Merge pull request #584 from stytchauth/apple-oauth-attach

Add oauth attach and apple oauth attach

Author: nidal-stytch

README.md

@@ -197,15 +197,6 @@ In addition to installing the Swift package, it is highly recommended to clone t
 
 
 
-## 💬 Talk to a Stytch iOS Engineer
-
-[Nidal](https://www.linkedin.com/in/nidal-fakhouri/) 👨‍💻 is our Stytch iOS lead 🍎 and is available to answer any questions about the Stytch iOS SDK 📱. He can also help you get started quickly 🚀.  
-
-You can book time with him [here](https://calendly.com/nfakhouri-stytch/30min) 📅.
-
-
-
-
 ## 🤝 Get Help And Join The Community
 
 Join the discussion, ask questions, and suggest new features in our ​[Slack community](https://stytch.com/docs/resources/support/overview)!

Sources/StytchCore/Generated/StytchClient.OAuth.Apple.authenticateWithApple+AsyncVariants.generated.swift

@@ -0,0 +1,37 @@
+// Generated using Sourcery 2.0.2 — https://github.com/krzysztofzablocki/Sourcery
+// DO NOT EDIT
+import Combine
+import Foundation
+
+public extension StytchClient.OAuth {
+    /// Generate an OAuth Attach Token to pre-associate an OAuth flow with an existing Stytch User.
+    /// You must have an active Stytch session to use this endpoint.
+    /// Pass the returned oauth_attach_token to the same provider's OAuth Start endpoint to treat this OAuth flow as a login for that user instead of a signup for a new user.
+    func attach(parameters: AttachParameters, completion: @escaping Completion<OAuthAttachResponse>) {
+        Task {
+            do {
+                completion(.success(try await attach(parameters: parameters)))
+            } catch {
+                completion(.failure(error))
+            }
+        }
+    }
+
+    /// Generate an OAuth Attach Token to pre-associate an OAuth flow with an existing Stytch User.
+    /// You must have an active Stytch session to use this endpoint.
+    /// Pass the returned oauth_attach_token to the same provider's OAuth Start endpoint to treat this OAuth flow as a login for that user instead of a signup for a new user.
+    func attach(parameters: AttachParameters) -> AnyPublisher<OAuthAttachResponse, Error> {
+        return Deferred {
+            Future({ promise in
+                Task {
+                    do {
+                        promise(.success(try await attach(parameters: parameters)))
+                    } catch {
+                        promise(.failure(error))
+                    }
+                }
+            })
+        }
+        .eraseToAnyPublisher()
+    }
+}

Sources/StytchCore/Generated/StytchClient.OAuth.attach+AsyncVariants.generated.swift

@@ -33,6 +33,7 @@ public extension StytchClient.OAuth {
                 parameters: AuthenticateParameters(
                     idToken: authenticateResult.idToken,
                     nonce: rawNonce,
+                    oauthAttachToken: parameters.oauthAttachToken,
                     sessionDurationMinutes: parameters.sessionDurationMinutes
                 )
             )
@@ -59,21 +60,6 @@ public extension StytchClient.OAuth {
 
             return authenticateResponse
         }
-
-        // sourcery: AsyncVariants, (NOTE: - must use /// doc comment styling)
-        /// This function is intended for rare cases where you must authenticate with Apple only and collect the JWT.
-        /// This function will not create a Stytch user.
-        public func authenticateWithApple() async throws -> String {
-            let rawNonce = try cryptoClient.dataWithRandomBytesOfCount(32).toHexString()
-
-            let authenticateResult = try await appleOAuthClient.authenticate(
-                configureController: { _ in },
-                nonce: cryptoClient.sha256(Data(rawNonce.utf8)).base64EncodedString()
-            )
-
-            // the idToken is the JWT
-            return authenticateResult.idToken
-        }
     }
 }
 
@@ -100,6 +86,7 @@ public extension StytchClient.OAuth.Apple {
     /// The dedicated parameters type for ``StytchClient/OAuth-swift.struct/Apple-swift.struct/start(parameters:)-5rxqg`` calls.
     struct StartParameters {
         let sessionDurationMinutes: Minutes
+        let oauthAttachToken: String?
 
         #if !os(watchOS)
         let presentationContextProvider: ASAuthorizationControllerPresentationContextProviding?
@@ -108,21 +95,29 @@ public extension StytchClient.OAuth.Apple {
         #if !os(watchOS)
         /// - Parameters:
         ///   - sessionDurationMinutes: The duration, in minutes, of the requested session. Defaults to 5 minutes.
+        ///   - oauthAttachToken: A single-use token for connecting the Stytch User selection from an OAuth Attach request to the corresponding OAuth Start request.
         ///   - presentationContextProvider: This native Apple authorization type allows you to present Sign In With Apple in the window of your choosing.
         public init(
             sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration,
+            oauthAttachToken: String? = nil,
             presentationContextProvider: ASAuthorizationControllerPresentationContextProviding? = nil
         ) {
             self.sessionDurationMinutes = sessionDurationMinutes
+            self.oauthAttachToken = oauthAttachToken
             self.presentationContextProvider = presentationContextProvider
         }
 
