From 96e8521c7b297f5e5792387724392ae109c3e636 Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Sat, 14 Sep 2019 21:47:02 -0700 Subject: [PATCH 1/6] Added a callback for UISceneDelegate --- ADAL/src/ADAuthenticationContext.m | 11 +++++++++++ ADAL/src/public/ADAuthenticationContext.h | 22 ++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/ADAL/src/ADAuthenticationContext.m b/ADAL/src/ADAuthenticationContext.m index 03cf5b933..44bdd0588 100755 --- a/ADAL/src/ADAuthenticationContext.m +++ b/ADAL/src/ADAuthenticationContext.m @@ -259,6 +259,17 @@ + (ADAuthenticationContext*)authenticationContextWithAuthority:(NSString*)author sharedGroup:sharedGroup error:error]; } + ++ (BOOL)handleADALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication +{ + if ([ADAuthenticationContext canHandleResponse:response sourceApplication:sourceApplication]) + { + return [ADAuthenticationContext handleBrokerResponse:response sourceApplication:sourceApplication]; + } + + return NO; +} + #endif // TARGET_OS_IPHONE #define REQUEST_WITH_REDIRECT_STRING(_redirect, _clientId, _resource) \ diff --git a/ADAL/src/public/ADAuthenticationContext.h b/ADAL/src/public/ADAuthenticationContext.h index a46575f04..6b073b5e6 100644 --- a/ADAL/src/public/ADAuthenticationContext.h +++ b/ADAL/src/public/ADAuthenticationContext.h @@ -233,6 +233,28 @@ typedef enum error:(ADAuthenticationError* __autoreleasing _Nullable * _Nullable)error; #endif +/*! + Ask ADAL to handle URL response. You MUST implement this API in following cases: + 1. Your application is using brokered authentication (ADCredentialsType is set to AD_CREDENTIALS_AUTO and you have configured your application to use broker), AND + 2. You're using iOS 13 multiple window feature and your code implements UISceneDelegate instead of UIApplicationDelegate + + You should call this API from your UISceneDelegate implementation, for example: + + - (void)scene:(UIScene *)scene openURLContexts:(NSSet *)URLContexts + { + UIOpenURLContext *context = URLContexts.anyObject; + NSURL *url = context.URL; + NSString *sourceApplication = context.options.sourceApplication; + + [ADAuthenticationContext handleADALResponse:url sourceApplication:sourceApplication]; + } + + Calling this API ensures that ADAL can receive tokens from the Microsoft Authenticator application. + @return YES if it is ADAL response and it was handled + NO if it is not ADAL response or there was a failure in handling. + */ ++ (BOOL)handleADALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication; + /*! Represents the authority used by the context. */ @property (readonly, nonnull) NSString* authority; From 2f8c02954eda666a549fecc478d3364e37135226 Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Sat, 14 Sep 2019 22:25:52 -0700 Subject: [PATCH 2/6] Added UISceneDelegate step --- README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/README.md b/README.md index 535e35af1..8e7e248a2 100644 --- a/README.md +++ b/README.md @@ -244,6 +244,27 @@ msauth://code/ ex: msauth://code/x-msauth-mytestiosapp%3A%2F%2Fcom.microsoft.mytestiosapp ``` +#### iOS 13 support + +**If you adopted UISceneDelegate, you must also add ADAL callback in the scene:openURLContexts: method**. + +This is needed so that ADAL can get a response from the Microsoft Authenticator application. + +For example: + +```objc + - (void)scene:(UIScene *)scene openURLContexts:(NSSet *)URLContexts + { + UIOpenURLContext *context = URLContexts.anyObject; + NSURL *url = context.URL; + NSString *sourceApplication = context.options.sourceApplication; + + [ADAuthenticationContext handleADALResponse:url sourceApplication:sourceApplication]; + } +``` + +If you're not using UISceneDelegate functionality yet, you can ignore this step. + ### Caching #### From 9bd1f196f4132fc030ee6354f9f45894cceecd9f Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Sat, 14 Sep 2019 22:33:12 -0700 Subject: [PATCH 3/6] Updated readme --- ADAL/src/public/ADAuthenticationSettings.h | 2 +- README.md | 29 ++++++++++++---------- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/ADAL/src/public/ADAuthenticationSettings.h b/ADAL/src/public/ADAuthenticationSettings.h index 24cef3896..65773f6dd 100644 --- a/ADAL/src/public/ADAuthenticationSettings.h +++ b/ADAL/src/public/ADAuthenticationSettings.h @@ -73,7 +73,7 @@ this value cannot be changed. Doing so will throw an exception. */ - (nonnull NSString*)defaultKeychainGroup; -- (void)setDefaultKeychainGroup:(nonnull NSString*)keychainGroup; +- (void)setDefaultKeychainGroup:(nullable NSString*)keychainGroup; #endif // TARGET_OS_IPHONE @end diff --git a/README.md b/README.md index 8e7e248a2..eb1706c09 100644 --- a/README.md +++ b/README.md @@ -11,13 +11,14 @@ We recommend remaining up-to-date with the latest version of ADAL. The best plac The only approved way to get the latest version is through a tagged release on GitHub, or a tool that relies on that data. Tools like [CocoaPods](https://cocoapods.org) can make it easier to set up your project dependencies and update to the latest release. ADAL follows the [GitFlow branching model](http://danielkummer.github.io/git-flow-cheatsheet/). You should never pull an ADAL version for release from any branch other then master, any other branch is for versions of ADAL still in development or testing, and are subject to change. -NOTE: To work with iOS 10 you must have at least version 2.2.5, or 1.2.9. +NOTE: -NOTE: To work with iOS 13 you must have at least version 2.7.14 or 4.0.2 +* To work with iOS 10 you must have at least version 2.2.5, or 1.2.9. +* To work with iOS 11.3-12.4 you must have at least version 2.6.3. +* To work with iOS 13+ (when built with Xcode 11) you must have at least version 2.7.14 or 4.0.2 ===================================== - [![Build Status](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-objc.svg?branch=1.2.x)](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-objc) The ADAL SDK for iOS and Mac OS X gives you the ability to add support for Work Accounts to your application with just a few lines of additional code. This SDK gives your application the full functionality of Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two factor authentication support. Best of all, it’s FOSS (Free and Open Source Software) so that you can participate in the development process as we build these libraries. @@ -83,10 +84,17 @@ We recommend only syncing to specific release tags to make sure you're at a know You can use CocoaPods to remain up to date with ADAL within a specific major version. Include the following line in your podfile: - pod 'ADAL', '~> 2.7', :submodules => true + pod 'ADAL', '~> 2.7' You then you can run either `pod install` (if it's a new PodFile) or `pod update` (if it's an existing PodFile) to get the latest version of ADAL. Subsequent calls to `pod update` will update to the latest released version of ADAL as well. +ADAL is using submodules, so if you're using a specific branch of ADAL in your Podfile, you need to enable submodules, e.g. + +``` +pod 'ADAL', :git => 'https://github.com/AzureAD/azure-activedirectory-library-for-objc', :branch => 'branch-name', :submodules => true + +``` + See [CocoaPods](https://cocoapods.org) for more information on setting up a PodFile ### Option 3: Source Zip @@ -107,11 +115,10 @@ Click on your project in the Navigator pane in Xcode. Click on your application then the "Capabilities" tab. Scroll down to "Keychain Sharing" and flip the switch on. Add "com.microsoft.adalcache" to that list. -Alternatively you can disable keychain sharing by setting the keychain sharing group to nil. -your application's bundle id. +Alternatively you can disable keychain sharing by setting the keychain sharing group to nil or your application's bundle id. ```Objective-C - [[ADAuthenticationSettings sharedInstance] setSharedCacheKeychainGroup:nil]; + [[ADAuthenticationSettings sharedInstance] setDefaultKeychainGroup:nil]; ``` ##### Inspecting the Cache @@ -246,7 +253,7 @@ ex: msauth://code/x-msauth-mytestiosapp%3A%2F%2Fcom.microsoft.mytestiosapp #### iOS 13 support -**If you adopted UISceneDelegate, you must also add ADAL callback in the scene:openURLContexts: method**. +**If you adopted UISceneDelegate, you must also add an ADAL callback into the `scene:openURLContexts:` method**. This is needed so that ADAL can get a response from the Microsoft Authenticator application. @@ -265,10 +272,6 @@ For example: If you're not using UISceneDelegate