Changed auth flow

Author: stigi

Sources/NSURL+NXOAuth2.h

@@ -18,6 +18,7 @@
  */
 - (NSString *)valueForQueryParameterKey:(NSString *)key;
 
-- (NSString *)URLStringWithoutQuery;
+- (NSURL *)URLWithoutQueryString;
+- (NSString *)URLStringWithoutQueryString;
 
 @end

Sources/NSURL+NXOAuth2.m

@@ -11,7 +11,7 @@
 #import "NSURL+NXOAuth2.h"
 
 
-@implementation NSURL (SoundCloudAPI)
+@implementation NSURL (NXOAuth2)
 
 - (NSURL *)URLByAddingParameters:(NSDictionary *)parameterDictionary {
 	if (!parameterDictionary || [parameterDictionary count] == 0) {
@@ -37,7 +37,12 @@ - (NSString *)valueForQueryParameterKey:(NSString *)key;
 	return [parameters objectForKey:key];
 }
 
-- (NSString *)URLStringWithoutQuery 
+- (NSURL *)URLWithoutQueryString;
+{
+	return [NSURL URLWithString:[self URLStringWithoutQueryString]];
+}
+
+- (NSString *)URLStringWithoutQueryString;
 {
     NSArray *parts = [[self absoluteString] componentsSeparatedByString:@"?"];
     return [parts objectAtIndex:0];

Sources/OAuth2Client/NXOAuth2Client.h

@@ -30,16 +30,8 @@
 	NSURL		*authorizeURL;
 	NSURL		*tokenURL;
 
-	// webserver flow
-	NSURL		*redirectURL;
-	
-	// user credentials flow
-	NSString	*username;
-	NSString	*password;
-	
-	// grand & token exchange
+	// token exchange
 	NXOAuth2Connection	*authConnection;
-	NSString	*authGrand;
 	NXOAuth2AccessToken	*accessToken;
 	NSMutableArray	*retryConnectionsAfterTokenExchange;
 
@@ -51,9 +43,7 @@
 @property (nonatomic, readonly) NSString *clientSecret;
 
 @property (nonatomic, retain) NXOAuth2AccessToken	*accessToken;
-
-
-#pragma mark WebServer Flow
+@property (nonatomic, assign) NSObject<NXOAuth2ClientAuthDelegate>*	authDelegate;
 
 /*!
  * Initializes the Client
@@ -62,24 +52,20 @@
 		  clientSecret:(NSString *)clientSecret
 		  authorizeURL:(NSURL *)authorizeURL
 			  tokenURL:(NSURL *)tokenURL
-		   redirectURL:(NSURL *)redirectURL
 		  authDelegate:(NSObject<NXOAuth2ClientAuthDelegate> *)authDelegate;
 
-- (BOOL)openRedirectURL:(NSURL *)URL;
 
+- (BOOL)openRedirectURL:(NSURL *)URL;
 
-#pragma mark User credentials Flow
+/*!
+ * returns the URL to be opened to get access grant
+ */
+- (NSURL *)authorizeWithRedirectURL:(NSURL *)redirectURL;	// web server flow
 
 /*!
- * Initializes the Client
+ * authenticate with username & password
  */
-- (id)initWithClientID:(NSString *)clientId
-		  clientSecret:(NSString *)clientSecret
-		  authorizeURL:(NSURL *)authorizeURL
-			  tokenURL:(NSURL *)tokenURL
-			  username:(NSString *)username
-			  password:(NSString *)password
-		  authDelegate:(NSObject<NXOAuth2ClientAuthDelegate> *)authDelegate;
+- (void)authorizeWithUsername:(NSString *)username password:(NSString *)password;	// user credentials flow
 
