Skip to content

Commit 7721a7c

Browse files
author
Kai Song
committed
Remove crypto part for response
1 parent 7024e55 commit 7721a7c

File tree

4 files changed

+142
-109
lines changed

4 files changed

+142
-109
lines changed

IdentityCore/src/controllers/MSIDRequestControllerFactory.m

Lines changed: 125 additions & 98 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,101 @@
4141

4242
@implementation MSIDRequestControllerFactory
4343

44-
#if TARGET_OS_OSX
44+
//+ (nullable id<MSIDRequestControlling>)silentControllerForParameters:(MSIDRequestParameters *)parameters
45+
// forceRefresh:(BOOL)forceRefresh
46+
// skipLocalRt:(MSIDSilentControllerLocalRtUsageType)skipLocalRt
47+
// tokenRequestProvider:(id<MSIDTokenRequestProviding>)tokenRequestProvider
48+
// error:(NSError *__autoreleasing*)error
49+
//{
50+
// // Nested auth protocol - Reverse client id & redirect uri
51+
// if ([parameters isNestedAuthProtocol])
52+
// {
53+
// [parameters reverseNestedAuthParametersIfNeeded];
54+
// }
55+
//
56+
// MSIDSilentController *brokerController;
57+
//
58+
// if ([parameters shouldUseBroker])
59+
// {
60+
// if ([MSIDSSOExtensionSilentTokenRequestController canPerformRequest])
61+
// {
62+
// MSIDSilentController *localController = nil;
63+
// if (parameters.allowUsingLocalCachedRtWhenSsoExtFailed)
64+
// {
65+
// localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
66+
// forceRefresh:YES
67+
// tokenRequestProvider:tokenRequestProvider
68+
// error:error];
69+
// localController.isLocalFallbackMode = YES;
70+
// }
71+
//
72+
// // Use XPC service as a SsoExtension backup controller when enableXcpFlow is on, enableXcpFlow is disabled by default
73+
// MSIDSilentController *xpcController = nil;
74+
//#if TARGET_OS_OSX
75+
// if (parameters.enableXpcFlow && [MSIDXpcSilentTokenRequestController canPerformRequest])
76+
// {
77+
// xpcController = [[MSIDXpcSilentTokenRequestController alloc] initWithRequestParameters:parameters
78+
// forceRefresh:forceRefresh
79+
// tokenRequestProvider:tokenRequestProvider
80+
// fallbackInteractiveController:localController
81+
// error:error];
82+
// }
83+
//#endif
84+
//
85+
// brokerController = [[MSIDSSOExtensionSilentTokenRequestController alloc] initWithRequestParameters:parameters
86+
// forceRefresh:forceRefresh
87+
// tokenRequestProvider:tokenRequestProvider
88+
// fallbackInteractiveController:xpcController != nil ? xpcController : localController
89+
// error:error];
90+
// }
91+
//#if TARGET_OS_OSX
92+
// else
93+
// {
94+
// MSIDSilentController *localController = nil;
95+
// if (parameters.allowUsingLocalCachedRtWhenSsoExtFailed)
96+
// {
97+
// localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
98+
// forceRefresh:YES
99+
// tokenRequestProvider:tokenRequestProvider
100+
// error:error];
101+
// localController.isLocalFallbackMode = YES;
102+
// }
103+
//
104+
// if (parameters.enableXpcFlow && [MSIDXpcSilentTokenRequestController canPerformRequest])
105+
// {
106+
// brokerController = [[MSIDXpcSilentTokenRequestController alloc] initWithRequestParameters:parameters
107+
// forceRefresh:forceRefresh
108+
// tokenRequestProvider:tokenRequestProvider
109+
// fallbackInteractiveController:localController
110+
// error:error];
111+
// }
112+
// }
113+
//#endif
114+
// }
115+
//
116+
// __auto_type localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
117+
// forceRefresh:forceRefresh
118+
// tokenRequestProvider:tokenRequestProvider
119+
// fallbackInteractiveController:brokerController
120+
// error:error];
121+
// if (!localController) return nil;
122+
//
123+
// switch (skipLocalRt) {
124+
// case MSIDSilentControllerForceSkippingLocalRt:
125+
// localController.skipLocalRt = YES;
126+
// break;
127+
// case MSIDSilentControllerForceUsingLocalRt:
128+
// localController.skipLocalRt = NO;
129+
// break;
130+
// case MSIDSilentControllerUndefinedLocalRtUsage:
131+
// if (brokerController) localController.skipLocalRt = YES;
132+
// break;
133+
// default:
134+
// break;
135+
// }
136+
//
137+
// return localController;
138+
//}
45139

