auth0
diff --git a/‎App/ContentView.swift‎
Lines changed: 121 additions & 0 deletions b/‎App/ContentView.swift‎
Lines changed: 121 additions & 0 deletions
diff --git a/‎App/ContentViewModel.swift‎
Lines changed: 104 additions & 0 deletions b/‎App/ContentViewModel.swift‎
Lines changed: 104 additions & 0 deletions
diff --git a/‎Auth0.xcodeproj/project.pbxproj‎
Lines changed: 10 additions & 10 deletions b/‎Auth0.xcodeproj/project.pbxproj‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎Auth0/Auth0Authentication.swift‎
Lines changed: 74 additions & 0 deletions b/‎Auth0/Auth0Authentication.swift‎
Lines changed: 74 additions & 0 deletions
@@ -0,0 +1,121 @@
+import SwiftUI
+import Auth0
+import Combine
+struct ContentView: View {
+    @ObservedObject var viewModel: ContentViewModel
+    @State var email: String = ""
+    @State var password: String = ""
+    init(viewModel: ContentViewModel) {
+        self.viewModel = viewModel
+    }
+
+    var body: some View {
+        if viewModel.showOTPTextField {
+            TextField(text: $viewModel.otpCode) {
+                Text("Enter otp")
+            }.keyboardType(.numberPad)
+            .padding()
+            .cornerRadius(4)
+            .overlay {
+                RoundedRectangle(cornerRadius: 4)
+                    .stroke(Color.blue, lineWidth: 1)
+            }
+            
+            Button {
+                viewModel.confirmEnrollment()
+            } label: {
+                Text("Continue")
+            }
+            .frame(height: 48)
+            .background(Color.black)
+        } else if let qrCodeImage = viewModel.qrCodeImage {
+            VStack {
+                Spacer()
+                qrCodeImage
+                    .resizable()
+                    .interpolation(.none)
+                    .aspectRatio(1.0, contentMode: .fit)
+                    .padding()
+                    .overlay {
+                        RoundedRectangle(cornerRadius: 4)
+                            .stroke(Color.black, lineWidth: 0.5)
+                    }
+                
+                TextField(text: $viewModel.otpCode) {
+                    Text("Enter otp")
+                }.keyboardType(.numberPad)
+                    .overlay {
+                    RoundedRectangle(cornerRadius: 4)
+                        .stroke(Color.blue, lineWidth: 1)
+                }
+                
+                Button {
+                    viewModel.confirmEnrollment()
+                } label: {
+                    Text("Continue")
+                }
+                .frame(height: 48)
+                .background(Color.black)
+                Spacer()
+            }
+        } else {
+            VStack(spacing: 10) {
+                TextField("email", text: $email)
+                    .keyboardType(.emailAddress)
+                    .padding()
+                    .cornerRadius(4)
+                    .overlay {
+                        RoundedRectangle(cornerRadius: 4)
+                            .stroke(Color.blue, lineWidth: 1)
+                    }
+                
+                SecureField("password", text: $password)
+                    .padding()
+                    .cornerRadius(4)
+                    .overlay {
+                        RoundedRectangle(cornerRadius: 4)
+                            .stroke(Color.blue, lineWidth: 1)
+                    }
+                Button {
+                    viewModel.login(email: email, password: password)
+                } label: {
+                    Text("Login")
+                        .foregroundStyle(Color.white)
+                        .padding()
+                        .frame(maxWidth: .infinity)
+                }
+                .background(Color.black)
+
+                Button {
+                    _ = viewModel.credentialsManager.clear()
+                    _ = viewModel.credentialsManager.clear(forAudience: "")
+                } label: {
+                    Text("Logout")
+                        .foregroundStyle(Color.white)
+                        .padding()
+                        .frame(maxWidth: .infinity)
+                }
+                .background(Color.black)
+                
+                Button {
+                    viewModel.fetchAPICredentials()
+                } label: {
+                    Text("Get credentials")
+                        .foregroundStyle(Color.white)
+                        .padding()
+                        .frame(maxWidth: .infinity)
+                }
+                .background(Color.black)
+                Spacer()
+                
+                if let credentials = viewModel.credentials {
+                    Text("\(credentials.accessToken)")
+                        .foregroundStyle(Color.white)
+                        .background(Color.black)
+                        .frame(maxWidth: .infinity)
+                }
+            }.padding()
+        }
+    }
+
+}
@@ -0,0 +1,104 @@
+import Combine
+import SwiftUI
+import Foundation
+import Auth0
+import CoreImage.CIFilterBuiltins
+@MainActor
+final class ContentViewModel: ObservableObject {
+    let credentialsManager: CredentialsManager
+    @Published var otpCode: String = ""
+    @Published var qrCodeImage: Image?
