Rework MatrixLoginFlow and MatrixLoginFlowType

kloenk · kloenk · commit 08efd35b3271 · 2022-06-22T10:12:09.000+02:00
diff --git a/Sources/MatrixClient/API/Auth/Interactive.swift b/Sources/MatrixClient/API/Auth/Interactive.swift
@@ -13,7 +13,7 @@ public struct MatrixInteractiveAuth: MatrixResponse {
         flows: [MatrixInteractiveAuth.Flow],
         params: [String: AnyCodable],
         session: String? = nil,
-        completed: [MatrixLoginFlow]? = nil
+        completed: [MatrixLoginFlowType]? = nil
     ) {
         self.flows = flows
         self.params = params
@@ -32,14 +32,14 @@ public struct MatrixInteractiveAuth: MatrixResponse {
     /// in subsequent attempts to authenticate in the same API call.
     public var session: String?
 
-    public var completed: [MatrixLoginFlow]?
+    public var completed: [MatrixLoginFlowType]?
 
     // MARK: Dynamic vars
 
     public var notCompletedStages: [Flow] {
         var ret: [Flow] = []
         for flow in flows {
-            var stages: [MatrixLoginFlow] = []
+            var stages: [MatrixLoginFlowType] = []
             for stage in flow.stages {
                 if !(completed?.contains(stage) ?? false) {
                     stages.append(stage)
@@ -51,7 +51,7 @@ public struct MatrixInteractiveAuth: MatrixResponse {
     }
 
     /// Return the next stage, which did not yet complete, from the first login flow
-    public var nextStage: MatrixLoginFlow? {
+    public var nextStage: MatrixLoginFlowType? {
         notCompletedStages[0].stages[0]
     }
 
@@ -69,20 +69,20 @@ public struct MatrixInteractiveAuth: MatrixResponse {
 
     /// Test if the given login flow is supported by the home server.
     /// This returns true, the flow is contained in one or more stages.  This means the flow could be required.
-    public func isOptional(_ flow: MatrixLoginFlow) -> Bool {
+    public func isOptional(_ flow: MatrixLoginFlowType) -> Bool {
         flows.first { $0.stages.contains(flow) } != nil
     }
 
-    public func isOptional(notCompletedFlow flow: MatrixLoginFlow) -> Bool {
+    public func isOptional(notCompletedFlow flow: MatrixLoginFlowType) -> Bool {
         notCompletedStages.first { $0.stages.contains(flow) } != nil
     }
 
     /// Test if th given flow is required by every flow supported by the homeserver.
-    public func isRequierd(_ flow: MatrixLoginFlow) -> Bool {
+    public func isRequierd(_ flow: MatrixLoginFlowType) -> Bool {
         flows.allSatisfy { $0.stages.contains(flow) }
     }
 
-    public func isRequierd(notCompletedFlow flow: MatrixLoginFlow) -> Bool {
+    public func isRequierd(notCompletedFlow flow: MatrixLoginFlowType) -> Bool {
         notCompletedStages.allSatisfy { $0.stages.contains(flow) }
     }
 
@@ -96,39 +96,39 @@ public struct MatrixInteractiveAuth: MatrixResponse {
     }
 
     public struct LoginFlowWithParams {
-        public let flow: MatrixLoginFlow
+        public let flow: MatrixLoginFlowType
         public let params: AnyCodable?
     }
 }
 
 public extension MatrixInteractiveAuth {
     struct Flow: Codable {
-        public var stages: [MatrixLoginFlow] = []
+        public var stages: [MatrixLoginFlowType] = []
     }
 }
 
 /// struct to return to server
 public struct MatrixInteractiveAuthResponse: Codable {
     public var session: String?
 