46140
+ (nullable id<MSIDRequestControlling>)silentControllerForParameters:(MSIDRequestParameters *)parameters
47141
forceRefresh:(BOOL)forceRefresh
@@ -54,112 +148,46 @@ @implementation MSIDRequestControllerFactory
54148
{
55149
[parameters reverseNestedAuthParametersIfNeeded];
56150
}
57-
58-
MSIDSilentController *brokerController;
59-
151+
152+
MSIDSilentController *fallbackController = nil;
153+
60154
if ([parameters shouldUseBroker])
61155
{
62-
if ([MSIDSSOExtensionSilentTokenRequestController canPerformRequest])
156+
if (parameters.allowUsingLocalCachedRtWhenSsoExtFailed)
63157
{
64-
MSIDSilentController *localController = nil;
65-
if (parameters.allowUsingLocalCachedRtWhenSsoExtFailed)
66-
{
67-
localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
68-
forceRefresh:YES
69-
tokenRequestProvider:tokenRequestProvider
70-
error:error];
71-
localController.isLocalFallbackMode = YES;
72-
}
73-
74-
// Use XPC as a SsoExtension backup controller
75-
MSIDXpcSilentTokenRequestController *xpcController = nil;
76-
if ([MSIDXpcSilentTokenRequestController canPerformRequest])
77-
{
78-
xpcController = [[MSIDXpcSilentTokenRequestController alloc] initWithRequestParameters:parameters
158+
fallbackController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
159+
forceRefresh:YES
160+
tokenRequestProvider:tokenRequestProvider
161+
error:error];
162+
fallbackController.isLocalFallbackMode = YES;
163+
}
164+
165+
#if TARGET_OS_OSX
166+
if (parameters.enableXpcFlow && [MSIDXpcSilentTokenRequestController canPerformRequest])
167+
{
168+
fallbackController = [[MSIDXpcSilentTokenRequestController alloc] initWithRequestParameters:parameters
79169
forceRefresh:forceRefresh
80170
tokenRequestProvider:tokenRequestProvider
81-
fallbackInteractiveController:localController
171+
fallbackInteractiveController:fallbackController
82172
error:error];
83-
}
84-
85-
brokerController = [[MSIDSSOExtensionSilentTokenRequestController alloc] initWithRequestParameters:parameters
86-
forceRefresh:forceRefresh
87-
tokenRequestProvider:tokenRequestProvider
88-
fallbackInteractiveController:xpcController != nil ? xpcController : localController
89-
error:error];
90173
}
91-
}
92-
93-
__auto_type localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
94-
forceRefresh:forceRefresh
95-
tokenRequestProvider:tokenRequestProvider
96-
fallbackInteractiveController:brokerController
97-
error:error];
98-
if (!localController) return nil;
99-
100-
switch (skipLocalRt) {
101-
case MSIDSilentControllerForceSkippingLocalRt:
102-
localController.skipLocalRt = YES;
103-
break;
104-
case MSIDSilentControllerForceUsingLocalRt:
105-
localController.skipLocalRt = NO;
106-
break;
107-
case MSIDSilentControllerUndefinedLocalRtUsage:
108-
if (brokerController) localController.skipLocalRt = YES;
109-
break;
110-
default:
111-
break;
112-
}
113-
114-
return localController;
115-
}
116-
117-
#else
118-
119-
+ (nullable id<MSIDRequestControlling>)silentControllerForParameters:(MSIDRequestParameters *)parameters
120-
forceRefresh:(BOOL)forceRefresh
121-
skipLocalRt:(MSIDSilentControllerLocalRtUsageType)skipLocalRt
122-
tokenRequestProvider:(id<MSIDTokenRequestProviding>)tokenRequestProvider
123-
error:(NSError *__autoreleasing*)error
124-
{
125-
// Nested auth protocol - Reverse client id & redirect uri
126-
if ([parameters isNestedAuthProtocol])
127-
{
128-
[parameters reverseNestedAuthParametersIfNeeded];
129-
}
130-
131-
MSIDSilentController *brokerController;
132-
133-
if ([parameters shouldUseBroker])
134-
{
174+
#endif
175+
135176
if ([MSIDSSOExtensionSilentTokenRequestController canPerformRequest])
136177
{
137-
MSIDSilentController *localController = nil;
138-
if (parameters.allowUsingLocalCachedRtWhenSsoExtFailed)
139-
{
140-
localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
141-
forceRefresh:YES
142-
tokenRequestProvider:tokenRequestProvider
143-
error:error];
144-
localController.isLocalFallbackMode = YES;
145-
}
146-
147-
brokerController = [[MSIDSSOExtensionSilentTokenRequestController alloc] initWithRequestParameters:parameters
148-
forceRefresh:forceRefresh
149-
tokenRequestProvider:tokenRequestProvider
150-
fallbackInteractiveController:localController
151-
error:error];
178+
fallbackController = [[MSIDSSOExtensionSilentTokenRequestController alloc] initWithRequestParameters:parameters
179+
forceRefresh:forceRefresh
180+
tokenRequestProvider:tokenRequestProvider
181+
fallbackInteractiveController:fallbackController
182+
error:error];
152183
}
153184
}
154185