+    @Published var showOTPTextField = false
+    var mfaToken: String = ""
+    @Published var credentials: Credentials? = nil
+
+    init(credentialsManager: CredentialsManager) {
+        self.credentialsManager = credentialsManager
+    }
+
+    func store(credentials: Credentials) {
+        _ = self.credentialsManager.store(credentials: credentials)
+        _ = self.credentialsManager.store(apiCredentials: APICredentials(from: credentials), forAudience: "")
+    }
+
+    func fetchAPICredentials() {
+        Task {
+            do {
+                let credentials = try await credentialsManager.apiCredentials(forAudience: "")
+                print(credentials.accessToken)
+            } catch {
+                print(error)
+            }
+        }
+    }
+
+    func login(email: String, password: String) {
+        Task {
+            do {
+                let credentials = try await Auth0.authentication()
+                    .login(usernameOrEmail: email, password: password, realmOrConnection: "Username-Password-Authentication", audience: "https://test-nandan.com", scope: "openid email profile offline_access")
+                    .start()
+                await MainActor.run {
+                    self.credentials = credentials
+                }
+                self.store(credentials: credentials)
+            } catch {
+                if let error = error as? AuthenticationError,
+                   error.isMultifactorRequired,
+                   let mfaToken = error.info["mfa_token"] as? String {
+                    self.mfaToken = mfaToken
+                    await self.fetchAuthenticators(mfaToken: mfaToken)
+                }
+            }
+        }
+    }
+
+    func confirmEnrollment() {
+        qrCodeImage = nil
+        showOTPTextField = false
+        Task {
+            do {
+                let credentials = try await Auth0.authentication()
+                    .login(withOTP: otpCode, mfaToken: mfaToken)
+                    .start()
+                await MainActor.run {
+                    self.credentials = credentials
+                }
+                self.store(credentials: credentials)
+            } catch {
+                print(error)
+            }
+        }
+    }
+    func fetchAuthenticators(mfaToken: String) async {
+        do {
+            let authenticators = try await Auth0.authentication()
+                .listMFAAuthenticators(mfaToken: mfaToken)
+                .start()
+            if authenticators.filter { $0.type == "otp"  && $0.active == true }.isEmpty {
+                let challenge = try await Auth0.authentication()
+                    .enrollOTPMFA(mfaToken: mfaToken)
+                    .start()
+                await self.setAuthQRCodeImage(challenge: challenge)
+            } else {
+                showOTPTextField = true 
+            }
+        } catch {
+            print(error)
+        }
+    }
+
+    @MainActor func setAuthQRCodeImage(challenge: OTPMFAEnrollmentChallenge) async {
+        let context = CIContext()
+        let filter = CIFilter.qrCodeGenerator()
+        filter.correctionLevel = "H"
+        filter.message = Data(challenge.barCodeURI.utf8)
+        
+        if let outputImage = filter.outputImage {
+            if let cgImage = context.createCGImage(outputImage, from: outputImage.extent) {
+                await MainActor.run {
+                    qrCodeImage = Image(decorative: cgImage, scale: 1.0)            }
+                }
+        }
+    }
+}
@@ -2352,7 +2352,7 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "AUTH0_PLIST=\"${SRCROOT}/Auth0.plist\"\n\nif [ -f $AUTH0_PLIST ]; then\n    cp \"$AUTH0_PLIST\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\nfi\n";
