Add timestamp query in AuthenticationClient::SignInClient (#578)

* Add timestamp query in AuthenticationClient::SignInClient

 * Add additional timestamp https request while using
   SignInClient method
 * Change token expiriation checking to use steady clock
   instead of system clock.
 * Add new public API to TokenResult and SignInResult to
   get expiriation time of token in seconds.

Resolves: OLPEDGE-837

Signed-off-by: Serhii Lozynskyi <[email protected]>

Author: meravingen123

olp-cpp-sdk-authentication/include/olp/authentication/SignInResult.h

@@ -19,6 +19,7 @@
 
 #pragma once
 
+#include <chrono>
 #include <ctime>
 #include <memory>
 #include <string>
@@ -109,6 +110,13 @@ class AUTHENTICATION_API SignInResult {
    */
   time_t GetExpiryTime() const;
 
+  /**
+   * @brief Gets the access token expiry time in seconds.
+   *
+   * @return Duration for which token stays valid.
+   */
+  std::chrono::seconds GetExpiresIn() const;
+
   /**
    * @brief Gets the HERE Account user identifier.
    *

olp-cpp-sdk-authentication/include/olp/authentication/TokenResult.h

@@ -19,6 +19,9 @@
 
 #pragma once
 
+#include <olp/core/porting/deprecated.h>
+
+#include <chrono>
 #include <ctime>
 #include <string>
 
@@ -49,6 +52,16 @@ class AUTHENTICATION_API TokenResult {
   TokenResult(std::string access_token, time_t expiry_time, int http_status,
               ErrorResponse error);
 
+  /**
+   * @brief Creates the `TokenResult` instance.
+   *
+   * @param access_token The access token issued by the authorization server.
+   * @param expires_in Duration for which token stays valid.
+   * @param http_status The status code of the HTTP response.
+   * @param error The error description of the request.
+   */
+  TokenResult(std::string access_token, std::chrono::seconds expires_in,
+              int http_status, ErrorResponse error);
   /**
    * @brief Creates the default `TokenResult` instance.
    */
@@ -79,6 +92,13 @@ class AUTHENTICATION_API TokenResult {
    * invalid.
    */
   time_t GetExpiryTime() const;
+  
+  /**
+   * @brief Gets the access token expiry time in seconds.
+   *
+   * @return Duration for which token stays valid.
+   */
+  std::chrono::seconds GetExpiresIn() const;
 
   /**
    * @brief Gets the HTTP status code.
@@ -99,6 +119,7 @@ class AUTHENTICATION_API TokenResult {
  private:
   std::string access_token_;
   time_t expiry_time_;
+  std::chrono::seconds expires_in_;
   int http_status_;
   ErrorResponse error_;
 };

olp-cpp-sdk-authentication/src/AuthenticationClient.cpp

@@ -29,14 +29,14 @@
 #include <boost/uuid/uuid.hpp>
 #include <boost/uuid/uuid_generators.hpp>
 #include <boost/uuid/uuid_io.hpp>
-
 #include "Constants.h"
 #include "Crypto.h"
 #include "SignInResultImpl.h"
 #include "SignInUserResultImpl.h"
 #include "SignOutResultImpl.h"
 #include "SignUpResultImpl.h"
 #include "olp/authentication/AuthenticationError.h"
+#include "olp/core/client/ApiError.h"
 #include "olp/core/client/CancellationToken.h"
 #include "olp/core/client/ErrorCode.h"
 #include "olp/core/http/HttpStatusCode.h"
@@ -75,6 +75,7 @@ const std::string kOauthEndpoint = "/oauth2/token";
 const std::string kSignoutEndpoint = "/logout";
 const std::string kTermsEndpoint = "/terms";
 const std::string kUserEndpoint = "/user";
+const std::string kTimestampEndpoint = "/timestamp";
 
 // JSON fields
 constexpr auto kCountryCode = "countryCode";
@@ -179,10 +180,17 @@ class AuthenticationClient::Impl final {
   void SetTaskScheduler(std::shared_ptr<TaskScheduler> task_scheduler);
 
  private:
+  using TimeResponse = client::ApiResponse<time_t, client::ApiError>;
+  using TimeCallback = std::function<void(TimeResponse)>;
+
+  client::CancellationToken GetTimeFromServer(TimeCallback callback);
+  static TimeResponse ParseTimeResponse(std::stringstream& payload);
+
   std::string base64Encode(const std::vector<uint8_t>& vector);
 
   std::string generateHeader(const AuthenticationCredentials& credentials,
-                             const std::string& url);
+                             const std::string& url,
+                             const time_t& timestamp = std::time(nullptr));
   std::string generateBearerHeader(const std::string& bearer_token);
 
   http::NetworkRequest::RequestBodyType generateClientBody(
@@ -264,97 +272,173 @@ client::CancellationToken AuthenticationClient::Impl::SignInClient(
     return client::CancellationToken();
   }
   std::weak_ptr<http::Network> weak_network(network_);
-  std::string url = server_url_;
-  url.append(kOauthEndpoint);
-  http::NetworkRequest request(url);
-  request.WithVerb(http::NetworkRequest::HttpVerb::POST);
-  request.WithHeader(http::kAuthorizationHeader,
-                     generateHeader(credentials, url));
-  request.WithHeader(http::kContentTypeHeader, kApplicationJson);
-  request.WithHeader(http::kUserAgentHeader, http::kOlpSdkUserAgent);
-  request.WithSettings(network_settings_);
 
