Merge branch 'users/ccrawford/ios.web.fixes' of https://github.com/Assimalign-LLC/assim-js-packages into users/ccrawford/ios.web.fixes

Author: Chase Crawford

src/msal-capacitor-plugin-demo/ios/App/App.xcodeproj/project.pbxproj

@@ -349,12 +349,12 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_ENTITLEMENTS = App/App.entitlements;
 				CODE_SIGN_STYLE = Automatic;
-				DEVELOPMENT_TEAM = NGDMY4TLA6;
+				DEVELOPMENT_TEAM = "";
 				INFOPLIST_FILE = App/Info.plist;
-				IPHONEOS_DEPLOYMENT_TARGET = 11.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 14.2;
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
 				OTHER_SWIFT_FLAGS = "$(inherited) \"-D\" \"COCOAPODS\" \"-DDEBUG\"";
-				PRODUCT_BUNDLE_IDENTIFIER = io.ionic.starter;
+				PRODUCT_BUNDLE_IDENTIFIER = some.bundle.id;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SWIFT_ACTIVE_COMPILATION_CONDITIONS = "DEBUG USE_PUSH";
 				SWIFT_VERSION = 5.0;
@@ -369,11 +369,11 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_ENTITLEMENTS = App/App.entitlements;
 				CODE_SIGN_STYLE = Automatic;
-				DEVELOPMENT_TEAM = NGDMY4TLA6;
+				DEVELOPMENT_TEAM = "";
 				INFOPLIST_FILE = App/Info.plist;
-				IPHONEOS_DEPLOYMENT_TARGET = 11.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 14.2;
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";
-				PRODUCT_BUNDLE_IDENTIFIER = io.ionic.starter;
+				PRODUCT_BUNDLE_IDENTIFIER = some.bundle.id;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SWIFT_ACTIVE_COMPILATION_CONDITIONS = USE_PUSH;
 				SWIFT_VERSION = 5.0;

src/msal-capacitor-plugin-demo/ios/App/App/App.entitlements

@@ -4,9 +4,7 @@
 <dict>
 	<key>keychain-access-groups</key>
 	<array>
-		<string>$(AppIdentifierPrefix)com.microsoft.adalcache</string>
-		<string>$(AppIdentifierPrefix)com.microsoft.identity.universalstorage</string>
-		<string>$(AppIdentifierPrefix)sessionStorage</string>
+		<string>$(AppIdentifierPrefix)com.company.cache</string>
 	</array>
 </dict>
 </plist>

src/msal-capacitor-plugin-demo/ios/App/App/Info.plist

@@ -2,13 +2,6 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
-	<key>LSApplicationQueriesSchemes</key>
-	<array>
-		<string>msauthv2</string>
-		<string>msauthv3</string>
-	</array>
-	<key>NSFaceIDUsageDescription</key>
-	<string>For an easier and faster log in.</string>
 	<key>CFBundleDevelopmentRegion</key>
 	<string>en</string>
 	<key>CFBundleDisplayName</key>
@@ -33,12 +26,17 @@
 			<key>CFBundleURLSchemes</key>
 			<array>
 				<string>capacitor</string>
-				<string>msauth.assimalign.MSALiOS</string>
+				<string></string>
 			</array>
 		</dict>
 	</array>
 	<key>CFBundleVersion</key>
 	<string>1</string>
+	<key>LSApplicationQueriesSchemes</key>
+	<array>
+		<string>msauthv2</string>
+		<string>msauthv3</string>
+	</array>
 	<key>LSRequiresIPhoneOS</key>
 	<true/>
 	<key>NSAppTransportSecurity</key>
@@ -48,6 +46,8 @@
 	</dict>
 	<key>NSCameraUsageDescription</key>
 	<string>To Take Photos and Video</string>
+	<key>NSFaceIDUsageDescription</key>
+	<string>For an easier and faster log in.</string>
 	<key>NSLocationAlwaysUsageDescription</key>
 	<string>Always allow Geolocation?</string>
 	<key>NSLocationWhenInUseUsageDescription</key>

src/msal-capacitor-plugin-demo/ios/App/Podfile

@@ -10,7 +10,7 @@ def capacitor_pods
   # Automatic Capacitor Pod dependencies, do not delete
   pod 'Capacitor', :path => '../../node_modules/@capacitor/ios'
   pod 'CapacitorCordova', :path => '../../node_modules/@capacitor/ios'
-  pod 'AssimalignMsalCapacitorPlugin', :path => '..\..\..\msal-capacitor-plugin'
+  pod 'AssimalignMsalCapacitorPlugin', :path => '../../../msal-capacitor-plugin'
   # Do not delete
 end
 

src/msal-capacitor-plugin-demo/src/context/auth/AuthContext.tsx

@@ -21,7 +21,7 @@ export const useAuthentication = (): IAuthContext => {
   }, []);
 
   const initializeOptions = async() => {
-    let uri = isPlatform('capacitor') ? 'msauth.{iOS MAC redirect Url}://auth' : 'http://localhost:3000';
+    let uri = isPlatform('capacitor') ? 'msauth.{bundle Id}://auth' : 'http://localhost:3000';
     console.log(uri);
     (await MsalCap.setOptions({
       clientId: '6b51f8a2-d03d-4d86-b753-87b45b89d794',

src/msal-capacitor-plugin/README.md

@@ -30,6 +30,30 @@ Below are examples are of how to implement an authentication provider that can b
 - Step 4 : `npm i @assimalign/msal-capacitor-plugin`
 - Step 5 : `ionic cap sync` Downlaoad Package
 