functionality yet, you can ignore this step. -### Caching - -#### - ### Diagnostics @@ -371,7 +374,7 @@ your application, or disable keychain sharing by passing in your application's b in ADAuthenticationSettings: ```Objective-C - [[ADAuthenticationSettings sharedInstance] setSharedCacheKeychainGroup:nil]; + [[ADAuthenticationSettings sharedInstance] setDefaultKeychainGroup:nil]; ``` **ADAL keeps returning SSL errors in iOS 9 and later** From 98ebf2a98a5dbff7d48ed445b87f42baee982d27 Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Sat, 14 Sep 2019 22:36:04 -0700 Subject: [PATCH 4/6] Updated versions and changelog --- ADAL.podspec | 2 +- ADAL/resources/ios/Framework/Info.plist | 2 +- ADAL/src/ADAL_Internal.h | 2 +- ADAL/tests/app/resources/ios/Info.plist | 2 +- changelog.txt | 6 ++++++ 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/ADAL.podspec b/ADAL.podspec index caf40b73f..8eff702c6 100644 --- a/ADAL.podspec +++ b/ADAL.podspec @@ -1,7 +1,7 @@ Pod::Spec.new do |s| s.name = "ADAL" s.module_name = "ADAL" - s.version = "2.7.14" + s.version = "2.7.15" s.summary = "The ADAL SDK for iOS gives you the ability to add Azure Identity authentication to your application" s.description = <<-DESC diff --git a/ADAL/resources/ios/Framework/Info.plist b/ADAL/resources/ios/Framework/Info.plist index db9bac765..75dbe9cbf 100644 --- a/ADAL/resources/ios/Framework/Info.plist +++ b/ADAL/resources/ios/Framework/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 2.7.14 + 2.7.15 CFBundleSignature ???? CFBundleVersion diff --git a/ADAL/src/ADAL_Internal.h b/ADAL/src/ADAL_Internal.h index e94d2dead..dc4734c14 100644 --- a/ADAL/src/ADAL_Internal.h +++ b/ADAL/src/ADAL_Internal.h @@ -27,7 +27,7 @@ // through build script. Don't change its format unless changing build script as well.) #define ADAL_VER_HIGH 2 #define ADAL_VER_LOW 7 -#define ADAL_VER_PATCH 14 +#define ADAL_VER_PATCH 15 #define STR_HELPER(x) #x #define STR(x) STR_HELPER(x) diff --git a/ADAL/tests/app/resources/ios/Info.plist b/ADAL/tests/app/resources/ios/Info.plist index 9c379c2d9..5e3efddfe 100644 --- a/ADAL/tests/app/resources/ios/Info.plist +++ b/ADAL/tests/app/resources/ios/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType APPL CFBundleShortVersionString - 2.7.14 + 2.7.15 CFBundleSignature ???? CFBundleURLTypes diff --git a/changelog.txt b/changelog.txt index 0695a0264..cac30ae35 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,3 +1,9 @@ +Version 2.7.15 (09.17.2019) +-------- +* Added support brokered authentication with UISceneDelegate on iOS 13 +* Updated readme +* Fixed nullability for keychainGroup setting + Version 2.7.14 (08.13.2019) -------- * Support new iOS 13 capable broker From 9e2716f3c612ce4df62d0f2a14b145df70a51219 Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Sat, 14 Sep 2019 22:44:04 -0700 Subject: [PATCH 5/6] Fixed macOS build --- ADAL/src/public/ADAuthenticationContext.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ADAL/src/public/ADAuthenticationContext.h b/ADAL/src/public/ADAuthenticationContext.h index 6b073b5e6..7bcec2f2a 100644 --- a/ADAL/src/public/ADAuthenticationContext.h +++ b/ADAL/src/public/ADAuthenticationContext.h @@ -231,7 +231,6 @@ typedef enum validateAuthority:(BOOL)validate sharedGroup:(nullable NSString*)sharedGroup error:(ADAuthenticationError* __autoreleasing _Nullable * _Nullable)error; -#endif /*! Ask ADAL to handle URL response. You MUST implement this API in following cases: @@ -255,6 +254,8 @@ typedef enum */ + (BOOL)handleADALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication; +#endif + /*! Represents the authority used by the context. */ @property (readonly, nonnull) NSString* authority; From 5efc7a1f56a10e225fcbe5fad42ffd9b9057bbd4 Mon Sep 17 00:00:00 2001 From: Olga Dalton Date: Tue, 17 Sep 2019 19:40:49 -0700 Subject: [PATCH 6/6] Fixed version number in Info.plist --- ADAL/resources/mac/Info.plist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ADAL/resources/mac/Info.plist b/ADAL/resources/mac/Info.plist index acd3c7f63..98fb803da 100644 --- a/ADAL/resources/mac/Info.plist +++ b/ADAL/resources/mac/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 2.7.13 + 2.7.15 CFBundleSignature ???? CFBundleVersion