-    public var type: MatrixLoginFlow?
+    public var type: MatrixLoginFlowType?
 
     public var extraInfo: [String: AnyCodable]
 
-    public init(session: String? = nil, type: MatrixLoginFlow?, extraInfo: [String: AnyCodable] = [:]) {
+    public init(session: String? = nil, type: MatrixLoginFlowType?, extraInfo: [String: AnyCodable] = [:]) {
         self.session = session
         self.type = type
         self.extraInfo = extraInfo
     }
 
     public init(recaptchaResponse: String, session: String? = nil) {
-        type = MatrixLoginFlow.recaptcha
+        type = MatrixLoginFlowType.recaptcha
         self.session = session
         extraInfo = ["response": AnyCodable(stringLiteral: recaptchaResponse)]
     }
 
     public init(emailClientSecret clientSecret: String, emailSID sid: String, session: String? = nil) {
-        type = MatrixLoginFlow.email
+        type = MatrixLoginFlowType.email
         self.session = session
         extraInfo = [
             "threepid_creds": [
@@ -165,7 +165,7 @@ public extension MatrixInteractiveAuthResponse {
     init(from decoder: Decoder) throws {
         let container = try decoder.container(keyedBy: KnownCodingKeys.self)
         session = try container.decodeIfPresent(String.self, forKey: .session)
-        type = try container.decode(MatrixLoginFlow.self, forKey: .type)
+        type = try container.decode(MatrixLoginFlowType.self, forKey: .type)
 
         extraInfo = [:]
         let extraContainer = try decoder.container(keyedBy: DynamicCodingKeys.self)
diff --git a/Sources/MatrixClient/API/Auth/Login.swift b/Sources/MatrixClient/API/Auth/Login.swift
@@ -6,14 +6,11 @@
 //
 
 import Foundation
+import AnyCodable
 
 public struct MatrixLoginFlowRequest {
     public struct ResponseStruct: MatrixResponse {
-        var flows: [FlowType]
-
-        struct FlowType: Codable {
-            var type: MatrixLoginFlow
-        }
+        var flows: [MatrixLoginFlow]
     }
 }
 
@@ -35,7 +32,7 @@ extension MatrixLoginFlowRequest: MatrixRequest {
 
 @frozen
 /// A login type supported by the homeserver.
-public struct MatrixLoginFlow: RawRepresentable, Codable, Equatable, Hashable {
+public struct MatrixLoginFlowType: RawRepresentable, Codable, Equatable, Hashable {
     public typealias RawValue = String
 
     public var rawValue: String
@@ -68,7 +65,7 @@ public struct MatrixLoginFlow: RawRepresentable, Codable, Equatable, Hashable {
     ///     }
     /// ```
     /// In the case that the homeserver does not know about the supplied 3PID, the homeserver must respond with 403 Forbidden.
-    public static let password: MatrixLoginFlow = "m.login.password"
+    public static let password: MatrixLoginFlowType = "m.login.password"
 
     /// The user completes a Google ReCaptcha 2.0 challenge
     ///
@@ -80,8 +77,8 @@ public struct MatrixLoginFlow: RawRepresentable, Codable, Equatable, Hashable {
     ///     "session": "<session ID>"
     /// }
     /// ```
-    public static let recaptcha: MatrixLoginFlow = "m.login.recaptcha"
-    public static let oauth2: MatrixLoginFlow = "m.login.oauth2"
+    public static let recaptcha: MatrixLoginFlowType = "m.login.recaptcha"
+    public static let oauth2: MatrixLoginFlowType = "m.login.oauth2"
 
     /// Authentication is supported by authorising with an external single sign-on provider.
     ///
@@ -95,12 +92,12 @@ public struct MatrixLoginFlow: RawRepresentable, Codable, Equatable, Hashable {
     ///    The homeserver then validates the response from the single sign-on provider and updates the user-interactive authentication session to mark the single sign-on stage has been completed. The browser is shown the fallback authentication completion page.
     ///
     ///    Once the flow has completed, the client retries the request with the session only, as above.
-    public static let sso: MatrixLoginFlow = "m.login.sso"
-    public static let email: MatrixLoginFlow = "m.login.email.identity"
-    public static let msisdn: MatrixLoginFlow = "m.login.msisdn"
-    public static let token: MatrixLoginFlow = "m.login.token"
-    public static let dummy: MatrixLoginFlow = "m.login.dummy"
-    public static let terms: MatrixLoginFlow = "m.login.terms"
+    public static let sso: MatrixLoginFlowType = "m.login.sso"
+    public static let email: MatrixLoginFlowType = "m.login.email.identity"
+    public static let msisdn: MatrixLoginFlowType = "m.login.msisdn"
+    public static let token: MatrixLoginFlowType = "m.login.token"
+    public static let dummy: MatrixLoginFlowType = "m.login.dummy"
+    public static let terms: MatrixLoginFlowType = "m.login.terms"
 
     public init(from decoder: Decoder) throws {
         let container = try decoder.singleValueContainer()
@@ -121,12 +118,103 @@ public struct MatrixLoginFlow: RawRepresentable, Codable, Equatable, Hashable {
     }
 }
 