         #else
 
         /// - Parameters:
         ///   - sessionDurationMinutes: The duration, in minutes, of the requested session. Defaults to 5 minutes.
-        public init(sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration) {
+        ///   - oauthAttachToken: A single-use token for connecting the Stytch User selection from an OAuth Attach request to the corresponding OAuth Start request.
+        public init(
+            sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration,
+            oauthAttachToken: String? = nil,
+        ) {
             self.sessionDurationMinutes = sessionDurationMinutes
+            self.oauthAttachToken = oauthAttachToken
         }
         #endif
     }
@@ -132,6 +127,7 @@ extension StytchClient.OAuth.Apple {
     struct AuthenticateParameters: Codable, Sendable {
         let idToken: String
         let nonce: String
+        let oauthAttachToken: String?
         let sessionDurationMinutes: Minutes
     }
 

Sources/StytchCore/StytchClient/OAuth/OAuth+Apple.swift

@@ -1,11 +1,14 @@
 enum OAuthRoute: RouteType {
     case authenticate
+    case attach
     case apple(AppleRoute)
 
     var path: Path {
         switch self {
         case .authenticate:
             return "authenticate"
+        case .attach:
+            return "attach"
         case let .apple(route):
             return "apple".appendingPath(route.path)
         }

Sources/StytchCore/StytchClient/OAuth/OAuthRoute.swift

@@ -38,6 +38,14 @@ public extension StytchClient {
                 throw error
             }
         }
+
+        // sourcery: AsyncVariants, (NOTE: - must use /// doc comment styling)
+        /// Generate an OAuth Attach Token to pre-associate an OAuth flow with an existing Stytch User.
+        /// You must have an active Stytch session to use this endpoint.
+        /// Pass the returned oauth_attach_token to the same provider's OAuth Start endpoint to treat this OAuth flow as a login for that user instead of a signup for a new user.
+        public func attach(parameters: AttachParameters) async throws -> OAuthAttachResponse {
+            try await router.post(to: .attach, parameters: parameters)
+        }
     }
 }
 
@@ -112,25 +120,6 @@ public extension StytchClient.OAuth {
 }
 #endif
 
-public extension StytchClient.OAuth {
-    /// The dedicated parameters type for ``authenticate(parameters:)-3tjwd`` calls.
-    struct AuthenticateParameters: Encodable, Sendable {
-        let token: String
-        let sessionDurationMinutes: Minutes
-
-        /// - Parameters:
-        ///   - token: The token returned from the identity provider as parsed from the final/complete redirect URL.
-        ///   - sessionDurationMinutes: The duration, in minutes, of the requested session. Defaults to 5 minutes.
-        public init(
-            token: String,
-            sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration
-        ) {
-            self.token = token
-            self.sessionDurationMinutes = sessionDurationMinutes
-        }
-    }
-}
-
 public extension StytchClient.OAuth {
     /// The concrete response type for OAuth `authenticate` calls.
     typealias OAuthAuthenticateResponse = Response<OAuthAuthenticateResponseData>
@@ -157,4 +146,37 @@ public extension StytchClient.OAuth {
         /// Note that these values will vary based on the OAuth provider in question, e.g. id_token is only returned by OIDC compliant identity providers.
         public let providerValues: OAuthProviderValues
     }
+
+    /// The dedicated parameters type for ``authenticate(parameters:)-3tjwd`` calls.
+    struct AuthenticateParameters: Encodable, Sendable {
+        let token: String
+        let sessionDurationMinutes: Minutes
+
+        /// - Parameters:
+        ///   - token: The token returned from the identity provider as parsed from the final/complete redirect URL.
+        ///   - sessionDurationMinutes: The duration, in minutes, of the requested session. Defaults to 5 minutes.
+        public init(
+            token: String,
+            sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration
+        ) {
+            self.token = token
+            self.sessionDurationMinutes = sessionDurationMinutes
+        }
+    }
+}
+
+public extension StytchClient.OAuth {
+    typealias OAuthAttachResponse = Response<OAuthAttachResponseData>
+
+    struct OAuthAttachResponseData: Codable, Sendable {
+        public let oauthAttachToken: String
+    }
+
+    struct AttachParameters: Encodable, Sendable {
+        public let provider: String
+
+        public init(provider: String) {
+            self.provider = provider
+        }
+    }
 }

Sources/StytchCore/StytchClient/OAuth/StytchClient+OAuth.swift

@@ -71,9 +71,16 @@ final class StytchConsumerSessionsViewController: UIViewController {
     func sendAndAuthenticateSmsOtp() {
         Task {
             do {
-                guard let phoneNumber = try await presentTextFieldAlertWithTitle(alertTitle: "Enter Your Phone Number In The Format xxxxxxxxxx", keyboardType: .numberPad) else {
+                // so you can hard code a number if needed
+                var phoneNumber: String?
+                if phoneNumber?.isEmpty == true {
+                    phoneNumber = try await presentTextFieldAlertWithTitle(alertTitle: "Enter Your Phone Number In The Format xxxxxxxxxx", keyboardType: .numberPad)
+                }
+
+                guard let phoneNumber else {
                     throw TextFieldAlertError.emptyString
                 }
+
                 let loginOrCreateResponse = try await StytchClient.otps.loginOrCreate(parameters: .init(deliveryMethod: .sms(phoneNumber: "+1\(phoneNumber)", enableAutofill: false)))
 
                 guard let code = try await presentTextFieldAlertWithTitle(alertTitle: "Enter The OTP Code", keyboardType: .numberPad) else {