Matrix/element-ios
Matrix/element-ios
1
0
Fork 0
mirror of https://github.com/vector-im/element-ios.git synced 2024-09-30 16:22:39 +00:00
Code Issues Projects Releases Packages Wiki Activity
element-ios/Riot/Modules/Home/Fallback/AuthFallBackViewController.m
Mark Schulte 1c0175c211 AuthFallback: Stay in Riot App 
When doing a SAML based SSO via Gsuite, I must click a link
specifying that I trust this app. That link will break me
out of the SSO sign-in process, and open up safari.

To fix address this, I've removed the feature that opens links in
safari.

Signed-off-by: Mark Schulte <schultetwin@gmail.com>
2020-03-19 08:15:04 -07:00

209 lines
8.8 KiB
Objective-C
Raw Blame History

/*
Copyright 2019 New Vector Ltd
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#import "AuthFallBackViewController.h"
#import "AppDelegate.h"
// Generic method to make a bridge between JS and the UIWebView
NSString *FallBackViewControllerJavascriptSendObjectMessage = @"window.sendObjectMessage = function(parameters) { \
var iframe = document.createElement('iframe'); \
iframe.setAttribute('src', 'js:' + JSON.stringify(parameters)); \
\
document.documentElement.appendChild(iframe); \
iframe.parentNode.removeChild(iframe); \
iframe = null; \
};";
// The function the fallback page calls when the registration is complete
NSString *FallBackViewControllerJavascriptOnRegistered = @"window.matrixRegistration.onRegistered = function(homeserverUrl, userId, accessToken) { \
sendObjectMessage({ \
'action': 'onRegistered', \
'homeServer': homeserverUrl, \
'userId': userId, \
'accessToken': accessToken \
}); \
};";
// The function the fallback page calls when the login is complete
NSString *FallBackViewControllerJavascriptOnLogin = @"window.matrixLogin.onLogin = function(response) { \
sendObjectMessage({ \
'action': 'onLogin', \
'response': response \
}); \
};";
@interface AuthFallBackViewController ()
@end
@implementation AuthFallBackViewController
- (void)viewDidLoad
{
[super viewDidLoad];
// Due to https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html, we hack
// the user agent to bypass the limitation of Google, as a quick fix (a proper solution will be to use the SSO SDK)
webView.customUserAgent = @"Mozilla/5.0";
[self clearCookies];
}
- (void)clearCookies
{
// TODO: it would be better to do that at WKWebView init like below
// but this code is part of the kit
// WKWebViewConfiguration *config = [WKWebViewConfiguration new];
// config.websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore];
// webView = [[WKWebView alloc] initWithFrame:self.view.frame configuration:config];
WKWebsiteDataStore *dateStore = [WKWebsiteDataStore defaultDataStore];
[dateStore fetchDataRecordsOfTypes:[WKWebsiteDataStore allWebsiteDataTypes]
completionHandler:^(NSArray<WKWebsiteDataRecord *> * __nonnull records)
{
for (WKWebsiteDataRecord *record in records)
{
[[WKWebsiteDataStore defaultDataStore] removeDataOfTypes:record.dataTypes
forDataRecords:@[record]
completionHandler:^
{
NSLog(@"[AuthFallBackViewController] clearCookies: Cookies for %@ deleted successfully", record.displayName);
}];
}
}];
}
- (void)showErrorAsAlert:(NSError*)error
{
NSString *title = [error.userInfo valueForKey:NSLocalizedFailureReasonErrorKey];
NSString *msg = [error.userInfo valueForKey:NSLocalizedDescriptionKey];
if (!title)
{
if (msg)
{
title = msg;
msg = nil;
}
else
{
title = [NSBundle mxk_localizedStringForKey:@"error"];
}
}
MXWeakify(self);
UIAlertController *alert = [UIAlertController alertControllerWithTitle:title message:msg preferredStyle:UIAlertControllerStyleAlert];