-  std::shared_ptr<std::stringstream> payload =
-      std::make_shared<std::stringstream>();
-  request.WithBody(generateClientBody(properties));
   auto cache = client_token_cache_;
-  auto send_outcome = network_->Send(
-      request, payload,
-      [callback, payload, credentials,
-       cache](const http::NetworkResponse& network_response) {
-        auto response_status = network_response.GetStatus();
-        auto error_msg = network_response.GetError();
-
-        // Network not available, use cached token if available
-        if (response_status < 0) {
-          // Request cancelled, return
-          if (response_status == static_cast<int>(olp::http::ErrorCode::CANCELLED_ERROR)) {
-            callback({{response_status, error_msg}});
-            return;
-          }
 
-          auto cached_response_found =
-              cache->locked([credentials, callback](
-                                utils::LruCache<std::string, SignInResult>& c) {
-                auto it = c.Find(credentials.GetKey());
-                if (it != c.end()) {
-                  SignInClientResponse response(it->value());
-                  callback(response);
-                  return true;
-                }
-                return false;
-              });
+  client::CancellationContext context;
 
-          if (!cached_response_found) {
-            // Return an error response
-            SignInClientResponse error_response(
-                AuthenticationError(response_status, error_msg));
-            callback(error_response);
-          }
+  auto time_callback = [=](TimeResponse response) mutable {
+    if (!response.IsSuccessful()) {
+      callback(AuthenticationError(
+          static_cast<int>(response.GetError().GetErrorCode()),
+          response.GetError().GetMessage()));
+      return;
+    }
 
+    std::string url = server_url_;
+    url.append(kOauthEndpoint);
+    http::NetworkRequest request(url);
+    request.WithVerb(http::NetworkRequest::HttpVerb::POST);
+    request.WithHeader(http::kAuthorizationHeader,
+                       generateHeader(credentials, url, response.GetResult()));
+    request.WithHeader(http::kContentTypeHeader, kApplicationJson);
+    request.WithHeader(http::kUserAgentHeader, http::kOlpSdkUserAgent);
+    request.WithSettings(network_settings_);
+
+    std::shared_ptr<std::stringstream> payload =
+        std::make_shared<std::stringstream>();
+    request.WithBody(generateClientBody(properties));
+
+    auto network_callback = [callback, payload, credentials, cache](
+                                const http::NetworkResponse& network_response) {
+      auto response_status = network_response.GetStatus();
+      auto error_msg = network_response.GetError();
+
+      // Network not available, use cached token if available
+      if (response_status < 0) {
+        // Request cancelled, return
+        if (response_status ==
+            static_cast<int>(olp::http::ErrorCode::CANCELLED_ERROR)) {
+          callback({{response_status, error_msg}});
           return;
         }
 
-        auto document = std::make_shared<rapidjson::Document>();
-        rapidjson::IStreamWrapper stream(*payload);
-        document->ParseStream(stream);
-
-        std::shared_ptr<SignInResultImpl> resp_impl =
-            std::make_shared<SignInResultImpl>(response_status, error_msg,
-                                               document);
-        SignInResult response(resp_impl);
+        auto cached_response_found =
+            cache->locked([credentials, callback](
+                              utils::LruCache<std::string, SignInResult>& c) {
+              auto it = c.Find(credentials.GetKey());
+              if (it != c.end()) {
+                SignInClientResponse response(it->value());
+                callback(response);
+                return true;
+              }
+              return false;
+            });
 
-        if (!resp_impl->IsValid()) {
-          callback(response);
-          return;
+        if (!cached_response_found) {
+          // Return an error response
+          SignInClientResponse error_response(
+              AuthenticationError(response_status, error_msg));
+          callback(error_response);
         }
 