155-
// TODO: Performance optimization: check account source.
156-
// if (parameters.accountIdentifier.source == BROKER) return brokerController;
157-
158-
__auto_type localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
159-
forceRefresh:forceRefresh
160-
tokenRequestProvider:tokenRequestProvider
161-
fallbackInteractiveController:brokerController
162-
error:error];
186+
MSIDSilentController *localController = [[MSIDSilentController alloc] initWithRequestParameters:parameters
187+
forceRefresh:forceRefresh
188+
tokenRequestProvider:tokenRequestProvider
189+
fallbackInteractiveController:fallbackController
190+
error:error];
163191
if (!localController) return nil;
164192

165193
switch (skipLocalRt) {
@@ -170,17 +198,16 @@ @implementation MSIDRequestControllerFactory
170198
localController.skipLocalRt = NO;
171199
break;
172200
case MSIDSilentControllerUndefinedLocalRtUsage:
173-
if (brokerController) localController.skipLocalRt = YES;
201+
if (fallbackController) localController.skipLocalRt = YES;
174202
break;
175203
default:
176204
break;
177205
}
178206

179207
return localController;
208+
180209
}
181210

182-
#endif
183-
184211
+ (nullable id<MSIDRequestControlling>)interactiveControllerForParameters:(nonnull MSIDInteractiveTokenRequestParameters *)parameters
185212
tokenRequestProvider:(nonnull id<MSIDTokenRequestProviding>)tokenRequestProvider
186213
error:(NSError * _Nullable __autoreleasing * _Nullable)error

IdentityCore/src/parameters/MSIDRequestParameters.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,7 @@
7373
@property (nonatomic) NSUInteger tokenExpirationBuffer;
7474
@property (nonatomic) BOOL extendedLifetimeEnabled;
7575
@property (nonatomic) BOOL instanceAware;
76+
@property (nonatomic) BOOL enableXpcFlow;
7677
@property (nonatomic) BOOL allowUsingLocalCachedRtWhenSsoExtFailed;
7778
@property (nonatomic) BOOL clientBrokerKeyCapabilityNotSupported;
7879
@property (nonatomic) NSString *intuneApplicationIdentifier;