+			shellScript = "PLIST_PATH=\"${SRCROOT}/App/Auth0.plist\"\n\n# If missing, create a placeholder Auth0.plist so Xcode doesn't fail\nif [ ! -f \"$PLIST_PATH\" ]; then\n    echo \"Auth0.plist not found. Creating placeholder.\"\n    cat > \"$PLIST_PATH\" <<EOF\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n    <key>ClientId</key>\n    <string>YOUR_CLIENT_ID</string>\n    <key>Domain</key>\n    <string>YOUR_DOMAIN</string>\n</dict>\n</plist>\nEOF\nfi\n\n# Copy to .app bundle\ncp \"$PLIST_PATH\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\n\n\n";
 		};
 		5B7EE48C20FCA0D900367724 /* Auth0 */ = {
 			isa = PBXShellScriptBuildPhase;
@@ -2367,7 +2367,7 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "AUTH0_PLIST=\"${SRCROOT}/Auth0.plist\"\n\nif [ -f $AUTH0_PLIST ]; then\n    cp \"$AUTH0_PLIST\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app/Contents/Resources\"\nfi\n";
+			shellScript = "PLIST_PATH=\"${SRCROOT}/App/Auth0.plist\"\n\n# If missing, create a placeholder Auth0.plist so Xcode doesn't fail\nif [ ! -f \"$PLIST_PATH\" ]; then\n    echo \"Auth0.plist not found. Creating placeholder.\"\n    cat > \"$PLIST_PATH\" <<EOF\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n    <key>ClientId</key>\n    <string>YOUR_CLIENT_ID</string>\n    <key>Domain</key>\n    <string>YOUR_DOMAIN</string>\n</dict>\n</plist>\nEOF\nfi\n\n# Copy to .app bundle\ncp \"$PLIST_PATH\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\n\n";
 		};
 		5F53F5CB1CFCDC2500476A46 /* Auth0 */ = {
 			isa = PBXShellScriptBuildPhase;
@@ -2382,7 +2382,7 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "AUTH0_PLIST=\"${SRCROOT}/Auth0.plist\"\n\nif [ -f $AUTH0_PLIST ]; then\n    cp \"$AUTH0_PLIST\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\nfi\n";
+			shellScript = "PLIST_PATH=\"${SRCROOT}/App/Auth0.plist\"\n\n# If missing, create a placeholder Auth0.plist so Xcode doesn't fail\nif [ ! -f \"$PLIST_PATH\" ]; then\n    echo \"Auth0.plist not found. Creating placeholder.\"\n    cat > \"$PLIST_PATH\" <<EOF\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n    <key>ClientId</key>\n    <string>YOUR_CLIENT_ID</string>\n    <key>Domain</key>\n    <string>YOUR_DOMAIN</string>\n</dict>\n</plist>\nEOF\nfi\n\n# Copy to .app bundle\ncp \"$PLIST_PATH\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\n\n";
 		};
 		C1B3B9ED2C24B699004A32A4 /* SwiftLint */ = {
 			isa = PBXShellScriptBuildPhase;
@@ -2420,7 +2420,7 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 			shellPath = /bin/sh;
-			shellScript = "AUTH0_PLIST=\"${SRCROOT}/Auth0.plist\"\n\nif [ -f $AUTH0_PLIST ]; then\n    cp \"$AUTH0_PLIST\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\nfi\n";
+			shellScript = "PLIST_PATH=\"${SRCROOT}/App/Auth0.plist\"\n\n# If missing, create a placeholder Auth0.plist so Xcode doesn't fail\nif [ ! -f \"$PLIST_PATH\" ]; then\n    echo \"Auth0.plist not found. Creating placeholder.\"\n    cat > \"$PLIST_PATH\" <<EOF\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n    <key>ClientId</key>\n    <string>YOUR_CLIENT_ID</string>\n    <key>Domain</key>\n    <string>YOUR_DOMAIN</string>\n</dict>\n</plist>\nEOF\nfi\n\n# Copy to .app bundle\ncp \"$PLIST_PATH\" \"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.app\"\n\n\n";
 		};
 /* End PBXShellScriptBuildPhase section */
 
@@ -3496,7 +3496,7 @@
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/Carthage/Build";
 				INFOPLIST_FILE = Auth0/Info.plist;
 				INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks";
-				IPHONEOS_DEPLOYMENT_TARGET = 14.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 15.0;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/Frameworks",
@@ -3527,7 +3527,7 @@
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/Carthage/Build";
 				INFOPLIST_FILE = Auth0/Info.plist;
 				INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks";
-				IPHONEOS_DEPLOYMENT_TARGET = 14.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 15.0;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/Frameworks",