[alert addAction:[UIAlertAction actionWithTitle:[NSBundle mxk_localizedStringForKey:@"ok"]
style:UIAlertActionStyleDefault
handler:^(UIAlertAction * action) {
MXStrongifyAndReturnIfNil(self);
if (self.delegate)
{
[self.delegate authFallBackViewControllerDidClose:self];
}
}]];
[self presentViewController:alert animated:YES completion:nil];
}
#pragma mark - WKNavigationDelegate
- (void)webView:(WKWebView *)webView didFinishNavigation:(WKNavigation *)navigation
{
[super webView:webView didFinishNavigation:navigation];
// Set up JS <-> iOS bridge
[webView evaluateJavaScript:FallBackViewControllerJavascriptSendObjectMessage completionHandler:nil];
[webView evaluateJavaScript:FallBackViewControllerJavascriptOnRegistered completionHandler:nil];
[webView evaluateJavaScript:FallBackViewControllerJavascriptOnLogin completionHandler:nil];
// Check connectivity
if ([AppDelegate theDelegate].isOffline)
{
NSError *error = [NSError errorWithDomain:NSURLErrorDomain
code:NSURLErrorNotConnectedToInternet
userInfo:@{
NSLocalizedDescriptionKey : NSLocalizedStringFromTable(@"network_offline_prompt", @"Vector", nil)
}];
[self showErrorAsAlert:error];
}
}
- (void)webView:(WKWebView *)webView decidePolicyForNavigationAction:(WKNavigationAction *)navigationAction decisionHandler:(void (^)(WKNavigationActionPolicy))decisionHandler
{
NSString *urlString = navigationAction.request.URL.absoluteString;
// TODO: We should use the WebKit PostMessage API and the
// `didReceiveScriptMessage` delegate to manage the JS<->Native bridge
if ([urlString hasPrefix:@"js:"])
{
// Listen only to scheme of the JS-UIWebView bridge
NSString *jsonString = [[[urlString componentsSeparatedByString:@"js:"] lastObject] stringByReplacingPercentEscapesUsingEncoding:NSASCIIStringEncoding];
NSData *jsonData = [jsonString dataUsingEncoding:NSUTF8StringEncoding];
NSError *error;
NSDictionary *parameters = [NSJSONSerialization JSONObjectWithData:jsonData options:NSJSONReadingMutableContainers
error:&error];
if (!error)
{
if ([@"onRegistered" isEqualToString:parameters[@"action"]])
{
// Translate the JS registration event to MXLoginResponse
// We cannot use [MXLoginResponse modelFromJSON:] because of https://github.com/matrix-org/synapse/issues/4756
// Because of this issue, we cannot get the device_id allocated by the homeserver
// TODO: Fix it once the homeserver issue is fixed (filed at https://github.com/vector-im/riot-meta/issues/273).
MXLoginResponse *loginResponse = [MXLoginResponse new];
loginResponse.homeserver = parameters[@"homeServer"];
loginResponse.userId = parameters[@"userId"];
loginResponse.accessToken = parameters[@"accessToken"];
// Sanity check
if (self.delegate
&& loginResponse.homeserver.length && loginResponse.userId.length && loginResponse.accessToken.length)
{
// And inform the client
[self.delegate authFallBackViewController:self didLoginWithLoginResponse:loginResponse];
}
}
else if ([@"onLogin" isEqualToString:parameters[@"action"]])
{
// Translate the JS login event to MXLoginResponse
MXLoginResponse *loginResponse;
MXJSONModelSetMXJSONModel(loginResponse, MXLoginResponse, parameters[@"response"]);
// Sanity check
if (self.delegate
&& loginResponse.homeserver.length && loginResponse.userId.length && loginResponse.accessToken.length)
{
// And inform the client
[self.delegate authFallBackViewController:self didLoginWithLoginResponse:loginResponse];
}
}
}
decisionHandler(WKNavigationActionPolicyCancel);
return;
}
decisionHandler(WKNavigationActionPolicyAllow);
}
@end
Reference in a new issue View git blame Copy permalink