Merge pull request #1 from AckeeCZ/proposal/initial_version

Implement basic Google sign-in flow functionality

Author: janmisar

.gitignore

@@ -0,0 +1,7 @@
+.DS_Store
+/.build
+/Packages
+/*.xcodeproj
+xcuserdata/
+DerivedData/
+.swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata

Package.swift

@@ -0,0 +1,24 @@
+// swift-tools-version:5.3
+import PackageDescription
+
+let package = Package(
+    name: "OpenGoogleSignInSDK",
+    platforms: [
+        .iOS(.v12),
+        .macOS("10.9")
+    ],
+    products: [
+        .library(
+            name: "OpenGoogleSignInSDK",
+            targets: ["OpenGoogleSignInSDK"]),
+    ],
+    dependencies: [],
+    targets: [
+        .target(
+            name: "OpenGoogleSignInSDK",
+            dependencies: []),
+        .testTarget(
+            name: "OpenGoogleSignInSDKTests",
+            dependencies: ["OpenGoogleSignInSDK"]),
+    ]
+)

README.md

@@ -1 +1,66 @@
-# OpenGoogleSignInSDK
+# OpenGoogleSignInSDK
+
+OpenGoogleSignInSDK is an open-source library which takes care of Google Sign-In flow using OAuth 2.0 and can be used as an alternative to [official GoogleSignInSDK](https://developers.google.com/identity/sign-in/ios/sdk).
+
+## Installation
+
+### Swift Package Manager
+
+SDK can be installed using [SPM](https://github.com/apple/swift-package-manager). Just add following line into your `Package.swift`: 
+
+```swift
+.package(url: "https://github.com/AckeeCZ/OpenGoogleSignInSDK.git", .upToNextMajor(from: "1.0.0")),
+```
+
+or use the Xcode `File -> Swift Packages -> Add Package Dependency` and paste the URL of GitHub repository.
+### CocoaPods, Carthage
+🔜👀
+
+## Integration guide
+
+### Add a URL scheme to your project
+
+Google Sign-In flow requires a URL scheme to be added to your project:
+
+1. Open your project configuration, select your app from the **Targets** section, then select the **Info** tab and expand the **URL Types** section.
+2. Click the **+** button, and add your reversed client ID as a URL scheme. The reversed client ID is your client ID with the order of the dot-delimited fields reversed, like on the picture below:
+
+![url-types|OpenGoogleSignInSDK](Resources/url-types.png)
+
+### Set OAuth 2.0 client ID
+
+First, you need to visit [Google API Console](https://console.developers.google.com/apis/credentials?project=_) to obtain OAuth 2.0 client ID of your project. After obtaining the client ID, you need to configure the `clientID` property of `OpenGoogleSignIn` shared instance in your app delegate:
+
+```swift
+func application(_ application: UIApplication,
+                 didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
+  OpenGoogleSignIn.shared.clientID = "YOUR_CLIENT_ID"
+
+  return true
+}
+```
+
+### Handle Sign-In process
+
+To handle Sign-In process, you need to set `OpenGoogleSignInDelegate` and implement the protocol:
+
+```swift
+OpenGoogleSignIn.shared.delegate = self
+
+...
+...
+...
+
+func sign(didSignInFor user: GoogleUser?, withError error: GoogleSignInError?) {
+  // Signed in user or error received here.
+  // Perform any required operations.
+}
+```
+
+## Author
+
+[Ackee](https://ackee.cz) team
+
+## License
+
+OpenGoogleSignInSDK is available under the MIT license. See the LICENSE file for more info.

Resources/url-types.png

@@ -0,0 +1,25 @@
+import Foundation
+
+/// Google sign-in error.
+public enum GoogleSignInError: Error, Equatable {
+    case authenticationError(Error)
+    case invalidCode
+    case invalidResponse
+    case invalidTokenRequest
+    case networkError(Error)
+    case tokenDecodingError(Error)
+    case userCancelledSignInFlow
+}
+
+public func == (lhs: Error, rhs: Error) -> Bool {
+    guard type(of: lhs) == type(of: rhs) else { return false }
+    let error1 = lhs as NSError
+    let error2 = rhs as NSError
+    return error1.domain == error2.domain && error1.code == error2.code && "\(lhs)" == "\(rhs)"
+}
+
+extension Equatable where Self : Error {
+    public static func == (lhs: Self, rhs: Self) -> Bool {
+        lhs as Error == rhs as Error
+    }
+}