 
 #pragma mark Public
@@ -94,7 +80,11 @@
 
 
 @protocol NXOAuth2ClientAuthDelegate
-- (void)oauthClient:(NXOAuth2Client *)client requestedAuthorizationWithURL:(NSURL *)authorizationURL;
-- (void)oauthClientDidAuthorize:(NXOAuth2Client *)client;
-- (void)oauthClient:(NXOAuth2Client *)client didFailToAuthorizeWithError:(NSError *)error;
+- (void)oauthClientDidGetAccessToken:(NXOAuth2Client *)client;
+- (void)oauthClient:(NXOAuth2Client *)client didFailToGetAccessTokenWithError:(NSError *)error;
+
+/*!
+ * use one of the -autherize* methods
+ */
+- (void)oauthClientRequestedAuthorization:(NXOAuth2Client *)client;
 @end

Sources/OAuth2Client/NXOAuth2Client.m

@@ -16,10 +16,7 @@
 
 
 @interface NXOAuth2Client ()
-- (void)requestAccessGrand;
-
-- (void)requestTokenWithAuthGrand;
-- (void)requestTokenWithUsernameAndPassword;
+- (void)requestTokenWithAuthGrand:(NSString *)authGrand andRedirectURL:(NSURL *)redirectURL;
 @end
 
 
@@ -32,72 +29,41 @@ - (id)initWithClientID:(NSString *)aClientId
 		  clientSecret:(NSString *)aClientSecret
 		  authorizeURL:(NSURL *)anAuthorizeURL
 			  tokenURL:(NSURL *)aTokenURL
-		   redirectURL:(NSURL *)aRedirectURL
 		  authDelegate:(NSObject<NXOAuth2ClientAuthDelegate> *)anAuthDelegate;
 {
-	NSAssert(aRedirectURL != nil, @"WebServer flow without redirectURL.");
 	NSAssert(aTokenURL != nil && anAuthorizeURL != nil, @"No token or no authorize URL");
 	if (self = [super init]) {
 		clientId = [aClientId copy];
 		clientSecret = [aClientSecret copy];
 		authorizeURL = [anAuthorizeURL copy];
 		tokenURL = [aTokenURL copy];
-		redirectURL = [aRedirectURL copy];
 
-		authDelegate = anAuthDelegate;
-		if (self.accessToken && !self.accessToken.hasExpired) [authDelegate oauthClientDidAuthorize:self];	// if we have a valid access token in the keychain
+		self.authDelegate = anAuthDelegate;
 	}
 	return self;
 }
 
-- (id)initWithClientID:(NSString *)aClientId
-		  clientSecret:(NSString *)aClientSecret
-		  authorizeURL:(NSURL *)anAuthorizeURL
-			  tokenURL:(NSURL *)aTokenURL
-			  username:(NSString *)aUsername
-			  password:(NSString *)aPassword
-		  authDelegate:(NSObject<NXOAuth2ClientAuthDelegate> *)anAuthDelegate;
-{
-	NSAssert(aUsername != nil && aPassword != nil, @"Username & password flow without username & password.");
-	NSAssert(aTokenURL != nil && anAuthorizeURL != nil, @"No token or no authorize URL");
-	if (self = [super init]) {
-		clientId = [aClientId copy];
-		clientSecret = [aClientSecret copy];
-		authorizeURL = [anAuthorizeURL copy];
-		tokenURL = [aTokenURL copy];
-		username = [aUsername copy];
-		password = [aPassword copy];
-		
-		authDelegate = anAuthDelegate;
-		if (self.accessToken && !self.accessToken.hasExpired) [authDelegate oauthClientDidAuthorize:self];	// if we have a valid access token in the keychain
-	}
-	return self;	
-}
-
 - (void)dealloc;
 {
 	[retryConnectionsAfterTokenExchange release];
 	[authConnection cancel];
 	[authConnection release];
 	[clientId release];
 	[clientSecret release];
-	[redirectURL release];
-	[username release];
-	[password release];
 	[super dealloc];
 }
 
 
 #pragma mark Accessors
 
-@synthesize clientId, clientSecret;
+@synthesize clientId, clientSecret, authDelegate;
 
 @dynamic accessToken;
 
