex:0]).tokenValue;
+    sessionExpiryDate = ((OMToken*) [tokens objectAtIndex:0]).sessionExpiryDate;
+
     headers[@"Authorization"] = [NSString stringWithFormat:@"Bearer %@", tokenValue];
+    headers[@"ExpiryTime"] = [NSString stringWithFormat:@"%@", sessionExpiryDate];
   }
 
   return headers;

src/ios/src/IdmAuthenticationPlugin.h

@@ -37,6 +37,8 @@ NS_ASSUME_NONNULL_BEGIN
 - (void) authenticateBiometric:(CDVInvokedUrlCommand *) command;
 - (void) changePin:(CDVInvokedUrlCommand *) command;
 - (void) getLocalAuthSupportInfo:(CDVInvokedUrlCommand *) command;
+- (void) getPreference:(CDVInvokedUrlCommand *) command;
+- (void) setPreference:(CDVInvokedUrlCommand *) command;
 @end
 
 

src/ios/src/IdmAuthenticationPlugin.m

@@ -298,6 +298,16 @@ - (void) getLocalAuthSupportInfo:(CDVInvokedUrlCommand *) command {
                                                       delegate:self.commandDelegate];
 }
 
+- (void) getPreference:(CDVInvokedUrlCommand *) command {
+  [[LocalAuthenticator sharedInstance] getPreference:command
+                                                      delegate:self.commandDelegate];
+}
+
+- (void) setPreference:(CDVInvokedUrlCommand *) command {
+  [[LocalAuthenticator sharedInstance] setPreference:command
+                                                      delegate:self.commandDelegate];
+}
+
 /**
  * Validates the arguments passed from javascript layer.
  */

src/ios/src/LocalAuthenticator.h

@@ -18,4 +18,6 @@
 -(void) authenticatePin:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate;
 -(void) changePin:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate;
 -(void) getLocalAuthSupportInfo:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate;
+-(void) getPreference:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate;
+-(void) setPreference:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate;
 @end

src/ios/src/LocalAuthenticator.m

@@ -5,11 +5,15 @@
 #import "LocalAuthenticator.h"
 #import "IdmAuthenticationPlugin.h"
 #import "IDMMobileSDKv2Library.h"
+#import "OMSecureStorage.h"
+
 @import LocalAuthentication;
 
 #define LOCAL_AUTH_BIOMETRIC @"cordova.plugins.IdmAuthFlows.Biometric"
 #define LOCAL_AUTH_FINGERPRINT @"cordova.plugins.IdmAuthFlows.Fingerprint"
 #define LOCAL_AUTH_PIN @"cordova.plugins.IdmAuthFlows.PIN"
+#define LOCAL_AUTH_DEFAULT @"cordova.plugins.IdmAuthFlows.Default"
+#define DEFAULT_AUTH_ID @"DefaultAuthInstance"
 #define FALLBACK_RESULT @"fallback"
 #define PROMPT_MESSAGE @"promptMessage"
 #define PIN_FALLBACK_BUTTON_LABEL @"pinFallbackButtonLabel"
@@ -28,6 +32,10 @@
 #define DISABLE_PIN_BIOMETRIC_ENABLED @"P1017"
 #define ERROR_ENABLING_AUTHENTICATOR @"P1018"
 #define BIOMETRIC_NOT_ENABLED @"P1019"
+#define SAVING_VALUE_TO_SECURED_STORAGE_FAILED @"P1022"
+#define SAVING_VALUE_TO_DEFAULT_STORAGE_FAILED @"P1023"
+#define GETTING_VALUE_FROM_SECURED_STORAGE_FAILED @"P1024"
+#define GETTING_VALUE_FROM_DEFAULT_STORAGE_FAILED @"P1025"
 
 #ifdef DEBUG
 #  define IdmLog(...) NSLog(__VA_ARGS__)
@@ -41,6 +49,8 @@
 @interface LocalAuthenticator()<OMBiometricFallbackDelegate>
 
 @property (nonatomic, assign) Boolean authenticatedViaPin;
+@property (nonatomic, assign) Boolean defaultAuthenticationEnabled;
+
 @property (nonatomic, strong) OMFallbackAuthenticationCompletionBlock fallbackHandler;
 