-extension MatrixLoginFlow: ExpressibleByStringLiteral {
+extension MatrixLoginFlowType: ExpressibleByStringLiteral {
     public init(stringLiteral value: StringLiteralType) {
         rawValue = value
     }
 }
 
+public struct MatrixLoginFlow {
+    var type: MatrixLoginFlowType
+    
+    var identiyProviders: [IdentityProvider]?
+    
+    var extraInfo: [String: AnyCodable]
+    
+    public struct IdentityProvider: Codable {
+        public init(brand: String? = nil, icon: String? = nil, id: String, name: String) {
+            self.brand = brand
+            self.icon = icon
+            self.id = id
+            self.name = name
+        }
+        
+        /// Optional UI hint for what kind of common SSO provider is being described in this ``IdentityProvider``.
+        ///
+        /// Matrix maintains a registry of identifiers in the
+        /// [matrix-spec repo](https://github.com/matrix-org/matrix-spec/blob/main/informal/idp-brands.md) to ensure clients and servers are aligned on major/common brands.
+        ///
+        /// Clients should prefer the brand over the icon, when both are provided.
+        /// Clients are not required to support any particular brand, including those in the registry, though are expected to be able to present any IdP based off the name/icon to the user regardless.
+        ///
+        /// Unregistered brands are permitted using the Common Namespaced Identifier Grammar, though excluding the namespace requirements. For example, examplesso is a valid brand which is not in the registry but still permitted. Servers should be mindful that clients might not support their unregistered brand usage as intended by the server.
+        public var brand: String?
+        
+        /// Optional MXC URI to provide an image/icon representing the IdP. Intended to be shown alongside the name if provided.
+        public var icon: String?
+        
+        /// Opaque string chosen by the homeserver, uniquely identifying the IdP from other IdPs the homeserver might support.
+        ///
+        /// Should be between 1 and 255 characters in length, containing unreserved characters under RFC 3986 (ALPHA DIGIT "-" / "." / "_" / "~"). Clients are not intended to parse or infer meaning from opaque strings.
+        public var id: String
+        
+        /// Human readable description for the ``IdentityProvider``, intended to be shown to the user.
+        public var name: String
+    }
+}
+
+extension MatrixLoginFlow: Codable {
+    private enum KnownCodingKeys: String, CodingKey, CaseIterable {
+        case type
+        case identiyProviders = "identity_providers"
+
+        static func doesNotContain(_ key: DynamicCodingKeys) -> Bool {
+            !Self.allCases.map(\.stringValue).contains(key.stringValue)
+        }
+    }
+
+    struct DynamicCodingKeys: CodingKey {
+        var stringValue: String
+        init?(stringValue: String) {
+            self.stringValue = stringValue
+        }
+
+        // not used here, but a protocol requirement
+        var intValue: Int?
+        init?(intValue _: Int) {
+            nil
+        }
+    }
+    
+    public init(from decoder: Decoder) throws {
+        let container = try decoder.container(keyedBy: KnownCodingKeys.self)
+        type = try container.decode(MatrixLoginFlowType.self, forKey: .type)
+        identiyProviders = try container.decodeIfPresent([IdentityProvider].self, forKey: .identiyProviders)
+
+        extraInfo = [:]
+        let extraContainer = try decoder.container(keyedBy: DynamicCodingKeys.self)
+
+        for key in extraContainer.allKeys where KnownCodingKeys.doesNotContain(key) {
+            let decoded = try extraContainer.decode(
+                AnyCodable.self,
+                forKey: DynamicCodingKeys(stringValue: key.stringValue)!
+            )
+            self.extraInfo[key.stringValue] = decoded
+        }
+    }
+
+    public func encode(to encoder: Encoder) throws {
+        var container = encoder.container(keyedBy: KnownCodingKeys.self)
+        try container.encode(type, forKey: .type)
+        try container.encodeIfPresent(identiyProviders, forKey: .identiyProviders)
+
+        var extraContainer = encoder.container(keyedBy: DynamicCodingKeys.self)
+        for (name, value) in extraInfo {
+            try extraContainer.encode(value, forKey: .init(stringValue: name)!)
+        }
+    }
+}
+
 public enum MatrixLoginUserIdentifier: Codable {
     /// 5.4.6.1 Matrix User id
     ///
diff --git a/Sources/MatrixClient/MatrixClient/MatrixClient+Auth.swift b/Sources/MatrixClient/MatrixClient/MatrixClient+Auth.swift
@@ -21,15 +21,15 @@ public extension MatrixClient {
     func getLoginFlows() async throws -> [MatrixLoginFlow] {
         try await MatrixLoginFlowRequest()
             .response(on: homeserver, withToken: accessToken, with: (), withUrlSession: urlSession)
-            .flows.map(\.type)
+            .flows
     }
 