 - (NXOAuth2AccessToken *)accessToken;
 {
 	if (accessToken) return accessToken;
-	accessToken = [NXOAuth2AccessToken tokenFromDefaultKeychainWithServiceProviderName:[tokenURL host]];
+	accessToken = [[NXOAuth2AccessToken tokenFromDefaultKeychainWithServiceProviderName:[tokenURL host]] retain];
 	return accessToken;
 }
 
@@ -119,34 +85,20 @@ - (void)setAccessToken:(NXOAuth2AccessToken *)value;
 
 - (void)requestAccess;
 {
-	if (self.accessToken) {
-		if (self.accessToken.hasExpired){
-			[self refreshAccessToken];
-		}
-	} else if (username != nil && password != nil) {	// username password flow
-		[self requestTokenWithUsernameAndPassword];
-	} else {									// web server flow
-		NSAssert(redirectURL, @"Web server flow without redirectURL");	
-		if (authGrand) {	// we have grand already
-			[self requestTokenWithAuthGrand];
-		} else {
-			[self requestAccessGrand];
-		}
+	if (!self.accessToken) {
+		[authDelegate oauthClientRequestedAuthorization:self];
+	} else {
+		[authDelegate oauthClientDidGetAccessToken:self];
 	}
 }
 
-- (void)requestAccessGrand;
+- (NSURL *)authorizeWithRedirectURL:(NSURL *)redirectURL;
 {
-	if (authConnection) {	// authentication is already running
-		return;
-	}
-	
-	NSURL *URL = [authorizeURL URLByAddingParameters:[NSDictionary dictionaryWithObjectsAndKeys:
-													  @"code", @"response_type",
-													  clientId, @"client_id",
-													  [redirectURL absoluteString], @"redirect_uri",
-													  nil]];
-	[authDelegate oauthClient:self requestedAuthorizationWithURL:URL];
+	return [authorizeURL URLByAddingParameters:[NSDictionary dictionaryWithObjectsAndKeys:
+												@"code", @"response_type",
+												clientId, @"client_id",
+												[redirectURL absoluteString], @"redirect_uri",
+												nil]];
 }
 
 
@@ -155,9 +107,7 @@ - (BOOL)openRedirectURL:(NSURL *)URL;
 {
 	NSString *accessGrand = [URL valueForQueryParameterKey:@"code"];
 	if (accessGrand) {
-		[authGrand release];
-		authGrand = [accessGrand copy];
-		[self requestTokenWithAuthGrand];
+		[self requestTokenWithAuthGrand:accessGrand andRedirectURL:[URL URLWithoutQueryString]];
 		return YES;
 	}
 	return NO;
@@ -166,7 +116,7 @@ - (BOOL)openRedirectURL:(NSURL *)URL;
 #pragma mark accessGrand -> accessToken
 
 // Web Server Flow only
-- (void)requestTokenWithAuthGrand;
+- (void)requestTokenWithAuthGrand:(NSString *)authGrand andRedirectURL:(NSURL *)redirectURL;
 {
 	NSAssert(!authConnection, @"invalid state");
 
@@ -187,7 +137,7 @@ - (void)requestTokenWithAuthGrand;
 
 
 // User Password Flow Only
-- (void)requestTokenWithUsernameAndPassword;
+- (void)authorizeWithUsername:(NSString *)username password:(NSString *)password;
 {
 	NSAssert(!authConnection, @"invalid state");
 	NSMutableURLRequest *tokenRequest = [NSMutableURLRequest requestWithURL:tokenURL];
@@ -196,7 +146,6 @@ - (void)requestTokenWithUsernameAndPassword;
 								 @"password", @"grant_type",
 								 clientId, @"client_id",
 								 clientSecret, @"client_secret",
-								 [redirectURL absoluteString], @"redirect_uri",
 								 username, @"username",
 								 password, @"password",
 								 nil]];
@@ -216,23 +165,25 @@ - (void)refreshAccessToken;
 