Sources/OpenGoogleSignInSDK/Model/GoogleSignInError.swift

@@ -0,0 +1,6 @@
+/// Google sign-in OAuth 2.0 scope.
+public enum GoogleSignInScope: String {
+    case email
+    case openID = "openid"
+    case profile
+}

Sources/OpenGoogleSignInSDK/Model/GoogleSignInScope.swift

@@ -0,0 +1,9 @@
+/// Google sign-in user account.
+public struct GoogleUser: Codable, Equatable {
+    public let accessToken: String
+    public let expiresIn: Int
+    public let idToken: String
+    public let refreshToken: String?
+    public let scope: String
+    public let tokenType: String
+}

Sources/OpenGoogleSignInSDK/Model/GoogleUser.swift

@@ -0,0 +1,210 @@
+import AuthenticationServices
+import OSLog
+import UIKit
+
+/// Google sign-in delegate.
+public protocol OpenGoogleSignInDelegate: AnyObject {
+    /// Indicates that sign-in flow has finished and retrieves `GoogleUser` if successful or `error`.
+    func sign(didSignInFor user: GoogleUser?, withError error: GoogleSignInError?)
+}
+
+/// Signs the user in with Google using OAuth 2.0.
+public final class OpenGoogleSignIn: NSObject {
+    
+    // MARK: - Public properties
+    
+    public weak var delegate: OpenGoogleSignInDelegate?
+    
+    /// The client ID of the app.
+    /// It is required for communication with Google API to work.
+    public var clientID: String = ""
+    
+    /// Client secret.
+    /// It is only used when exchanging the authorization code for an access token.
+    public var clientSecret: String = ""
+    
+    /// `URLSession` used to perform data tasks.
+    public var session: URLSession = URLSession.shared
+    
+    /// Shared `OpenGoogleSignIn` instance
+    public static let shared: OpenGoogleSignIn = OpenGoogleSignIn()
+    
+    /// API scopes requested by the app
+    public var scopes: Set<GoogleSignInScope> = [.email, .openID, .profile]
+    
+    /// View controller to present Google sign-in flow.
+    /// Needs to be set for presenting to work correctly.
+    public weak var presentingViewController: UIViewController? = nil
+    
+    // MARK: - Private properties
+
+    /// Session used to authenticate a user with Google sign-in.
+    private var authenticationSession: ASWebAuthenticationSession? = nil
+    
+    /// Google API OAuth 2.0 token url.
+    private static let tokenURL: URL? = URL(string: "https://www.googleapis.com/oauth2/v4/token")
+
+    /// The client's redirect URI, which is based on `clientID`.
+    private var redirectURI: String {
+        String(
+            clientID
+                .components(separatedBy: ".")
+                .reversed()
+                .joined(separator: ".")
+        ) + ":/oauth2redirect/google"
+    }
+    
+    /// Authorization `URL` based on parameters provided by the app.
+    private var authURL: URL {
+        let scopes = scopes.map { $0.rawValue }.joined(separator: "+")
+        var components = URLComponents()
+        
+        components.scheme = "https"
+        components.host = "accounts.google.com"
+        components.path = "/o/oauth2/v2/auth"
+        
+        components.queryItems = [
+            URLQueryItem(name: "client_id", value: clientID),
+            URLQueryItem(name: "redirect_uri", value: redirectURI),
+            URLQueryItem(name: "response_type", value: "code"),
+            URLQueryItem(name: "scope", value: scopes)
+        ]
+
+        return components.url!
+    }
+    
+    // MARK: - Initialization
+    
+    private override init() { }
+    
+    // MARK: - Public helpers
+    
+    
+    /// Handles token response.
+    /// Calls `OpenGoogleSignInDelegate` with valid response or error.
+    public func handle(_ url: URL) {
+        handleTokenResponse(using: url) { [weak self] result in
+            switch result {
+            case .success(let response):
+                self?.delegate?.sign(didSignInFor: response, withError: nil)
+            case .failure(let error):
+                self?.delegate?.sign(didSignInFor: nil, withError: error)
+            }
+        }
+    }
+
+    /// Starts Google sign-in flow.
+    /// `OpenGoogleSignInDelegate` will be called on success/error.
+    public func signIn() {
+        guard !clientID.isEmpty else {
+            os_log(.error, "You must specify clientID for Google sign-in to work correctly!")
+            return
+        }
+
+        // Create authentication session with provided parameters
+        authenticationSession = ASWebAuthenticationSession(
+            url: authURL,
+            callbackURLScheme: clientID