     /// Test if the server supports password authentication.
     @available(swift, introduced: 5.5)
     @available(macOS 12.0, iOS 15.0, watchOS 8.0, tvOS 15.0, *)
     func supportsPasswordAuth() async throws -> Bool {
         let flows = try await getLoginFlows()
-        return flows.contains(where: { $0 == MatrixLoginFlow.password })
+        return flows.contains(where: { $0.type == MatrixLoginFlowType.password })
     }
 
     // MARK: - Register
@@ -120,7 +120,7 @@ public extension MatrixClient {
         displayName: String? = nil,
         deviceId: String? = nil
     ) async throws -> MatrixLogin {
-        let flow: MatrixLoginFlow
+        let flow: MatrixLoginFlowType
         if token {
             flow = .token
         } else {
diff --git a/Sources/MatrixCore/MatrixStore.swift b/Sources/MatrixCore/MatrixStore.swift
@@ -20,6 +20,7 @@ public protocol MatrixStore {
     //associatedtype AccountMapping: MatrixStoreAccountRoom
 
     func saveAccountInfo(account: AccountInfo) async throws
+    func saveAccountInfo(_ mxID: MatrixFullUserIdentifier, name: String, homeServer: MatrixHomeserver, deviceId: String, accessToken: String?, saveToKeychain: Bool, extraKeychainArguments: [String: Any]) async throws -> AccountInfo
 
     func getAccountInfo(accountID: AccountInfo.AccountIdentifier) async throws -> AccountInfo
 
diff --git a/Tests/MatrixClientTests/ApiAuthInteractiveTests.swift b/Tests/MatrixClientTests/ApiAuthInteractiveTests.swift
@@ -11,11 +11,11 @@ import XCTest
 
 final class ApiAuthInteractiveTests: XCTestCase {
     var flow = MatrixInteractiveAuth(flows: [
-        MatrixInteractiveAuth.Flow(stages: [MatrixLoginFlow.recaptcha, MatrixLoginFlow.terms, MatrixLoginFlow.email]),
+        MatrixInteractiveAuth.Flow(stages: [MatrixLoginFlowType.recaptcha, MatrixLoginFlowType.terms, MatrixLoginFlowType.email]),
         MatrixInteractiveAuth
-            .Flow(stages: [MatrixLoginFlow.recaptcha, MatrixLoginFlow.token, MatrixLoginFlow.oauth2,
-                           MatrixLoginFlow.email]),
-    ], params: [:], session: nil, completed: [MatrixLoginFlow.email, MatrixLoginFlow.terms])
+            .Flow(stages: [MatrixLoginFlowType.recaptcha, MatrixLoginFlowType.token, MatrixLoginFlowType.oauth2,
+                           MatrixLoginFlowType.email]),
+    ], params: [:], session: nil, completed: [MatrixLoginFlowType.email, MatrixLoginFlowType.terms])
 
     func testIsOptional() throws {
         XCTAssertTrue(flow.isOptional(.recaptcha))
