wordpress-rs/native/swift/Sources/wordpress-api/WordPressLoginClient.swift at 77c19d313c217ed36964a2886f46fd9ffd500716 · Automattic/wordpress-rs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
import Foundation
import WordPressAPIInternal

#if os(Linux)
import FoundationNetworking
#endif

public final class WordPressLoginClient: @unchecked Sendable {

    private let requestExecutor: SafeRequestExecutor
    private let client: UniffiWpLoginClient
    private let middleware: MiddlewarePipeline

    public convenience init(
        urlSession: URLSession,
        middleware: MiddlewarePipeline = .default
    ) {
        precondition(urlSession.configuration.httpCookieStorage != nil)
        precondition(urlSession.configuration.httpShouldSetCookies == true)
        precondition(urlSession.configuration.httpCookieAcceptPolicy != .never)

        self.init(requestExecutor: WpRequestExecutor(urlSession: urlSession), middleware: middleware)
    }

    init(
        requestExecutor: SafeRequestExecutor,
        middleware: MiddlewarePipeline = .default
    ) {
        self.requestExecutor = requestExecutor
        self.middleware = middleware
        self.client = UniffiWpLoginClient(requestExecutor: requestExecutor, middlewarePipeline: middleware)
    }

    /// Uses the proposed site URL to scan the website and return login related information about the site.
    ///
    public func details(
        ofSite proposedSiteUrl: String
    ) async throws -> AutoDiscoveryAttemptSuccess {
        let context = RequestContext()
        return try await withTaskCancellationHandler {
            let result = try await client.apiDiscovery(siteUrl: proposedSiteUrl, context: context)

            // The API discovery process looks something like this:
            // 1. Send a few requests to find the potential API root, which is typically the `/wp-json` URL.
            // 2. Getting site details:
            //    a) Send requests to the API root found in step 1 to get details.
            //    b) If step 1 fails, send requests to a hard-coded `/wp-json` path to get details.
            //
            // When cancellation happens too early at step 1, the process continues and will most likely
            // find a successful result using the hard-coded `wp-json` URL.
            //
            // Here we manually check cancellation to make sure an error is returned when cancelled.
            try Task.checkCancellation()

            return result
        } onCancel: {
            requestExecutor.cancel(context: context)
        }
    }

    /// Convert the callback URL into a set of authentication credentials
    ///
    public func credentials(from callbackUrl: URL) throws -> WpApiApplicationPasswordDetails {
        try extractLoginDetailsFromUrl(url: callbackUrl.absoluteString)
    }

    public func authenticateTemporarily(
        username: String,
        password: String,
        details: AutoDiscoveryAttemptSuccess
    ) async throws -> WordPressAPI {
        let nonceRetrieval = WpRestNonceRetrieval(details: details, requestExecutor: requestExecutor)
        let nonce = try await nonceRetrieval.getNonce(username: username, password: password)
        return WordPressAPI(
            siteInfo: .selfHosted(
                siteUrl: details.parsedSiteUrl,
                apiRoot: details.apiRootUrl
            ),
            authenticationProvider: .staticWithAuth(auth: .nonce(nonce: nonce)),
            executor: requestExecutor,
            middlewarePipeline: middleware,
            appNotifier: nil
        )
    }
}

extension DiscoveredAuthenticationMechanism {

    public func loginURL(for application: Application) -> URL? {
        switch self {
        case .applicationPasswords(let authenticationUrl):
            createApplicationPasswordAuthenticationUrl(
                loginUrl: authenticationUrl,
                appName: application.name,
                appId: application.id,
                successUrl: application.successCallbackUrl,
                rejectUrl: application.failureCallbackUrl
            )
            .asURL()
        default: nil
        }
    }

    public var applicationPasswordsUrl: ParsedUrl? {
        WordPressAPIInternal.applicationPasswordsUrl(authentication: self)
    }

    public var oauthEndpoints: OAuth2Endpoints? {
        switch self {
        case .oAuth2(endpoints: let endpoints): endpoints
        default: nil
        }
    }
}

public struct Application {
    let id: WpUuid
    let name: String

    let successCallbackUrl: String
    let failureCallbackUrl: String

    public init(id: WpUuid, name: String, successCallbackUrl: String, failureCallbackUrl: String) {
        self.id = id
        self.name = name
        self.successCallbackUrl = successCallbackUrl
        self.failureCallbackUrl = failureCallbackUrl
    }

    public init(id: WpUuid, name: String, callbackUrl: String) {
        self.id = id
        self.name = name
        self.successCallbackUrl = callbackUrl
        self.failureCallbackUrl = callbackUrl
    }
}