IdentityCore/src/util/MSIDXpcSingleSignOnProvider.m

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -114,17 +114,17 @@ - (void)handleRequestParam:(NSDictionary *)requestParam
114114
[directConnection suspend];
115115
[directConnection invalidate];
116116

117-
MSIDBrokerCryptoProvider *cryptoProvider = [[MSIDBrokerCryptoProvider alloc] initWithEncryptionKey:[NSData msidDataFromBase64UrlEncodedString:brokerKey]];
118-
NSError *jsonResponseError = nil;
119-
NSDictionary *jsonResponse = [cryptoProvider decryptBrokerResponse:replyParam correlationId:context.correlationId error:&jsonResponseError];
120-
if (jsonResponseError)
121-
{
122-
MSID_LOG_WITH_CTX_PII(MSIDLogLevelError, nil, @"[Entra broker] CLIENT received operationResponse but failed to decrypt it with error: %@", jsonResponseError);
123-
if (continueBlock) continueBlock(nil, callbackError);
124-
return;
125-
}
117+
// MSIDBrokerCryptoProvider *cryptoProvider = [[MSIDBrokerCryptoProvider alloc] initWithEncryptionKey:[NSData msidDataFromBase64UrlEncodedString:brokerKey]];
118+
// NSError *jsonResponseError = nil;
119+
// NSDictionary *jsonResponse = [cryptoProvider decryptBrokerResponse:replyParam correlationId:context.correlationId error:&jsonResponseError];
120+
// if (jsonResponseError)
121+
// {
122+
// MSID_LOG_WITH_CTX_PII(MSIDLogLevelError, nil, @"[Entra broker] CLIENT received operationResponse but failed to decrypt it with error: %@", jsonResponseError);
123+
// if (continueBlock) continueBlock(nil, callbackError);
124+
// return;
125+
// }
126126

127-
BOOL forceRunOnBackgroundQueue = [[jsonResponse objectForKey:MSID_BROKER_OPERATION_KEY] isEqualToString:@"refresh"];
127+
BOOL forceRunOnBackgroundQueue = [[replyParam objectForKey:MSID_BROKER_OPERATION_KEY] isEqualToString:@"refresh"];
128128
[self forceRunOnBackgroundQueue:forceRunOnBackgroundQueue dispatchBlock:^{
129129
if (callbackError)
130130
{
@@ -134,7 +134,7 @@ - (void)handleRequestParam:(NSDictionary *)requestParam
134134
}
135135

136136
NSError *innerError = nil;
137-
__auto_type operationResponse = (MSIDBrokerOperationTokenResponse *)[MSIDJsonSerializableFactory createFromJSONDictionary:jsonResponse classTypeJSONKey:MSID_BROKER_OPERATION_RESPONSE_TYPE_JSON_KEY assertKindOfClass:aClass error:&innerError];
137+
__auto_type operationResponse = (MSIDBrokerOperationTokenResponse *)[MSIDJsonSerializableFactory createFromJSONDictionary:replyParam classTypeJSONKey:MSID_BROKER_OPERATION_RESPONSE_TYPE_JSON_KEY assertKindOfClass:aClass error:&innerError];
138138

139139
if (!operationResponse)
140140
{

IdentityCore/tests/mocks/MSIDTestTokenRequestProvider.m

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,4 +118,9 @@ - (nullable MSIDSilentTokenRequest *)silentSSOExtensionTokenRequestWithParameter
118118
return [[MSIDTestSilentTokenRequest alloc] initWithTestResponse:self.testTokenResult testError:self.testError];
119119
}
120120

121+
- (nullable MSIDSilentTokenRequest *)silentXpcTokenRequestWithParameters:(nonnull MSIDRequestParameters *)parameters forceRefresh:(BOOL)forceRefresh {
122+
return [[MSIDTestSilentTokenRequest alloc] initWithTestResponse:self.testTokenResult testError:self.testError];
123+
}
124+
125+
121126
@end

0 commit comments

Comments
 (0)