 - (void)refreshAccessTokenAndRetryConnection:(NXOAuth2Connection *)retryConnection;
 {
-	NSAssert((accessToken.refreshToken != nil), @"invalid state");
-	NSMutableURLRequest *tokenRequest = [NSMutableURLRequest requestWithURL:tokenURL];
-	[tokenRequest setHTTPMethod:@"POST"];
-	[tokenRequest setParameters:[NSDictionary dictionaryWithObjectsAndKeys:
-								 @"refresh_token", @"grant_type",
-								 clientId, @"client_id",
-								 clientSecret, @"client_secret",
-								 accessToken.refreshToken, @"refresh_token",
-								 nil]];
-	[authConnection release]; // just to be sure
-	authConnection = [[NXOAuth2Connection alloc] initWithRequest:tokenRequest
-													 oauthClient:self
-														delegate:self];
 	if (retryConnection) {
 		if (!retryConnectionsAfterTokenExchange) retryConnectionsAfterTokenExchange = [[NSMutableArray alloc] init];
 		[retryConnectionsAfterTokenExchange addObject:retryConnection];
 	}
+	if (!authConnection) {
+		NSAssert((accessToken.refreshToken != nil), @"invalid state");
+		NSMutableURLRequest *tokenRequest = [NSMutableURLRequest requestWithURL:tokenURL];
+		[tokenRequest setHTTPMethod:@"POST"];
+		[tokenRequest setParameters:[NSDictionary dictionaryWithObjectsAndKeys:
+									 @"refresh_token", @"grant_type",
+									 clientId, @"client_id",
+									 clientSecret, @"client_secret",
+									 accessToken.refreshToken, @"refresh_token",
+									 nil]];
+		[authConnection release]; // not needed, but looks more clean to me :)
+		authConnection = [[NXOAuth2Connection alloc] initWithRequest:tokenRequest
+														 oauthClient:nil
+															delegate:self];	
+	}
 }
 
 - (void)abortRetryOfConnection:(NXOAuth2Connection *)retryConnection;
@@ -252,7 +203,7 @@ - (void)oauthConnection:(NXOAuth2Connection *)connection didFinishWithData:(NSDa
 		NXOAuth2AccessToken *newToken = [NXOAuth2AccessToken tokenWithResponseBody:result];
 		NSAssert(newToken != nil, @"invalid response?");
 		self.accessToken = newToken;
-		[authDelegate oauthClientDidAuthorize:self];
+		[authDelegate oauthClientDidGetAccessToken:self];
 
 		for (NXOAuth2Connection *retryConnection in retryConnectionsAfterTokenExchange) {
 			[retryConnection retry];
@@ -264,7 +215,7 @@ - (void)oauthConnection:(NXOAuth2Connection *)connection didFinishWithData:(NSDa
 - (void)oauthConnection:(NXOAuth2Connection *)connection didFailWithError:(NSError *)error;
 {
 	if (connection == authConnection) {
-		[authDelegate oauthClient:self didFailToAuthorizeWithError:error]; // TODO: create own error domain?
+		[authDelegate oauthClient:self didFailToGetAccessTokenWithError:error]; // TODO: create own error domain?
 	}
 }
 

Sources/OAuth2Client/NXOAuth2Connection.h

@@ -34,21 +34,20 @@
 @private
 	NSURLConnection		*connection;
 	NSURLRequest		*request;
+	NSURLResponse		*response;
 
 	NSMutableData		*data;
-	NSUInteger	expectedContentLength;
-	NSInteger	statusCode;
 
-	id context;
-	NSDictionary *userInfo;
+	id					context;
+	NSDictionary		*userInfo;
 
 	NXOAuth2Client		*client;
 
 	NSObject<NXOAuth2ConnectionDelegate>	*delegate;	// assigned
 }
 
 @property (readonly) NSData *data;
-@property (readonly) NSUInteger expectedContentLength;
+@property (readonly) long long expectedContentLength;
 @property (readonly) NSInteger statusCode;
 @property (retain) id context;
 @property (retain) NSDictionary *userInfo;