-
Notifications
You must be signed in to change notification settings - Fork 0
/
InBandAuthenticationUseCaseImpl.swift
138 lines (117 loc) · 4.65 KB
/
InBandAuthenticationUseCaseImpl.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
//
// Nevis Mobile Authentication SDK Example App
//
// Copyright © 2022. Nevis Security AG. All rights reserved.
//
import NevisMobileAuthentication
import RxSwift
/// Default implementation of ``InBandAuthenticationUseCase`` protocol.
class InBandAuthenticationUseCaseImpl {
// MARK: - Properties
/// The client provider.
private let clientProvider: ClientProvider
/// The authenticator selector.
private let authenticatorSelector: AuthenticatorSelector
/// The PIN user verifier.
private let pinUserVerifier: PinUserVerifier
/// The Password user verifier.
private let passwordUserVerifier: PasswordUserVerifier
/// The biometric user verifier.
private let biometricUserVerifier: BiometricUserVerifier
/// The device passcode user verifier.
private let devicePasscodeUserVerifier: DevicePasscodeUserVerifier
/// The logger.
private let logger: SDKLogger
// MARK: - Initialization
/// Creates a new instance.
///
/// - Parameters:
/// - clientProvider: The client provider.
/// - authenticatorSelector: The authenticator selector.
/// - pinUserVerifier: The PIN user verifier.
/// - passwordUserVerifier: The Password user verifier.
/// - biometricUserVerifier: The biometric user verifier.
/// - devicePasscodeUserVerifier: The device passcode user verifier.
/// - logger: The logger.
init(clientProvider: ClientProvider,
authenticatorSelector: AuthenticatorSelector,
pinUserVerifier: PinUserVerifier,
passwordUserVerifier: PasswordUserVerifier,
biometricUserVerifier: BiometricUserVerifier,
devicePasscodeUserVerifier: DevicePasscodeUserVerifier,
logger: SDKLogger) {
self.clientProvider = clientProvider
self.authenticatorSelector = authenticatorSelector
self.pinUserVerifier = pinUserVerifier
self.passwordUserVerifier = passwordUserVerifier
self.biometricUserVerifier = biometricUserVerifier
self.devicePasscodeUserVerifier = devicePasscodeUserVerifier
self.logger = logger
}
}
// MARK: - InBandAuthenticationUseCase
extension InBandAuthenticationUseCaseImpl: InBandAuthenticationUseCase {
func execute(username: String, operation: Operation) -> Observable<OperationResponse> {
Observable.create { [weak self] observer in
guard let self else { return Disposables.create() }
let client = clientProvider.get()
client?.operations.authentication
.username(username)
.authenticatorSelector(authenticatorSelector)
.pinUserVerifier(pinUserVerifier)
.passwordUserVerifier(passwordUserVerifier)
.biometricUserVerifier(biometricUserVerifier)
.devicePasscodeUserVerifier(devicePasscodeUserVerifier)
.onSuccess {
self.logger.log("In-Band authentication succeeded.", color: .green)
self.printAuthorizationInfo($0)
observer.onNext(CompletedResponse(operation: operation,
authorizationProvider: $0))
observer.onCompleted()
}
.onError { error in
self.logger.log("In-Band authentication failed.", color: .red)
switch error {
case let .FidoError(_, _, sessionProvider),
let .NetworkError(_, sessionProvider):
self.printSessionInfo(sessionProvider)
case .NoDeviceLockError:
fallthrough
case .Unknown:
fallthrough
@unknown default:
self.logger.log("In-band authentication failed because of an unknown error.", color: .red)
}
observer.onError(OperationError(operation: .authentication,
underlyingError: error))
}
.execute()
return Disposables.create()
}
}
}
// MARK: - Private Interface
private extension InBandAuthenticationUseCaseImpl {
/// Prints authorization information to the console.
///
/// - Parameter authorizationProvider: The ``AuthorizationProvider`` holding the authorization information.
func printAuthorizationInfo(_ authorizationProvider: AuthorizationProvider?) {
if let cookieAuthorizationProvider = authorizationProvider as? CookieAuthorizationProvider {
logger.log("Received cookies: \(cookieAuthorizationProvider.cookies)")
}
else if let jwtAuthorizationProvider = authorizationProvider as? JwtAuthorizationProvider {
logger.log("Received JWT is \(jwtAuthorizationProvider.jwt)")
}
}
/// Prints session information to the console.
///
/// - Parameter sessionProvider: The ``SessionProvider`` holding the session information.
func printSessionInfo(_ sessionProvider: SessionProvider?) {
if let cookieSessionProvider = sessionProvider as? CookieSessionProvider {
logger.log("Received cookies: \(cookieSessionProvider.cookies)")
}
else if let jwtSessionProvider = sessionProvider as? JwtSessionProvider {
logger.log("Received JWT is \(jwtSessionProvider.jwt)")
}
}
}