-        switch (response_status) {
-          case http::HttpStatusCode::OK: {
-            // Cache the response
-            cache->locked([credentials, &response](
-                              utils::LruCache<std::string, SignInResult>& c) {
-              return c.InsertOrAssign(credentials.GetKey(), response);
-            });
-            // intentially do not break
+        return;
+      }
+
+      auto document = std::make_shared<rapidjson::Document>();
+      rapidjson::IStreamWrapper stream(*payload);
+      document->ParseStream(stream);
+
+      std::shared_ptr<SignInResultImpl> resp_impl =
+          std::make_shared<SignInResultImpl>(response_status, error_msg,
+                                             document);
+      SignInResult response(resp_impl);
+
+      if (response_status == http::HttpStatusCode::OK) {
+        // Cache the response
+        cache->locked([credentials, &response](
+                          utils::LruCache<std::string, SignInResult>& c) {
+          return c.InsertOrAssign(credentials.GetKey(), response);
+        });
+      }
+      callback(response);
+    };
+
+    context.ExecuteOrCancelled(
+        [&]() {
+          auto send_outcome =
+              network_->Send(request, payload, network_callback);
+          if (!send_outcome.IsSuccessful()) {
+            std::string error_message =
+                ErrorCodeToString(send_outcome.GetErrorCode());
+            callback(AuthenticationError(
+                static_cast<int>(send_outcome.GetErrorCode()), error_message));
+            return client::CancellationToken();
           }
-          default:
-            callback(response);
-            break;
+          auto request_id = send_outcome.GetRequestId();
+          return client::CancellationToken([weak_network, request_id]() {
+            auto network = weak_network.lock();
+
+            if (network) {
+              network->Cancel(request_id);
+            }
+          });
+        },
+        [&]() {
+          callback(AuthenticationError(
+              static_cast<int>(http::ErrorCode::CANCELLED_ERROR), "Cancelled"));
+        });
+  };
+
+  context.ExecuteOrCancelled(
+      [&]() { return GetTimeFromServer(std::move(time_callback)); }, []() {});
+  return client::CancellationToken(
+      [context]() mutable { context.CancelOperation(); });
+}
+
+AuthenticationClient::Impl::TimeResponse
+AuthenticationClient::Impl::ParseTimeResponse(std::stringstream& payload) {
+  auto document = std::make_shared<rapidjson::Document>();
+  rapidjson::IStreamWrapper stream(payload);
+  document->ParseStream(stream);
+
+  if (!document->IsObject()) {
+    return client::ApiError(client::ErrorCode::InternalFailure,
+                            "JSON document root is not an Object type");
+  }
+
+  const auto timestamp_it = document->FindMember("timestamp");
+  if (timestamp_it == document->MemberEnd() || !timestamp_it->value.IsUint()) {
+    return client::ApiError(
+        client::ErrorCode::InternalFailure,
+        "JSON document must contain timestamp integer field");
+  }
+
+  return timestamp_it->value.GetUint();
+}
+
+client::CancellationToken AuthenticationClient::Impl::GetTimeFromServer(
+    TimeCallback callback) {
+  std::weak_ptr<http::Network> weak_network(network_);
+  std::string url = server_url_;
+  url.append(kTimestampEndpoint);
+  http::NetworkRequest request(url);
+  request.WithVerb(http::NetworkRequest::HttpVerb::GET);
+  request.WithHeader(http::kUserAgentHeader, http::kOlpSdkUserAgent);
+  request.WithSettings(network_settings_);
+
+  std::shared_ptr<std::stringstream> payload =
+      std::make_shared<std::stringstream>();
+  auto cache = user_token_cache_;
+
+  auto send_outcome = network_->Send(
+      request, payload,
+      [callback, payload](const http::NetworkResponse& network_response) {
+        if (network_response.GetStatus() != http::HttpStatusCode::OK) {
+          callback(
+              client::ApiError(network_response.GetStatus()));
+          return;
         }
+
+        callback(ParseTimeResponse(*payload));
       });
 
   if (!send_outcome.IsSuccessful()) {
-    ExecuteOrSchedule(task_scheduler_, [send_outcome, callback] {
-      std::string error_message =
-          ErrorCodeToString(send_outcome.GetErrorCode());
-      AuthenticationError result({static_cast<int>(send_outcome.GetErrorCode()),
-                                  std::move(error_message)});
-      callback(result);
-    });
+    std::string error_message = ErrorCodeToString(send_outcome.GetErrorCode());
+    callback(client::ApiError(static_cast<int>(send_outcome.GetErrorCode()),
+                              error_message));
     return client::CancellationToken();
   }
-
   auto request_id = send_outcome.GetRequestId();
   return client::CancellationToken([weak_network, request_id]() {
     auto network = weak_network.lock();
@@ -432,7 +516,8 @@ client::CancellationToken AuthenticationClient::Impl::HandleUserRequest(
         // Network not available, use cached token if available
         if (response_status < 0) {
           // Request cancelled, return
-          if (response_status == static_cast<int>(olp::http::ErrorCode::CANCELLED_ERROR)) {
+          if (response_status ==
+              static_cast<int>(olp::http::ErrorCode::CANCELLED_ERROR)) {
             callback({{response_status, error_msg}});
             return;
           }
@@ -660,9 +745,10 @@ std::string AuthenticationClient::Impl::base64Encode(
 }
 
 std::string AuthenticationClient::Impl::generateHeader(
-    const AuthenticationCredentials& credentials, const std::string& url) {
+    const AuthenticationCredentials& credentials, const std::string& url,
+    const time_t& timestamp) {
   std::string uid = generateUid();
-  const std::string currentTime = std::to_string(std::time(nullptr));
+  const std::string currentTime = std::to_string(timestamp);
   const std::string encodedUri = Url::Encode(url);
   const std::string encodedQuery = Url::Encode(
       kOauthConsumerKey + kParamEquals + credentials.GetKey() + kParamAdd +