+
+### Ios Specific Setup: Add keys to info.plist File
+```xml
+  <key>LSApplicationQueriesSchemes</key>
+  <array>
+    <string>msauthv2</string>
+    <string>msauthv3</string>
+  </array>
+  <key>CFBundleURLTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleURLName</key>
+			<string>com.getcapacitor.capacitor</string>
+			<key>CFBundleURLSchemes</key>
+			<array>
+				<string>capacitor</string>
+				<string><!--The Key Sharing Groups which will be added to XCode--></string>
+			</array>
+		</dict>
+	</array>
+  <!-- If use Biometric Auth-->
+  <key>NSFaceIDUsageDescription</key>
+  <string>For an easier and faster log in.</string>
+```
 ---
 
 ## React App Instruction (Typescript)
@@ -61,8 +85,7 @@ Using `useContext` hook we will implement an auth provider that will wrap our ap
   import { IAuthContext } from './types';
   import { Plugins } from '@capacitor/core';
   import { isPlatform } from '@ionic/react';
-  import { AvailableResult, BiometryType } from 'capacitor-native-biometric';
-  import '@eastdil/msal-capacitor-plugin';
+  import '@assimalign/msal-capacitor-plugin';
 
   const AuthContext = createContext<IAuthContext>({
     isAuthenticated: () => { },

src/msal-capacitor-plugin/ios/Plugin/Plugin.swift

@@ -7,14 +7,19 @@ import LocalAuthentication
 public class MsalPlugin: CAPPlugin {
 
     typealias AccountCompletion = (MSALAccount?) -> Void
+    
+    var msalInitializationCount = Int()
 
     var msalAccount: MSALAccount?
     var msalResults: MSALResult?
     var msalClient: MSALPublicClientApplication?
+    // Struct Initialization Default is False, setting this in setOptions resulted in error due to reset of options when a rerender occurrs
+    //
     var msalAuthenticated = Bool()
     var msalUseBiometrics = Bool()
     var msalPopupScopes: [String]?
     var msalHasOptions = Bool()
+    
     var msalLocalAuthContext = LAContext()
 
     var dateFormatter = DateFormatter()
@@ -28,39 +33,48 @@ public class MsalPlugin: CAPPlugin {
 
     @objc func setOptions(_ call: CAPPluginCall) {
         do {
-            // Step 01: Validate all Options have been passed from  Plugin bridge
+            // 1. Sometimes Javascripts Apps cause re-renders resulting in options being set again
+            // This protects from options being set again
+            if (call.getBool("guardForRerenders") ?? false) == true && self.msalHasOptions == true {
+                return
+            }
+            
+            // 2. Validate all Options have been passed from  Plugin bridge
             guard let authorityUri = call.getString("authority") else { return }
             guard let clientId = call.getString("clientId") else {return }
             guard let redirectUri  = call.getString("redirectUri") else {return }
             guard let authorityUrl = URL(string: authorityUri ) else {return }
 
-            // Step 02: If made it this point, then set & create Configuraitons, Authority, & Public Client 
+            // 3. If made it this point, then set & create Configuraitons, Authority, & Public Client
             let clientAuthority = try MSALAADAuthority(url: authorityUrl)
             let clientConfiguration = MSALPublicClientApplicationConfig(clientId: clientId, redirectUri: redirectUri, authority: clientAuthority)
 
+            // 4. Set iOS Options
             if let isoOptions = call.getObject("iosOptions") {
                 if isoOptions["enableBiometrics"] == nil {
                     self.msalUseBiometrics = false
                 } else {
                     self.msalUseBiometrics = isoOptions["enableBiometrics"] as! Bool;
                 }
+                
+                var tokenCache = ""
 
-               var tokenCache = ""
+                 #if os(iOS)
+                 if isoOptions["keyShareLocation"] == nil {
+                     tokenCache = "com.microsoft.adalcache"
+                 } else {
+                     tokenCache = isoOptions["keyShareLocation"] as! String
+                 }
+                 #else
+                 if isoOptions["keyShareLocation"] == nil {
+                     tokenCache = "com.microsoft.identity.universalstorage"
+                 } else {
+                     tokenCache = isoOptions["keyShareLocation"] as! String
+                 }
+                 #endif
+                 clientConfiguration.cacheConfig.keychainSharingGroup = tokenCache
 