@@ -3894,12 +3894,12 @@
 				CURRENT_PROJECT_VERSION = 1;
 				DEVELOPMENT_TEAM = 86WQXF56BC;
 				INFOPLIST_FILE = App/Info.plist;
-				IPHONEOS_DEPLOYMENT_TARGET = 14.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 15.0;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/Frameworks",
 				);
-				PRODUCT_BUNDLE_IDENTIFIER = com.auth0.OAuth2;
+				PRODUCT_BUNDLE_IDENTIFIER = com.auth0.OAuth2.dev;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE = "";
 				PROVISIONING_PROFILE_SPECIFIER = "";
@@ -3917,12 +3917,12 @@
 				CURRENT_PROJECT_VERSION = 1;
 				DEVELOPMENT_TEAM = 86WQXF56BC;
 				INFOPLIST_FILE = App/Info.plist;
-				IPHONEOS_DEPLOYMENT_TARGET = 14.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 15.0;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/Frameworks",
 				);
-				PRODUCT_BUNDLE_IDENTIFIER = com.auth0.OAuth2;
+				PRODUCT_BUNDLE_IDENTIFIER = com.auth0.OAuth2.dev;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
 				SWIFT_VERSION = 5.0;
 
@@ -74,6 +74,34 @@ struct Auth0Authentication: Authentication {
                        dpop: self.dpop)
     }
 
+    func enrollOTPMFA(mfaToken: String) -> Request<OTPMFAEnrollmentChallenge, AuthenticationError> {
+        let url = URL(string: "mfa/associate", relativeTo: self.url)!
+
+        let payload: [String: Any] = [
+            "authenticator_types": ["otp"]
+        ]
+
+        return Request(session: session, url: url,
+                       method: "POST",
+                       handle: authenticationDecodable,
+                       parameters: payload,
+                       headers: baseHeaders(accessToken: mfaToken, tokenType: "Bearer"),
+                       logger: logger,
+                       telemetry: telemetry)
+    }
+
+    func listMFAAuthenticators(mfaToken: String) -> Request<[Authenticator], AuthenticationError> {
+        let url = URL(string: "mfa/authenticators", relativeTo: self.url)!
+
+        return Request(session: session,
+                       url: url,
+                       method: "GET",
+                       handle: authenticationDecodable,
+                       headers: baseHeaders(accessToken: mfaToken, tokenType: "Bearer"),
+                       logger: self.logger,
+                       telemetry: self.telemetry)
+    }
+
     func login(withOTP otp: String, mfaToken: String) -> Request<Credentials, AuthenticationError> {
         let url = URL(string: "oauth/token", relativeTo: self.url)!
 
@@ -588,3 +616,49 @@ private extension Auth0Authentication {
     }
 
 }
+
+
+
+public struct Authenticator: Decodable {
+    
+    public let type: String
+    public let oobChannel: String?
+    public let id: String
+    public let name: String?
+    public let active: Bool
+//        "authenticator_type": "oob",
+//        "oob_channel": "sms", //
+//        "id": "sms|dev_sEe99pcpN0xp0yOO",
+//        "name": "+1123XXXXX", //
+//        "active": true
+    
+    
+    enum CodingKeys: String, CodingKey {
+        case type = "authenticator_type"
+        case oobChannel = "oob_channel"
+        case name
+        case active
+        case id
+    }
+}
+
+
+public struct OTPMFAEnrollmentChallenge: Decodable {
+    public let authenticatorType: String
+    public let secret: String
+    public let barCodeURI: String
+    public let recoveryCodes: [String]?
+
+    enum CodingKeys: String, CodingKey {
+        case authenticatorType = "authenticator_type"
+        case secret
+        case barCodeURI = "barcode_uri"
+        case recoveryCodes = "recovery_codes"
+    }
+//    {
+//      "authenticator_type": "otp",
+//      "secret": "EN...S",
+//      "barcode_uri": "otpauth://totp/tenant:user?secret=...&issuer=tenant&algorithm=SHA1&digits=6&period=30",
+//      "recovery_codes": [ "N3B...XC"]
+//    }
+}