From 6fb8077a47536f78fa0afae90dfce2c7240c9b8c Mon Sep 17 00:00:00 2001 From: Jan Date: Sat, 2 Dec 2023 16:51:17 +0100 Subject: [PATCH] Rename sendRecoveryEmail and add PKCE --- .../kotlin/io/github/jan/supabase/gotrue/Auth.kt | 4 ++-- .../io/github/jan/supabase/gotrue/AuthImpl.kt | 15 ++++++++++++++- GoTrue/src/commonTest/kotlin/GoTrueTest.kt | 2 +- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/Auth.kt b/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/Auth.kt index 06db6178..19e922ef 100644 --- a/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/Auth.kt +++ b/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/Auth.kt @@ -171,12 +171,12 @@ sealed interface Auth : MainPlugin, CustomSerializationPlugin { /** * Sends a password reset email to the user with the specified [email] * @param email The email to send the password reset email to - * @param redirectUrl The redirect url to use. If you don't specify this, the platform specific will be use, like deeplinks on android. + * @param redirectUrl The redirect url to use. If you don't specify this, the platform specific will be used, like deeplinks on android. * @throws RestException or one of its subclasses if receiving an error response * @throws HttpRequestTimeoutException if the request timed out * @throws HttpRequestException on network related issues */ - suspend fun sendRecoveryEmail(email: String, redirectUrl: String? = null, captchaToken: String? = null) + suspend fun resetPasswordForEmail(email: String, redirectUrl: String? = null, captchaToken: String? = null) /** * Sends a nonce to the user's email (preferred) or phone diff --git a/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/AuthImpl.kt b/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/AuthImpl.kt index 36dbb5c1..39d48c28 100644 --- a/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/AuthImpl.kt +++ b/GoTrue/src/commonMain/kotlin/io/github/jan/supabase/gotrue/AuthImpl.kt @@ -214,12 +214,21 @@ internal class AuthImpl( } } - override suspend fun sendRecoveryEmail( + override suspend fun resetPasswordForEmail( email: String, redirectUrl: String?, captchaToken: String? ) { + require(email.isNotBlank()) { + "Email must not be blank" + } val finalRedirectUrl = generateRedirectUrl(redirectUrl) + var codeChallenge: String? = null + if (this.config.flowType == FlowType.PKCE) { + val codeVerifier = generateCodeVerifier() + codeVerifierCache.saveCodeVerifier(codeVerifier) + codeChallenge = generateCodeChallenge(codeVerifier) + } val body = buildJsonObject { put("email", email) captchaToken?.let { @@ -227,6 +236,10 @@ internal class AuthImpl( put("captcha_token", captchaToken) } } + codeChallenge?.let { + put("code_challenge", it) + put("code_challenge_method", "s256") + } }.toString() api.postJson("recover", body) { finalRedirectUrl?.let { url.encodedParameters.append("redirect_to", it) } diff --git a/GoTrue/src/commonTest/kotlin/GoTrueTest.kt b/GoTrue/src/commonTest/kotlin/GoTrueTest.kt index 54520f9f..4383c1cf 100644 --- a/GoTrue/src/commonTest/kotlin/GoTrueTest.kt +++ b/GoTrue/src/commonTest/kotlin/GoTrueTest.kt @@ -236,7 +236,7 @@ class GoTrueTest { fun test_recovery() { val client = createSupabaseClient() runTest(dispatcher) { - client.auth.sendRecoveryEmail("example@email.com") + client.auth.resetPasswordForEmail("example@email.com") client.close() } }