+        ) { [weak self] callbackURL, error in
+            guard let callbackURL = callbackURL else { return }
+
+            if let error = error {
+                // Throw error if received
+                self?.delegate?.sign(didSignInFor: nil, withError: .authenticationError(error))
+            } else {
+                // Handle received `callbackURL` on success
+                self?.handle(callbackURL)
+            }
+        }
+        
+        // Set `presentationContextProvider` for iOS 13+ modals to work correctly
+        if #available(iOS 13.0, *) {
+            authenticationSession?.presentationContextProvider = self
+        }
+        
+        // Start authentication session
+        authenticationSession?.start()
+    }
+    
+    // MARK: - Private helpers
+    
+    /// Decodes `GoogleUser` from OAuth 2.0 response.
+    private func decodeUser(from data: Data) throws -> GoogleUser {
+        let decoder = JSONDecoder()
+        decoder.keyDecodingStrategy = .convertFromSnakeCase
+        
+        return try decoder.decode(GoogleUser.self, from: data)
+    }
+    
+    /// Handles OAuth 2.0 token response.
+    private func handleTokenResponse(using redirectUrl: URL, completion: @escaping (Result<GoogleUser, GoogleSignInError>) -> Void) {
+        guard let code = self.parseCode(from: redirectUrl) else {
+            completion(.failure(.invalidCode))
+            return
+        }
+        
+        guard let tokenRequest = makeTokenRequest(with: code) else {
+            completion(.failure(.invalidTokenRequest))
+            return
+        }
+        
+        let task = session.dataTask(with: tokenRequest) { data, response, error in
+            if let error = error {
+                completion(.failure(.networkError(error)))
+                return
+            }
+            
+            guard let data = data else {
+                completion(.failure(.invalidResponse))
+                return
+            }
+
+            do {
+                completion(.success(try self.decodeUser(from: data)))
+            } catch {
+                completion(.failure(.tokenDecodingError(error)))
+            }
+        }
+        task.resume()
+    }
+    
+    /// Returns `code` parsed from provided `redirectURL`.
+    private func parseCode(from redirectURL: URL) -> String? {
+        let components = URLComponents(url: redirectURL, resolvingAgainstBaseURL: false)
+
+        return components?.queryItems?.first(where: { $0.name == "code" })?.value
+    }
+    
+    /// Returns `URLRequest` to retrieve Google sign-in OAuth 2.0 token using arameters provided by the app.
+    private func makeTokenRequest(with code: String) -> URLRequest? {
+        guard let tokenURL = OpenGoogleSignIn.tokenURL else { return nil }
+        
+        var request = URLRequest(url: tokenURL)
+        request.httpMethod = "POST"
+        request.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
+        
+        let parameters = [
+            "client_id": clientID,
+            "client_secret": clientSecret,
+            "code": code,
+            "grant_type": "authorization_code",
+            "redirect_uri": redirectURI
+        ]
+        
+        let body = parameters
+            .map { "\($0)=\($1)" }
+            .joined(separator: "&")
+        
+        request.httpBody = body.data(using: .utf8)
+        
+        return request
+    }
+}
+
+// MARK: - ASWebAuthenticationPresentationContextProviding
+
+extension OpenGoogleSignIn: ASWebAuthenticationPresentationContextProviding {
+    public func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {
+        UIApplication.shared.windows.first { $0.isKeyWindow } ?? ASPresentationAnchor()
+    }
+}

Sources/OpenGoogleSignInSDK/OpenGoogleSignInSDK.swift

@@ -0,0 +1,27 @@
+import XCTest
+@testable import OpenGoogleSignInSDK
+
+final class MockOpenGoogleSignInDelegate: OpenGoogleSignInDelegate {
+    var user: GoogleUser?
+    var error: GoogleSignInError?
+    
+    private var expectation: XCTestExpectation?
+    private let testCase: XCTestCase
+    
+    init(testCase: XCTestCase) {
+        self.testCase = testCase
+    }
+    
+    func expectSignInFinish() {
+        expectation = testCase.expectation(description: "Expect sign-in flow to finish")
+    }
+    
+    // MARK: - OAuthGoogleSignInDelegate
+    
+    func sign(didSignInFor user: GoogleUser?, withError error: GoogleSignInError?) {
+        self.user = user
+        self.error = error
+
+        expectation?.fulfill()
+    }
+}