-                #if os(iOS)
-                if isoOptions["keyShareLocation"] == nil {
-                    tokenCache = "com.microsoft.adalcache"
-                } else {
-                    tokenCache = isoOptions["keyShareLocation"] as! String
-                }
-                #else
-                if isoOptions["keyShareLocation"] == nil {
-                    tokenCache = "com.microsoft.identity.universalstorage"
-                } else {
-                    tokenCache = isoOptions["keyShareLocation"] as! String
-                }
-                #endif
-                clientConfiguration.cacheConfig.keychainSharingGroup = tokenCache
+               
             } else {
                 self.msalUseBiometrics = false
             }
@@ -69,7 +83,6 @@ public class MsalPlugin: CAPPlugin {
             self.msalClient = try MSALPublicClientApplication(configuration: clientConfiguration)
             self.msalPopupScopes = call.getArray("scopes", String.self)
             self.msalHasOptions = true
-            self.msalAuthenticated = false
 
             // Step 04: Need to resolve void and send response back to the bridge
             call.resolve()
@@ -81,18 +94,16 @@ public class MsalPlugin: CAPPlugin {
         }
     }
 
-    /*
-     
-    */
+    
     @objc func acquireAccessTokenForUser(_ call: CAPPluginCall) {
-        // Step 01: Check if Options have been set
+        // 1. Check if Options have been set
         if self.msalHasOptions == false {
             call.reject("AcquireAccessTokenForUser Error: MSAL Plugin Options have not been set yet. Please run 'setOptions'")
             return
         }
 
         if self.msalAuthenticated == true {
-            // 1.
+            // 2.
             let msalParameters = MSALParameters()
             msalParameters.completionBlockQueue = DispatchQueue.main
 
@@ -102,17 +113,20 @@ public class MsalPlugin: CAPPlugin {
                 }
             })
 
-            // 2. Validate and set scopes where passed through options
+            // 3. Validate and set scopes where passed through options
             guard let tokenScopes = call.getArray("scopes", String.self) else {
                 call.reject("AcquireAccessToken Error: No Scopes were provided")
                 return
             }
 
-            // 3. Set Silent Token Parameters
+            // 4. Set Silent Token Parameters
             let parameters = MSALSilentTokenParameters(scopes: tokenScopes, account: self.msalAccount!)
-            parameters.forceRefresh = true
+            if (call.getBool("forceRefresh") ?? false) == true {
+                parameters.forceRefresh = true
+            }
+
 
-            // 4. Begin acquireing Access Token for OBO Flow and other Open ID Connect Prtocols
+            // 5. Begin acquireing Access Token for OBO Flow and other Open ID Connect Prtocols
             self.msalClient?.acquireTokenSilent(with: parameters, completionBlock: { (response, error) in
                 if let error = error {
                     call.error("AcquireAccessToken Error: Unable to Acquire Access Token", error, [
@@ -208,7 +222,7 @@ public class MsalPlugin: CAPPlugin {
                     if success {
                         DispatchQueue.main.async {
                             self.setCurrentAccount {(account) in
-                                guard let currentAccount = self.msalAccount else {
+                                guard let currentAccount = account else {
                                     self.loginInteractive(call)
                                     return
                                 }
@@ -254,6 +268,10 @@ public class MsalPlugin: CAPPlugin {
 
         self.msalClient?.getCurrentAccount(with: msalParameters, completionBlock: { (currentAccount, previousAccount, error) in
             if let error = error {
+                if let completion = completion {
+                    completion(nil)
+                }
+
                 return
             }
 
@@ -312,7 +330,8 @@ public class MsalPlugin: CAPPlugin {
         #endif
 
         let parameters = MSALInteractiveTokenParameters(scopes: self.msalPopupScopes!, webviewParameters: webViewParameters)
-        parameters.promptType = .selectAccount
+        parameters.promptType = .default
+        parameters.completionBlockQueue = DispatchQueue.main
 
         // 3. Acquire Token view Redirect Login through Microsft Identity Platform
         self.msalClient?.acquireToken(with: parameters) { (response, error) in

src/msal-capacitor-plugin/package-lock.json

@@ -1,8 +1,8 @@
 {
   "name": "@assimalign/msal-capacitor-plugin",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "A custom Capacitor Plugin for MSAL targeting Web and IOS Platforms",
-  "main": "dist/plugin.js",
+  "main": "dist/index.js",
   "module": "dist/esm/index.js",
   "types": "dist/esm/index.d.ts",
   "scripts": {

src/msal-capacitor-plugin/package.json

@@ -37,6 +37,7 @@ export interface IMsalPluginOptions {
   webOptions?: IMsalWebPluginOptions;
   iosOptions?: IMsalIosPluginOptions;
   androidOptions?: IMsalAndroidPluginOptions;
+  guardForRerenders?: boolean;
 }
 
 export interface IMsalPlugin {
@@ -46,5 +47,5 @@ export interface IMsalPlugin {
   logout(): Promise<void>;
   acquireUserRoles(): Promise<{results: string[]}>;
   acquireAuthenticationResult(): Promise<{results: AuthenticationResult | null}>;
-  acquireAccessTokenForUser(request?: {scopes: string[]}): Promise<{results: string}>;
+  acquireAccessTokenForUser(request?: {scopes: string[], forceRefresh?:boolean}): Promise<{results: string}>;
 }