 @property (nonatomic, strong, nullable) CDVCommandDelegateImpl* biometricAuthDelegate;
@@ -56,6 +66,7 @@ +(LocalAuthenticator*) sharedInstance {
     sharedManager = [OMLocalAuthenticationManager sharedManager];
     [sharedManager useBiometricInsteadOfTouchID:YES];
     shared = [[LocalAuthenticator alloc] init];
+    shared.defaultAuthenticationEnabled = [shared enableDefaultAuthenticator];
   });
 
   return shared;
@@ -68,6 +79,37 @@ -(void) enabledLocalAuthsPrimaryFirst:(CDVInvokedUrlCommand*)command delegate:(C
   [commandDelegate sendPluginResult:result callbackId:command.callbackId];
 }
 
+- (BOOL) enableDefaultAuthenticator {
+  NSString* authId = DEFAULT_AUTH_ID;
+  NSError* enableError = nil;
+  NSString* authenticatorName = LOCAL_AUTH_DEFAULT;
+    
+  OMAuthenticator* authenticator = [self getAuthenticator:authId authenticatorName:authenticatorName];
+  if (authenticator != nil) {
+    IdmLog(@"Authenticator is already enabled for type %@", authenticatorName);
+    return YES;
+  }
+  
+  NSString* instanceId = [self getInstanceId:authId authenticatorName:authenticatorName];
+  [self registerAuthenticatorIfNeeded:authenticatorName error:&enableError];
+
+  if (!enableError) {
+    if ([sharedManager enableAuthentication:authenticatorName instanceId:instanceId error:&enableError]) {
+      OMAuthenticator* authenticator = [self getAuthenticator:authId authenticatorName:authenticatorName];
+      [authenticator authenticate:nil error:&enableError];
+      if (authenticator == nil) {
+        IdmLog(@"Something went wrong while enabling Default Authenticator.");
+        return NO;
+      }
+    }
+  }
+  if (enableError) {
+    IdmLog(@"Error Registering Default Authenticator");
+    return NO;
+  }
+  return YES;
+}
+
 -(void) enable:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate {
   NSError* enableError = nil;
   NSString* authId = command.arguments[0];
@@ -177,6 +219,86 @@ -(void) disable:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*
                          callbackId:command.callbackId];
 }
 
+-(void) getPreference:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate {
+    NSString* authId = command.arguments[0];
+    NSString* key = command.arguments[1];
+    NSString* result;
+    NSError* getDefaultPreferenceError = nil;
+    NSError* getSecuredPreferenceError = nil;
+
+    //Attempt fetching data
+    OMPinAuthenticator* pinAuthenticator = [self getPinAuthenticator:authId];
+    if (pinAuthenticator == nil) {
+      OMDefaultAuthenticator *defAuth = [self getDefaultAuthenticator:DEFAULT_AUTH_ID];
+      result = [defAuth.secureStorage dataForId:key error:&getDefaultPreferenceError];
+    }
+    else {
+      result = [pinAuthenticator.secureStorage dataForId:key error:&getSecuredPreferenceError];
+      if(result == nil) {
+        OMDefaultAuthenticator *defAuth = [self getDefaultAuthenticator:DEFAULT_AUTH_ID];
+        result = [defAuth.secureStorage dataForId:key error:&getDefaultPreferenceError];
+      }
+    }
+    [commandDelegate sendPluginResult:[CDVPluginResult resultWithStatus:CDVCommandStatus_OK messageAsString:result] callbackId:command.callbackId];
+}
+
+-(void) setPreference:(CDVInvokedUrlCommand*)command delegate:(CDVCommandDelegateImpl*) commandDelegate {
+    NSString* authId = command.arguments[0];
+    NSString* key = command.arguments[1];
+    NSString* value = command.arguments[2];
+    Boolean secure = [command.arguments[3] boolValue];
+    NSError* setPreferenceError = nil;
+
+    if(!secure) {
+      //Check if Default Authenticator is Enabled
+      if(!self.defaultAuthenticationEnabled) {
+          [commandDelegate sendPluginResult:[IdmAuthenticationPlugin errorCodeToPluginResult:ERROR_ENABLING_AUTHENTICATOR]
+                                 callbackId:command.callbackId];
+      }
+
+      //Attempt storing in default storage
+      IdmLog(@"Storing in default storage");
+      OMDefaultAuthenticator *defAuth = [self getDefaultAuthenticator:DEFAULT_AUTH_ID];
+      if(value == nil)
+        [defAuth.secureStorage deleteDataForId:key error:&setPreferenceError];
+      else
+        [defAuth.secureStorage saveDataForId:key data:value error:&setPreferenceError];
+
+      //Verify error and send result to plugin
+      if(setPreferenceError) {
+        [commandDelegate sendPluginResult:[IdmAuthenticationPlugin errorCodeToPluginResult:SAVING_VALUE_TO_DEFAULT_STORAGE_FAILED]
+                              callbackId:command.callbackId];
+      }
+      else {
+        [commandDelegate sendPluginResult:[CDVPluginResult resultWithStatus:CDVCommandStatus_OK messageAsString:@"Default Storage operation Successfull!!"] callbackId:command.callbackId];
+      }
+
+      return;
+    }
+    //Check if PIN Authenticator is Enabled
+    OMPinAuthenticator* pinAuthenticator = [self getPinAuthenticator:authId];
+    if (pinAuthenticator == nil) {
+      IdmLog(@"No enabled authenticators");
+      [commandDelegate sendPluginResult:[IdmAuthenticationPlugin errorCodeToPluginResult:PIN_AUTHENTICATOR_NOT_ENABLED]
+                              callbackId:command.callbackId];
+      return;
+    }
+    //Attempt storing in secured storage
+    if (value == nil) 
+      [pinAuthenticator.secureStorage deleteDataForId:key error:&setPreferenceError];
+    else
+      [pinAuthenticator.secureStorage saveDataForId:key data:value error:&setPreferenceError];
+
+    //Verify error and send result to plugin
+    if(setPreferenceError) {
+      [commandDelegate sendPluginResult:[IdmAuthenticationPlugin errorCodeToPluginResult:SAVING_VALUE_TO_SECURED_STORAGE_FAILED]
+                            callbackId:command.callbackId];
+    }
+    else {
+      [commandDelegate sendPluginResult:[CDVPluginResult resultWithStatus:CDVCommandStatus_OK messageAsString:@"Secure Storage operation Successfull!!"] callbackId:command.callbackId];
+    }
+}
+
 -(void) authenticateBiometric:(CDVInvokedUrlCommand*)command
             delegate:(CDVCommandDelegateImpl*)commandDelegate {
   NSString* authId = command.arguments[0];
@@ -396,6 +518,8 @@ - (NSString *)authenticatorClassForType:(NSString*)authenticatorName
     return NSStringFromClass([OMBiometricAuthenticator class]);
   if ([LOCAL_AUTH_PIN isEqualToString:authenticatorName])
     return NSStringFromClass([OMPinAuthenticator class]);
+  if ([LOCAL_AUTH_DEFAULT isEqualToString:authenticatorName])
+    return NSStringFromClass([OMDefaultAuthenticator class]);
   return nil;
 }
 
