Address review comments and add a test for the SHA-256 hash helper function.

rosalyntan · rosalyntan · commit fa3602e53bfd · 2021-07-28T18:29:21.000-04:00
diff --git a/FirebaseAuthUI/FirebaseAuthUITests/FUIAuthTest.m b/FirebaseAuthUI/FirebaseAuthUITests/FUIAuthTest.m
@@ -152,4 +152,13 @@ - (void)testUseEmulatorSetsFIRAuthEmulator {
   OCMVerify([mockAuth useEmulatorWithHost:@"host" port:12345]);
 }
 
+- (void)testStringBySHA256HashingString {
+  NSString *inputString = @"abc-123.ZYX_987";
+  NSString *expectedSHA256HashedString = @"d858d78754a50c8ccdc414946f656fe854e6ba76bf09a79a7e7d9ca135e4b58d";
+
+  NSString *actualSHA256HashedString = [FUIAuthUtils stringBySHA256HashingString:inputString];
+
+  XCTAssertEqualObjects(actualSHA256HashedString, expectedSHA256HashedString);
+}
+
 @end
diff --git a/FirebaseAuthUI/Sources/FUIAuthUtils.m b/FirebaseAuthUI/Sources/FUIAuthUtils.m
@@ -77,6 +77,7 @@ + (nullable UIImage *)imageNamed:(NSString *)name fromBundle:(nullable NSBundle
 }
 
 + (NSString *)randomNonce {
+  // Adapted from https://auth0.com/docs/api-auth/tutorials/nonce#generate-a-cryptographically-random-nonce
   NSString *characterSet = @"0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._";
   NSMutableString *result = [NSMutableString string];
   NSInteger remainingLength = 32;
@@ -86,7 +87,10 @@ + (NSString *)randomNonce {
     for (NSInteger i = 0; i < 16; i++) {
       uint8_t random = 0;
       int errorCode = SecRandomCopyBytes(kSecRandomDefault, 1, &random);
-      NSAssert(errorCode == errSecSuccess, @"Unable to generate nonce: OSStatus %i", errorCode);
+      if (errorCode != errSecSuccess) {
+        [NSException raise:@"FUIAuthGenerateRandomNonce"
+                    format:@"Unable to generate nonce: OSStatus %i", errorCode];
+      }
 
       [randoms addObject:@(random)];
     }
@@ -107,7 +111,7 @@ + (NSString *)randomNonce {
   return result;
 }
 
-+ (NSString *)stringBySha256HashingString:(NSString *)input {
++ (NSString *)stringBySHA256HashingString:(NSString *)input {
   const char *string = [input UTF8String];
   unsigned char result[CC_SHA256_DIGEST_LENGTH];
   CC_SHA256(string, (CC_LONG)strlen(string), result);
diff --git a/FirebaseAuthUI/Sources/Public/FirebaseAuthUI/FUIAuthUtils.h b/FirebaseAuthUI/Sources/Public/FirebaseAuthUI/FUIAuthUtils.h
@@ -52,11 +52,11 @@ extern NSString *const FUIAuthBundleName;
  */
 + (NSString *)randomNonce;
 
-/** @fn stringBySha256HashingString:
+/** @fn stringBySHA256HashingString:
     @brief Generates the SHA-256 hash of the input string.
     @param input The input string to be hashed.
  */
-+ (NSString *)stringBySha256HashingString:(NSString *)input;
++ (NSString *)stringBySHA256HashingString:(NSString *)input;
 
 @end
 
diff --git a/FirebaseOAuthUI/Sources/FUIOAuth.m b/FirebaseOAuthUI/Sources/FUIOAuth.m
@@ -298,7 +298,7 @@ - (void)signInWithDefaultValue:(nullable NSString *)defaultValue
       self.currentNonce = nonce;
       ASAuthorizationAppleIDRequest *request = [[[ASAuthorizationAppleIDProvider alloc] init] createRequest];
       request.requestedScopes = @[ASAuthorizationScopeFullName, ASAuthorizationScopeEmail];
-      request.nonce = [FUIAuthUtils stringBySha256HashingString:nonce];
+      request.nonce = [FUIAuthUtils stringBySHA256HashingString:nonce];
       ASAuthorizationController* controller = [[ASAuthorizationController alloc] initWithAuthorizationRequests:@[request]];
       controller.delegate = self;
       controller.presentationContextProvider = self;