@@ -406,6 +530,8 @@ -(OMAuthenticator*) getAuthenticator:(NSString*) authId authenticatorName:(NSStr
     return [self getFingerprintAuthenticator:authId];
   else if ([LOCAL_AUTH_BIOMETRIC isEqualToString:authenticatorName])
     return [self getBiometricAuthenticator:authId];
+  else if ([LOCAL_AUTH_DEFAULT isEqualToString:authenticatorName])
+    return [self getDefaultAuthenticator:authId];
   return nil;
 }
 
@@ -421,6 +547,18 @@ -(OMPinAuthenticator*) getPinAuthenticator:(NSString*) authId {
   return nil;
 }
 
+-(OMDefaultAuthenticator*) getDefaultAuthenticator:(NSString*) authId {
+  NSString* instanceId = [self getInstanceId:authId authenticatorName:LOCAL_AUTH_DEFAULT];
+  if (![sharedManager isAuthenticatorRegistered:LOCAL_AUTH_DEFAULT])
+    return nil;
+
+  OMAuthenticator* auth = [sharedManager authenticatorForInstanceId:instanceId error:nil];
+  if (auth && [auth isKindOfClass:[OMDefaultAuthenticator class]]) {
+    return (OMDefaultAuthenticator*) auth;
+  }
+  return nil;
+}
+
 -(OMBiometricAuthenticator*) getFingerprintAuthenticator:(NSString*) authId {
   NSString* instanceId = [self getInstanceId:authId authenticatorName:LOCAL_AUTH_FINGERPRINT];
 

tests/TestUtil.js

@@ -304,8 +304,10 @@ exports.defineAutoTests = function() {
       if (options.securedUrlResult)
         expect(results.securedUrlResult).toContain(options.securedUrlResult);
 
-      if (options.authHeader)
-        expect(result.headers.Authorization).toBe(options.authHeader);
+      if (options.authHeader) {
+        expect(results.headers.Authorization).toBeDefined();
+        expect(results.headers.ExpiryTime).toBeDefined();
+      }
 
       if (!options.noLogout)
         expect(results.authAfterLogout).not.toBeTruthy();